A security analyst is validating the MAC policy on a set of Android devices. The policy was written to ensure non-critical applications are unable to access certain resources. When reviewing dmesg, the analyst notes many entries such as:
Despite the deny message, this action was still permit following is the MOST likely fix for this issue?

• A.Rebuild the policy, reinstall, and test.
• B.Create separate domain and context files for irc.
• C.Set the devices to enforcing
• D.Add the objects of concern to the default context.

Comment: *

Name: *

Email: *

Verification: *

A security analyst has been asked to develop a quantitative risk analysis and risk assessment for the company's online shopping application. Based on heuristic information from the Security Operations Center (SOC), a Denial of Service Attack (DoS) has been successfully executed 5 times a year. The Business Operations department has determined the loss associated to each attack is $40,000. After implementing application caching, the number of DoS attacks was reduced to one time a year. The cost of the countermeasures was $100,000. Which of the following is the monetary value earned during the first year of operation?

• A.$60,000
• B.$100,000
• C.$140,000
• D.$200,000

Comment: *

Name: *

Email: *

Verification: *

A new internal network segmentation solution will be implemented into the enterprise that consists of 200 internal firewalls. As part of running a pilot exercise, it was determined that it takes three changes to deploy a new application onto the network before it is operational. Security now has a significant effect on overall availability. Which of the following would be the FIRST process to perform as a result of these findings?

• A.Lower the SLA to a more tolerable level and perform a risk assessment to see if the solution could be met by another solution. Reuse the firewall infrastructure on other projects.
• B.Perform a cost benefit analysis and implement the solution as it stands as long as the risks are understood by the business owners around the availability issues. Decrease the current SLA expectations to match the new solution.
• C.Engage internal auditors to perform a review of the project to determine why and how the project did not meet the security requirements. As part of the review ask them to review the control effectiveness.
• D.Review to determine if control effectiveness is in line with the complexity of the solution. Determine if the requirements can be met with a simpler solution.

Comment: *

Name: *

Email: *

Verification: *

During a security assessment, an organization is advised of inadequate control over network segmentation. The assessor explains that the organization's reliance on VLANs to segment traffic is insufficient to provide segmentation based on regulatory standards.
Which of the following should the organization consider implementing along with VLANs to provide a greater level of segmentation?

• A.Air gaps
• B.Access control lists
• C.Spanning tree protocol
• D.Network virtualization
• E.Elastic load balancing

Comment: *

Name: *

Email: *

Verification: *

A security administrator wants to prevent sensitive data residing on corporate laptops and desktops from leaking outside of the corporate network. The company has already implemented full-disk encryption and has disabled all peripheral devices on its desktops and laptops. Which of the following additional controls MUST be implemented to minimize the risk of data leakage? (Select TWO).

• A.A full-system backup should be implemented to a third-party provider with strong encryption for data in transit.
• B.A DLP gateway should be installed at the company border.
• C.Strong authentication should be implemented via external biometric devices.
• D.Full-tunnel VPN should be required for all network communication.
• E.Full-drive file hashing should be implemented with hashes stored on separate storage.
• F.Split-tunnel VPN should be enforced when transferring sensitive data.

Comment: *

Name: *

Email: *

Verification: *