Ann, a security administrator, has been tasked by the Chief Information Officer (CIO) to have the company’s
application servers tested using black box methodology.
Which of the following BEST describes what Ann has been asked to do?
XYZ Company has a database containing personally identifiable information for all its customers.
Which of the following options would BEST ensure employees are only viewing information associated to the
customers they support?
An employee uses RDP to connect back to the office network. If RDP is misconfigured, which of the following
security exposures would this lead to?
Which of the following is the LEAST secure hashing algorithm?
Recently several employees were victims of a phishing email that appeared to originate from the company
president. The email claimed the employees would be disciplined if they did not click on a malicious link in the
message. Which of the following principles of social engineering made this attack successful?
Joe is exchanging encrypted email with another party. Joe encrypts the initial email with a key. When Joe
receives a response, he is unable to decrypt the response with the same key he used initially. Which of the
following would explain the situation?
Which of the following attack types is being carried out where a target is being sent unsolicited messages via
A supervisor in your organization was demoted on Friday afternoon. The supervisor had the ability to modify the
contents of a confidential database, as well as other managerial permissions. On Monday morning, the
database administrator reported that log files indicated that several records were missing from the database
Which of the following risk mitigation strategies should have been implemented when the supervisor was
A security technician would like to obscure sensitive data within a file so that it can be transferred without
causing suspicion. Which of the following technologies would BEST be suited to accomplish this?
A system administrator needs to implement 802.1x whereby when a user logs into the network, the
authentication server communicates to the network switch and assigns the user to the proper VLAN.
Which of the following protocols should be used?