Chapter 7 ■ Security Operations (Domain 7) 173
C. Spoilation
D. Proportionality- Anne wants to gather information about security settings as well as build an overall view
of her organization’s assets by gathering data about a group of Windows 10 workstations
spread throughout her company. What Windows tool is best suited to this type of configu-
ration management task?
A. SCCM
B. Group Policy
C. SCOM
D. A custom PowerShell script - Scott is responsible for disposing of disk drives that have been pulled from his company’s
SAN as they are retired. Which of the following options should he avoid if the data on the
SAN is considered highly sensitive by his organization?
A. Destroy them physically
B. Sign a contract with the SAN vendor that requires appropriate disposal and provides a
certification process
C. Reformat each drive before it leaves the organization
D. Use a secure wipe tool like DBAN - What documentation is typically prepared after a postmortem review of an incident has
been completed?
A. A lessons learned document
B. A risk assessment
C. A remediation list
D. A mitigation checklist - Staff from Susan’s company often travel internationally. Susan believes that they may be
targeted for corporate espionage activities because of the technologies that her company is
developing. What practice should Susan recommend that they adopt for connecting to net-
works while they travel?
A. Only connect to public Wi-Fi
B. Use a VPN for all connections
C. Only use websites that support TLS
D. Do not connect to networks while traveling - Matt wants to ensure that critical network traffic from systems throughout his company is
prioritized over web browsing and social media use at this company. What technology can
he use to do this?
A. VLANs
B. QoS
C. VPN
D. ISDN