Joe, a hacker, has discovered he can specifically craft a webpage that when viewed in a browser
crashes the browser and then allows him to gain remote code execution in the context of the
victim’s privilege level. The browser crashes due to an exception error when a heap memory that
is unused is accessed. Which of the following BEST describes the application issue?

A large hospital has implemented BYOD to allow doctors and specialists the ability to access
patient medical records on their tablets. The doctors and specialists access patient records over
the hospital’s guest WiFi network which is isolated from the internal network with appropriate
security controls. The patient records management system can be accessed from the guest
network and requires two factor authentication. Using a remote desktop type interface, the doctors
and specialists can interact with the hospital’s system. Cut and paste and printing functions are
disabled to prevent the copying of data to BYOD devices. Which of the following are of MOST
concern? (Select TWO).

A high-tech company dealing with sensitive data seized the mobile device of an employee
suspected of leaking company secrets to a competitive organization. Which of the following is the
BEST order for mobile phone evidence extraction?

A company is in the process of implementing a new front end user interface for its customers, the
goal is to provide them with more self service functionality. The application has been written by
developers over the last six months and the project is currently in the test phase.
Which of the following security activities should be implemented as part of the SDL in order to
provide the MOST security coverage over the solution? (Select TWO).

A company is in the process of outsourcing its customer relationship management system to a
cloud provider. It will host the entire organization’s customer database. The database will be
accessed by both the company’s users and its customers. The procurement department has
asked what security activities must be performed for the deal to proceed. Which of the following
are the MOST appropriate security activities to be performed as part of due diligence? (Select
TWO).

A developer is determining the best way to improve security within the code being developed. The
developer is focusing on input fields where customers enter their credit card details. Which of the
following techniques, if implemented in the code, would be the MOST effective in protecting the
fields from malformed input?

The audit department at a company requires proof of exploitation when conducting internal

network penetration tests. Which of the following provides the MOST conclusive proof of
compromise without further compromising the integrity of the system?

A security administrator was doing a packet capture and noticed a system communicating with an
address within the 2001::/32 prefix. The network administrator confirms there is no IPv6 routing
into or out of the network. Which of the following is the BEST course of action?

An organization is finalizing a contract with a managed security services provider (MSSP) that is
responsible for primary support of all security technologies. Which of the following should the
organization require as part of the contract to ensure the protection of the organization’s
technology?

An administrator is trying to categorize the security impact of a database server in the case of a
security event. There are three databases on the server.
Current Financial Data = High level of damage if data is disclosed. Moderate damage if the system
goes offline
Archived Financial Data = No need for the database to be online. Low damage for integrity loss
Public Website Data = Low damage if the site goes down. Moderate damage if the data is
corrupted
Given these security categorizations of each database, which of the following is the aggregate
security categorization of the database server?