A security analyst has been asked to perform a review of an organization’s software development lifecycle. The analyst reports that the lifecycle does not contain a phase in which team members evaluate and provide critical feedback of another developer’s code. Which of the following assessment techniques is BEST described in the analyst’s report?
A. Architecture evaluation B. Baseline reporting C. Whitebox testing D. Peer review
After a merger between two companies a security analyst has been asked to ensure that the organization’s systems are secured against infiltration by any former employees that were terminated during the transition. Which of the following actions are MOST appropriate to harden applications against infiltration by former employees? (Select TWO)
A. Monitor VPN client access B. Reduce failed login out settings C. Develop and implement updated access control policies D. Review and address invalid login attempts E. Increase password complexity requirements F. Assess and eliminate inactive accounts
Ann a security analyst is monitoring the IDS console and noticed multiple connections from an internal host to a suspicious call back domain. Which of the following tools would aid her to decipher the network traffic?
A. Vulnerability Scanner B. NMAP C. NETSTAT D. Packet Analyzer
A security analyst has been investigating an incident involving the corporate website. Upon investigation, it has been determined that users visiting the corporate website would be automatically redirected to a, malicious site. Further investigation on the corporate website has revealed that the home page on the corporate website has been altered to include an unauthorized item. Which of the following would explain why users are being redirected to the malicious site?
A. DNS poisoning B. XSS C. Iframe D. Session hijacking
A security analyst, while doing a security scan using packet c capture security tools, noticed large volumes of data images of company products being exfiltrated to foreign IP addresses. Which of the following is the FIRST step in responding to scan results?
A. Incident identification B. Implement mitigation C. Chain of custody D. Capture system image
A security analyst is working on a project team responsible for the integration of an enterprise SSO solution. The SSO solution requires the use of an open standard for the exchange of authentication and authorization across numerous web based applications. Which of the following solutions is most appropriate for the analyst to recommend in this scenario?
A. SAML B. XTACACS C. RADIUS D. TACACS+ E. Secure LDAP
Joe, a security analyst, is attempting to determine if a new server meets the security requirements of his organization. As a step in this process, he attempts to identify a lack of security controls and to identify common misconfigurations on the server. Which of the following is Joe attempting to complete?
A. Black hat testing B. Vulnerability scanning C. Black box testing D. Penetration testing
A company is rolling out a new e-commerce website. The security analyst wants to reduce the risk of the new website being comprised by confirming that system patches are up to date, application hot fixes are current, and unneeded ports and services have been disabled. To do this, the security analyst will perform a:
A. Vulnerability assessment B. White box test C. Penetration test D. Peer review
While preparing for an audit a security analyst is reviewing the various controls in place to secure the operation of financial processes within the organization. Based on the pre assessment report, the department does not effectively maintain a strong financial transaction control environment due to conflicting responsibilities held by key personnel. If implemented, which of the following security concepts will most effectively address the finding?
A. Least privilege B. Separation of duties C. Time-based access control D. Dual control