A manufacturing company uses a third-party service provider lor Tier 1 security support One of the requirements is that the provider must only source talent from its own country due to geopolitical and national security interests Which of the following can the manufacturing company implement to ensure the third-party service provider meets this requirement?

An organization has specific technical nsk mitigation configurations that must be implemented before a new server can be approved for production Several critical servers were recently deployed with the antivirus missing unnecessary ports disabled and insufficient password complexity Which of the following should the analyst recommend to prevent a recurrence of this risk exposure?

A university wants to increase the security posture of its network by implementing vulnerability scans of both centrally managed and student/employee laptops.
The solution should be able to scale, provide minimum false positives and high accuracy of results, and be centrally managed through an enterprise console.
Which of the following scanning topologies is BEST suited for this environment?

A security operations team was alerted to abnormal DNS activity coming from a user's machine.
The team performed a forensic investigation and discovered a host had been compromised.
Malicious code was using DNS as a tunnel to extract data from the client machine, which had been leaked and transferred to an unsecure public Internet site. Which of the following BEST describes the attack?

As part of the SDLC, software developers are testing the security of a new web application by inputting large amounts of random data.
Which of the following types of testing is being performed?