A database administrator comes across the below records in one of the databases during an internal audit of the payment system:
UserIDAddressCredit Card No.Password
jsmith123 fake street55XX-XXX-XXXX-1397Password100 jqdoe234 fake street42XX-XXX-XXXX-202717DEC12
From a security perspective, which of the following should be the administrator’s GREATEST concern, and what will correct the concern?
A. Concern: Passwords are stored in plain text.
Correction: Require a minimum of 8 alphanumeric characters and hash the password.
B. Concern: User IDs are also usernames, and could be enumerated, thereby disclosing sensitive account information.
Correction: Require user IDs to be more complex by using alphanumeric characters and hash the UserIDs.
C. Concern: User IDs are confidential private information.
Correction: Require encryption of user IDs.
D. Concern: More than four digits within a credit card number are stored.
Correction: Only store the last four digits of a credit card to protect sensitive financial information.
A security administrator is redesigning, and implementing a service-oriented architecture to replace an old, in-house software processing system, tied to a corporate sales website. After performing the business process analysis, the administrator decides the services need to operate in a dynamic fashion. The company has also been the victim of data injection attacks in the past and needs to build in mitigation features. Based on these requirements and past vulnerabilities, which of the following needs to be incorporated into the SOA?
A. Point to point VPNs for all corporate intranet users.
B. Cryptographic hashes of all data transferred between services.
C. Service to service authentication for all workflows.
D. Two-factor authentication and signed code
A team of security engineers has applied regulatory and corporate guidance to the design of a corporate network. The engineers have generated an SRTM based on their work and a thorough analysis of the complete set of functional and performance requirements in the network specification. Which of the following BEST describes the purpose of an SRTM in this scenario?
A. To ensure the security of the network is documented prior to customer delivery
B. To document the source of all functional requirements applicable to the network
C. To facilitate the creation of performance testing metrics and test plans
D. To allow certifiers to verify the network meets applicable security requirements
A small company hosting multiple virtualized client servers on a single host is considering adding a new host to create a cluster. The new host hardware and operating system will be different from the first host, but the underlying virtualization technology will be compatible. Both hosts will be connected to a shared iSCSI storage solution. Which of the following is the hosting company MOST likely trying to achieve?
A. Increased customer data availability
B. Increased customer data confidentiality
C. Increased security through provisioning
D. Increased security through data integrity
A security administrator is conducting network forensic analysis of a recent defacement of the company’s secure web payment server (HTTPS). The server was compromised around the New Year’s holiday when all the company employees were off. The company’s network diagram is summarized below:
– Gateway Firewall
– Web SSL Accelerator
– Web Server Farm
– Internal Firewall
– Company Internal Network
The security administrator discovers that all the local web server logs have been deleted. Additionally, the Internal Firewall logs are intact but show no activity from the internal network to the web server farm during the holiday.
Which of the following is true?
A. The security administrator should review the IDS logs to determine the source of the attack and the attack vector used to compromise the web server.
B. The security administrator must correlate the external firewall logs with the intrusion detection system logs to determine what specific attack led to the web server compromise.
C. The security administrator must reconfigure the network and place the IDS between the SSL accelerator and the server farm to be able to determine the cause of future attacks.
D. The security administrator must correlate logs from all the devices in the network diagram to determine what specific attack led to the web server compromise.
The security manager of a company has hired an external consultant to conduct a security assessment of the company network. The contract stipulates that the consultant is not allowed to transmit any data on the company network while performing wired and wireless security assessments. Which of the following technical means can the consultant use to determine the manufacturer and likely operating system of the company wireless and wired network devices, as well as the computers connected to the company network?
A. Social engineering
B. Protocol analyzer
C. Port scanner
D. Grey box testing
A security consultant is called into a small advertising business to recommend which security policies and procedures would be most helpful to the business. The business is comprised of 20 employees, operating off of two shared servers. One server houses employee data and the other houses client data. All machines are on the same local network. Often these employees must work remotely from client sites, but do not access either of the servers remotely. Assuming no security policies or procedures are in place right now, which of the following would be the MOST applicable for implementation? (Select TWO).
A. Password Policy
B. Data Classification Policy
C. Wireless Access Procedure
D. VPN Policy
E. Database Administrative Procedure
When attending the latest security conference, an information security administrator noticed only a few people carrying a laptop around. Most other attendees only carried their smartphones.
Which of the following would impact the security of conference’s resources?
A. Wireless network security may need to be increased to decrease access of mobile devices.
B. Physical security may need to be increased to deter or prevent theft of mobile devices.
C. Network security may need to be increased by reducing the number of available physical network jacks.
D. Wireless network security may need to be decreased to allow for increased access of mobile devices.
A process allows a LUN to be available to some hosts and unavailable to others. Which of the following causes such a process to become vulnerable?
A. LUN masking
B. Data injection
C. Data fragmentation
D. Moving the HBA
In order for a company to boost profits by implementing cost savings on non-core business activities, the IT manager has sought approval for the corporate email system to be hosted in the cloud. The compliance officer has been tasked with ensuring that data lifecycle issues are taken into account. Which of the following BEST covers the data lifecycle end-to-end?
A. Creation and secure destruction of mail accounts, emails, and calendar items
B. Information classification, vendor selection, and the RFP process
C. Data provisioning, processing, in transit, at rest, and de-provisioning
D. Securing virtual environments, appliances, and equipment that handle email