Uncategorized

22 Mar

Posted at 13:52h in Uncategorized by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. You are seeking to secure a Windows Server and would like to find a security standard that is independent of both government agencies and the vendors involved in providing your operating system and software. Which one of the following sources would best meet your needs? A. CIS B. NIST C. NSA D. Microsoft Correct Answer: A The Center for Internet Security (CIS) is an independent organization that publishes security standards for many common operating systems, devices, and applications. The National Institute for Standards and Technology (NIST) and the National Security Agency (NSA) also publish security standards, but they do not meet the criteria here because they are both government agencies. Similarly, Microsoft's security standards do not meet the scenario because Microsoft produces the Windows operating system   Interested in more practice test questions?   Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

01 Feb

Posted at 16:03h in Practice Test Questions, Uncategorized by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Renee is configuring her vulnerability management solution to perform credentialed scans of servers on her network. What type of account should she provide to the scanner? A. Domain Administrator B. Local Administrator C.Root Account D. Read Only Account Correct Answer: D Credentialed scans only require read-only access to target servers.Using a local administrator account would have similar issues but the problems caused by the scanner would be limited to the local system. The root account is just another name for the local administrator account. Renee should follow the principle of least privilege and limit the access available to the scanner by using a read-only account. Using a domain administrator account would provide far more privileges than necessary, allowing the scanner to potentially disrupt almost any device on the network.   Interested in more practice test questions?   Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

23 Nov

Posted at 17:06h in Uncategorized by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Barry is the CIO of an organization that recently suffered a serious operational issue that required activation of the disaster recovery plan. He would like to conduct a lessons learned session to review the incident. Who would be the best facilitator for this session? A. Barry B. Chief Information Security Officer C. Disaster Recovery Team Leader D. External Consultant Correct Answer: D Barry should recruit an independent moderator to facilitate the session. Having a moderator who was not directly involved in the effort encourages honest and open feedback. While it is not necessary to use an external consultant, they may easily fill this role. While it is also possible to find a qualified internal employee to fill this position, it should not be someone who was involved in the incident response effort or has a major stake in the plan, such as Barry, the CISO, or the DR team leader.   Interested in more practice test questions?   Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...