1. The senior security administrator wants to redesign the company's DMZ to the risks associated with both external and internal threats to minimize. DMZ design should support security in depth, change and configuration processes, and support incident reconstruction. Which of the following versions BEST supports the requirements?

A) None
B) A double firewall with DMZ firewall log servers, each managed by a single administrator.
C) One firewall DMZ each firewall interface is managed by a separate Administrator and logging to the cloud.
D) A virtual firewall, each virtual instance is run by a separate management and logging the same hardware
E) A SaaS-based firewall that logs on to the company's local storage via SSL, and managed by the change control team.


2. A developer has a piece of client-side JavaScript code deployed receive user input remediate a web login screen. The code ensures that only the uppercase and lowercase letters are entered in the username field, and only a 6-digit PIN is entered into the password field. A security manager is concerned with the following web server log: 10.235.62.11 [02 / Mar / 2014: 06: 13: 04] /site/script.php?user=admin&pass=pass%20or%201=1 GET HTTP / 1.1 200 5724 view this log, which of the following terms of security administrator and the correction to be performed by the developer?

A) The security manager is concerned with XSS, and the developer must Unicode characters normalize the browser side.
B) The security administrator is engaged in non-printing characters are used to gain administrative access, and the developer must strip all non-printable characters.
C) The security administrator is engaged in SQL injection, and the developer must implement server side input validation.
D) None
E) The security manager is concerned that someone can log in as the administrator and the developer must provide strong passwords are enforced.


3. The risk manager has a security is managed centrally, can be updated easily applied, and protects workstations of end users from both known and unknown malicious attacks when connected to the office or home network. Which of the following would best meet this requirement?

A) DLP
B) NIPS
C) UTM
D) antivirus
E) HIPS


4. A security administrator wants a dedicated storage solution that is inexpensive, can integrate natively with AD implementation, files can be encrypted selectively and is suitable for a small number of users in a satellite office. Which of the following would best meet the requirement?

A) Virtual SAN
B) SAN
C) NAS
D) virtual storage
E) None


5. A large hospital has implemented BYOD physicians and specialists, so the ability to access patient medical data on their tablets. The doctors and specialists access to patient records across the hospitalà ¬ Ys guest WiFi network that is separate from the internal network with appropriate security measures. The patient records management system can be accessed from the guest network and have two-factor authentication. Using a remote desktop kind of interface doctors and specialists can work with the hospitalà ¬ Ys system. Cut and paste and print features disabled to copy data to BYOD devices. Which of the following are most at risk? (Choose two)(Select 2answers)

A) Device Encryption is not enabled and will result in a greater chance of losing data.
B) Malware on BYOD devices which data can be extracted via the key logging and abrasions screen.
C) Guests Wi-Fi can be used and ensures unauthorized persons access to confidential patient information.
D) Remote wiping of devices must be enabled to ensure any lost device is disabled.
E) Privacy can be compromised if patient records can be viewed in uncontrolled areas.