A company has received the results of an external vulnerability scan from its approved scanning vendor.
The company is required to remediate these vulnerabilities for clients within 72 hours of acknowledgement of the scan results.
Which of the following contract breaches would result if this remediation is not provided for clients within the time frame?

A cybersecurity analyst has received an alert that well-known "call home" messages are continuously observed by network sensors at the network boundary. The proxy firewall successfully drops the messages. After determining the alert was a true positive, which of the following represents the MOST likely cause?

The software development team pushed a new web application into production for the accounting department.
Shortly after the application was published, the head of the accounting department informed IT operations that the application was not performing as intended. Which of the following SDLC best practices was missed?

A production web server is experiencing performance issues. Upon investigation, new unauthorized
applications have been installed and suspicious traffic was sent through an unused port. Endpoint security
is not detecting any malware or virus. Which of the following types of threats would this MOST likely be
classified as?

A university wants to increase the security posture of its network by implementing vulnerability scans of both centrally managed and student/employee laptops. The solution should be able to scale, provide minimum false positives and high accuracy of results, and be centrally managed through an enterprise console. Which of the following scanning topologies is BEST suited for this environment?