The IT department’s on-site developer has been with the team for many years. Each time an application is released, the security team is able to identify multiple vulnerabilities. Which of the following would BEST help the team ensure the application is ready to be released to production?

A.

Limit the use of third-party libraries.

B.

Prevent data exposure queries.

C.

Obfuscate the source code.

D.

Submit the application to QA before releasing it.

To secure an application after a large data breach, an e-commerce site will be resetting all users’ credentials. Which of the following will BEST ensure the site’s users are not compromised after the reset?

A.

A password reuse policy

B.

Account lockout after three failed attempts

C.

Encrypted credentials in transit

D.

A geofencing policy based on login history

A security analyst is using a recently released security advisory to review historical logs, looking for the specific activity that was outlined in the advisory. Which of the following is the analyst doing?

A.

A packet capture

B.

A user behavior analysis

C.

Threat hunting

D.

Credentialed vulnerability scanning

A database administrator needs to ensure all passwords are stored in a secure manner, so the administrate adds randomly generated data to each password before string. Which of the following techniques BEST explains this action?

A.

Predictability

B.

Key stretching

C.

Salting

D.

Hashing

An organization hired a consultant to assist with an active attack, and the consultant was
able to identify the compromised accounts and computers. Which of the following is the
consultant MOST likely to recommend to prepare for eradication?

A.

Quarantining the compromised accounts and computers, only providing them with
network access

B.

Segmenting the compromised accounts and computers into a honeynet so as to not
alert the attackers.

C.

Isolating the compromised accounts and computers, cutting off all network and internet
access.

D.

Logging off and deleting the compromised accounts and computers to eliminate attacker
access.

An attacker is attempting to exploit users by creating a fake website with the URL users.
Which of the following social-engineering attacks does this describe?

A.

Information elicitation

B.

Typo squatting

C.

Impersonation

D.

Watering-hole attack

Which of the following policies would help an organization identify and mitigate potential single points of failure in the company’s IT/security operations?

A.

Least privilege

B.

Awareness training

C.

Separation of duties

D.

Mandatory vacation

Which of the following allows for functional test data to be used in new systems for testing and training purposes to protect the read data?

A.

Data encryption

B.

Data masking

C.

Data deduplication

D.

Data minimization

Which of the following will MOST likely adversely impact the operations of unpatched traditional programmable-logic controllers, running a back-end LAMP server and OT systems with human-management interfaces that are accessible over the Internet via a web interface? (Choose two.)

A.

Cross-site scripting

B.

Data exfiltration

C.

Poor system logging

D.

Weak encryption

E.

SQL injection

F.

Server-side request forgery

A Chief Information Security Officer (CISO) is concerned about the organization's ability to
continue business operation in the event of a prolonged DDoS attack on its local
datacenter that consumes database resources. Which of the following will the CISO MOST likely recommend to mitigate this risk?

A.

Upgrade the bandwidth available into the datacenter

B.

Implement a hot-site failover location

C.

Switch to a complete SaaS offering to customers

D.

Iplement a challenge response test on all end-user queries

A small business just recovered from a ransomware attack against its file servers by purchasing the decryption keys from the attackers. The issue was triggered by a phishing email and the IT administrator wants to ensure it does not happen again. Which of the following should the IT administrator do FIRST after recovery?

A.

Scan the NAS for residual or dormant malware and take new daily backups that are tested on a frequent basis

B.

Restrict administrative privileges and patch ail systems and applications.

C.

Rebuild all workstations and install new antivirus software

D.

Implement application whitelisting and perform user application hardening

A cybersecurity administrator is using iptables as an enterprise firewall. The administrator
created some rules, but the network now seems to be unresponsive All connections are
being dropped by the firewall. Which of the following would be the BEST option to remove
the rules?

A.

# iptables -t mangle -X

B.

# iptables -F

C.

# iptables -Z

D.

# iptables -P INPUT -j DROP