A security analyst discovered that the company's WAF was not properly configured. The main web server was breached, and the following payload was found in one of the malicious requests:
Which of the following would BEST mitigate this vulnerability?
A. CAPTCHA
B. Input validation
C. Data encoding
D. Network intrusion prevention
A development team created a mobile application that contacts a company's back-end APIs housed in a PaaS environment. The APIs have been experiencing high processor utilization due to scraping activities. The security engineer needs to recommend a solution that will prevent and remedy the behavior.
Which of the following would BEST safeguard the APIs? (Choose two.)
A. Bot protection
B. OAuth 2.0
C. Input validation
D. Autoscaling endpoints
E. Rate limiting
F. CSRF protection
A DevOps team has deployed databases, event-driven services, and an API gateway as PaaS solution that will support a new billing system. Which of the following security responsibilities will the DevOps team need to perform?
A. Securely configure the authentication mechanisms.
B. Patch the infrastructure at the operating system.
C. Execute port scanning against the services.
D. Upgrade the service as part of life-cycle management.
A software house is developing a new application. The application has the following requirements:
1.
Reduce the number of credential requests as much as possible
2.
Integrate with social networks
3.
Authenticate users
Which of the following is the BEST federation method to use for the application?
A. WS-Federation
B. OpenID
C. OAuth
D. SAML
A security team received a regulatory notice asking for information regarding collusion and pricing from staff members who are no longer with the organization. The legal department provided the security team with a list of search terms to investigate.
This is an example of:
A. due intelligence
B. e-discovery.
C. due care.
D. legal hold.
A large telecommunications equipment manufacturer needs to evaluate the strengths of security controls in a new telephone network supporting first responders. Which of the following techniques would the company use to evaluate data confidentiality controls?
A. Eavesdropping
B. On-path
C. Cryptanalysis
D. Code signing
E. RF sidelobe sniffing
A corporation with a BYOD policy is very concerned about issues that may arise from data ownership. The corporation is investigating a new MDM solution and has gathered the following requirements as part of the requirements-gathering phase.
1.
Each device must be issued a secure token of trust from the corporate PKI.
2.
All corporate application and local data must be able to deleted from a central console.
3.
Cloud storage and backup applications must be restricted from the device.
4.
Devices must be on the latest OS version within three weeks of an OS release.
Which of the following should be feature in the new MDM solution to meet these requirement? (Select TWO.)
A. Application-based containerization
B. Enforced full-device encryption
C. Mandatory acceptance of SCEP system
D. Side-loaded application prevention
E. Biometric requirement to unlock device
F. Over-the-air restriction
Following the most recent patch deployment, a security engineer receives reports that the ERP application is no longer accessible The security engineer reviews the situation and determines a critical secunty patch that was applied to the ERP server is the cause. The patch is subsequently backed out.
Which of the following security controls would be BEST to implement to mitigate the threat caused by the missing patch?
A. Anti-malware
B. Patch testing
C. HIPS
D. Vulnerability scanner
A security engineer has recently become aware of a Java application that processes critical information in real time on the company's network. The Java application was scanned with SAST prior to deployment, and all vulnerabilities have been mitigated. However, some known issues within the Java runtime environment cannot be resolved. Which of the following should the security engineer recommend to the developer in order to mitigate the issue with the LEAST amount of downtime?
A. Perform software composition analysis on libraries from third parties.
B. Run the application in a sandbox and perform penetration tests.
C. Rewrite and compile the application in C++ and then reinstall it.
D. Embed the current application into a virtual machine that runs on dedicated hardware.
SIMULATION
Compliance with company policy requires a quarterly review of firewall rules. You are asked to conduct a review on the internal firewall sitting between several internal networks. The intent of this firewall is to make traffic more secure. Given
the following information perform the tasks listed below:
Untrusted zone: 0.0.0.0/0
User zone: USR 10.1.1.0/24
User zone: USR2 10.1.2.0/24
DB zone: 10.1.0/24
Web application zone: 10.1.5.0/24
Management zone: 10.1.10.0/24
Web server: 10.1.5.50
MS-SQL server: 10.1.4.70
MGMT platform: 10.1.10.250
Task 1) A rule was added to prevent the management platform from accessing the internet. This rule is not working. Identify the rule and correct this issue.
Task 2) The firewall must be configured so that the SQL server can only receive requests from the web server.
Task 3) The web server must be able to receive unencrypted requests from hosts inside and outside the corporate network.
Task 4) Ensure the final rule is an explicit deny.
Task 5) Currently the user zone can access internet websites over an unencrypted protocol. Modify a rule so that user access to websites is over secure protocols only.
Instructions: To perform the necessary tasks, please modify the DST port, SRC zone, Protocol, Action, and/or Rule Order columns. Type ANY to include all ports. Firewall ACLs are read from the top down. Once you have met the simulation
requirements, click Save. When you have completed the simulation, please select the Done button to submit. Once the simulation is submitted, please select the Next button to continue.
A. See the explanation below.
B. PlaceHoder
C. PlaceHoder
D. PlaceHoder