1. A web services company is planning a one-time high-profile event to be hosted on the corporate website. A failure as a result of an attack would be publicly embarrassing, so Joe, the Chief Executive Officer (CEO), has requested that its security engineers turn temporary preventive controls in place. Which of the following would aptly Joe's issues to address?

A) Provide web hosting services using TCP cookies and deny_hosts event.
B) Buying additional bandwidth of the company's Internet service provider.
C) None
D) Contract scrub and configure third-party services DDoS mitigation providers.
E) Configuring an intrusion prevention system that blocks IPs after discovering too incomplete sessions.


2. Which of the following activities is generally considered NOT REQUIRED when performing a penetration test?

A) Trying blind SQL injection and reflected cross-site scripting attacks to be carried out
B) Running a vulnerability scanning tool for network vulnerabilities and assess host
C) Enterprise network-based denial of service attacks in production
D) Test password complexity of all the login fields and input validation of form fields
E) Reverse engineering or thick-client software, which is provided for the test


3. News outlets start reporting on a number of retail companies experienced payment card data breaches. The data exfiltration is made possible by malware on an infected computer. After the initial use of network mapping and fingerprinting occurs in preparation for further exploitation. Which of the following is the most effective solution to protect against unauthorized malware infections, reduce detection time, and any damage that could be done a minimum?

A) Implement a network-based IDS heuristic configure all of the layers 3 switches the IDS data feed for more effective control.
B) Remove local admin rights from all users and change anti-virus cloud aware, push technology.
C) Deploy an application whitelist at all levels of the organization.
D) None
E) Update router configuration for all network traffic passing a new proxy with advanced malware detection.


4. Implement ACL firewall NAT for RAS

A) Change antivirus vendors in the store and headquarters.
B) Go to a VDI solution that runs on the same offsite data center that hosts the new POS solution.
C) Implement a proxy server with content filtering at headquarters and route all traffic through.
D) Deploy new perimeter firewalls in all stores with UTM functionality
E) None


5. An entirely new class of web-based vulnerabilities discovered. Claims are submitted to all major web-based development frameworks are vulnerable to attack. Proof-of-concept data have emerged on the Internet. A security advisor in a company is asked to provide recommendations on how to respond quickly to provide these vulnerabilities. Which of the following BEST describes how to respond to the adviser?

A) vulnerability review write-ups posted on the Internet. Responding to management with a recommendation to wait to provide the news independent software vendors of web application software has been verified.
B) Assess the reliability of the source, the probability of exploitability and impact hosted data. Attempt to operate through the proof-of-concept code. Consider remediation options.
C) Keep all customers about the threat to their hosted data. Transfer the web servers down in maintenance mode until the vulnerability can be reliably softened by means of a supplier patch.
D) Hire an independent security consulting firm to conduct a penetration test of the Web servers. Advice management of all à ¬ žhighà ¬ or à ¬ Ÿ ¬ Ÿ žcriticalà penetration test findings and recommendations for mitigation.
E) None