The Chief Information Security Officer (CISO) is asking for ways to protect against zero-day exploits. The CISO
is concerned that an unrecognized threat could compromise corporate data and result in regulatory fines as
well as poor corporate publicity. The network is mostly flat, with split staff/guest wireless functionality. Which of
the following equipment MUST be deployed to guard against unknown threats?

A human resources manager at a software development company has been tasked with recruiting personnel
for a new cyber defense division in the company. This division will require personnel to have high technology
skills and industry certifications. Which of the following is the BEST method for this manager to gain insight into
this industry to execute the task?

The security engineer receives an incident ticket from the helpdesk stating that DNS lookup requests are no
longer working from the office. The network team has ensured that Layer 2 and Layer 3 connectivity are
working. Which of the following tools would a security engineer use to make sure the DNS server is listening on
port 53?

A network administrator with a company’s NSP has received a CERT alert for targeted adversarial behavior at
the company. In addition to the company’s physical security, which of the following can the network
administrator use to detect the presence of a malicious actor physically accessing the company’s network or
information systems from within? (Select TWO).

A security consultant is conducting a network assessment and wishes to discover any legacy backup Internet
connections the network may have. Where would the consultant find this information and why would it be
valuable?

A new web based application has been developed and deployed in production. A security engineer decides to
use an HTTP interceptor for testing the application. Which of the following problems would MOST likely be
uncovered by this tool?

A company is in the process of implementing a new front end user interface for its customers, the goal is to
provide them with more self service functionality. The application has been written by developers over the last
six months and the project is currently in the test phase. Which of the following security activities should be
implemented as part of the SDL in order to provide the MOST security coverage over the solution? (Select
TWO).

The Information Security Officer (ISO) is reviewing a summary of the findings from the last COOP tabletop
exercise. The Chief Information Officer (CIO) wants to determine which additional controls must be
implemented to reduce the risk of an extended customer service outage due to the VoIP system being
unavailable. Which of the following BEST describes the scenario presented and the document the ISO is
reviewing?

A Chief Financial Officer (CFO) has raised concerns with the Chief Information Security Officer (CISO) because
money has been spent on IT security infrastructure, but corporate assets are still found to be vulnerable. The
business recently funded a patch management product and SOE hardening initiative. A third party auditor
reported findings against the business because some systems were missing patches. Which of the following
statements BEST describes this situation?

A new internal network segmentation solution will be implemented into the enterprise that consists of 200
internal firewalls. As part of running a pilot exercise, it was determined that it takes three changes to deploy a
new application onto the network before it is operational. Security now has a significant effect on overall
availability. Which of the following would be the FIRST process to perform as a result of these findings?