Ann, the security administrator, received a report from the security technician, that an unauthorized new user
account was added to the server over two weeks ago. Which of the following could have mitigated this event?

Which of the following types of logs could provide clues that someone has been attempting to compromise the
SQL Server database?

How often, at a MINIMUM, should Sara, an administrator, review the accesses and rights of the users on her
system?

Joe, a user, in a coffee shop is checking his email over a wireless network. An attacker records the temporary
credentials being passed to Joe’s browser. The attacker later uses the credentials to impersonate Joe and
creates SPAM messages.
Which of the following attacks allows for this impersonation?

Matt, an IT administrator, wants to protect a newly built server from zero day attacks. Which of the following
would provide the BEST level of protection?

Which of the following may cause Jane, the security administrator, to seek an ACL work around?

Which of the following types of application attacks would be used to identify malware causing security breaches
that have NOT yet been identified by any trusted sources?

The security administrator is observing unusual network behavior from a workstation. The workstation is
communicating with a known malicious destination over an encrypted tunnel. A full antivirus scan, with an
updated antivirus definition file, does not show any signs of infection.
Which of the following has happened on the workstation?

Which of the following can only be mitigated through the use of technical controls rather that user security
training?

An attacker used an undocumented and unknown application exploit to gain access to a file server. Which of
the following BEST describes this type of attack?