Uncategorized

23 Feb

Posted at 15:27h in Uncategorized by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Brandy is working to secure her network using a defense-in-depth strategy. As part of that approach, she is dividing systems onto network VLANs based upon their functional role. What term best describes this strategy? A. Segmentation B. Containment C. Isolation D. Recovery Correct Answer: A Isolation, containment, and recovery are actions taken in response to a security incident, rather than proactive security measures. This is a clear example of network segmentation: dividing systems onto smaller networks based upon function. Interested in more practice test questions? Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

23 Feb

Posted at 15:23h in Uncategorized by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Tina is implementing a network access control solution for an open guest network. She would like to use an approach that does not require installing software on systems joining the network but can limit them to a quarantine network until they successfully pass a health check. What NAC solution would best meet her needs? A. Agent-Based B. Captive Portal C. Post-Admission D. Out of Band Correct Answer: B Captive portals are websites where unvalidated systems are redirected until they complete the admission process. Which makes this an inline approach, meaning that the captive portal is the best solution for Tina. The use of an out-of-band, or agent-based approach would require the installation of software on the device, violating one of the requirements. Post-admission NAC would allow the system on the network and only block it if it exhibited suspicious behavior, not meeting the basic requirement of the scenario. Interested in more practice test questions? Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

23 Feb

Posted at 15:19h in Uncategorized by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Carl is searching for a forum where he can share threat intelligence information with others from his industry in a collaborative, industry-specific forum. What type of organization would best meet his needs? A. Infragard B. Computer Emergency Response Teams(CERTs) C. Computer Incident Response Teams (CIRTs) D. Information Sharing & Analysis (ISACs) Correct Answer: D Computer Emergency Response Teams (CERTs) and Computer Incident Response Teams (CIRTs) are organizations designed to react quickly to an actual incident, so those are not our correct answers here. Information Sharing and Analysis Centers (ISACs) are industry-specific groups that facilitate the sharing of threat intelligence among member organizations, making ISAC our correct answer. The FBI's Infragard program does provide threat intelligence sharing among members, but it is not industry-specific. Interested in more practice test questions? Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...