Which of the following concepts is enforced by certifying that email communications have been
sent by who the message says it has been sent by?

Which of the following is characterized by an attack against a mobile device?

After a recent breach, the security administrator performs a wireless survey of the corporate
network. The security administrator notices a problem with the following output:
MACSSIDENCRYPTIONPOWERBEACONS
00:10:A1:36:12:CCMYCORPWPA2 CCMP601202
00:10:A1:49:FC:37MYCORPWPA2 CCMP709102
FB:90:11:42:FA:99MYCORPWPA2 CCMP403031
00:10:A1:AA:BB:CCMYCORPWPA2 CCMP552021
00:10:A1:FA:B1:07MYCORPWPA2 CCMP306044
Given that the corporate wireless network has been standardized, which of the following attacks is
underway?

Which of the following application attacks is used against a corporate directory service where
there are unknown servers on the network?

Input validation is an important security defense because it:

In order to maintain oversight of a third party service provider, the company is going to implement
a Governance, Risk, and Compliance (GRC) system. This system is promising to provide overall
security posture coverage. Which of the following is the MOST important activity that should be
considered?

Which of the following protocols allows for the LARGEST address space?

A recent audit of a company’s identity management system shows that 30% of active accounts
belong to people no longer with the firm. Which of the following should be performed to help avoid

this scenario? (Select TWO).

Who should be contacted FIRST in the event of a security breach?

The Chief Information Officer (CIO) has mandated web based Customer Relationship
Management (CRM) business functions be moved offshore to reduce cost, reduce IT overheads,
and improve availability. The Chief Risk Officer (CRO) has agreed with the CIO’s direction but has
mandated that key authentication systems be run within the organization’s network. Which of the
following would BEST meet the CIO and CRO’s requirements?