A security administrator is hardening a TrustedSolaris server that processes sensitive data. The data owner has established the following security requirements:
The data is for internal consumption only and shall not be distributed to outside individuals The systems administrator should not have access to the data processed by the server The integrity of the kernel image is maintained Which of the following host-based security controls BEST enforce the data owner's requirements? (Choose three.)

• A.DLP
• B.Watermarking
• C.Measured boot
• D.Data encryption
• E.SELinux
• F.Host-based firewall
• G.HIDS

Comment: *

Name: *

Email: *

Verification: *

Which of the following activities is commonly deemed "OUT OF SCOPE" when undertaking a penetration test?

• A.Test password complexity of all login fields and input validation of form fields
• B.Reverse engineering any thick client software that has been provided for the test
• C.Undertaking network-based denial of service attacks in production environment
• D.Attempting to perform blind SQL injection and reflected cross-site scripting attacks
• E.Running a vulnerability scanning tool to assess network and host weaknesses

Comment: *

Name: *

Email: *

Verification: *

A security incident responder discovers an attacker has gained access to a network and has overwritten key system files with backdoor software. The server was reimaged and patched offline. Which of the following tools should be implemented to detect similar attacks?

• A.TPM
• B.Host-based firewall
• C.File integrity monitor
• D.Vulnerability scanner
• E.NIPS

Comment: *

Name: *

Email: *

Verification: *

Which of the following is MOST likely to be included in a security services SLA with a third-party vendor?

• A.The standard of quality for anti-malware engines
• B.Minimum bit strength for encryption-in-transit.
• C.Parameters for applying critical patches
• D.The validity of program productions

Comment: *

Name: *

Email: *

Verification: *

The security administrator has just installed an active\passive cluster of two firewalls for enterprise perimeter defense of the corporate network.
Stateful firewall inspection is being used in the firewall implementation.
There have been numerous reports of dropped connections with external clients.
Which of the following is MOST likely the cause of this problem?

• A.The firewall administrator connected a dedicated communication cable between the firewalls in order to share a single state table across the cluster causing the sessions to be dropped.
• B.TCP and UDP sessions are being balanced across both firewalls and connections are being dropped because the session IDs are not recognized by the secondary firewall.
• C.Prioritize UDP traffic and associated stateful UDP session information is traversing the passive firewall causing the connections to be dropped.
• D.TCP sessions are traversing one firewall and return traffic is being sent through the secondary firewall and sessions are being dropped.

Comment: *

Name: *

Email: *

Verification: *