A company in the financial sector receives a substantial number of customer transaction requests via email. While doing a root-cause analysis conceding a security breach, the CIRT correlates an unusual spike in port 80 traffic from the IP address of a desktop used by a customer relations employee who has access to several of the compromised accounts. Subsequent antivirus scans of the device do not return an findings, but the CIRT finds undocumented services running on the device. Which of the following controls would reduce the discovery time for similar in the future.

Options:

A Implementing application blacklisting
B Configuring the mall to quarantine incoming attachment automatically
C Deploying host-based firewalls and shipping the logs to the SIEM
D Increasing the cadence for antivirus DAT updates to twice daily

A company plans to build an entirely remote workforce that utilizes a cloud-based infrastructure. The Chief Information Security Officer asks the security engineer to design connectivity to meet the following requirements:

Only users with corporate-owned devices can directly access servers hosted by the cloud provider.

The company can control what SaaS applications each individual user can access.

User browser activity can be monitored.

Which of the following solutions would BEST meet these requirements?

Options: A IAM gateway, MDM, and reverse proxy
B VPN, CASB, and secure web gateway
C SSL tunnel, DLP, and host-based firewall
D API gateway, UEM, and forward proxy

A company's claims processed department has a mobile workforce that receives a large number of email submissions from personal email addresses. An employees recently received an email that approved to be claim form, but it installed malicious software on the employee's laptop when was opened.

A Impalement application whitelisting and add only the email client to the whitelist for laptop in the claims processing department.
B Required all laptops to connect to the VPN before accessing email.
C Implement cloud-based content filtering with sandboxing capabilities.
D Install a mail gateway to scan incoming messages and strip attachments before they reach the mailbox.

A high-severity vulnerability was found on a web application and introduced to the enterprise. The vulnerability could allow an unauthorized user to utilize an open-source library to view privileged user information. The enterprise is unwilling to accept the risk, but the developers cannot fix the issue right away.

Which of the following should be implemented to reduce the risk to an acceptable level until the issue can be fixed?

Options: A Scan the code with a static code analyzer, change privileged user passwords, and provide security training.
B Change privileged usernames, review the OS logs, and deploy hardware tokens.
C Implement MFA, review the application logs, and deploy a WAF.
D Deploy a VPN, configure an official open-source library repository, and perform a full application review for vulnerabilities.