1. An application development company released a new version of its software to the public. A few days after the release, the company is notified by end users thatthe application is notably slower, and older security bugs have reappeared in the new release. The development team has decided to include the security analystduring their next development cycle to help address the reported issues. Which of the following should the security analyst focus on to remedy the existing reportedproblems?

A) The security analyst should perform secure coding practices during each application development cycle.
B) The security analyst should perform end user acceptance security testing during each application development cycle.
C) The security analyst should perform security regression testing during each application development cycle.
D) The security analyst should perform application fuzzing to locate application vulnerabilities during each application development cycle.



2. An organization wants to remediate vulnerabilities associated with its web servers. An initial vulnerability scan has been performed, and analysts are reviewing theresults. Before starting any remediation, the analysts want to remove false positives to avoid spending time on issues that are not actual vulnerabilities. Which of thefollowing would be an indicator of a likely false positive?

A) Any items labeled low are considered informational only.
B) The scan result version is different from the automated asset inventory.
C) Reports indicate that findings are informational.
D) HTTPS entries indicate the web page is encrypted securely.



3. A security analyst is adding input to the incident response communication plan. A company officer has suggested that if a data breach occurs, only affected partiesshould be notified to keep an incident from becoming a media headline. Which of the following should the analyst recommend to the company officer?

A) An externally hosted website should be prepared in advance to ensure that when an incident occurs victims have timely access to notifications from a non-compromised recourse.
B) Guidance from laws and regulations should be considered when deciding who must be notified in order to avoid fines and judgements from non-compliance.
C) The HR department should have information security personnel who are involved in the investigation of the incident sign non-disclosure agreements so thecompany cannot be held liable for customer data that might be viewed during an investigation.
D) The first responder should contact law enforcement upon confirmation of a security incident in order for a forensics team to preserve chain of custody.



4. A security analyst is adding input to the incident response communication plan. A company officer has suggested that if a data breach occurs, only affected partiesshould be notified to keep an incident from becoming a media headline. Which of the following should the analyst recommend to the company officer?

A) Guidance from laws and regulations should be considered when deciding who must be notified in order to avoid fines and judgements from non-compliance.
B) The first responder should contact law enforcement upon confirmation of a security incident in order for a forensics team to preserve chain of custody.
C) The HR department should have information security personnel who are involved in the investigation of the incident sign non-disclosure agreements so thecompany cannot be held liable for customer data that might be viewed during an investigation.
D) An externally hosted website should be prepared in advance to ensure that when an incident occurs victims have timely access to notifications from a non-compromised recourse.



5. A nuclear facility manager determined the need to monitor utilization of water within the facility. A startup company just announced a state-of-the-art solution toaddress the need for integrating the business and ICS network. The solution requires a very small agent to be installed on the ICS equipment. Which of thefollowing is the MOST important security control for the manager to invest in to protect the facility?

A) Require that the solution provider make the agent source code available for analysis.
B) Require through guides for administrator and users.
C) Install the agent for a week on a test system and monitor the activities.
D) Run a penetration test on the installed agent.