An IT manager is concerned about the cost of implementing a web filtering solution in an effort to mitigate the
risks associated with malware and resulting data leakage. Given that the ARO is twice per year, the ALE
resulting from a data leak is $25,000 and the ALE after implementing the web filter is $15,000. The web filtering
solution will cost the organization $10,000 per year. Which of the following values is the single loss expectancy
of a data leakage event after implementing the web filtering solution?

An IT Manager is concerned about errors made during the deployment process for a new model of tablet.
Which of the following would suggest best practices and configuration parameters that technicians could follow
during the deployment process?

An information security assessor for an organization finished an assessment that identified critical issues with
the human resource new employee management software application. The assessor submitted the report to
senior management but nothing has happened. Which of the following would be a logical next step?

In a situation where data is to be recovered from an attacker’s location, which of the following are the FIRST
things to capture? (Select TWO).

A project manager working for a large city government is required to plan and build a WAN, which will be
required to host official business and public access. It is also anticipated that the city’s emergency and first
response communication systems will be required to operate across the same network. The project manager
has experience with enterprise IT projects, but feels this project has an increased complexity as a result of the
mixed business / public use and the critical infrastructure it will provide. Which of the following should the
project manager release to the public, academia, and private industry to ensure the city provides due care in
considering all project factors prior to building its new WAN?

ODBC access to a database on a network-connected host is required. The host does not have a security
mechanism to authenticate the incoming ODBC connection, and the application requires that the connection
have read/write permissions. In order to further secure the data, a nonstandard configuration would need to be
implemented. The information in the database is not sensitive, but was not readily accessible prior to the
implementation of the ODBC connection. Which of the following actions should be taken by the security
analyst?

A critical system audit shows that the payroll system is not meeting security policy due to missing OS security
patches. Upon further review, it appears that the system is not being patched at all. The vendor states that the
system is only supported on the current OS patch level. Which of the following compensating controls should
be used to mitigate the vulnerability of missing OS patches on this system?

A security solutions architect has argued consistently to implement the most secure method of encrypting
corporate messages. The solution has been derided as not being cost effective by other members of the IT
department. The proposed solution uses symmetric keys to encrypt all messages and is very resistant to
unauthorized decryption. The method also requires special handling and security for all key material that goes
above and beyond most encryption systems.
Which of the following is the solutions architect MOST likely trying to implement?

A system administrator has just installed a new Linux distribution. The distribution is configured to be “secure
out of the box”. The system administrator cannot make updates to certain system files and services. Each time
changes are attempted, they are denied and a system error is generated. Which of the following
troubleshooting steps should the security administrator suggest?

A security administrator is tasked with increasing the availability of the storage networks while enhancing the
performance of existing applications. Which of the following technologies should the administrator implement to
meet these goals? (Select TWO).