The IT department's on-site developer has been with the team for many years. Each time an application is
released, the security team is able to identify multiple vulnerabilities. Which of the following would BEST help
the team ensure the application is ready to be released to production?


A. Limit the use of third-party libraries.
B. Prevent data exposure queries.
C. Obfuscate the source code.
D. Submit the application to QA before releasing it.

A security analyst has been tasked with finding the maximum amount of data loss that can occur before
ongoing business operations would be impacted. Which of the following terms BEST defines this metric?


A. MTTR
B. RTO
C. RPO
D. MTBF

An organization is migrating several SaaS applications that support SSO. The security manager wants to
ensure the migration is completed securely. Which of the following application integration aspects should the
organization consider before focusing into underlying implementation details? (Choose two.)


A. The back-end directory source
B. The identity federation protocol
C. The hashing method
D. The encryption method
E. The registration authority
F. The certificate authority

A systems analyst is responsible for generating a new digital forensics chain-of-custody form. Which of the
following should the analyst include in this documentation? (Choose two.)


A. The order of volatility
B. A CRC32 checksum
C. The provenance of the artifacts
D. The vendor's name
E. The date and time
F. A warning banner

A user forwarded a suspicious email to the security team. Upon investigation, a malicious URL was discovered.
Which of the following should be done FIRST to prevent other users from accessing the malicious URL?


A. Configure the web content filter for the web address.
B. Report the website to threat intelligence partners.
C. Set the SIEM to alert for any activity to the web address.
D. Send out a corporate communication to warn all users of the malicious email.

Which of the following is the MOST likely reason for securing an air-gapped laboratory HVAC system?


A. To avoid data leakage
B. To protect surveillance logs
C. To ensure availability
D. To facilitate third-party access

A company was recently breached, Part of the company's new cybersecurity strategy is to centralize the logs
from all security devices. Which of the following components forwards the logs to a central source?


A. Log enrichment
B. Log aggregation
C. Log parser
D. Log collector

A security analyst is reviewing the following command-line output:

Which of the following is the analyst observing?

A. ICMP spoofing
B. URL redirection
C. MAC address cloning
D. DNS poisoning

A company's security team received notice of a critical vulnerability affecting a high-profile device within the web
infrastructure. The vendor patch was just made available online but has not yet been regression tested in
development environments. In the interim, firewall rules were implemented to reduce the access to the interface
affected by the vulnerability. Which of the following controls does this scenario describe?


A. Deterrent
B. Compensating
C. Detective
D. Preventive

The database administration team is requesting guidance for a secure solution that will ensure confidentiality of
cardholder data at rest only in certain fields in the database schema. The requirement is to substitute a
sensitive data field with a non-sensitive field that is rendered useless if a data breach occurs. Which of the
following is the BEST solution to meet the requirement?


A. Tokenization
B. Masking
C. Full disk encryption
D. Mirroring