During an incident, an employee's web traffic was redirected to a malicious domain. The workstation was compromised, and the attacker was able to modify sensitive data from the company file server. Which of the following solutions would have BEST prevented the initial compromise from happening? (Choose two.)

An application developer is including third-party background security fixes in an application.
The fixes seem to resolve a currently identified security issue.
However, when the application is released to the public, report come In that a previously vulnerability has returned.
Which of the following should the developer integrate into the process to BEST prevent this type of behavior?

An organization is referencing NIST best practices for BCP creation while reviewing current internal organizational processes for mission-essential items.
Which of the following phases establishes the identification and prioritization of critical systems and functions?

An administrator at a software development company would like to protect the integrity Of the company's applications with digital signatures. The developers report that the signing process keeps failing on all applications. The same key pair used for signing, however, is working properly on the website, is valid, and is issued by a trusted CA.
Which of the following is MOST likely the cause of the signature failing?

A security analyst for a managed service provider wants to implement the most up-to-date and effective security methodologies to provide clients with the best offerings. Which of the following resources would the analyst MOST likely adopt?