Please solve both Questions carefully.. Thanks 59- As part of regulatory complia
ID: 3906866 • Letter: P
Question
Please solve both Questions carefully.. Thanks
59- As part of regulatory compliance effort, a system administrator has been asked to eliminate the user of SSL in favor of TLS. However, after taking steps to remediate, a vulnerability scan indicates the server is vulnerability to the POODLE attack. Which of the following likely cause this to occur? A) The POODLE attack only affects HTTP traffic. B) The WAF was not reconfigured to scan for TLS traffic in lieu of SSL traffic C) The server is using a self-signed SSL certificate. D) Although TLS was enabled 60- A small contracting firm is working with a customer to sign an ISA and MOU but is unable to adhere to the following security parameters in the agreement: Antivirus must be installed on all hosts. >>All traffic must pass through a firewall. >>All systems must have the latest security patches installed. A VPN shall be established for all data transmission. The firm currently has laptop is connected to a WAP, which was provided by the ISP. A security analyst was hired to find the most secure method to became complement with their parameters of the ISA and MOU. Which of the following should the security analyst recommended? A) Turn on host - based firewalls and instill VPN clients on the hosts and a centrally managed patch deployment system B) Purchase a UTM, install MDM on all hosts, and ensure antivirus is installed and running on all host. C) Request a VPN and enhanced WAP from the ISP, install antivirus on all hosts, and allow automatic updates is on OS. D) Install a VPN clients and antivirus software on each host and allow automatic updates and OS.Explanation / Answer
Answer)
59) B) The WAF was not reconfigured to scan TSL traffic in lieu of SSL Traffic.
60) D) VPN to be established for all the data transmission.