The risk manager at a small bank wants to use quantitative analysis to determine the ALE of running a
business system at a location which is subject to fires during the year. A risk analyst reports to the risk manager
that the asset value of the business system is $120,000 and, based on industry data, the exposure factor to
fires is only 20% due to the fire suppression system installed at the site. Fires occur in the area on average
every four years. Which of the following is the ALE?

The telecommunications manager wants to improve the process for assigning company-owned mobile devices
and ensuring data is properly removed when no longer needed. Additionally, the manager wants to onboard
and offboard personally owned mobile devices that will be used in the BYOD initiative. Which of the following
should be implemented to ensure these processes can be automated? (Select THREE).

An international shipping company discovered that deliveries left idle are being tampered with. The company
wants to reduce the idle time associated with international deliveries by ensuring that personnel are
automatically notified when an inbound delivery arrives at the transit dock. Which of the following should be
implemented to help the company increase the security posture of its operations?

A security administrator is assessing a new application. The application uses an API that is supposed to encrypt
text strings that are stored in memory. How might the administrator test that the strings are indeed encrypted in
memory?

Using SSL, an administrator wishes to secure public facing server farms in three subdomains:
dc1.east.company.com, dc2.central.company.com, and dc3.west.company.com. Which of the following is the
number of wildcard SSL certificates that should be purchased?

An organization uses IP address block 203.0.113.0/24 on its internal network. At the border router, the network
administrator sets up rules to deny packets with a source address in this subnet from entering the network, and
to deny packets with a destination address in this subnet from leaving the network. Which of the following is the
administrator attempting to prevent?

A company has adopted a BYOD program. The company would like to protect confidential information.
However, it has been decided that when an employee leaves, the company will not completely wipe the
personal device. Which of the following would MOST likely help the company maintain security when
employees leave?

A trucking company delivers products all over the country. The executives at the company would like to have
better insight into the location of their drivers to ensure the shipments are following secure routes. Which of the
following would BEST help the executives meet this goal?

An administrator believes that the web servers are being flooded with excessive traffic from time to time. The
administrator suspects that these traffic floods correspond to when a competitor makes major announcements.
Which of the following should the administrator do to prove this theory?

An organization has several production critical SCADA supervisory systems that cannot follow the normal 30-
day patching policy. Which of the following BEST maximizes the protection of these systems from malicious
software?