Actual Complete Exam |Already Graded A+
1. A Chief Information Security Officer
(CISO) is concerned developers have 3. A security team has
too much visibili-ty into customer data. begun updating the
Which of the following controls should risk management
be implemented to BEST ad-dress plan, incident
these concerns? response plan,
A. Data masking
B. Data loss prevention
C. Data minimization
D. Data sovereignty
2. During a forensic investigation, a
security an-alyst reviews some Session
Initiation Protocol packets that came
from a suspicious IP ad-dress. Law
enforcement requires access to a VoIP
call that originated from the
suspicious IP address. Which of the
following should the analyst use to
accomplish this task?
A. Wireshark
B. iptables
C. Tcp dump
D. Net flow
, CYSA Exam set 4 with all Correct & 100% Verified Answers |
Actual Complete Exam |Already Graded A+
A
A
Wireshark would allow us to quickly highlight and analyze
the VOIP con-versation from the packet capture. In fact it
has built-in features specific to VOIP. WRONG ANSWERS • B -
iptables is used in Linux for building firewall rules. It might
be something we could use to direct / filter VOIP access but
we already have packets captured. • C
-Packets have already been captured by the analyst, so we
don't need to do more packet captures. • D - Net flow can
be used to capture and analyze packets, but is primarily
designed to generate statistics from that data. We need a deep
dive into the contents of the VOIP conversation instead.
C most voted. A most voted/ answer. Go with C.
, CYSA Exam set 4 with all Correct & 100% Verified Answers |
Actual Complete Exam |Already Graded A+
and system security plan to ensure C. Development
compli-ance with security review phases occurring at
guidelines. Which of the following can multiple sites may
be executed by internal man-agers to produce change
simulate and validate the proposed management is-
changes?
A. Internal management review
B. Control assessment
C. Tabletop exercise
D. Peer review
4. A small electronics company decides
to use a contractor to assist with the
development of a new FPGA-based
device. Several of the development
phases will occur off-site at the
contractor's labs. Which of the following
is the main concern a security analyst
should have with this arrangement?
A. Making multiple trips between
develop-ment sites increases the
chance of physical damage to the
FPGAs.
B. Moving the FPGAs between
development sites will lessen the time
that is available for security testing.
, CYSA Exam set 4 with all Correct & 100% Verified Answers |
Actual Complete Exam |Already Graded A+
The question is asking which would simulate and validate
the proposed changes. The only answer that includes a
simulation is C. Tabletop exercise.
Internal management review is a process where internal
managers re-view documents or processes to en-sure that
they comply with established policies, standards, and procedures.
It is a general process that can be used for any document or
process and may not be specific to validating security
changes.
D
There is a large two part series out there on the theft of
intellectual property on FPGA's, so that is a real thing and
big deal it seems "https://www.ee-
times.com/how-to-protect-intellectu-al-property-in-fpgas-
devices-part-1/"