Which of the following should be established when configuring a mobile device to protect user internet privacy, to ensure the connection is encrypted, and to keep user activity hidden? (Choose two.)
- A. Proxy
- B. Tunneling
- C. VDI
- D. MDM
- E. RDP
- F. Containerization
A security team is concerned with attacks that are taking advantage of return-oriented programming against the company’s public-facing applications. Which of the following should the company implement on the public-facing servers?
- A. IDS
- B. ASLR
- C. TPM
- D. HSM
A financial institution generates a list of newly created accounts and sensitive information on a daily basis. The financial institution then sends out a file containing thousands of lines of data. Which of the following would be the best way to reduce the risk of a malicious insider making changes to the file that could go undetected?
- A. Write a SIEM rule that generates a critical alert when files are created on the application server.
- B. Implement a FIM that automatically generates alerts when the file is accessed by IP addresses that are not associated with the application.
- C. Create a script that compares the size of the file on an hourly basis and generates alerts when changes are identified.
- D. Tune the rules on the host-based IDS for the application server to trigger automated alerts when the application server is accessed from the internet.
A security architect examines a section of code and discovers the following:
char username[20]
char password[20]
gets(username)
checkUserExists(username)
Which of the following changes should the security architect require before approving the code for release?
- A. Allow only alphanumeric characters for the username.
- B. Make the password variable longer to support more secure passwords.
- C. Prevent more than 20 characters from being entered.
- D. Add a password parameter to the check User Exists function.
A Chief Information Security Officer is concerned about the condition of the code security being used for web applications. It is important to get the review right the first time, and the company is willing to use a tool that will allow developers to validate code as it is written. Which of the following methods should the company use?
- A. SAST
- B. DAST
- C. Fuzz testing
- D. Intercepting proxy
The IT team suggests the company would save money by using self-signed certificates, but the security team indicates the company must use digitally signed third-party certificates. Which of the following is a valid reason to pursue the security team’s recommendation?
- A. PKCS #10 is still preferred over PKCS #12.
- B. Private-key CSR signage prevents on-path interception.
- C. There is more control in using a local certificate over a third-party certificate.
- D. There is minimal benefit in using a certificate revocation list.
Which of the following is a security concern for DNP3?
- A. Free-form messages require support.
- B. Available function codes are not standardized.
- C. Authentication is not allocated.
- D. It is an open source protocol.
A security team is creating tickets to track the progress of remediation. Which of the following is used to specify the due dates for high- and critical-priority findings?
- A. MSA
- B. SLA
- C. ISA
- D. MOU
Before launching a new web application, an organization would like to perform security testing. Which of the following resources should the organization use to determine the objectives for the test?
- A. CASB
- B. SOAR
- C. OWASP
- D. ISAC
A Chief Information Security Officer (CISO) received a call from the Chief Executive Officer (CEO) about a data breach from the SOC lead around 9:00 a.m. At 10:00 a.m. The CEO informs the CISO that a breach of the firm is being reported on national news. Upon investigation, it is determined that a network administrator has reached out to a vendor prior to the breach for information on a security patch that failed to be installed. Which of the following should the CISO do to prevent this from happening again?
- A. Properly triage events based on brand imaging and ensure the CEO is on the call roster.
- B. Create an effective communication plan and socialize it with all employees.
- C. Send out a press release denying the breach until more information can be obtained.
- D. Implement a more robust vulnerability identification process.
An internal security audit determines that Telnet is currently being used within the environment to manage network switches. Which of the following tools should be utilized to identify credentials in plaintext that are used to log in to these devices?
- A. Fuzzer
- B. Network traffic analyzer
- C. HTTP interceptor
- D. Port scanner
- E. Password cracker