A data processing server uses a Linux based file system to remotely mount physical disks on a
shared SAN. The server administrator reports problems related to processing of files where the file
appears to be incompletely written to the disk. The network administration team has conducted a
thorough review of all network infrastructure and devices and found everything running at optimal
performance. Other SAN customers are unaffected. The data being processed consists of millions
of small files being written to disk from a network source one file at a time. These files are then
accessed by a local Java program for processing before being transferred over the network to a
SE Linux host for processing. Which of the following is the MOST likely cause of the processing
problem?

Company ABC was formed by combining numerous companies which all had multiple databases,
web portals, and cloud data sets. Each data store had a unique set of custom developed
authentication mechanisms and schemas. Which of the following approaches to combining the
disparate mechanisms has the LOWEST up front development costs?

A security researcher is about to evaluate a new secure VoIP routing appliance. The appliance
manufacturer claims the new device is hardened against all known attacks and several undisclosed zero day exploits. The code base used for the device is a combination of compiled C
and TC/TKL scripts. Which of the following methods should the security research use to
enumerate the ports and protocols in use by the appliance?

Customer Need:
“We need the system to produce a series of numbers with no discernible mathematical
progression for use by our Java based, PKI-enabled, customer facing website.”
Which of the following BEST restates the customer need?

A security engineer is implementing a new solution designed to process e-business transactions
and record them in a corporate audit database. The project has multiple technical stakeholders.
The database team controls the physical database resources, the internal audit division controls
the audit records in the database, the web hosting team is responsible for implementing the
website front end and shopping cart application, and the accounting department is responsible for
processing the transaction and interfacing with the payment processor. As the solution owner, the
security engineer is responsible for ensuring which of the following?

A large financial company has a team of security-focused architects and designers that contribute
into broader IT architecture and design solutions. Concerns have been raised due to the security
contributions having varying levels of quality and consistency. It has been agreed that a more
formalized methodology is needed that can take business drivers, capabilities, baselines, and reusable patterns into account. Which of the following would BEST help to achieve these objectives?

A University uses a card transaction system that allows students to purchase goods using their
student ID. Students can put money on their ID at terminals throughout the campus. The security
administrator was notified that computer science students have been using the network to illegally
put money on their cards. The administrator would like to attempt to reproduce what the students
are doing. Which of the following is the BEST course of action?