Which of the following is a design principle that should be used to BEST prevent these types of attacks?
A software vendor has had several zero-day attacks against its software, due to previously
unknown security defects being exploited by attackers. The attackers have been able to perform
operations at the same security level as the trusted application. The vendor product management
team has decided to re-design the application with security as a priority. Which of the following is a
design principle that should be used to BEST prevent these types of attacks?
Which of the following sequences BEST describes the order of activities when balancing security posture and ti
A new vendor product has been acquired to replace a legacy perimeter security product. There
are significant time constraints due to the existing solution nearing end-of-life with no options for
extended support. It has been emphasized that only essential activities be performed. Which of
the following sequences BEST describes the order of activities when balancing security posture
and time constraints?
Which of the following will help BEST improve this situation?
Within an organization, there is a known lack of governance for solution designs. As a result there
are inconsistencies and varying levels of quality for the artifacts that are produced. Which of the
following will help BEST improve this situation?
With whom should the response team speak FIRST?
During a specific incident response and recovery process action, the response team determines
that it must first speak to the person ultimately responsible for the data. With whom should the
response team speak FIRST?
Which of the following security systems should be implemented for remote access?
A growing corporation is responding to the needs of its employees to access corporate email and
other resources while traveling. The company is implementing remote access for company
laptops. Which of the following security systems should be implemented for remote access?
(Select TWO).
Which of the following security measures should the IT organization implement?
In order to reduce cost and improve employee satisfaction, a large corporation has decided to
allow personal communication devices to access email and to remotely connect to the corporate
network. Which of the following security measures should the IT organization implement? (Select
TWO).
Which of the following would be used?
A storage administrator would like to make storage available to some hosts and unavailable to
other hosts. Which of the following would be used?
Which of the following is a security advantage of single sign-on?
Which of the following is a security advantage of single sign-on? (Select TWO).
How should the IT manager increase accountability to prevent this situation from reoccurring?
After a system update causes significant downtime, the Chief Information Security Officer (CISO)
asks the IT manager who was responsible for the update. The IT manager responds that it is
impossible to know who did the update since five different people have administrative access.
How should the IT manager increase accountability to prevent this situation from reoccurring?
(Select TWO).
Which of the following is the BEST way to integrate these two networks?
Company A is purchasing Company B, and will import all of Company B’s users into its
authentication system. Company A uses 802.1x with a RADIUS server, while Company B uses a
captive SSL portal with an LDAP backend. Which of the following is the BEST way to integrate
these two networks?