1. As a result of new regulatory requirements, Company ABC should encrypt all WAN transmissions. In talking with the network administrator, security administrator shows that existing routers have minimal processing power to do the required level of encryption. Which of the following minimizes the performance impact on the router?

A) None
B) Require use all core business applications encryption
C) Add an encryption module on the router and configure IPSec
D) Deploy inline network encryption devices
E) Install an SSL acceleration device


2. An internal development team loves migrated using the Waterfall development to Agile development. Overall, this is viewed as a successful initiative of the stakeholders and the time-to-market is improved. However, have argued that Agile development is not safe a number of employees within the security team. Which of the following is the most accurate statement?

A) None
B) Agile development has different phases and times compared with waterfall. Security activities should be adapted and implemented within relevant Agile phases.
C) Agile development is fundamentally less secure than Waterfall due to the lack of a formal up-front design and the inability to carry out safety checks.
D) Agile and Waterfall approaches have the same effective level of security posture. Both should be similar to that of the safety exercise at the same stages of development.
E) Agile development is safer than Waterfall because it is a more modern method has the advantage of having able to have record safety best practices of recent years.


3. A large company is preparing to merge with a smaller company. The small business has been very profitable, but the main uses are made of smaller company in-house. Which of the following actions should take the large enterprise security administrator to prepare for the merger?

A) An assessment must be made of safety to determine the risks of integration and coexistence.
B) A ROI calculation must be performed in order to determine which company to use the application.
C) A regression test must be performed on the in-house software to determine associated with the software security risks.
D) None
E) An overview of the limiting factors implemented to be exported from the latest results of the audit of the smaller company.


4. The risk manager is reviewing a report that identifies an operational requirement to keep business-critical legacy system for the next two years. The old system of support, because the seller and security patches not released. Moreover, it is its own embedded system and poorly documented and known. Which of the following would implement the Information Technology department to reduce the security risk of a compromise of this system?

A) None
B) Virtualize the system and migrate to a cloud provider.
C) Segment the device on its own secure network.
D) Rent developers to reduce vulnerabilities in the code.
E) Install an antivirus and HIDS on the system.


5. An administrator is responsible for securing different website domains on a web server. The manager handled, secure www.example.com, mail.example.org, archive.example.com and www.example.org with the same certificate. Which of the following administrator would protect those domains with a single certificate issued?

A) Certificate Subject Alternative Names
B) EV Certificate x509
C) None
D) Intermediate Root Certificate
E) wildcard Certificate