A systems security consultant is hired by Corporation X to analyze the current enterprise network
environment and make recommendations for increasing network security. It is the consultant’s first
day on the job. Which of the following network design considerations should the consultant
consider? (Select THREE).

Which of the following is the MOST secure way to ensure third party applications and introduce
only acceptable risk?

The Chief Executive Officer (CEO) has asked a security project manager to provide
recommendations on the breakout of tasks for the development of a new product. The CEO thinks
that by assigning areas of work appropriately the overall security of the product will be increased,
because staff will focus on their areas of expertise. Given the below groups and tasks select the
BEST list of assignments.
Groups: Networks, Development, Project Management, Security, Systems Engineering, Testing
Tasks: Decomposing requirements, Secure coding standards, Code stability, Functional validation,
Stakeholder engagement, Secure transport

A software vendor has had several zero-day attacks against its software, due to previously
unknown security defects being exploited by attackers. The attackers have been able to perform
operations at the same security level as the trusted application. The vendor product management
team has decided to re-design the application with security as a priority. Which of the following is a
design principle that should be used to BEST prevent these types of attacks?