A security administrator is using a software program to test the security of a wireless access point. After running the program for a few hours, the access point
sends the wireless secret key back to the software program.
Which of the following attacks is this an example of?

A technician has been assigned a service request to investigate a potential vulnerability in the organization’s extranet platform. Once the technician performs initial
investigative measures, it is determined that the potential vulnerability was a false-alarm. Which of the following actions should the technician take in regards to the
findings?

A security administrator needs to implement a technology that creates a secure key exchange. Neither party involved in the key exchange will have pre-existing
knowledge of one another. Which of the following technologies would allow for this?

An administrator performs a risk calculation to determine if additional availability controls need to be in place. The administrator estimates that a server fails and
needs to be replaced once every 2 years at a cost of $8,000. Which of the following represents the factors that the administrator would use to facilitate this
calculation?

Which of the following internal security controls is aimed at preventing two system administrators from completing the same tasks?

A bank is planning to implement a third factor to protect customer ATM transactions. Which of the following could the bank implement?

A project team is developing requirements of the new version of a web application used by internal and external users. The application already features username
and password requirements for login, but the organization is required to implement multifactor authentication to meet regulatory requirements. Which of the
following would be added requirements will satisfy the regulatory requirement? (Select THREE.)

An administrator receives a security alert that appears to be from one of the company’s vendors. The email contains information and instructions for patching a
serious flaw that has not been publicly announced. Which of the following can an employee use to validate the authenticity if the email?

During a company-wide initiative to harden network security, it is discovered that end users who have laptops cannot be removed from the local administrator group.
Which of the following could be used to help mitigate the risk of these machines becoming compromised?

A chief information security officer (CISO) is providing a presentation to a group of network engineers. In the presentation, the CISO presents information regarding
exploit kits. Which of the following might the CISO present?