Although a vulnerability scan report shows no vulnerabilities have been discovered, a subsequent
penetration test reveals vulnerabilities on the network. Which of the following has been reported by
the vulnerability scan?

Which of the following documents outlines the technical and security requirements of an

agreement between organizations?

A large bank has moved back office operations offshore to another country with lower wage costs
in an attempt to improve profit and productivity. Which of the following would be a customer
concern if the offshore staff had direct access to their data?

Which of the following are examples of detective controls?

An organization processes credit card transactions and is concerned that an employee may
intentionally email credit card numbers to external email addresses. This company should
consider which of the following technologies?

Which of the following, if properly implemented, would prevent users from accessing files that are
unrelated to their job duties? (Select TWO).

Which of the following helps to establish an accurate timeline for a network intrusion?

A recent audit has revealed weaknesses in the process of deploying new servers and network
devices. Which of the following practices could be used to increase the security posture during
deployment? (Select TWO).

Joe is the accounts payable agent for ABC Company. Joe has been performing accounts payable
function for the ABC Company without any supervision. Management has noticed several new
accounts without billing invoices that were paid. Which of the following is the BEST management
option for review of the new accounts?

A company hosts its public websites internally. The administrator would like to make some
changes to the architecture.
The three goals are:
reduce the number of public IP addresses in use by the web servers
drive all the web traffic through a central point of control
mitigate automated attacks that are based on IP address scanning
Which of the following would meet all three goals?