Uncategorized

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Brian is selecting a mobile device deployment model for his organization. In consultation with leadership, he selected an approach where employees will be able to select the device that they prefer and the company will purchase it for their use and manage it through their MDM system. What term best describes this deployment model?A. Bring your own device (BYOD) model B. Choose your own device (CYOD) model C. Corporate-owned personally-enabled (COPE) model D. Corporate-owned business-only (COBO) model Correct Answer: B This approach best matches the choose your own device (CYOD) deployment model. In this model, employees select their device and it is owned and managed by the company. This is more flexible than the corporate-owned, business-only (COBO) model. The scenario does not give us enough information to know whether personal use is permitted, so we cannot conclude that this is the corporate-owned personally-enabled (COPE) model. The company, not the employee, purchases and owns the device, so it is not the bring your own device (BYOD) model. Interested in more practice test questions? Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Which one of the following mechanisms offer the most immediate way to invalidate a compromised digital certificate? A. Online Certificate Status Protocol (OCSP) B. Certificate Revocation List (CRL) C. Changing the private key D. Changing the public key Correct Answer: A Looking at this question, we can immediately eliminate two of the answers. Changing the keys associated with a certificate would not invalidate the certificate, as an imposter would still be able to use the certificate with the old keys, so we know that the two answers suggesting changing keys are not correct. The two possible methods for invalidating a digital certificate are adding it to a certificate revocation list (CRL) or using the online certificate status protocol (OCSP). Of these two methods, the OCSP is immediate, while using a CRL has a time delay, making OCSP our correct answer here Interested in more practice test questions? Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Tom is considering an intrusion prevention solution for his IaaS environment and is concerned about vendor diversity and resiliency. Which one of the following approaches would best allow him to continue outsourcing IPS work while meeting his goals?A. Third-party on-premises IPS B. Open source IPS built in an IaaS environment C. IPS solution provided by his IaaS vendor D. Third-party cloud IPS Correct Answer: D Any one of these solutions is capable of providing IPS service for Tom's environment. However, many of them fail to meet other goals. Building an open-source IPS or using an on-premises solution would not meet his goal of outsourcing the IPS. Using the IaaS vendor's IPS capability would not meet his goal of vendor diversity. Therefore, the best solution for Tom is a third-party cloud IPS solution Interested in more practice test questions? Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...