A software company is releasing a new mobile application to a broad set of external customers. Because the software company is rapidly releasing new features, it has built in an over-the-air software update process that can automatically update the application at launch time. Which of the following security controls should be recommended by the company's security architect to protect the integrity of the update process? (Choose two.)

• A.Enforce a click-through process with user opt-in for new features
• B.Require HTTPS connections for downloads of software updates
• C.Validate cryptographic signatures applied to software updates
• D.Ensure there are multiple download mirrors for availability
• E.Perform certificate pinning of the associated code signing key

Comment: *

Name: *

Email: *

Verification: *

An organization just merged with an organization in another legal jurisdiction and must improve its network
security posture in ways that do not require additional resources to implement data isolation. One
recommendation is to block communication between endpoint PCs. Which of the following would be the
BEST solution?

• A.Installing HIDS
• B.Configuring a host-based firewall
• C.Implementing network segmentation
• D.Configuring EDR

Comment: *

Name: *

Email: *

Verification: *

A security engineer has received feedback from other security professionals about the effectiveness of hiding a wireless SSID as a security measure Opinions vary as to whether this practice is effective or hinders WiFi performance. The security engineer decides to get information from a definitive source. Which of the following should the security engineer do to BEST make an informed decision?

• A.Subscribe to threat feeds filtered for VV1F1
• B.Read white papers posted on industry vendor websites
• C.Read the configuration guides associated with the hardware in use
• D.Read the RFCs that pertain to the subject
• E.Attend industry trade shows and discuss the matter with subject matter experts

Comment: *

Name: *

Email: *

Verification: *

After multiple availability issues a systems administrator is reviewing the following metrics from the web server farm, which is configured to serve the company's e-commerce site:

To reduce the availability risk the company should implement a new:

• A.web server to the farm.
• B.web application firewall.
• C.log correlation and aggregation system
• D.load balancer algorithm

Comment: *

Name: *

Email: *

Verification: *

A university's help desk is receiving reports that Internet access on campus is not functioning. The network administrator looks at the management tools and sees the 1Gbps Internet is completely saturated with ingress traffic. The administrator sees the following output on the Internet router:

The administrator calls the university's ISP for assistance, but it takes more than four hours to speak to a network engineer who can resolve the problem. Based on the information above, which of the following should the ISP engineer do to resolve the issue?

• A.The ISP engineer should null route traffic to the web server immediately to restore Internet connectivity.
  The university should implement a remotely triggered black hole with the ISP to resolve this more quickly in the future.
• B.The ISP engineer should immediately begin blocking IP addresses that are attacking the web server to restore Internet connectivity. In the future, the university should install a WAF to prevent this attack from happening again.
• C.The ISP engineer should begin refusing network connections to the web server immediately to restore Internet connectivity on campus. The university should purchase an IPS device to stop DDoS attacks in the future.
• D.A university web server is under increased load during enrollment. The ISP engineer should immediately increase bandwidth to 2Gbps to restore Internet connectivity. In the future, the university should pay for more bandwidth to handle spikes in web server traffic.

Comment: *

Name: *

Email: *

Verification: *