CySA Module 6 - Software and Hardware Assurance Best Practices

Thierry wants to implement a method of analyzing network traffic to detect attacks by using a database of known attacks for comparison. Which of the following methods of analysis meets his goal?

A security researcher has just been sent a set of files from zero-day malware for analysis. The researcher is concerned about damage to hardware, as the hardware budget for the current fiscal year has been exhausted. Which of the following should the security researcher implement?

A security engineer has been brought onto a project for a new system containing several critical files that should never change. However, the team needs to be able to know if a file does change. Which of the following solutions would the security engineer most likely recommend?

A systems administrator works for the U.S. Department of Defense (DoD). She is building out infrastructure to host a new application. Which of the following might she need to reference before ordering any of the hardware to ensure that the hardware and vendor are approved?

Jared has created a field in the database that acts as the back end for an application he has written. The field has been configured to store an 8-bit unsigned number. The field where the user enters information has only been configured to accept numbers, but Jared apparently forgot to add logic to ensure that the user could not enter numbers greater than 255. Which of the following could occur as a result of this oversight?

Jaden has received an alert from a system that has identified potential malware on itself. Upon looking through the log files, he sees a list of error messages where an executable tried to write data to a range of memory addresses that did not exist for the system. Which of the following has most likely occurred?

Amadeus is composing a new web application that his organization will make available to the general public. The site will offer users the ability to sign up for accounts and interact with certain functions of the application. Which of the following should he ensure is done as part of the sign-up process?

Aurelia has just modified a module in one of her company's software applications to add a new feature. Which of the following should be done to ensure that the changes did not adversely affect any other areas of the application?

Marilla is creating an application that will be installed on all client computers in her organization. Which of the following processes involves examining the application for bugs and vulnerabilities before the software is compiled?

Which of the following is the close examination and testing of software before the source code is compiled?