A penetration tester is crawling a target website that is available to the public.
Which of the following represents the actions the penetration tester is performing?

Which of the following threat actors is MOST likely to steal a company’s proprietary information to gain a
market edge and reduce time to market?

A security analyst is hardening a server with the directory services role installed. The analyst must ensure LDAP traffic cannot be monitored or sniffed and maintains compatibility with LDAP clients.
Which of the following should the analyst implement to meet these requirements? (Select two.)

Which of the following attacks specifically impact data availability?

A security engineer is configuring a system that requires the X.509 certificate information to be pasted into a
form field in Base64 encoded format to import it into the system. Which of the following certificate formats
should the engineer use to obtain the information in the required format?

In a corporation where compute utilization spikes several times a year, the Chief Information Officer (CIO) has
requested a cost-effective architecture to handle the variable capacity demand. Which of the following
characteristics BEST describes what the CIO has requested?

Which of the following BEST describes an important security advantage yielded by implementing vendor
diversity?

Multiple organizations operating in the same vertical wants to provide seamless wireless access for their
employees as they visit the other organizations. Which of the following should be implemented if all the
organizations use the native 802.1x client on their mobile devices?

A security analyst is diagnosing an incident in which a system was compromised from an external IP address.
The socket identified on the firewall was traced to 207.46.130.0:6666. Which of the following should the security
analyst do to determine if the compromised system still has an active connection?

SIMULATION
A security administrator wants to implement strong security on the company smart phones and terminal servers
located in the data center. Drag and drop the applicable controls to each asset types?
Instructions: Controls can be used multiple times and not all placeholders need to be filled. When you have completed the simulation, please select the Done button to submit.