A networking team asked a security administrator to enable Flash on its web browser. The networking team explained that an important legacy embedded system gathers SNMP information from various devices. The system can only be managed through a web browser running Flash. The embedded system will be replaced within the year but is still critical at the moment.
Which of the following should the security administrator do to mitigate the risk?

A security engineer is reviewing a record of events after a recent data breach incident that Involved the following:
- A hacker conducted reconnaissance and developed a footprint of the
company s Internet-facing web application assets.
- A vulnerability in a third-party horary was exploited by the hacker,
resulting in the compromise of a local account.
- The hacker took advantage of the account's excessive privileges to
access a data store and exfilltrate the data without detection.
Which of the following is the BEST solution to help prevent this type of attack from being successful in the future?

In a shared responsibility model for PaaS, which of the following is a customer's responsibility?

An engineer wants to assess the OS security configurations on a company's servers.
The engineer has downloaded some files to orchestrate configuration checks.
When the engineer opens a file in a text editor, the following excerpt appears:

Which of the following capabilities would a configuration compliance checker need to support to interpret this file?

A networking team was asked to provide secure remote access to all company employees. The team decided to use client-to-site VPN as a solution. During a discussion, the Chief Information Security Officer raised a security concern and asked the networking team to route the Internet traffic of remote users through the main office infrastructure. Doing this would prevent remote users from accessing the Internet through their local networks while connected to the VPN.
Which of the following solutions does this describe?