Which of the following are security components provided by an application security library or framework?
Which of the following are security components provided by an application security library or
framework? (Select THREE).
Which of the following potential vulnerabilities exists in the following code snippet?
Which of the following potential vulnerabilities exists in the following code snippet?
var myEmail = document.getElementById(“formInputEmail”).value;
if (xmlhttp.readyState==4 && xmlhttp.status==200)
{
Document.getElementById(“profileBox”).innerHTML = “Emails will be sent to “ + myEmail +
xmlhttp.responseText;
}
Which of the following is MOST likely to be used in a SOC to address the CISO’s concerns?
The Chief Information Security Officer (CISO) has just returned from attending a security
conference and now wants to implement a Security Operations Center (SOC) to improve and
coordinate the detection of unauthorized access to the enterprise. The CISO’s biggest concern is
the increased number of attacks that the current infrastructure cannot detect. Which of the
following is MOST likely to be used in a SOC to address the CISO’s concerns?
Which of the following is BEST able to achieve this?
The IT Manager has mandated that an extensible markup language be implemented which can be
used to exchange provisioning requests and responses for account creation. Which of the
following is BEST able to achieve this?
which of the following places should the NIPS be placed in the network?
A company is planning to deploy an in-house Security Operations Center (SOC).
One of the new requirements is to deploy a NIPS solution into the Internet facing environment.
The SOC highlighted the following requirements:
Perform fingerprinting on unfiltered inbound traffic to the company
Monitor all inbound and outbound traffic to the DMZ’s
In which of the following places should the NIPS be placed in the network?
Which of the following reduces this threat and minimizes potential impact on the manufacturing lines?
A company recently experienced a malware outbreak. It was caused by a vendor using an
approved non-company device on the company’s corporate network that impacted manufacturing
lines, causing a week of downtime to recover from the attack.
Which of the following reduces this threat and minimizes potential impact on the manufacturing
lines?
Which of the following controls should the security administrator recommend to determine new threats against t
Capital Reconnaissance, LLC is building a brand new research and testing location, and the
physical security manager wants to deploy IP-based access control and video surveillance. These
two systems are essential for keeping the building open for operations. Which of the following
controls should the security administrator recommend to determine new threats against the new
IP-based access control and video surveillance systems?
Which of the following should the security engineer recommend?
A company has recently implemented a video conference solution that uses the H.323 protocol.
The security engineer is asked to make recommendations on how to secure video conferences to
protect confidentiality. Which of the following should the security engineer recommend?
where would the security engineer MOST likely recommend placing the rack?
A healthcare company recently purchased the building next door located on the same campus.
The building previously did not have any IT infrastructure. The building manager has selected four
potential locations to place IT equipment consisting of a half height open server rack with five
switches, a router, a firewall, and two servers. Given the descriptions below, where would the
security engineer MOST likely recommend placing the rack?
The Boiler Room: The rack can be placed 5 feet (1.5 meters) up on the wall, between the second
and third boiler. The room is locked and only maintenance has access to it.
The Reception AreA. The reception area is an open area right as customers enter. There is a
closet 5 feet by 5 feet (1.5 meters by 1.5 meters) that the rack will be placed in with floor mounts.
There is a 3 digit PIN lock that the receptionist sets.
The Rehabilitation AreA. The rack needs to be out of the way from patients using the whirlpool
bath, so it will be wall mounted 8 feet (2.4 meters) up as the area has high ceilings. The rehab
area is staffed full time and admittance is by key card only.
The Finance AreA. There is an unused office in the corner of the area that can be used for the
server rack. The rack will be floor mounted. The finance area is locked and alarmed at night.
Which of the following can be configured to authenticate and enforce these shell restrictions?
A network security engineer would like to allow authorized groups to access network devices with
a shell restricted to only show information while still authenticating the administrator’s group to an
unrestricted shell. Which of the following can be configured to authenticate and enforce these shell
restrictions? (Select TWO).