A financial services company is implementing a Defense in Depth strategy. The security architect has designed a multi-layered approach to protect sensitive customer data. Which of the following sets of controls best exemplifies the core principle of Defense in Depth?
A security analyst is reviewing network traffic and observes a large volume of small UDP packets originating from a single source IP address, targeting random high-numbered ports on multiple servers. The source IP address does not correspond to any known legitimate client. This pattern is consistent with which of the following activities?
A developer needs to securely transmit a large 2GB data file to a partner organization. The primary requirements are confidentiality during transit and high performance for the encryption/decryption process. Which cryptographic approach is most suitable for encrypting the file itself?
A network administrator is configuring a new packet-filtering firewall to protect a Web server. The company policy states that all inbound traffic should be blocked by default. The Web server needs to accept connections from the Internet on port 443. Which of the following firewall rules should be added to allow this traffic while maintaining the default-deny policy?
During a security audit, it was discovered that a critical server has been compromised. The incident response team needs to collect evidence for a forensic investigation. The lead investigator instructs the junior admin to immediately disconnect the server's power cable to preserve the state of the hard drive. Why is this instruction incorrect for digital forensic best practices?
A security team is tasked with hardening a new Linux server. Which of the following actions are considered essential best practices for operating system hardening? (Select THREE)
True or False: In a Public Key Infrastructure (PKI) system, a user's private key is mathematically derived from their public key and stored by the Certificate Authority (CA) for recovery purposes.
An e-commerce company wants to ensure the integrity of software downloads offered on its customer portal. The goal is to allow customers to verify that the downloaded file has not been altered since it was published by the company. Which cryptographic tool is the most appropriate solution for this requirement?
A hospital's network administrator is designing a firewall architecture to protect its Electronic Health Record (EHR) system. Due to compliance requirements, the firewall must be able to inspect and understand the specific application-layer protocols used by the EHR software to block non-compliant commands, even if they are sent over a standard port. Which type of firewall is required to meet this need?
A security analyst uses the 'nmap' tool to scan a server with the command `nmap -sS -p 1-1024 10.1.1.5`. What is the primary characteristic of the scan type specified by the `-sS` flag?