1. The Information Security Officer (ISO) believes that the company is the target of cybercriminals and it is under a cyber attack. Internal services are normally inaccessible to the public via the Internet, and employees in the office are able to surf the internet. The senior security engineer begins by reviewing the bandwidth to the border router, noting that the incoming bandwidth on RouterA ¬ Ys external interface is maxed out. The security engineer inspects the following piece of log to try and determine the reason for the downtime, focus on the companyà ¬ Ys external RouterA ¬ YS which IP 128.20.176.19: 11: 16: 22.110343 IP 90.237.31.27 .19> 128.20 .176.19.19: UDP, length 1400 11: 16: 22.110351 IP 23.27.112.200.19> 128.20.176.19.19: UDP, length 1400 11: 16: 22.110358 192 200 132 213 IP .19> 128.20.176.19.19: UDP, length 1400 11: 16: 22.110402 IP 70.192.2.55.19> 128.20.176.19.19: UDP, length 1400 11: 16: 22.110406 - - IP 112.201.7.39 .19> 128.20.176.19.19: UDP, length 1400 Which of the following is a description of the findings would inform the senior security engineer at the ISO and the best solution for the service restoration?

A) After the senior engineer used to capture a mirror port on the current amplification attack, a BGP sinkhole must be configured to drop network traffic at the source.
B) None
C) After the senior engineer uses the above IPS logs to track the ongoing DDoS attack, an IPS filter must be enabled to block attacks and restore communication.
D) After the senior engineer use is made of a packet capture in order to identify an active Smurf attack, an access control list should be placed to external of the holding router to block incoming UDP port 19 to traffic.
E) After the senior engineer used a network analyzer to determine an active Fraggle attack, the companyà ¬ ys ISP should be contacted and asked to block malicious packets.


2. The technology steering committee is struggling with increased demand resulting from an increase in teleworking. The organization is not addressed telecommuting in the past. The implementation of a new SSL VPN and VOIP phone solution allows the staff to work from remote locations with equipment. Which of the following steps the commission should take first sketch senior managementà ¬ YS guidelines?

A) Publish a policy that meets the security addresses for working remotely with business equipment.
B) None
C) Implement database views and limited interfaces, allowing remote users to access PII from personal equipment will be.
D) Working with mid-level managers to identify and document the proper procedures for telework.
E) Develop an information classification system to secure good data to enterprise systems.


3. A human resources manager at a software development company is responsible for recruiting staff for a new cyber defense department in the company. This division will require staff for technology skills and industry certifications. Which of the following is to understand this industry to do the job the best method for this manager?

A) Interview candidates to attend training, and hiring an employment agency specializing in technology jobs
B) Attend meetings with staff, internal training, and certification management software
C) Attending conferences, webinars, and training to stay current with the industry and the job requirements
D) Interview employees and managers to explore industry trends and hot topics
E) None


4. A security administrator can see a recent increase in workstations increasingly compromised by malware. Often hosting the malware delivered via drive-by downloads, malware websites, and is not detected by the corporate antivirus. Which of the following would provide the best protection for the company?

A) Implement a cloud-based content filtering and enable the appropriate category to prevent further infections.
B) Implement a web-based gateway antivirus server to intercept viruses before they enter the network.
C) None
D) Increasing the frequency of antivirus downloads and install updates on all workstations.
E) Implement inspect WAF and block all Internet traffic containing malware and exploits.


5. The executive management requires a new production control and workflow automation solution. This application is the management of personal information and for facilitating business-kept business secrets. The information security team has been part of the department meetings and come away with the following explanation: -Human resources would like full access to employee data stored in the application. They would like automated data exchange with the employee management application, a cloud-based SaaS application. -Sales requires easy order tracking to facilitate customer feedback. -Legal requires sufficiently protect trade secrets. They are also concerned with data ownership and legal questions. Production demands for convenience. Employees the assembly line can not be hindered by additional steps or overhead. System interaction needs to be quick and easy. -Quality security is concerned is produced on how to manage the end product and keeping track of the overall performance of the product. They would like to read-only access to the entire workflow process for monitoring and baselining. The preferred solution is to use a software application that would be hosted locally. The ACL has extensive functionality, but also available API for extensibility. It supports read-only access, kiosk automation, custom fields and data encryption. Which of the following departmentsà ¬ Ÿ request is in contrast to the preferred solution?

A) legal
B) sale
C) Human resource department
D) production
E) quality Insurance