Multiple Choice
A security assessor is working with an organization to review the policies and procedures associated with managing the organization's virtual infrastructure. During a review of the virtual environment, the assessor determines the organization is using servers to provide more than one primary function, which violates a regulatory requirement. The assessor reviews hardening guides and determines policy allows for this configuration. It would be MOST appropriate for the assessor to advise the organization to:
A) segment dual-purpose systems on a hardened network segment with no external access
B) assess the risks associated with accepting non-compliance with regulatory requirements
C) update system implementation procedures to comply with regulations
D) review regulatory requirements and implement new policies on any newly provisioned servers
Correct Answer:
Verified
Correct Answer:
Verified
Q14: Due to a recent breach, the Chief
Q15: A company is acquiring incident response and
Q16: A security analyst has been asked to
Q17: A core router was manipulated by a
Q18: A newly hired systems administrator is trying
Q20: A software development manager is running a
Q21: An external red team is brought into
Q22: A security engineer is working to secure
Q23: A small firm's newly created website has
Q24: Which of the following describes a contract