A penetration tester is inspecting traffic on a new mobile banking application and sends the following web
request:
POST http://www.example.com/resources/NewBankAccount HTTP/1.1 Content-type: application/json
{
“account”:
[
{ “creditAccount”:”Credit Card Rewards account”}
{ “salesLeadRef”:”www.example.com/badcontent/exploitme.exe”} ],
“customer”:
[
{ “name”:”Joe Citizen”} { “custRef”:”3153151″}
]}
The banking website responds with:
HTTP/1.1 200 OK
{
“newAccountDetails”:
[
{ “cardNumber”:”1234123412341234″} { “cardExpiry”:”2020-12-31″} { “cardCVV”:”909″}
],
“marketingCookieTracker”:”JSESSIONID=000000001″
“returnCode”:”Account added successfully”
}
Which of the following are security weaknesses in this example? (Select TWO).

A security administrator is performing VDI traffic data collection on a virtual server which migrates from one
host to another. While reviewing the data collected by the protocol analyzer, the security administrator notices
that sensitive data is present in the packet capture. Which of the following should the security administrator
recommend to ensure the confidentiality of sensitive information during live VM migration, while minimizing
latency issues?

A Chief Information Security Officer (CISO) has requested that a SIEM solution be implemented. The CISO
wants to know upfront what the projected TCO would be before looking further into this concern. Two vendor
proposals have been received:
Vendor A: product-based solution which can be purchased by the pharmaceutical company.
Capital expenses to cover central log collectors, correlators, storage and management consoles expected to be
$150,000. Operational expenses are expected to be a 0.5 full time employee (FTE) to manage the solution, and
1 full time employee to respond to incidents per year.
Vendor B: managed service-based solution which can be the outsourcer for the pharmaceutical company’s
needs.
Bundled offering expected to be $100,000 per year.
Operational expenses for the pharmaceutical company to partner with the vendor are expected to be a 0.5 FTE
per year.
Internal employee costs are averaged to be $80,000 per year per FTE. Based on calculating TCO of the two
vendor proposals over a 5 year period, which of the following options is MOST accurate?

Which of the following technologies prevents an unauthorized HBA from viewing iSCSI target information?

A company has received the contract to begin developing a new suite of software tools to replace an aging
collaboration solution. The original collaboration solution has been in place for nine years, contains over a
million lines of code, and took over two years to develop originally. The SDLC has been broken up into eightprimary stages, with each stage requiring an in-depth risk analysis before moving on to the next phase. Which
of the following software development methods is MOST applicable?

The helpdesk manager wants to find a solution that will enable the helpdesk staff to better serve company
employees who call with computer-related problems. The helpdesk staff is currently unable to perform effective
troubleshooting and relies on callers to describe their technology problems. Given that the helpdesk staff is
located within the company headquarters and 90% of the callers are telecommuters, which of the followingtools should the helpdesk manager use to make the staff more effective at troubleshooting while at the same
time reducing company costs? (Select TWO).

A small retail company recently deployed a new point of sale (POS) system to all 67 stores. The core of the
POS is an extranet site, accessible only from retail stores and the corporate office over a split-tunnel VPN. An
additional split-tunnel VPN provides bi-directional connectivity back to the main office, which provides voice
connectivity for store VoIP phones. Each store offers guest wireless functionality, as well as employee wireless.Only the staff wireless network has access to the POS VPN. Recently, stores are reporting poor response times
when accessing the POS application from store computers as well as degraded voice quality when making
phone calls. Upon investigation, it is determined that three store PCs are hosting malware, which is generating
excessive network traffic. After malware removal, the information security department is asked to review the
configuration and suggest changes to prevent this from happening again. Which of the following denotes the
BEST way to mitigate future malware risk?

An analyst connects to a company web conference hosted on www.webconference.com/meetingID#01234 and
observes that numerous guests have been allowed to join, without providing identifying information. The topics
covered during the web conference are considered proprietary to the company. Which of the following security
concerns does the analyst present to management?

A security engineer is a new member to a configuration board at the request of management. The company
has two new major IT projects starting this year and wants to plan security into the application deployment. The
board is primarily concerned with the applications’ compliance with federal assessment and authorization
standards. The security engineer asks for a timeline to determine when a security assessment of both
applications should occur and does not attend subsequent configuration board meetings. If the security
engineer is only going to perform a security assessment, which of the following steps in system authorizationhas the security engineer omitted?

Ann, a systems engineer, is working to identify an unknown node on the corporate network. To begin her
investigative work, she runs the following nmap command string:
user@hostname:~$ sudo nmap O 192.168.1.54
Based on the output, nmap is unable to identify the OS running on the node, but the following ports are open on
the device:
TCP/22
TCP/111
TCP/512-514
TCP/2049
TCP/32778
Based on this information, which of the following operating systems is MOST likely running on the unknown
node?