- Email support@dumps4free.com
Topic 3: Exam Pool C
A user is concerned that a web application will not be able to handle unexpected or random
input without crashing. Which of the following BEST describes the type of testing the user
should perform?
A.
Code signing
B.
BFuzzing
C.
Manual code review
D.
Dynamic code analysis
Dynamic code analysis
A company processes highly sensitive data and senior management wants to protect the sensitive data by utilizing classification labels. Which of the following access control schemes would be BEST for the company to implement?
A.
Discretionary
B.
Rule-based
C.
Role-based
D.
Mandatory
Mandatory
The CSIRT is reviewing the lessons learned from a recent incident. A worm was able to spread unhindered throughout the network and infect a large number of computers and servers. Which of the following recommendations would be BEST to mitigate the impacts of a similar incident in the future?
A.
Install a NIDS device at the boundary.
B.
Segment the network with firewalls.
C.
Update all antivirus signatures daily.
D.
Implement application blacklisting.
Segment the network with firewalls.
Users at organization have been installing programs from the internet on their workstations
without first proper authorization. The organization maintains a portal from which users can
install standardized programs. However, some users have administrative access on their
workstations to enable legacy programs to function property. Which of the following should
the security administrator consider implementing to address this issue?
A.
Application code signing
B.
Application whitellsting
C.
Data loss prevention
D.
Web application firewalls
Application whitellsting
An organization has a growing workforce that is mostly driven by additions to the sales department. Each newly hired salesperson relies on a mobile device to conduct business. The Chief Information Officer (CIO) is wondering it the organization may need to scale down just as quickly as it scaled up. The ClO is also concerned about the organization's security and customer privacy. Which of the following would be BEST to address the ClO’s concerns?
A.
Disallow new hires from using mobile devices for six months
B.
Select four devices for the sales department to use in a CYOD model
C.
Implement BYOD for the sates department while leveraging the MDM
D.
Deploy mobile devices using the COPE methodology
Implement BYOD for the sates department while leveraging the MDM
| Page 12 out of 178 Pages |
| Previous |