Dynamic Application Security Testing (DAST) is crucial for identifying and addressing security vulnerabilities during the software development life cycle (SDLC). Ensuring that DAST scans are routinely scheduled helps in maintaining a secure development process.
Why Routine DAST Scans?
Continuous Security Assessment: Regular DAST scans help in identifying vulnerabilities in real-time, ensuring they are addressed promptly.
Compliance: Routine scans ensure that the development process complies with security standards and regulations.
Proactive Threat Mitigation: Regular scans help in early detection and mitigation of potential security threats, reducing the risk of breaches.
Integration into SDLC: Ensures security is embedded within the development process, promoting a security-first approach.
Other options, while relevant, do not directly address the continuous assessment and proactive identification of threats:
A . If developers are unable to promote to production: This is more of an operational issue than a security assessment.
B . If DAST code is being stored to a single code repository: This concerns code management rather than security testing frequency.
Reference:
CompTIA SecurityX Study Guide
OWASP Testing Guide
NIST Special Publication 800-53, "Security and Privacy Controls for Information Systems and Organizations"

Enabling dashboards for service status monitoring is the best action to support rapid incident response. The table shows various services with different risk, criticality, and alert severity ratings. To ensure timely and effective incident response, real-time visibility into the status of these services is crucial.
Why Dashboards for Service Status Monitoring?
Real-time Visibility: Dashboards provide an at-a-glance view of the current status of all critical services, enabling rapid detection of issues.
CentralizedMonitoring: A single platform to monitor the status of multiple services helps streamline incident response efforts.
Proactive Alerting: Dashboards can be configured to show alerts and anomalies immediately, ensuring that incidents are addressed as soon as they arise.
Improved Decision Making: Real-time data helps incident response teams make informed decisions quickly, reducing downtime and mitigating impact.
Other options, while useful, do not offer the same level of comprehensive, real-time visibility and proactive alerting:
A . Automate alerting to IT support for phone system outages: This addresses one service but does not provide a holistic view.
C . Send emails for failed log-in attempts on the public website: This is a specific alert for one type of issue and does not cover all services.
D . Configure automated isolation of human resources systems: This is a reactive measure for a specific service and does not provide real-time status monitoring.
Reference:
CompTIA SecurityX Study Guide
NIST Special Publication 800-61 Revision 2, "Computer Security Incident Handling Guide"
"Best Practices for Implementing Dashboards," Gartner Research

Comprehensive and Detailed Step-by-Step
Runtime Application Self-Protection (RASP) (A)monitors and protects applications in real time by detecting and blocking attacks as they occur. Unlike traditional security solutions, RASP is integrated into the application itself, meaning it works regardless of the programming language used. It effectively mitigates common vulnerabilities such as SQL injection, XSS, and buffer overflows.
Dynamic Application Security Testing (DAST) (C) is a passive scanning approach that may not prevent attacks in real-time, while Network Intrusion PreventionSystems (NIPS) (D) focuses on network traffic, not application-layer security.

Regression testing is a software testingpractice that ensures that recent code changes have not adversely affected existing functionalities. In this scenario, the reintroduction of a previously fixed bug indicates that changes or integrations brought back the old issue. Implementing comprehensive regression testing would help detect such reintroductions by systematically retesting the existing functionalities whenever changes are made to the codebase. This practice is crucial in maintaining the integrity of the application, especially in complexsystems where multiple components interact.
Reference:

Disabling unneeded servicesreduces the attack surface by closing open ports.Patchingensures that endpoint protection software and operating systems are up-to-date, reducing vulnerability exposure.Removing unused accountseliminates access paths for malicious users exploiting dormant accounts. Secure boot, BIOS passwords, and drive encryption are important, but they address different layers of security than the vulnerabilities listed.
Reference: