A recent penetration test identified that an attacker could flood the MAC address table of network switches. Which of the following would best mitigate this type of attack?
Port security limits the number of MAC addresses that can be learned on a switch port, preventing attackers from flooding the MAC address table and disrupting network traffic. This directly mitigates the identified vulnerability.
A company wants to improve the availability of its application with a solution that requires minimal effort in the event a server needs to be replaced or added. Which of the following would be the best solution to meet these objectives?
Load balancing distributes traffic across multiple servers, improving application availability by minimizing downtime when adding or replacing servers.
Which of the following technologies can achieve microsegmentation?
Software-Defined Networking (SDN) enables dynamic, granular control over traffic flows at the VM or workload level, implementing microsegments that isolate workloads for security. It centralizes policy management across the network fabric.
A security engineer needs to configure an NGFW to minimize the impact of the increasing number of various traffic types during attacks. Which of the following types of rules is the engineer the most likely to configure?
Behavioral-based rules analyze network traffic patterns to detect and block malicious activity. This is effective for mitigating the impact of various traffic types during attacks, as it focuses on identifying anomalies and deviations from normal behavior rather than relying on specific signatures or URLs.
A company evaluates several options that would allow employees to have remote access to the network. The security team wants to ensure the solution includes AAA to comply with internal security policies. Which of the following should the security team recommend?
IPsec with RADIUS provides a secure remote access solution with Authentication, Authorization, and Accounting (AAA) for compliance.
An administrator is creating a server that cannot be shared with any other organizations. The administrator also wants to ensure that the company retains control over the infrastructure. Which of the following cloud deployment models should the administrator choose?
A private cloud is dedicated solely to a single organization, providing isolation and control over the infrastructure. This meets the administrator's requirements for non-sharing and control over resources.
A security team is in the process of hardening the network against externally crafted malicious packets. Which of the following is the most secure method to protect the internal network?
Intrusion Prevention Systems (IPS) inspect network traffic in real time and block known attack signatures and anomalous patterns. They provide inline protection, stopping threats before they reach internal hosts. This proactive defense reduces reliance on endpoint protections alone.
Which of the following would most likely mitigate the impact of an extended power outage on a company's environment?
A hot site provides a fully operational backup location with power, infrastructure, and resources, allowing the company to continue operations during an extended power outage.
During an investigation of a cloud-based webmail login using compromised credentials, which of the following logs should the analyst review to determine the source IP of the login?
Application logs record details of login attempts such as usernames, timestamps, and source IP addresses. Network or firewall logs show traffic flow, but they do not provide specific user login details needed for this case.
A company evaluates several options that would allow employees to have remote access to the network. The security team wants to ensure the solution includes AAA to comply with internal security policies. Which of the following should the security team recommend?
IPSec with RADIUS is the best option because RADIUS is designed to provide Authentication, Authorization, and Accounting (AAA) services for network access. When combined with IPSec, it allows for secure remote connections that comply with internal security policies requiring AAA.
Which of the following options will provide the lowest RTO and RPO for a database?
A hot site provides real-time replication and immediate failover, minimizing both Recovery Time Objective (RTO) and Recovery Point Objective (RPO).
A network security administrator must allow internet access for a specific application virtualization software. Which of the following should the administrator use to complete the task?
A Next-Generation Firewall (NGFW) offers application awareness and can enforce policies that permit only the virtualization software’s traffic. This ensures granular control and prevents other unwanted traffic.
An organization is looking to optimize its environment and reduce the number of patches necessary for operating systems. Which of the following will best help to achieve this objective?
Containerization allows software to run in isolated environments, reducing the need for patching individual operating systems.
A company wants to protect a legacy system that controls the physical flow of gas in pipelines. Which environment should be secured?
SCADA systems are designed to monitor and control industrial processes like pipeline gas flow. Securing these environments is critical to prevent sabotage or disruption of vital infrastructure.
An organization is looking to optimize its environment and reduce the number of patches necessary for operating systems. Which of the following will best help to achieve this objective?
Containers allow applications to run with their dependencies in isolated environments, reducing the need for patches on operating systems.
Quiz Complete!
Domain 3: Security Architecture