- (Exam Topic 3)
A security analyst found an old version of OpenSSH running on a DMZ server and determined the following piece of code could have led to a command execution through an integer overflow;
Which of the following controls must be in place to prevent this vulnerability?
Correct Answer:C
- (Exam Topic 3)
During the threal modeling process for a new application that a company is launching, a security analyst needs to define methods and items to take into consideralion Wtiich of the following are part of a known threat modeling method?
Correct Answer:C
- (Exam Topic 2)
A company wants to outsource a key human-resources application service to remote employees as a SaaS-based cloud solution. The company's GREATEST concern should be the SaaS provider's:
Correct Answer:C
- (Exam Topic 1)
Which of the following would a security engineer recommend to BEST protect sensitive system data from being accessed on mobile devices?
Correct Answer:C
- (Exam Topic 3)
Which of the following can detect vulnerable third-parly libraries before code deployment?
Correct Answer:C