A security technician is concerned there is not enough security staff available the web servers and database server located in the DMZ around the clock. Which of the following technologies, when deployed, would provide the BEST round the clock automated protection?
A. HIPS & SIEM B. NIPS & HIDS C. HIDS& SIEM D. NIPS&HIPS
To mitigate the risk of intrusion, an IT Manager is concerned with using secure versions of protocols and services whenever possible. In addition, the security technician is required to monitor the types of traffic being generated. Which of the following tools is the technician MOST likely to use?
A. Port scanner B. Network analyzer C. IPS D. Audit Logs
A chief privacy officer, Joe, is concerned that employees are sending emails to addresses outside of the company that contain PII. He asks that the security technician to implement technology that will mitigate this risk. Which of the following would be the best option?
A. DLP B. HIDS C. Firewall D. Web content filtering
Joe, a security technician, is configuring two new firewalls through the web on each. Each time Joe connects, there is a warning message in the browser window about the certificate being untrusted. Which of the following will allow Joe to configure a certificate for the firewall so that firewall administrators are able to connect both firewalls without experiencing the warning message?
A. Apply a permanent override to the certificate warning in the browser B. Apply a wildcard certificate obtained from the company’s certificate authority C. Apply a self-signed certificate generated by each of the firewalls D. Apply a single certificate obtained from a public certificate authority
A security technician wants to implement stringent security controls over web traffic by restricting the client source TCP ports allowed through the corporate firewall. Which of the following should the technician implement?
A. Deny port 80 and 443 but allow proxies B. Only allow port 80 and 443 C. Only allow ports above 1024 D. Deny ports 80 and allow port 443
A security technician would like an application to use random salts to generate short lived encryption keys during the secure communication handshake process to increase communication security. Which of the following concepts would BEST meet this goal?
A. Ephemeral keys B. Symmetric Encryption Keys C. AES Encryption Keys D. Key Escrow
A security technician is implementing PKI on a Network. The technician wishes to reduce the amount of bandwidth used when verifying the validity of a certificate. Which of the following should the technician implement?