A. Data leak prevention

B. Root cause analyzer

C. Protocol analyzer

D. Behavioral analytics

A. Assess the reliability of the information source, likelihood of exploitability, and impact to hosted data. Attempt to exploit via the proof-of-concept code. Consider remediation options.

B. Hire an independent security consulting agency to perform a penetration test of the web servers.
Advise management of any `high' or `critical' penetration test findings and put forward recommendations for mitigation.

C. Review vulnerability write-ups posted on the Internet. Respond to management with a recommendation to wait until the news has been independently verified by software vendors providing the web application software.

D. Notify all customers about the threat to their hosted data. Bring the web servers down into
"maintenance mode" until the vulnerability can be reliably mitigated through a vendor patch.

A. Require the solution owner to accept the identified risks and consequences

B. Mitigate the risk by asking the vendor to accept the in-country privacy principles

C. Review the entire procurement process to determine the lessons learned

D. Develop a security exemption, as it does not meet the security policies

A. DLP 활성화

B. SEAndroid 활성화

C. EDR 활성화

D. 보안 부팅 활성화

E. 원격 지우기 활성화

F. 블루투스 비활성화

G. 802.11 비활성화

H. 지오태깅 비활성화

A. The consultant should attempt to gain access to physical offices through social engineering and then attempt data exfiltration

B. The consultant should be granted access to all physical access control systems to review logs and evaluate the likelihood of the threat

C. The company should conduct internal audits of access logs and employee social media feeds to identify potential insider threats

D. The company should install a temporary CCTV system to detect unauthorized access to physical offices