January 2023

Article

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Jodie is helping her organization move services into a new cloud-based service. This includes transferring PII about her company's customers. She is concerned about the regulatory impact of that move. What country/countries may have jurisdiction over customer PII used in the new cloud service? A. The countries where Jodie's company is headquartered and the customer resides B. The countries where the data is stored, Jodie's company is headquartered and the customer resides C. The country where the customer resides D. The country where Jodie's company is headquartered Correct Answer: B The use of cloud services is complicated from a regulatory perspective. It is possible that each of the countries involved has some jurisdiction over the data.These include the country where the cloud provider has its data centers, the country where the customer resides, and the home country of Jodie's company.   Interested in more practice test questions?   Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Carmen recently collected evidence from a variety of sources and is concerned that the clocks on the systems generating the evidence may not be synchronized. What would be her best course of action? A. Modify the system clocks B. Configure the systems to use an NTP server C. Record the time offsets for each device D. Modify the time stamps in the evidence to match real time Correct Answer: C At this point, Carmen has already collected the evidence, so changing the system clocks (manually or through NTP) would have no effect. Carmen should never modify evidence that has already been collected, so her best course of action is to record the time offsets and make the adjustments in her analysis.   Interested in more practice test questions?   Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Tonya is configuring vulnerability scans for a system that is subject to the PCI DSS compliance standard. What is the minimum frequency with which she must conduct scans? A. Daily B. Weekly C. Monthly D. Quarterly Correct Answer: D PCI DSS requires that organizations conduct vulnerability scans on at least a quarterly basis, although many organizations choose to conduct scans on a much more frequent basis.   Interested in more practice test questions?   Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...