Which of the following BEST explains why it was not detected and blocked by the DLP solution?
A large bank deployed a DLP solution to detect and block customer and credit card data from
leaving the organization via email. A disgruntled employee was able to successfully exfiltrate data
through the corporate email gateway by embedding a word processing document containing
sensitive data as an object in a CAD file. Which of the following BEST explains why it was not
detected and blocked by the DLP solution? (Select TWO).
Which of the following solutions minimizes the performance impact on the router?
Due to a new regulatory requirement, ABC Company must now encrypt all WAN transmissions.
When speaking with the network administrator, the security administrator learns that the existing
routers have the minimum processing power to do the required level of encryption. Which of the
following solutions minimizes the performance impact on the router?
Which of the following statements BEST describes this situation?
A business owner has raised concerns with the Chief Information Security Officer (CISO) because
money has been spent on IT security infrastructure, but corporate assets are still found to be
vulnerable. The business recently implemented a patch management product and SOE hardening
initiative. A third party auditor reported findings against the business because some systems were
missing patches. Which of the following statements BEST describes this situation?
Which of the following is the penetration tester MOST likely to use while performing black box testing of the
Company XYZ has purchased and is now deploying a new HTML5 application. The company
wants to hire a penetration tester to evaluate the security of the client and server components of
the proprietary web application before launch. Which of the following is the penetration tester
MOST likely to use while performing black box testing of the security of the company’s purchased
application? (Select TWO).
Which of the following would MOST likely be implemented to meet the above requirements and provide a secure so
A company has been purchased by another agency and the new security architect has identified
new security goals for the organization. The current location has video surveillance throughout the
building and entryways. The following requirements must be met:
1. Ability to log entry of all employees in and out of specific areas
2. Access control into and out of all sensitive areas
3. Two-factor authentication
Which of the following would MOST likely be implemented to meet the above requirements and
provide a secure solution? (Select TWO).
Which of the following is the cause of the noncompliance?
During a new desktop refresh, all hosts are hardened at the OS level before deployment to comply
with policy. Six months later, the company is audited for compliance to regulations. The audit
discovers that 40% of the desktops do not meet requirements. Which of the following is the cause
of the noncompliance?
Which of the following does SAML uses to prevent government auditors or law enforcement from identifying speci
Which of the following does SAML uses to prevent government auditors or law enforcement from
identifying specific entities as having already connected to a service provider through an SSO
operation?
Which of the following security measures would be MOST effective in securing the enterprise under the new poli
In order to reduce costs and improve employee satisfaction, a large corporation is creating a
BYOD policy. It will allow access to email and remote connections to the corporate enterprise from
personal devices; provided they are on an approved device list. Which of the following security
measures would be MOST effective in securing the enterprise under the new policy? (Select
TWO).
Which of the following solutions is BEST suited for this scenario?
Company XYZ provides cable television service to several regional areas. They are currently
installing fiber-to-the-home in many areas with hopes of also providing telephone and Internet
services. The telephone and Internet services portions of the company will each be separate
subsidiaries of the parent company. The board of directors wishes to keep the subsidiaries
separate from the parent company. However all three companies must share customer data for
the purposes of accounting, billing, and customer authentication. The solution must use open
standards, and be simple and seamless for customers, while only sharing minimal data between
the companies. Which of the following solutions is BEST suited for this scenario?
Which of the following restrictions is the MOST likely cause?
Warehouse users are reporting performance issues at the end of each month when trying to
access cloud applications to complete their end of the month financial reports. They have no
problem accessing those applications at the beginning of the month.
Network information:
DMZ network – 192.168.5.0/24
VPN network – 192.168.1.0/24
Datacenter – 192.168.2.0/24
User network – 192.168.3.0/24
HR network – 192.168.4.0/24
Warehouse network – 192.168.6.0/24
Finance network 192.168.7.0/24
Traffic shaper configuration:
VLAN Bandwidth limit (Mbps)
VPN50
User175
HR220
Finance230
Warehouse75
Guest50
External firewall allows all networks to access the Internet.
Internal Firewall Rules:
ActionSourceDestination
Permit192.168.1.0/24192.168.2.0/24
Permit192.168.1.0/24192.168.3.0/24
Permit192.168.1.0/24192.168.5.0/24
Permit192.168.2.0/24192.168.1.0/24
Permit192.168.3.0/24192.168.1.0/24
Permit192.168.5.0/24192.168.1.0/24
Permit192.168.4.0/24192.168.7.0/24
Permit192.168.7.0/24192.168.4.0/24
Permit192.168.7.0/24any
Deny192.168.4.0/24any
Deny192.168.1.0/24192.168.4.0/24
Denyanyany
Which of the following restrictions is the MOST likely cause?