Which of the following types of application attacks would be used to identify malware causing
security breaches that have NOT yet been identified by any trusted sources?

Which of the following may cause Jane, the security administrator, to seek an ACL work around?

Matt, an IT administrator, wants to protect a newly built server from zero day attacks. Which of the
following would provide the BEST level of protection?

Joe, a user, in a coffee shop is checking his email over a wireless network. An attacker records
the temporary credentials being passed to Joe’s browser. The attacker later uses the credentials
to impersonate Joe and creates SPAM messages. Which of the following attacks allows for this
impersonation?

How often, at a MINIMUM, should Sara, an administrator, review the accesses and rights of the
users on her system?

Which of the following types of logs could provide clues that someone has been attempting to
compromise the SQL Server database?

Ann, the security administrator, received a report from the security technician, that an

unauthorized new user account was added to the server over two weeks ago. Which of the
following could have mitigated this event?

A security administrator needs to determine which system a particular user is trying to login to at
various times of the day. Which of the following log types would the administrator check?

The security administrator is analyzing a user’s history file on a Unix server to determine if the
user was attempting to break out of a rootjail. Which of the following lines in the user’s history log
shows evidence that the user attempted to escape the rootjail?

A security technician is attempting to improve the overall security posture of an internal mail
server. Which of the following actions would BEST accomplish this goal?