A security architect is implementing a web application that uses a database back end. Prior to the production, the architect is concerned about the possibility of XSS attacks and wants to identify security controls that could be put in place to prevent these attacks.

Which of the following sources could the architect consult to address this security concern?

1. SDLC
2. OVAL
3. IEEE
4. OWASP

B, C or D which one is correct ???

A security architect for a large, multinational manufacturer needs to design and implement a security solution to monitor traffic.

When designing the solution, which of the following threats should the security architect focus on to prevent attacks against the network?

 A Packets that are the wrong size or length
 B Use of any non-DNP3 communication on a DNP3 port
 C Multiple solicited responses over time
 D Application of an unsupported encryption algorithm

Very confusing between B and D , Please guide 

A security architect for a large, multinational manufacturer needs to design and implement a security solution to monitor traffic.

When designing the solution, which of the following threats should the security architect focus on to prevent attacks against the network?

 A Packets that are the wrong size or length
 B Use of any non-DNP3 communication on a DNP3 port
 C Multiple solicited responses over time
 D Application of an unsupported encryption algorithm

A company has hired a security architect to address several service outages on the endpoints due to new malware. The Chief Executive Officer's laptop was impacted while working from home. The goal is to prevent further endpoint disruption. The edge network is protected by a web proxy.

Which of the following solutions should the security architect recommend?

A Replace the current antivirus with an EDR solution.
B Remove the web proxy and install a UTM appliance.
C Implement a deny list feature on the endpoints.
D Add a firewall module on the current antivirus solution.