A security administrator is hardening a TrustedSolaris server that processes sensitive data. The data owner has established the following security requirements:
* The data is for internal consumption only and shall not be distributed to outside individuals
* The systems administrator should not have access to the data processed by the server
* The integrity of the kernel image is maintained
Which of the following host-based security controls BEST enforce the data owner's requirements?
(Choosethree.)

A penetration test is being scoped for a set of web services with API endpoints. The APIs will be hosted on existing web application servers. Some of the new APIs will be available to unauthenticated users, but some will only be available to authenticated users. Which of the following tools or activities would the penetration tester MOST likely use or do during the engagement? (Choose two.)

A systems administrator recently joined an organization and has been asked to perform a security assessment of controls on the organization's file servers, which contain client data from a number of sensitive systems. The administrator needs to compare documented access requirements to the access implemented within the file system.
Which of the following is MOST likely to be reviewed during the assessment? (Select two.)

A technician uses an old SSL server due to budget constraints and discovers performance degrades dramatically after enabling PFS The technician cannot determine why performance degraded so dramatically A newer version of the SSL server does not suffer the same performance degradation. Performance rather than security is the main priority for the technician The system specifications and configuration of each system are listed below:

Which of the following is MOST likely the cause of the degradation in performance and should be changed?

A deployment manager is working with a software development group to assess the security of a new version of the organization's internally developed ERP tool. The organization prefers to not perform assessment activities following deployment, instead focusing on assessing security throughout the life cycle. Which of the following methods would BEST assess the security of the product?