Question

A cyber security engineer is installing a WAF to protect the company's website from malicious web requests over SSL. Which of the following is needed to meet the objective?

A. A reverse proxy

B. A decryption certificate

C. A split-tunnel VPN

D. Load-balanced servers

 

 

A cyber security consultant was asked to revise the security baselines that are utilized by a large organization. Although the company provides different platforms for its staff, including desktops, laptops, and mobile devices, the applications do not vary by platform. Which of the following should the consultant recommend? (Select Two).

A. Apply patch management on a daily basis.

B. Allow full functionality for all applications that are accessed remotely

C. Apply default configurations of all operating systems

D. Apply application whitelisting.

E. Disable default accounts and/or passwords

 

 

Answer 1

A cyber security engineer is installing a WAF to protect the company's website from malicious web requests over SSL. Which of the following is needed to meet the objective?

Answer: A. A reverse proxy

WAF is considered a reverse proxy, so reverse proxy will be need to meet the objective.
A reverse proxy server is a type of proxy server that typically sits behind the firewall in a private network and directs client requests to the appropriate backend server.

A cyber security consultant was asked to revise the security baselines that are utilized by a large organization. Although the company provides different platforms for its staff, including desktops, laptops, and mobile devices, the applications do not vary by platform. Which of the following should the consultant recommend? (Select Two).
Answer:
D. Apply application whitelisting
E. Disable default accounts and/or passwords

Apply application whitelisting would whitelist all the important apps and wont be effected during the process.
Disaling default user accounts and passwords will temporarily block the access to the users and can be reinitiated when the work is done.