D482 TEST BANK EXAMINATION TEST 2026
SOLVED QUESTIONS FULL SOLUTION
◍ Which device is Layer 7 aware and provides both filtering of
unwanted source IP traffic from accessing a
network and policy on which ports may be used? Answer: Application
firewall
◍ A software circuit firewall is on the network providing protection
for a web server. There is a cross-site
scripting vulnerability on the web server.
How will the software circuit firewall react to an exploit of this
vulnerability? Answer: It will filter based solely on initial session
setup.
◍ During preproduction testing, a key security control is found to be
missing. This oversight inadvertently
allows users to view data they are not authorized to access. Upon
review of the initial security
requirements, it was stated that authentication, authorization, and
accounting (AAA) of users was
required in the design of the system.
What occurred during the systems development life cycle (SDLC)
that caused this problem? Answer: No objective security reviews were
conducted to ensure security requirements
were being met during the development phase.
,◍ Many of the devices a company uses are stand-alone, third-party
appliances. While the appliances are
evaluated for security concerns at the time of purchase, many have
reached the end of their support and will need to be replaced soon.
What should a security administrator do to protect these assets before
they are disposed of and replaced? Answer: Use a defense-in-depth
strategy
◍ During the initiation phase of the systems development life cycle
(SDLC), an administrator is working on a
new system that will support remote access to the organization's
disaster recovery environment. As part
of the effort, the administrator is attempting to calculate the
bandwidth required to support systems
identified in the business impact analysis.
Why is the calculation of required bandwidth vital to the tenets of
security? Answer: The organization will not have the desired level of
availability without sufficient
bandwidth.
◍ A technician is configuring the security features of new, built-in-
house software. After configuring the
application, the technician tests the new security controls.
At which phase of the systems development life cycle (SDLC)
process is the technician operating? Answer: Implementation
, ◍ As the security architect,
only one host intrusion sensor and one network intrusion sensor will
be allowed in the design.
Where should the sensors be deployed to maximize detection of
threats against this organization's
extranet implementation? Answer: HIDS on the web server and NIPS
in the DMZ
◍ An information security project manager has been tasked with
implementing a new system designed to
detect and respond to network security threats to user workstations as
well as systems in a screened
subnet. As part of the configuration, the project team will implement a
new network topology.
Which network topoly should the project team implement? Answer:
Intrusion prevention system (IPS) along with sensors in the
demilitarized zone
(DMZ) and local area network (LAN)
◍ A security administrator receives an intrusion detection system
(IDS) alert identifying suspicious traffic on
the network between two sites. In order to identify whether the traffic
was malicious or not, the
administrator enables a packet capture both inside and outside of one
site's firewall. While monitoring the
internal packet captures, the administrator determines that a rogue IP
address is generating a lot of
SOLVED QUESTIONS FULL SOLUTION
◍ Which device is Layer 7 aware and provides both filtering of
unwanted source IP traffic from accessing a
network and policy on which ports may be used? Answer: Application
firewall
◍ A software circuit firewall is on the network providing protection
for a web server. There is a cross-site
scripting vulnerability on the web server.
How will the software circuit firewall react to an exploit of this
vulnerability? Answer: It will filter based solely on initial session
setup.
◍ During preproduction testing, a key security control is found to be
missing. This oversight inadvertently
allows users to view data they are not authorized to access. Upon
review of the initial security
requirements, it was stated that authentication, authorization, and
accounting (AAA) of users was
required in the design of the system.
What occurred during the systems development life cycle (SDLC)
that caused this problem? Answer: No objective security reviews were
conducted to ensure security requirements
were being met during the development phase.
,◍ Many of the devices a company uses are stand-alone, third-party
appliances. While the appliances are
evaluated for security concerns at the time of purchase, many have
reached the end of their support and will need to be replaced soon.
What should a security administrator do to protect these assets before
they are disposed of and replaced? Answer: Use a defense-in-depth
strategy
◍ During the initiation phase of the systems development life cycle
(SDLC), an administrator is working on a
new system that will support remote access to the organization's
disaster recovery environment. As part
of the effort, the administrator is attempting to calculate the
bandwidth required to support systems
identified in the business impact analysis.
Why is the calculation of required bandwidth vital to the tenets of
security? Answer: The organization will not have the desired level of
availability without sufficient
bandwidth.
◍ A technician is configuring the security features of new, built-in-
house software. After configuring the
application, the technician tests the new security controls.
At which phase of the systems development life cycle (SDLC)
process is the technician operating? Answer: Implementation
, ◍ As the security architect,
only one host intrusion sensor and one network intrusion sensor will
be allowed in the design.
Where should the sensors be deployed to maximize detection of
threats against this organization's
extranet implementation? Answer: HIDS on the web server and NIPS
in the DMZ
◍ An information security project manager has been tasked with
implementing a new system designed to
detect and respond to network security threats to user workstations as
well as systems in a screened
subnet. As part of the configuration, the project team will implement a
new network topology.
Which network topoly should the project team implement? Answer:
Intrusion prevention system (IPS) along with sensors in the
demilitarized zone
(DMZ) and local area network (LAN)
◍ A security administrator receives an intrusion detection system
(IDS) alert identifying suspicious traffic on
the network between two sites. In order to identify whether the traffic
was malicious or not, the
administrator enables a packet capture both inside and outside of one
site's firewall. While monitoring the
internal packet captures, the administrator determines that a rogue IP
address is generating a lot of
