PA -D487 Question with verified correct detailed
answers 2025
An engineer has noticed a degradation in system performance and alerts regarding
high central processing unit (CPU) usage on multiple virtual machines in the
environment. Further investigation shows that several unknown processes are
running on the affected systems. What is the explanation for the degradation in
system performance and alerts regarding high central processing unit (CPU)
usage? --- correct precise answers ---Outdated anti-malware signatures
A financial services company has experienced several incidents of data breaches in
recent months. The company has analyzed the indicators of compromise and
determined that the data breaches were caused by insider threats. The company
has decided to implement hardening techniques and endpoint security controls to
mitigate the risk. What should be used to prevent data breaches caused by insider
threats based on the indicators of compromise? --- correct precise answers ---Data
loss prevention (DLP)
The cybersecurity analyst at a software company conducted a vulnerability
assessment to identify potential security risks to the organization and discovered
multiple vulnerabilities on the company's webpage. The analyst then provided the
results to the chief information security officer (CISO), who then decided not to fix
the discrepancies due to the vulnerabilities being outside of the organization's
resources. Which risk mitigation strategy is demonstrated in this scenario? ---
correct precise answers ---Accept
, A company wants to implement a policy to reduce the risk of unauthorized access
to sensitive information. Which policy should be implemented? --- correct precise
answers ---Least privilege
A company is developing a cybersecurity risk management program and wants to
establish metrics to measure the program's effectiveness. What should the
company consider? --- correct precise answers ---Key performance indicators
(KPIs)
A manufacturing company recently conducted a cybersecurity assessment which
identified several vulnerabilities, including unsecured wireless networks and a
lack of knowledge of cybersecurity best practices by employees. Which risk
mitigation process should the company use to address these vulnerabilities? ---
correct precise answers ---Implement wireless network encryption and enforce
regular employee security training
A company has discovered a vulnerability in its Kubernetes deployment that allows
attackers to execute commands on the Kubernetes cluster's nodes. The company
has decided to implement risk mitigation processes to address this vulnerability.
Which risk mitigation process is the most effective in mitigating the vulnerability
associated with the Kubernetes deployment? --- correct precise answers ---
Implementing network segmentation to isolate the Kubernetes nodes from the rest
of the network
An organization has recently signed a contract with a new vendor to provide a
critical service. The service will involve the vendor having access to sensitive
customer data. The organization's management is concerned about the risks
associated with using a new vendor and wants to know the best ways to mitigate
answers 2025
An engineer has noticed a degradation in system performance and alerts regarding
high central processing unit (CPU) usage on multiple virtual machines in the
environment. Further investigation shows that several unknown processes are
running on the affected systems. What is the explanation for the degradation in
system performance and alerts regarding high central processing unit (CPU)
usage? --- correct precise answers ---Outdated anti-malware signatures
A financial services company has experienced several incidents of data breaches in
recent months. The company has analyzed the indicators of compromise and
determined that the data breaches were caused by insider threats. The company
has decided to implement hardening techniques and endpoint security controls to
mitigate the risk. What should be used to prevent data breaches caused by insider
threats based on the indicators of compromise? --- correct precise answers ---Data
loss prevention (DLP)
The cybersecurity analyst at a software company conducted a vulnerability
assessment to identify potential security risks to the organization and discovered
multiple vulnerabilities on the company's webpage. The analyst then provided the
results to the chief information security officer (CISO), who then decided not to fix
the discrepancies due to the vulnerabilities being outside of the organization's
resources. Which risk mitigation strategy is demonstrated in this scenario? ---
correct precise answers ---Accept
, A company wants to implement a policy to reduce the risk of unauthorized access
to sensitive information. Which policy should be implemented? --- correct precise
answers ---Least privilege
A company is developing a cybersecurity risk management program and wants to
establish metrics to measure the program's effectiveness. What should the
company consider? --- correct precise answers ---Key performance indicators
(KPIs)
A manufacturing company recently conducted a cybersecurity assessment which
identified several vulnerabilities, including unsecured wireless networks and a
lack of knowledge of cybersecurity best practices by employees. Which risk
mitigation process should the company use to address these vulnerabilities? ---
correct precise answers ---Implement wireless network encryption and enforce
regular employee security training
A company has discovered a vulnerability in its Kubernetes deployment that allows
attackers to execute commands on the Kubernetes cluster's nodes. The company
has decided to implement risk mitigation processes to address this vulnerability.
Which risk mitigation process is the most effective in mitigating the vulnerability
associated with the Kubernetes deployment? --- correct precise answers ---
Implementing network segmentation to isolate the Kubernetes nodes from the rest
of the network
An organization has recently signed a contract with a new vendor to provide a
critical service. The service will involve the vendor having access to sensitive
customer data. The organization's management is concerned about the risks
associated with using a new vendor and wants to know the best ways to mitigate
