QUESTION: 157

A security engineer is attempting to increase the randomness of numbers used in key generation in a system. The goal of the effort is to strengthen the keys against predictive analysis attacks.

Which of the following is the BEST solution?

Use an entropy-as-a-service vendor to leverage larger entropy pools.
Loop multiple pseudo-random number generators in a series to produce larger numbers.
Increase key length by two orders of magnitude to detect brute forcing.
Shift key generation algorithms to ECC algorithms.

Answer(s): A

Reveal Solution Next Question

QUESTION: 158

A security engineer is attempting to convey the importance of including job rotation in a company’s standard security policies. Which of the following would be the BEST justification?

Making employees rotate through jobs ensures succession plans can be implemented and prevents single points of failure.
Forcing different people to perform the same job minimizes the amount of time malicious actions go undetected by forcing malicious actors to attempt collusion between two or more people.
Administrators and engineers who perform multiple job functions throughout the day benefit from being cross-trained in new job areas.
It eliminates the need to share administrative account passwords because employees gain administrative rights as they rotate into a new job area.

Answer(s): B

Reveal Solution Next Question

QUESTION: 159

A company is transitioning to a new VDI environment, and a system engineer is responsible for developing a sustainable security strategy for the VDIs.

Which of the following is the MOST appropriate order of steps to be taken?

Firmware update, OS patching, HIDS, antivirus, baseline, monitoring agent
OS patching, baseline, HIDS, antivirus, monitoring agent, firmware update
Firmware update, OS patching, HIDS, antivirus, monitoring agent, baseline
Baseline, antivirus, OS patching, monitoring agent, HIDS, firmware update

Answer(s): A

Reveal Solution Next Question

QUESTION: 160

The Chief Information Officer (CIO) has been asked to develop a security dashboard with the relevant metrics. The board of directors will use the dashboard to monitor and track the overall security posture of the organization. The CIO produces a basic report containing both KPI and KRI data in two separate sections for the board to review.

Which of the following BEST meets the needs of the board?

KRI:
- Compliance with regulations
- Backlog of unresolved security investigations
- Severity of threats and vulnerabilities reported by sensors
- Time to patch critical issues on a monthly basis KPI:
- Time to resolve open security items
- % of suppliers with approved security control frameworks
- EDR coverage across the fleet
- Threat landscape rating
KRI:
- EDR coverage across the fleet
- Backlog of unresolved security investigations
- Time to patch critical issues on a monthly basis
- Threat landscape rating KPI:
- Time to resolve open security items
- Compliance with regulations
- % of suppliers with approved security control frameworks
- Severity of threats and vulnerabilities reported by sensors
KRI:
- EDR coverage across the fleet
- % of suppliers with approved security control framework
- Backlog of unresolved security investigations
- Threat landscape rating KPI:
- Time to resolve open security items
- Compliance with regulations
- Time to patch critical issues on a monthly basis
- Severity of threats and vulnerabilities reported by sensors
KPI:
- Compliance with regulations
- % of suppliers with approved security control frameworks
- Severity of threats and vulnerabilities reported by sensors
- Threat landscape rating KRI:
- Time to resolve open security items
- Backlog of unresolved security investigations
- EDR coverage across the fleet
- Time to patch critical issues on a monthly basis

Answer(s): A

Reveal Solution Next Question

Free CAS-003 Exam Braindumps (page: 40)

QUESTION: 157

QUESTION: 158

QUESTION: 159

QUESTION: 160