Company policy requires that all company laptops meet the following baseline requirements:
Software requirements:
Antivirus Anti-malware Anti-spyware
Log monitoring
Full-disk encryption
Terminal services enabled for RDP Administrative access for local users Hardware restrictions: Bluetooth
disabled FireWire disabled WiFi adapter disabled Ann, a web developer, reports performance issues with her
laptop and is not able to access any network resources. After further investigation, a bootkit was discovered
and it was trying to access external websites. Which of the following hardening techniques should be applied to
mitigate this specific issue from reoccurring? (Select TWO).

An IT auditor is reviewing the data classification for a sensitive system. The company has classified the data
stored in the sensitive system according to the following matrix:
DATA TYPECONFIDENTIALITYINTEGRITYAVAILABILITY
—————————————————————————————————————-
FinancialHIGHHIGHLOW
Client nameMEDIUMMEDIUMHIGH Client addressLOWMEDIUMLOW
—————————————————————————————————————–
AGGREGATEMEDIUMMEDIUMMEDIUM
The auditor is advising the company to review the aggregate score and submit it to senior management. Which
of the following should be the revised aggregate score?

CORRECT TEXT
An administrator wants to install a patch to an application. Given the scenario, download, verify and install the
patch in the most secure manner. Instructions: The last install that is completed will be the final submission.

A bank is in the process of developing a new mobile application. The mobile client renders content and
communicates back to the company servers via REST/JSON calls. The bank wants to ensure that the
communication is stateless between the mobile application and the web services gateway. Which of the
following controls MUST be implemented to enable stateless communication?

A security manager is looking into the following vendor proposal for a cloud-based SIEM solution. The intention
is that the cost of the SIEM solution will be justified by having reduced the number of incidents and therefore
saving on the amount spent investigating incidents. Proposal: External cloud-based software as a service
subscription costing $5,000 per month. Expected to reduce the number of current incidents per annum by 50%.
The company currently has ten security incidents per annum at an average cost of $10,000 per incident. Which
of the following is the ROI for this proposal after three years?

A security company is developing a new cloud-based log analytics platform. Its purpose is to allow:
Customers to upload their log files to the “big data” platform Customers to perform remote log search
Customers to integrate into the platform using an API so that third party business intelligence tools can be used
for the purpose of trending, insights, and/or discovery Which of the following are the BEST security
considerations to protect data from one customer being disclosed to other customers? (Select THREE).

A company has received the contract to begin developing a new suite of software tools to replace an aging
collaboration solution. The original collaboration solution has been in place for nine years, contains over a
million lines of code, and took over two years to developoriginally. The SDLC has been broken up into eight primary stages, with each stage requiring an in-depth risk
analysis before moving on to the next phase. Which of the following software development methods is MOST
applicable?

A company is deploying a new iSCSI-based SAN. The requirements are as follows:
SAN nodes must authenticate each other.
Shared keys must NOT be used.
Do NOT use encryption in order to gain performance. Which of the following design specifications meet all the
requirements? (Select TWO).

Two universities are making their 802.11n wireless networks available to the other university’s students. The
infrastructure will pass the student’s credentials back to the home school for authentication via the Internet. The
requirements are:
Mutual authentication of clients and authentication server The design should not limit connection speeds
Authentication must be delegated to the home school No passwords should be sent unencrypted
The following design was implemented:
WPA2 Enterprise using EAP-PEAP-MSCHAPv2 will be used for wireless security RADIUS proxy servers will be
used to forward authentication requests to the home school The RADIUS servers will have certificates from a
common public certificate authority A strong shared secret will be used for RADIUS server authentication
Which of the following security considerations should be added to the design?

A human resources manager at a software development company has been tasked with recruiting personnel
for a new cyber defense division in the company. This division will require personnel to have high technologyskills and industry certifications. Which of the following is the BEST method for this manager to gain insight into
this industry to execute the task?