A technician has installed new vulnerability scanner software on a server that is joined to the
company domain. The vulnerability scanner is able to provide visibility over the patch posture of all
company’s clients. Which of the following is being used?

The Chief Security Officer (CISO) at a multinational banking corporation is reviewing a plan to
upgrade the entire corporate IT infrastructure. The architecture consists of a centralized cloud
environment hosting the majority of data, small server clusters at each corporate location to
handle the majority of customer transaction processing, ATMs, and a new mobile banking
application accessible from smartphones, tablets, and the Internet via HTTP. The corporation does
business having varying data retention and privacy laws. Which of the following technical
modifications to the architecture and corresponding security controls should be implemented to
provide the MOST complete protection of data?

While reviewing the monthly internet usage it is noted that there is a large spike in traffic classified
as “unknown” and does not appear to be within the bounds of the organizations Acceptable Use
Policy. Which of the following tool or technology would work BEST for obtaining more information
on this traffic?

A network administrator wants to ensure that users do not connect any unauthorized devices to
the company network. Each desk needs to connect a VoIP phone and computer. Which of the
following is the BEST way to accomplish this?

An administrator has concerns regarding the traveling sales team who works primarily from smart
phones. Given the sensitive nature of their work, which of the following would BEST prevent
access to the data in case of loss or theft?

A user of the wireless network is unable to gain access to the network. The symptoms are:
1.) Unable to connect to both internal and Internet resources

2.) The wireless icon shows connectivity but has no network access
The wireless network is WPA2 Enterprise and users must be a member of the wireless security
group to authenticate. Which of the following is the MOST likely cause of the connectivity issues?

A chief Financial Officer (CFO) has asked the Chief Information Officer (CISO) to provide
responses to a recent audit report detailing deficiencies in the organization security controls. The
CFO would like to know ways in which the organization can improve its authorization controls.
Given the request by the CFO, which of the following controls should the CISO focus on in the
report? (Select Three)

A mobile device user is concerned about geographic positioning information being included in
messages sent between users on a popular social network platform. The user turns off the
functionality in the application, but wants to ensure the application cannot re-enable the setting

without the knowledge of the user. Which of the following mobile device capabilities should the
user disable to achieve the stated goal?

A member of a digital forensics team, Joe arrives at a crime scene and is preparing to collect
system data. Before powering the system off, Joe knows that he must collect the most volatile
date first. Which of the following is the correct order in which Joe should collect the data?

An organization has hired a penetration tester to test the security of its ten web servers. The
penetration tester is able to gain root/administrative access in several servers by exploiting
vulnerabilities associated with the implementation of SMTP, POP, DNS, FTP, Telnet, and IMAP.
Which of the following recommendations should the penetration tester provide to the organization
to better protect their web servers in the future?