Which of the following best describes the key elements of a successful information security program?
During security scanning, a security analyst regularly finds the same vulnerabilities in a critical application. Which of the following recommendations would best mitigate this problem if applied along the SDLC phase?
An organization conducted a web application vulnerability assessment against the corporate website, and the following output was observed: Which of the following tuning recommendations should the security analyst share?
A company brings in a consultant to make improvements to its website. After the consultant leaves. a web developer notices unusual activity on the website and submits a suspicious file containing the following code to the security team: Which of the following did the consultant do? Implanted a backdoor Implemented privilege escalation Implemented clickjacking Patched the web server Explanation: The correct answer is
Which of the following makes STIX and OpenloC information readable by both humans and machines?
A recent zero-day vulnerability is being actively exploited, requires no user interaction or privilege escalation, and has a significant impact to confidentiality and integrity but not to availability. Which of the following CVE metrics would be most accurate for this zero -day threat?
