PA - D488 || Possible Questions Accurately Answered.
The security team recently enabled public access to a web application hosted on a server inside
the corporate network. The developers of the application report that the server has received
several structured query language (SQL) injection attacks in the past several days. The team
needs to deploy a solution that will block the SQL injection attacks. Which solution fulfills these
requirements? correct answers Web application firewall (WAF)
An IT security team has been notified that external contractors are using their personal laptops to
gain access to the corporate network. The team needs to recommend a solution that will prevent
unapproved devices from accessing the network. Which solution fulfills these requirements?
correct answers Implementing port security
The chief technology officer for a small publishing company has been tasked with improving the
company's security posture. As part of a network upgrade, the company has decided to
implement intrusion detection, spam filtering, content filtering, and antivirus controls. The
project needs to be completed using the least amount of infrastructure while meeting all
requirements. Which solution fulfills these requirements? correct answers Deploying a unified
threat management (UTM) appliance
The security team plans to deploy an intrusion detection system (IDS) solution to alert engineers
about inbound threats. The team already has a database of signatures that they want the IDS
solution to validate. Which detection technique meets the requirements? correct answers
Signature-based detection
An IT organization had a security breach after deploying an update to its production web servers.
The application currently goes through a manual update process a few times per year. The
security team needs to recommend a failback option for future deployments. Which solution
fulfills these requirements? correct answers Implementing versioning
A software development team is working on a new mobile application that will be used by
customers. The security team must ensure that builds of the application will be trusted by a
variety of mobile devices. Which solution fulfills these requirements? correct answers Code
signing
, An IT organization recently suffered a data leak incident. Management has asked the security
team to implement a print blocking mechanism for all documents stored on a corporate file share.
Which solution fulfills these requirements? correct answers Digital rights management (DRM)
A company has recently discovered that a competitor is distributing copyrighted videos produced
by the in-house marketing team. Management has asked the security team to prevent these types
of violations in the future. Which solution fulfills these requirements? correct answers Digital
rights management (DRM)
A security team has been tasked with performing regular vulnerability scans for a cloud-based
infrastructure. How should these vulnerability scans be conducted when implementing zero trust
security? correct answers Automatically
A healthcare company needs to ensure that medical researchers cannot inadvertently share
protected health information (PHI) data from medical records. What is the best solution? correct
answers Anonymization
A security team has been tasked with mitigating the risk of stolen credentials after a recent
breach. The solution must isolate the use of privileged accounts. In the future, administrators
must request access to mission-critical services before they can perform their tasks. What is the
best solution? correct answers Privileged access management (PAM)
A global manufacturing company is moving its applications to the cloud. The security team has
been tasked with hardening the access controls for a corporate web application that was recently
migrated. End users should be granted access to different features based on their locations and
departments. Which access control solution should be implemented? correct answers Attribute-
based access control (ABAC)
A team of developers is building a new corporate web application. The security team has stated
that the application must authenticate users through two separate channels of communication.
Which type of authentication method should the developers include when building the
application? correct answers Out-of-band authentication
The security team recently enabled public access to a web application hosted on a server inside
the corporate network. The developers of the application report that the server has received
several structured query language (SQL) injection attacks in the past several days. The team
needs to deploy a solution that will block the SQL injection attacks. Which solution fulfills these
requirements? correct answers Web application firewall (WAF)
An IT security team has been notified that external contractors are using their personal laptops to
gain access to the corporate network. The team needs to recommend a solution that will prevent
unapproved devices from accessing the network. Which solution fulfills these requirements?
correct answers Implementing port security
The chief technology officer for a small publishing company has been tasked with improving the
company's security posture. As part of a network upgrade, the company has decided to
implement intrusion detection, spam filtering, content filtering, and antivirus controls. The
project needs to be completed using the least amount of infrastructure while meeting all
requirements. Which solution fulfills these requirements? correct answers Deploying a unified
threat management (UTM) appliance
The security team plans to deploy an intrusion detection system (IDS) solution to alert engineers
about inbound threats. The team already has a database of signatures that they want the IDS
solution to validate. Which detection technique meets the requirements? correct answers
Signature-based detection
An IT organization had a security breach after deploying an update to its production web servers.
The application currently goes through a manual update process a few times per year. The
security team needs to recommend a failback option for future deployments. Which solution
fulfills these requirements? correct answers Implementing versioning
A software development team is working on a new mobile application that will be used by
customers. The security team must ensure that builds of the application will be trusted by a
variety of mobile devices. Which solution fulfills these requirements? correct answers Code
signing
, An IT organization recently suffered a data leak incident. Management has asked the security
team to implement a print blocking mechanism for all documents stored on a corporate file share.
Which solution fulfills these requirements? correct answers Digital rights management (DRM)
A company has recently discovered that a competitor is distributing copyrighted videos produced
by the in-house marketing team. Management has asked the security team to prevent these types
of violations in the future. Which solution fulfills these requirements? correct answers Digital
rights management (DRM)
A security team has been tasked with performing regular vulnerability scans for a cloud-based
infrastructure. How should these vulnerability scans be conducted when implementing zero trust
security? correct answers Automatically
A healthcare company needs to ensure that medical researchers cannot inadvertently share
protected health information (PHI) data from medical records. What is the best solution? correct
answers Anonymization
A security team has been tasked with mitigating the risk of stolen credentials after a recent
breach. The solution must isolate the use of privileged accounts. In the future, administrators
must request access to mission-critical services before they can perform their tasks. What is the
best solution? correct answers Privileged access management (PAM)
A global manufacturing company is moving its applications to the cloud. The security team has
been tasked with hardening the access controls for a corporate web application that was recently
migrated. End users should be granted access to different features based on their locations and
departments. Which access control solution should be implemented? correct answers Attribute-
based access control (ABAC)
A team of developers is building a new corporate web application. The security team has stated
that the application must authenticate users through two separate channels of communication.
Which type of authentication method should the developers include when building the
application? correct answers Out-of-band authentication
