A penetration tester is measuring a company’s posture on social engineering. The penetration

tester sends a phishing email claiming to be from IT asking employees to click a link to update
their VPN software immediately. Which of the following reasons would explain why this attack
could be successful?

A new employee has joined the accounting department and is unable to access the accounting
server. The employee can access other network resources and the Internet. Other accounting
employees are able to access the accounting server without any issues. Which of the following is
the MOST likely issue?

Joe a sales employee is connecting to a wireless network and has entered the network information
correctly. His computer remains connected to the network but he cannot access any resources on
the network. Which of the following is the MOST likely cause of this issue?

Which of the following is used to inform users of the repercussions of releasing proprietary
information?

A review of administrative access has discovered that too many accounts have been granted
administrative rights. Which of the following will alert the security team when elevated access is
applied?

When an authorized application is installed on a server, the application triggers an alert on the
HIDS. This is known as a:

In which of the following scenarios would it be preferable to implement file level encryption instead
of whole disk encryption?

For high availability which of the following would be MOST appropriate for fault tolerance?

When implementing a Public Key Infrastructure, which of the following should the sender use to
digitally sign a document?

A military base wants to incorporate biometrics into its new security measures, but the head of
security does not want them to be the sole method of authentication. For unmanned entry points,
which of the following solutions would work BEST?