A security architect examines a section of code and discovers the following: Which of the following changes should the security architect require before approving the code for release?
A control systems analyst is reviewing the defensive posture of engineering workstations on the shop floor. Upon evaluation, the analyst makes the following observations: • Unsupported, end-of-life operating systems were still prevalent on the shop floor. • There are no security controls for systems with supported operating systems. • There is little uniformity of installed software among the workstations. Which of the following would have the greatest impact on the attack surface?
A DNS forward lookup zone named complia.org must: • Ensure the DNS is protected from on-path attacks. • Ensure zone transfers use mutual authentication and are authenticated and negotiated. Which of the following should the security architect configure to meet these requirements? (Select two).
A company recently migrated its critical web application to a cloud provider's environment. As part of the company's risk management program, the company intends to conduct an external penetration test. According to the scope of work and the rules of engagement, the penetration tester will validate the web application's security and check for opportunities to expose sensitive company information in the newly migrated cloud environment. Which of the following should be the first consideration prior to engaging in the test?
A security team is concerned with attacks that are taking advantage of return -oriented programming against the company's public -facing applications. Which of the following should the company implement on the public -facing servers?
An application engineer is using the Swagger framework to leverage REST APIs to authenticate endpoints. The engineer is receiving HTTP 403 responses. Which of the following should the engineer do to correct this issue? (Select two).
