A security administrator wants to detect a potential forged sender claim in the envelope of an email. Which of the following should the security administrator implement? (Choose two.)
- A. MX record
- B. DMARC
- C. SPF
- D. DNSSEC
- E. S/MIME
- F. TLS
A company is acquiring a competitor, and the security team is performing due diligence activities on the competitor prior to the acquisition. The team found a recent compliance audit of the competitor’s environment that shows a mature security infrastructure, but it lacks a cohesive policy and process framework. Based on the audit findings, the security team determines the competitor’s existing security capabilities are sufficient, but they will need to incorporate additional security policies. Which of the following risk management strategies is the security team recommending?
- A. Mitigate and avoid
- B. Transfer and accept
- C. Avoid and transfer
- D. Accept and mitigate
A security engineer performed an assessment on a recently deployed web application. The engineer was able to exfiltrate a company report by visiting the following URL:
www.intranet.abc.com/get-files.jsp?file=report.pdf
Which of the following mitigation techniques would be BEST for the security engineer to recommend?
- A. Input validation
- B. Firewall
- C. WAF
- D. DLP
Some end users of an e-commerce website are reporting a delay when browsing pages. The website uses TLS 1.2. A security architect for the website troubleshoots by connecting from home to the website and capturing traffic via Wireshark. The security architect finds that the issue is the time required to validate the certificate. Which of the following solutions should the security architect recommend?
- A. Adding more nodes to the web server clusters
- B. Changing the cipher algorithm used on the web server
- C. Implementing OCSP stapling on the server
- D. Upgrading to TLS 1.3
A security team is concerned with attacks that are taking advantage of return-oriented programming against the company’s public facing applications. Which of the following should the company implement on the public-facing servers?
- A. WAF
- B. ASLR
- C. NX
- D. HSM
A cyberanalyst has been tasked with recovering PDF files from a provided image file. Which of the following is the BEST file-carving tool for PDF recovery?
- A. objdump
- B. Strings
- C. dd
- D. Foremost
A security officer is requiring all personnel working on a special project to obtain a security clearance requisite with the level of all information being accessed. Data on this network must be protected at the same level of each clearance holder. The need to know must be verified by the data owner. Which of the following should the security officer do to meet these requirements?
- A. Create a rule to authorize personnel only from certain IPs to access the files.
- B. Assign labels to the files and require formal access authorization.
- C. Assign attributes to each file and allow authorized users to share the files.
- D. Assign roles to users and authorize access to files based on the roles.
A company is deploying multiple VPNs to support supplier connections into its extranet applications. The network security standard requires:
• All remote devices to have up-to-date antivirus
• A HIDS
• An up-to-date and patched OS
Which of the following technologies should the company deploy to meet its security objectives? (Choose two.)
- A. NAC
- B. WAF
- C. NIDS
- D. Reverse proxy
- E. NGFW
- F. Bastion host
A consultant needs access to a customer’s cloud environment. The customer wants to enforce the following engagement requirements:
• All customer data must remain under the control of the customer at all times.
• Third-party access to the customer environment must be controlled by the customer.
• Authentication credentials and access control must be under the customer’s control.
Which of the following should the consultant do to ensure all customer requirements are satisfied when accessing the cloud environment?
- A. Use the customer’s SSO with read-only credentials and share data using the customer’s provisioned secure network storage.
- B. Use the customer-provided VDI solution to perform work on the customer’s environment.
- C. Provide code snippets to the customer and have the customer run code and securely deliver its output.
- D. Request API credentials from the customer and only use API calls to access the customer’s environment.
A small software company deployed a new web application after a network security scan found no vulnerabilities. A customer using this application reported malicious activity believed to be associated with the application. During an investigation, the company discovered that the customer closed the browser tab and connected to another application, using the same credentials on both platforms. Which of the following detection methods should the software company implement before deploying the next version?
- A. Multifactor authentication
- B. Static application code scanning
- C. Stronger password policy
- D. A SIEM