| Question.46 Which of the following BEST describes when an organization should conduct a black box security audit on a new software protect? (A) When the organization wishes to check for non-functional compliance (B) When the organization wants to enumerate known security vulnerabilities across their infrastructure (C) When the organization is confident the final source code is complete (D) When the organization has experienced a security incident |
46. Click here to View Answer
Correct Answer: C
| Question.47 In software development, which of the following entities normally signs the code to protect the code integrity? A. The organization developing the code B. The quality control group C. The developer D. The data owner |
47. Click here to View Answer
Correct Answer: A
| Question.48 Which of the following technologies can be used to monitor and dynamically respond to potential threats on web applications? (A) Field-level tokenization (B) Web application vulnerability scanners (C) Runtime application self-protection (RASP) (D) Security Assertion Markup Language (SAML) |
48. Click here to View Answer
Correct Answer: C
| Question.49 A security architect is developing an information system for a client. One of the requirements is to deliver a platform that mitigates against common vulnerabilities and attacks. What is the MOST efficient option used to prevent buffer overflow attacks? (A) Access control mechanisms (B) Process isolation (C) Address Space Layout Randomization (ASLR) (D) Processor states |
49. Click here to View Answer
Correct Answer: C
| Question.50 In a quarterly system access review, an active privileged account was discovered that did not exist in the prior review on the production system. The account was created one hour after the previous access review. Which of the following is the BEST option to reduce overall risk in addition to quarterly access reviews? (A) Implement bi-annual reviews. (B) Create policies for system access. (C) Implement and review risk-based alerts. (D) Increase logging levels. |
50. Click here to View Answer
Correct Answer: B