A penetration tester is assessing a mobile banking application. Man-in-the-middle attempts via a
HTTP intercepting proxy are failing with SSL errors. Which of the following controls has likely been
implemented by the developers?

During a software development project review, the cryptographic engineer advises the project
manager that security can be greatly improved by significantly slowing down the runtime of a
hashing algorithm and increasing the entropy by passing the input and salt back during each
iteration. Which of the following BEST describes what the engineer is trying to achieve?

The threat abatement program manager tasked the software engineer with identifying the fastest
implementation of a hash function to protect passwords with the least number of collisions. Which
of the following should the software engineer implement to best meet the requirements?

A security engineer at a bank has detected a Zeus variant, which relies on covert communication
channels to receive new instructions and updates from the malware developers. As a result, NIPS
and AV systems did not detect the configuration files received by staff in emails that appeared as
normal files. Which of the following BEST describes the technique used by the malware
developers?

A security engineer wants to implement forward secrecy but still wants to ensure the number of
requests handled by the web server is not drastically reduced due to the larger computational
overheads. Browser compatibility is not a concern; however system performance is. Which of the
following, when implemented, would BEST meet the engineer’s requirements?

An IT administrator has been tasked by the Chief Executive Officer with implementing security
using a single device based on the following requirements:
1. Selective sandboxing of suspicious code to determine malicious intent.
2. VoIP handling for SIP and H.323 connections.
3. Block potentially unwanted applications.
Which of the following devices would BEST meet all of these requirements?

The Chief Executive Officer (CEO) has asked the IT administrator to protect the externally facing
web server from SQL injection attacks and ensure the backend database server is monitored for
unusual behavior while enforcing rules to terminate unusual behavior. Which of the following
would BEST meet the CEO’s requirements?

The risk manager has requested a security solution that is centrally managed, can easily be

updated, and protects end users’ workstations from both known and unknown malicious attacks
when connected to either the office or home network. Which of the following would BEST meet
this requirement?

An IT administrator has been tasked with implementing an appliance-based web proxy server to
control external content accessed by internal staff. Concerned with the threat of corporate data
leakage via web-based email, the IT administrator wants to decrypt all outbound HTTPS sessions
and pass the decrypted content to an ICAP server for inspection by the corporate DLP software.
Which of the following is BEST at protecting the internal certificates used in the decryption
process?

A security manager is concerned about performance and patch management, and, as a result,
wants to implement a virtualization strategy to avoid potential future OS vulnerabilities in the host
system. The IT manager wants a strategy that would provide the hypervisor with direct
communications with the underlying physical hardware allowing the hardware resources to be
paravirtualized and delivered to the guest machines. Which of the following recommendations
from the server administrator BEST meets the IT and security managers’ requirements? (Select
TWO).