In performing an authorized penetration test of an organization’s system security, a penetration tester collects information pertaining to the application versions that
reside on a server. Which of the following is the best way to collect this type of information?

Client computers login at specified times to check and update antivirus definitions using a dedicated account configured by the administrator. One day the clients
are unable to login with the account, but the server still responds to ping requests. The administrator has not made any changed. Which of the following most likely
happened?

A network administrator was to implement a solution that will allow authorized traffic, deny unauthorized traffic and ensure that appropriate ports are being used for
a number of TCP and UDP protocols. Which of the following network controls would meet these requirements?

A switch is set up to allow only 2 simultaneous MAC addresses per switch port. An administrator is reviewing a log and determines that a switch port has been
deactivated in a conference room after it detected 3 or more MAC addresses on the same port. Which of the following reasons could have caused this port to be
disabled?

During a recent audit, the auditors cited the company’s current virtual machine infrastructure as a concern. The auditors cited the fact that servers containing
sensitive customer information reside on the same physical host as numerous virtual machines that follow less stringent security guild lines. Which of the following
would be the best choice to implement to address this audit concern while maintain the current infrastructure?

A risk management team indicated an elevated level of risk due to the location of a corporate datacenter in a region with an unstable political climate. The chief
information officer (CIO) accepts the recommendation to transition the workload to an alternate datacenter in a more stable region. Which of the following forms of
risk mitigation has the CIO elected to pursue?

A user has called the help desk to report an enterprise mobile device was stolen. The technician receiving the call accesses the MDM administration portal to
identify the device’s last known geographic location. The technician determines the device is still communicating with the MDM. After taking note of the last known
location, the administrator continues to follow the rest of the checklist. Which of the following identifies a possible next step for the administrator?

A thief has stolen mobile device and removed its battery to circumvent GPS location tracking. The device user is a four digit PIN. Which of the following is a mobile
device security control that ensures the confidentiality of company data?

A security analyst is working on a project team responsible for the integration of an enterprise SSO solution. The SSO solution requires the use of an open standard
for the exchange of authentication and authorization across numerous web based applications. Which of the following solutions is most appropriate for the analyst

to recommend in this scenario?

A small IT security form has an internal network composed of laptops, servers, and printers. The network has both wired and wireless segments and supports VPN
access from remote sites. To protect the network from internal and external threats, including social engineering attacks, the company decides to implement
stringent security controls. Which of the following lists is the BEST combination of security controls to implement?