Which two items are examples of technical controls that can be recommended as mitigations and remediation of the vulnerabilities found during a pen test? (Choose two.)
- multifactor authentication
- certificate management
- RBAC
- mandatory vacations
- access control vestibule
|
Explanation & Hint: During a penetration testing engagement, the cybersecurity analyst should analyze the findings and recommend the appropriate remediation within the report, including technical, administrative, operational, and physical controls. Technical controls make use of technology to reduce vulnerabilities. Technical controls include system hardening, user input sanitization and query parameterization, multifactor authentication, process-level remediation, patch management, key rotation, certificate management, secrets management solution, and network segmentation. |