Which of the following would a security administrator implement in order to discover
comprehensive security threats on a network?

An administrator is concerned that a company’s web server has not been patched. Which of the
following would be the BEST assessment for the administrator to perform?

Which of the following would be used to identify the security posture of a network without actually
exploiting any weaknesses?

Which of the following should an administrator implement to research current attack
methodologies?

Based on information leaked to industry websites, business management is concerned that
unauthorized employees are accessing critical project information for a major, well-known new
product. To identify any such users, the security administrator could:

Joe, an administrator, installs a web server on the Internet that performs credit card transactions
for customer payments. Joe also sets up a second web server that looks like the first web server.
However, the second server contains fabricated files and folders made to look like payments were
processed on this server but really were not. Which of the following is the second server?

Which of the following can Joe, a security administrator, implement on his network to capture
attack details that are occurring while also protecting his production network?

What is a system that is intended or designed to be broken into by an attacker?

The security team would like to gather intelligence about the types of attacks being launched
against the organization. Which of the following would provide them with the MOST information?

Jane, a security analyst, is reviewing logs from hosts across the Internet which her company uses
to gather data on new malware. Which of the following is being implemented by Jane’s company?