The security administrator has been tasked with providing a solution that would not only eliminate
the need for physical desktops, but would also centralize the location of all desktop applications,
without losing physical control of any network devices. Which of the following would the security
manager MOST likely implement?Options are :
As part of the testing phase in the SDLC, a software developer wants to verify that an application
is properly handling user error exceptions. Which of the following is the BEST tool or process for
the developer use?Options are :
Which of the following is the MOST appropriate control measure for lost mobile devices?Options are :
A business is currently in the process of upgrading its network infrastructure to accommodate a
personnel growth of over fifty percent within the next six months. All preliminary planning has been
completed and a risk assessment plan is being adopted to decide which security controls to put in
place throughout each phase.
Which of the following risk responses is MOST likely being considered if the business is creating
an SLA with a third party?Options are :
Which of the following should be used with caution because of its ability to provide access to block
level data instead of file level data?Options are :
The IT department of a pharmaceutical research company is considering whether the company
should allow or block access to social media websites during lunch time. The company is
considering the possibility of allowing access only through the company’s guest wireless network,
which is logically separated from the internal research network. The company prohibits the use of
personal devices; therefore, such access will take place from company owned laptops.
Which of the following is the HIGHEST risk to the organization?Options are :
Company XYZ provides residential television cable service across a large region.
The company’s board of directors is in the process of approving a deal with the following three
A National landline telephone provider
A Regional wireless telephone provider
An international Internet service provider
The board of directors at Company XYZ wants to keep the companies and billing separated.
While the Chief Information Officer (CIO) at Company XYZ is concerned about the confidentiality
of Company XYZ’s customer data and wants to share only minimal information about its
customers for the purpose of accounting, billing, and customer authentication.
The proposed solution must use open standards and must make it simple and seamless for
Company XYZ’s customers to receive all four services.
Which of the following solutions is BEST suited for this scenario?Options are :
On Monday, the Chief Information Officer (CIO) of a state agency received an e-discovery request
for the release of all emails sent and received by the agency board of directors for the past five
years. The CIO has contacted the email administrator and asked the administrator to provide the
requested information by end of day on Friday. Which of the following has the GREATEST impact
on the ability to fulfill the e-discovery request?Options are :
A breach at a government agency resulted in the public release of top secret information. The
Chief Information Security Officer has tasked a group of security professionals to deploy a system
which will protect against such breaches in the future.
Which of the following can the government agency deploy to meet future security needs?Options are :
Statement: “The system shall implement measures to notify system administrators prior to a
security incident occurring.”
Which of the following BEST restates the above statement to allow it to be implemented by a team
of software developers?Options are :
A security administrator of a large private firm is researching and putting together a proposal to
purchase an IPS. The specific IPS type has not been selected, and the security administrator
needs to gather information from several vendors to determine a specific product. Which of the
following documents would assist in choosing a specific brand and model?Options are :
A company currently does not use any type of authentication or authorization service for remote
access. The new security policy states that all remote access must be locked down to only
authorized personnel. The policy also dictates that only authorized external networks will be
allowed to access certain internal resources.
Which of the following would MOST likely need to be implemented and configured on the
company’s perimeter network to comply with the new security policy? (Select TWO).
A. VPN concentrator
C. Proxy server
E. Layer 2 switchOptions are :
A small company has a network with 37 workstations, 3 printers, a 48 port switch, an enterprise
class router, and a firewall at the boundary to the ISP. The workstations have the latest patches
and all have up-to-date anti-virus software. User authentication is a two-factor system with
fingerprint scanners and passwords. Sensitive data on each workstation is encrypted. The network
is configured to use IPv4 and is a standard Ethernet network. The network also has a captive
portal based wireless hot-spot to accommodate visitors. Which of the following is a problem with
the security posture of this company?Options are :
Driven mainly by cost, many companies outsource computing jobs which require a large amount of
processor cycles over a short duration to cloud providers. This allows the company to avoid a
large investment in computing resources which will only be used for a short time.
