A bank has decided to outsource some existing IT functions and systems to a third party service provider. The
third party service provider will manage the outsourced systems on their own premises and will continue to
directly interface with the bank’s other systems through dedicated encrypted links. Which of the following is
critical to ensure the successful management of system security concerns between the two organizations?

The finance department for an online shopping website has discovered that a number of customers were able
to purchase goods and services without any payments. Further analysis conducted by the security
investigations team indicated that the website allowed customers to update a payment amount for shipping. A
specially crafted value could be entered and cause a roll over, resulting in the shipping cost being subtracted
from the balance and in some instances resulted in a negative balance. As a result, the system processed the
negative balance as zero dollars. Which of the following BEST describes the application issue?

A software developer and IT administrator are focused on implementing security in the organization to protect
OSI layer 7. Which of the following security technologies would BEST meet their requirements? (Select TWO).

A security manager is looking into the following vendor proposal for a cloud-based SIEM solution. The intention
is that the cost of the SIEM solution will be justified by having reduced the number of incidents and therefore
saving on the amount spent investigating incidents.
Proposal:
External cloud-based software as a service subscription costing $5,000 per month. Expected to reduce the
number of current incidents per annum by 50%.
The company currently has ten security incidents per annum at an average cost of $10,000 per incident. Which
of the following is the ROI for this proposal after three years?

ABC Corporation has introduced token-based authentication to system administrators due to the risk of
password compromise. The tokens have a set of HMAC counter-based codes and are valid until they are used.
Which of the following types of authentication mechanisms does this statement describe?

Since the implementation of IPv6 on the company network, the security administrator has been unable to
identify the users associated with certain devices utilizing IPv6 addresses, even when the devices are centrally
managed.
en1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether f8:1e:af:ab:10:a3
inet6 fw80::fa1e:dfff:fee6:9d8%en1 prefixlen 64 scopeid 0x5
inet 192.168.1.14 netmask 0xffffff00 broadcast 192.168.1.255
inet6 2001:200:5:922:1035:dfff:fee6:9dfe prefixlen 64 autoconf
inet6 2001:200:5:922:10ab:5e21:aa9a:6393 prefixlen 64 autoconf temporary
nd6 options=1<PERFORMNUD>
media: autoselect
status: active
Given this output, which of the following protocols is in use by the company and what can the system
administrator do to positively map users with IPv6 addresses in the future? (Select TWO).

The IT director has charged the company helpdesk with sanitizing fixed and removable media. The helpdesk
manager has written a new procedure to be followed by the helpdesk staff. This procedure includes the current
standard to be used for data sanitization, as well as the location of physical degaussing tools. In which of the
following cases should the helpdesk staff use the new procedure? (Select THREE).

A new IT company has hired a security consultant to implement a remote access system, which will enable
employees to telecommute from home using both company issued as well as personal computing devices,
including mobile devices. The company wants a flexible system to provide confidentiality and integrity for data in
transit to the company’s internally developed application GUI. Company policy prohibits employees from having
administrative rights to company issued devices. Which of the following remote access solutions has the lowest
technical complexity?

Company policy requires that all unsupported operating systems be removed from the network. The security
administrator is using a combination of network based tools to identify such systems for the purpose of
disconnecting them from the network. Which of the following tools, or outputs from the tools in use, can be
used to help the security administrator make an approximate determination of the operating system in use on
the local company network? (Select THREE).

A security administrator has noticed that an increased number of employees’ workstations are becominginfected with malware. The company deploys an enterprise antivirus system as well as a web content filter,
which blocks access to malicious web sites where malware files can be downloaded. Additionally, the company
implements technical measures to disable external storage. Which of the following is a technical control that the
security administrator should implement next to reduce malware infection?