Which of the following is the MOST intrusive type of testing against a production system?

Which of the following assessments would Pete, the security administrator, use to actively test that an
application’s security controls are in place?

A financial company requires a new private network link with a business partner to cater for realtime and
batched data flows.
Which of the following activities should be performed by the IT security staff member prior to establishing the
link?

Which of the following assessment techniques would a security administrator implement to ensure that systems
and software are developed properly?

Ann, the software security engineer, works for a major software vendor. Which of the following practices should
be implemented to help prevent race conditions, buffer overflows, and other similar vulnerabilities prior to each
production release?

One of the servers on the network stops responding due to lack of available memory. Server administrators did
not have a clear definition of what action should have taken place based on the available memory. Which of the
following would have BEST kept this incident from occurring?

Several users report to the administrator that they are having issues downloading files from the file server.
Which of the following assessment tools can be used to determine if there is an issue with the file server?

Which of the following would a security administrator implement in order to identify change from the standard
configuration on a server?

A security specialist has been asked to evaluate a corporate network by performing a vulnerability assessment.
Which of the following will MOST likely be performed?

A system administrator has noticed vulnerability on a high impact production server. A recent update was made
available by the vendor that addresses the vulnerability but requires a reboot of the system afterwards. Which
of the following steps should the system administrator implement to address the vulnerability?