Portions of a legacy application are being refactored to
discontinue the use of dynamic SQL. Which of the following would be
BEST to implement in the legacy application?
A. Input validation
B. SQL injection
C. Parameterized queries
D. Web-application firewall
E. Multifactor authentication
A company's blocklist has outgrown the current
technologies in place. The ACLS are at maximum, and the IPS
signatures only allow a certain amount of space for domains to be
added, creating the need for multiple signatures. Which of the
following configuration changes to the existing controls would be
the MOST appropriate to improve performance?
A. Implement a host-file-based solution that will use a
list of all domains to deny for all machines on the
network.
B. Create an IDS for the current blocklist to determine
which domains are showing activity and may need to be
removed.
C. Review the current blocklist and prioritize it based
on the level of threat severity. Add the domains with the highest
severity to the blocklist and remove the lower-severity threats
from it.
D. Review the current blocklist to determine which
domains can be removed from the list and then update the ACLs and
IPS signatures.
During a review of SIEM alerts, a security analyst
discovers the SIEM is receiving many alerts per day from the
file-integrity monitoring tool about files from a newly deployed
application that should not change. Which of the following steps
should the analyst complete FIRST to respond to the
issue?
A. Warn the incident response team that the server can
be compromised.
B. Open a ticket informing the development team about
the alerts.
C. Check if temporary files are being
monitored.
D. Dismiss the alert, as the new application is still
being adapted to the environment
Portions of a legacy application are being refactored to discontinue the use of dynamic SQL. Which of the following woul
-
answerhappygod
- Site Admin
- Posts: 899603
- Joined: Mon Aug 02, 2021 8:13 am