Uncategorized

18 Aug

Posted at 16:38h in Uncategorized by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Yolanda would like to find a secure mechanism for managing keys in her cloud environment. She wants to protect key material from access by her own staff and the cloud vendor. What approach would best meet her needs? A. Hardware Security Module (HSM) B. Storing keys on a separate key server C. Storing keys on the same servers D. Storing keys in a password vault Correct Answer: A Using a cloud-based hardware security module (HSM) provides the key management that Yolanda desires, protecting keys from viewing by anyone. The other approaches all expose keys to vendor staff and/or Yolanda's own team and would not provide the same high level of secrets management as an HSM.. Interested in more practice test questions? Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

18 Aug

Posted at 16:34h in Uncategorized by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Gina would like to restrict the access that different technologists in her organization have to provision cloud resources from the company's IaaS provider. What is the best way for her to achieve this goal? A. Security Group B. Resource Policy C. CASB Policy D. ACL Correct Answer: B Resource policies are cloud-native controls designed to restrict the use of IaaS services by particular users. That would be the best way for Gina to achieve her goal. It might be possible to achieve this goal using a CASB, but that would add an unnecessary layer of complexity. Security groups and ACLs are used to restrict network access, not resource use. Interested in more practice test questions? Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

18 Aug

Posted at 16:29h in Uncategorized by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Katie would like to use a single digital certificate to secure the following websites: mywebsite.com www.mywebsite.com myotherwebsite.com Which one of the following certificate attributes can she use to meet this need?A. Wildcard B. Extended Validation (EV) C. Common Name (CN) D. Subject Alternate Name (SAN) Correct Answer: D Katie can achieve this goal by listing the alternate domains on the certificate using the Subject Alternate Name (SAN) attribute. A wildcard certificate would not work in this case because the websites use two different domains (mywebsite.com and myotherwebsite.com). She could use a wildcard certificate if all sites had the same domain name (e.g. *.mywebsite.com). The Common Name (CN) on the certificate specifies the primary name used by the certificate, not additional names. Extended validation (EV) certificates provide an added degree of assurance and do not provide additional server names. Interested in more practice test questions? Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...