A DevOps team has deployed databases, event-driven services, and an API gateway as PaaS solution that will support a new billing system.
Which of the following security responsibilities will the DevOps team need to perform?
- A. Securely configure the authentication mechanisms.
- B. Patch the infrastructure at the operating system.
- C. Execute port scanning against the services.
- D. Upgrade the service as part of life-cycle management.
A company’s Chief Information Officer wants to implement IDS software onto the current system’s architecture to provide an additional layer of security. The software must be able to monitor system activity, provide information on attempted attacks, and provide analysis of malicious activities to determine the processes or users involved.
Which of the following would provide this information?
- A. HIPS
- B. UEBA
- C. HIDS
- D. NIDS
The Chief Information Security Officer of a startup company has asked a security engineer to implement a software security program in an environment that previously had little oversight.
Which of the following testing methods would be BEST for the engineer to utilize in this situation?
- A. Software composition analysis
- B. Code obfuscation
- C. Static analysis
- D. Dynamic analysis
A forensic investigator would use the foremost command for:
- A. cloning disks.
- B. analyzing network-captured packets.
- C. recovering lost files.
- D. extracting features such as email addresses.
A software company is developing an application in which data must be encrypted with a cipher that requires the following:
– Initialization vector
– Low latency
– Suitable for streaming
Which of the following ciphers should the company use?
- A. Cipher feedback
- B. Cipher block chaining message authentication code
- C. Cipher block chaining
- D. Electronic codebook
An organization that provides a SaaS solution recently experienced an incident involving customer data loss. The system has a level of self-healing that includes monitoring performance and available resources. When the system detects an issue, the self-healing process is supposed to restart parts of the software.
During the incident, when the self-healing system attempted to restart the services, available disk space on the data drive to restart all the services was inadequate. The self-healing system did not detect that some services did not fully restart and declared the system as fully operational.
Which of the following BEST describes the reason why the silent failure occurred?
- A. The system logs rotated prematurely.
- B. The disk utilization alarms are higher than what the service restarts require.
- C. The number of nodes in the self-healing cluster was healthy.
- D. Conditional checks prior to the service restart succeeded.
A security consultant needs to set up wireless security for a small office that does not have Active Directory. Despite the lack of central account management, the office manager wants to ensure a high level of defense to prevent brute-force attacks against wireless authentication.
Which of the following technologies would BEST meet this need?
- A. Faraday cage
- B. WPA2 PSK
- C. WPA3 SAE
- D. WEP 128 bit
An attack team performed a penetration test on a new smart card system. The team demonstrated that by subjecting the smart card to high temperatures, the secret key could be revealed.
Which of the following side-channel attacks did the team use?
- A. Differential power analysis
- B. Differential fault analysis
- C. Differential temperature analysis
- D. Differential timing analysis
A security compliance requirement states that specific environments that handle sensitive data must be protected by need-to-know restrictions and can only connect to authorized endpoints. The requirement also states that a DLP solution within the environment must be used to control the data from leaving the environment.
Which of the following should be implemented for privileged users so they can support the environment from their workstations while remaining compliant?
- A. NAC to control authorized endpoints
- B. FIM on the servers storing the data
- C. A jump box in the screened subnet
- D. A general VPN solution to the primary network
A networking team was asked to provide secure remote access to all company employees. The team decided to use client-to-site VPN as a solution. During a discussion, the Chief Information Security Officer raised a security concern and asked the networking team to route the Internet traffic of remote users through the main office infrastructure. Doing this would prevent remote users from accessing the Internet through their local networks while connected to the VPN.
Which of the following solutions does this describe?
- A. Full tunneling
- B. Asymmetric routing
- C. SSH tunneling
- D. Split tunneling