The root cause analysis of a recent security incident reveals that an attacker accessed a printer
from the Internet. The attacker then accessed the print server, using the printer as a launch pad
for a shell exploit. The print server logs show that the attacker was able to exploit multiple
accounts, ultimately launching a successful DoS attack on the domain controller.
Defending against which of the following attacks should form the basis of the incident mitigation
plan?

An existing enterprise architecture included an enclave where sensitive research and development
work was conducted. This network enclave also served as a storage location for proprietary
corporate data and records. The initial security architect chose to protect the enclave by restricting
access to a single physical port on a firewall. All downstream network devices were isolated from
the rest of the network and communicated solely through the single 100mbps firewall port. Over
time, researchers connected devices on the protected enclave directly to external resources and
corporate data stores. Mobile and wireless devices were also added to the enclave to support high
speed data research. Which of the following BEST describes the process which weakened the
security posture of the enclave?

At one time, security architecture best practices led to networks with a limited number (1-3) of
network access points. This restriction allowed for the concentration of security resources and
resulted in a well defined attack surface. The introduction of wireless networks, highly portable
network devices, and cloud service providers has rendered the network boundary and attack
surface increasingly porous. This evolution of the security architecture has led to which of the
following?

An administrator notices the following file in the Linux server’s /tmp directory.
-rwsr-xr-x. 4 root root 234223 Jun 6 22:52 bash*
Which of the following should be done to prevent further attacks of this nature?