An organization just merged with an organization in another legal jurisdiction and must improve
its network security posture in ways that do not require additional resources to implement data
isolation. One recommendation is to block communication between endpoint PCs. Which of the
following would be the BEST solution?
A. Installing HIDS
B. Configuring a host-based firewall
C. Configuring EDR
D. Implementing network segmentation
A software company is releasing a new mobile application to a broad set of external customers.
Because the software company is rapidly releasing new features, it has built in an over-the-air
software update process that can automatically update the application at launch time. Which of
the following security controls should be recommended by the company's security architect to
protect the integrity of the update process? (Choose two.)
A. Validate cryptographic signatures applied to software updates
B. Perform certificate pinning of the associated code signing key
C. Require HTTPS connections for downloads of software updates
D. Ensure there are multiple download mirrors for availability
E. Enforce a click-through process with user opt-in for new features
Answer(s): A, B
A security engineer has implemented an internal user access review tool so service teams can
baseline user accounts and group memberships. The tool is functional and popular among its
initial set of onboarded teams. However, the tool has not been built to cater to a broader set of
internal teams yet. The engineer has sought feedback from internal stakeholders, and a list of
summarized requirements is as follows:
? The tool needs to be responsive so service teams can query it, and then perform an
automated response action.
? The tool needs to be resilient to outages so service teams can perform the user access review
at any point in time and meet their own SLAs.
? The tool wil become the system-of-record for approval, reapproval, and removal life cycles of
group memberships and must allow for data retrieval after failure.
Which of the following need specific attention to meet the requirements listed above? (Choose