A data breach is suspected on a currently unidentified server in a datacenter. Which of the following is the BEST method of determining which server was
breached?

A system administrator decided to perform maintenance on a production server servicing retail store operations. The system rebooted in the middle of the day due
to the installation of monthly operating system patches. The downtime results in lost revenue due to the system being unavailable. Which of the following would
reduce the likelihood of this issue occurring again?

On a campus network, users frequently remove the network cable from desktop NICs and plug personal laptops into the school network. Which of the following

could be used to reduce the likelihood of unauthorized laptops on the campus network?

A network technician needs to pass traffic from the company’s external IP address to a front-end mail server in the DMZ without exposing the IP address of the mail
server to the external network. Which of the following should the network technician use?

A finance manager is responsible for approving wire transfers and processing the transfers using the software provided by the company’s bank. A number of
discrepancies have been found related to the wires in a recent financial audit and the wires appeared to be fraudulent. Which of the following controls should be
implemented to reduce the likelihood of fraud related to the use of wire transfers?

A malicious insider is using an ARP spoofing tool to impersonate the gateway router. Which of the following attack types is the malicious insider implementing?

An administrator sees the following entry in a system log:
02:23:41 AM Mar 09 2015 www: WARNING: MD5 checksum on file /etc/sudoers has changed. Please update db if this change is expected.
Which of the following describes the type of application that generated this log entry?

A company has recently won a classified government contract involving both confidential and restricted information. To ensure proper authorization for
authenticated users and restrict unauthorized users from accessing information above their clearance, the company should establish:

A security administrator determined that the time required to brute force 90% of the company’s password hashes is below the acceptable threshold. Which of the
following, if implemented, has the GREATEST impact in bringing this time above the acceptable threshold?

A company is planning to encrypt the files in several sensitive directories of a file server with an asymmetric key. Which of the following could be used?