Assuming the provisioned resources are dedicated to a single company, which of the following is
the MAIN vulnerability associated with on-demand provisioning?Options are :
Which of the following attacks does Unicast Reverse Path Forwarding prevent?Options are :
A security administrator has been conducting a security assessment of Company XYZ for the past
two weeks. All of the penetration tests and other assessments have revealed zero flaws in the
systems at Company XYZ. However, Company XYZ reports that it has been the victim of
numerous security incidents in the past six months. In each of these incidents, the criminals have
managed to exfiltrate large volumes of data from the secure servers at the company. Which of the
following techniques should the investigation team consider in the next phase of their assessment
in hopes of uncovering the attack vector the criminals used?Options are :
A company has decided to use the SDLC for the creation and production of a new information
system. The security administrator is training all users on how to protect company information
while using the new system, along with being able to recognize social engineering attacks. Senior
Management must also formally approve of the system prior to it going live. In which of the
following phases would these security controls take place?Options are :
A security analyst at Company A has been trying to convince the Information Security Officer
(ISO) to allocate budget towards the purchase of a new intrusion prevention system (IPS) capable
of analyzing encrypted web transactions.
Which of the following should the analyst provide to the ISO to support the request? (Select TWO).
A. Emerging threat reports
B. Company attack tends
C. Request for Quote (RFQ)
D. Best practices
E. New technologies reportOptions are :
A telecommunication company has recently upgraded their teleconference systems to multicast.
Additionally, the security team has instituted a new policy which requires VPN to access the
company’s video conference. All parties must be issued a VPN account and must connect to the
company’s VPN concentrator to participate in the remote meetings.
Which of the following settings will increase bandwidth utilization on the VPN concentrator during
the remote meetings?Options are :
A corporate executive lost their smartphone while on an overseas business trip. The phone was
equipped with file encryption and secured with a strong passphrase. The phone contained over
60GB of proprietary data. Given this scenario, which of the following is the BEST course of action?Options are :
A company has purchased a new system, but security personnel are spending a great deal of time
on system maintenance. A new third party vendor has been selected to maintain and manage the
company’s system. Which of the following document types would need to be created before any
work is performed?Options are :
The security administrator is worried about possible SPIT attacks against the VoIP system.
Which of the following security controls would MOST likely need to be implemented to detect this
type of attack?Options are :
Company ABC has recently completed the connection of its network to a national high speed
private research network. Local businesses in the area are seeking sponsorship from Company
ABC to connect to the high speed research network by directly connecting through Company
ABC’s network. Company ABC’s Chief Information Officer (CIO) believes that this is an
opportunity to increase revenues and visibility for the company, as well as promote research and
development in the area.
Which of the following must Company ABC require of its sponsored partners in order to document
the technical security requirements of the connection?Options are :
A security administrator has finished building a Linux server which will host multiple virtual
machines through hypervisor technology. Management of the Linux server, including monitoring
server performance, is achieved through a third party web enabled application installed on the
Linux server. The security administrator is concerned about vulnerabilities in the web application
that may allow an attacker to retrieve data from the virtual machines.
Which of the following will BEST protect the data on the virtual machines from an attack?Options are :
A company provides on-demand virtual computing for a sensitive project. The company
implements a fully virtualized datacenter and terminal server access with two-factor authentication
for access to sensitive data. The security administrator at the company has uncovered a breach in
data confidentiality. Sensitive data was found on a hidden directory within the hypervisor. Which of
the following has MOST likely occurred?Options are :
A company is evaluating a new marketing strategy involving the use of social networking sites to
reach its customers. The marketing director wants to be able to report important company news,
product updates, and special promotions on the social websites.
After an initial and successful pilot period, other departments want to use the social websites to
post their updates as well.
The Chief Information Officer (CIO) has asked the company security administrator to document
three negative security impacts of allowing IT staff to post work related information on such
Which of the following are the major risks the security administrator should report back to the CIO?
A. Brute force attacks
B. Malware infection
C. DDOS attacks
D. Phishing attacks
E. SQL injection attacks
F. Social engineering attacksOptions are :
Which of the following authentication types is used primarily to authenticate users through the use
of tickets?Options are :
A security administrator needs a secure computing solution to use for all of the company’s security
audit log storage, and to act as a central server to execute security functions from. Which of the
following is the BEST option for the server in this scenario?Options are :
A newly-appointed risk management director for the IT department at Company XYZ, a major
pharmaceutical manufacturer, needs to conduct a risk analysis regarding a new system which the
developers plan to bring on-line in three weeks. The director begins by reviewing the thorough and
well-written report from the independent contractor who performed a security assessment of the
system. The report details what seems to be a manageable volume of infrequently exploited
security vulnerabilities. The likelihood of a malicious attacker exploiting one of the vulnerabilities is
low; however, the director still has some reservations about approving the system because of
which of the following?Options are :