- (Exam Topic 2)
A large organization wants to move account registration services to the cloud to benefit from faster processing and elasticity. Which of the following should be done FIRST to determine the potential risk to the organization?
Correct Answer:D
- (Exam Topic 1)
A security analyst at a technology solutions firm has uncovered the same vulnerabilities on a vulnerability scan for a long period of time. The vulnerabilities are on systems that are dedicated to the firm's largest client. Which of the following is MOST likely inhibiting the remediation efforts?
Correct Answer:D
- (Exam Topic 2)
A security analyst is reviewing the following log entries to identify anomalous activity:
Which of the following attack types is occurring?
Correct Answer:A
- (Exam Topic 3)
According to a static analysis report for a web application, a dynamic code evaluation script injection
vulnerability was found. Which of the following actions is the BEST option to fix the vulnerability in the source code?
Correct Answer:D
- (Exam Topic 1)
A security analyst is providing a risk assessment for a medical device that will be installed on the corporate
network. During the assessment, the analyst discovers the device has an embedded operating system that will be at the end of its life in two years. Due to the criticality of the device, the security committee makes a risk- based policy decision to review and enforce the vendor upgrade before the end of life is reached.
Which of the following risk actions has the security committee taken?
Correct Answer:D