The development team recently moved a new application into production for the accounting department.
After this occurred, the Chief Information Officer (CIO) was contacted by the head of accounting because
the application is missing a key piece of functionality that is needed to complete the corporation's quarterly
tax returns. Which of the following types of testing would help prevent this from reoccurring?

• A.User acceptance testing
• B.Input validation testing
• C.Security regression testing
• D.Static code testing

Comment: *

Name: *

Email: *

Verification: *

Alerts have been received from the SIEM, indicating infections on multiple computers.
Based on threat characteristic, these files were quarantined by the host-based antivirus program. At the same time, additional alerts in the SIEM show multiple blocked URLs from the address of the infected computers; the URLs were clashed as uncategorized. The domain location of the IP address of the URLs that were blocked is checked, and it is registered to an ISP in Russia. Which of the following steps should be taken NEXT?

• A.Install a computer with the same settings as the infected computers in the DM^ to use as a honeypot Permit the URLs classified as uncategorized to and from that host.
• B.Remove those computers from the network and replace the hard drives Send the Infected hard drives out lot investigation.
• C.Run a vulnerability scan and patch discovered vulnerabilities on the next patching cycle Have the users restart their computer Create a use case in the SIEM to monitor farted logins on infected computers.
• D.Run a full antivirus scan on all computers and use Splunk to search for any suspicious activity that happened just before the alerts were received in the SIEM.

Comment: *

Name: *

Email: *

Verification: *

A server contains baseline images that are deployed to sensitive workstations on a regular basis. The
images are evaluated once per month for patching and other fixes, but do not change otherwise. Which of
the following controls should be put in place to secure the file server and ensure the images are not
changed?

• A.Install a honeypot to identify any attacks before the baseline images can be compromised.
• B.Schedule vulnerability scans of the server at least once per month before the images are updated.
• C.Install and configure a file integrity monitoring tool on the server and allow updates to the images each
  month.
• D.Require the use of two-factor authentication for any administrator or user who needs to connect to the
  server.

Comment: *

Name: *

Email: *

Verification: *

During the forensic a phase of a security investigation, it was discovered that an attacker was able to find
private keys on a poorly secured team shared drive. The attacker used those keys to intercept and decrypt
sensitive traffic on a web server. Which of the following describes this type of exploit and the potential
remediation?

• A.Session hijacking; network intrusion detection sensors
• B.Cross-site scripting; increased encryption key sizes
• C.Man-in-the-middle; well-controlled storage of private keys
• D.Rootkit; controlled storage of public keys

Comment: *

Name: *

Email: *

Verification: *

Poky allows scanning of vulnerabilities during production hours. But production servers have been crashing later due lo unauthorized scans performed by junior technicians. Which of the following is the BEST solution to avoid production server downtime due to these types of scans?

• A.Require vulnerability scans be performed by trained personnel.
• B.Transition from centralized to agent-based scans
• C.Implement sandboxing to analyze the results of each scan.
• D.Scan only as required to regulatory compliance.
• E.Configure daily automated detailed vulnerability reports.

Comment: *

Name: *

Email: *

Verification: *