Joe, a newly hired employee, has a corporate workstation that has been compromised due to
several visits to P2P sites. Joe insisted that he was not aware of any company policy that prohibits
the use of such web sites. Which of the following is the BEST method to deter employees from the
improper use of the company’s information systems?

Data execution prevention is a feature in most operating systems intended to protect against
which type of attack?

Use of group accounts should be minimized to ensure which of the following?

A compromised workstation utilized in a Distributed Denial of Service (DDOS) attack has been
removed from the network and an image of the hard drive has been created. However, the system
administrator stated that the system was left unattended for several hours before the image was
created. In the event of a court case, which of the following is likely to be an issue with this
incident?

Privilege creep among long-term employees can be mitigated by which of the following
procedures?

The Chief Technical Officer (CTO) has tasked The Computer Emergency Response Team (CERT)
to develop and update all Internal Operating Procedures and Standard Operating Procedures
documentation in order to successfully respond to future incidents. Which of the following stages
of the Incident Handling process is the team working on?

In which of the following scenarios is PKI LEAST hardened?

Company XYZ recently salvaged company laptops and removed all hard drives, but the Chief
Information Officer (CIO) is concerned about disclosure of confidential information. Which of the
following is the MOST secure method to dispose of these hard drives?

Configuring the mode, encryption methods, and security associations are part of which of the
following?

Which of the following assessments would Pete, the security administrator, use to actively test that
an application’s security controls are in place?