Certified Ethical Hacker (CEHv9) Questions and answers
85. The security concept of 'separation of duties is most similar to the operation of which type of security device
A. Bastion host
B. Intrusion Detection System
86.You've just been hired to perform a pen test on an organization that has been subjected to a large-scale attack. The CIO is concerned with mitigating threats and vulnerabilities to totally eliminate risk. What is one of the first things you should do when given the job?
A. Establish attribution to suspected attackers.
B. Start the wireshark application to start sniffing network traffic.
C. Explain to the CIO that you cannot eliminate all risk, but you will be able to reduce risk to acceptable levels.
D. Interview all employees in the company to rule out possible insider threats.