Joe, an employee, reports to the security manager that several files in a research and development folder that
only JOE has access to have been improperly modified. The modified data on the files in recent and the
modified by account is Joe’s. The permissions on the folder have not been changed, and there is no evidence
of malware on the server hosting the folder or on Joe’s workstation. Several failed login attempts to Joe’s
account were discovered in the security log of the LDAP server.
Given this scenario, which of the following should the security manager implement to prevent this in the future?

Joe noticed that there is a larger than normal account of network on the printer VLAN of his organization,
causing users to have to wait a long time for a print job. Upon investigation Joe discovers that printers were
ordered and added to the network without his knowledge. Which of the following will reduce the risk of this
occurring again in the future?

When information is shared between two separate organizations, which of the following documents would
describe the sensitivity as well as the type and flow of the information?

Devices on the SCADA network communicate exclusively at Layer 2. Which of the following should be used to
prevent unauthorized systems using ARP-based attacks to compromise the SCADA network?

In an effort to test the effectiveness of an organization’s security awareness training, a penetrator tester crafted
an email and sent it to all of the employees to see how many of them clicked on the enclosed links. Which of
the following is being tested?

The chief security officer (CSO) has reported a rise in data loss but no break-ins have occurred. By doing which
of the following would the CSO MOST likely to reduce the number of incidents?

A system administrator wants to use open source software but is worried about the source code being
comprised. As a part of the download and installation process, the administrator should verify the integrity of the
software by:

Which of the following best describes the objectives of succession planning?

A security technician is concerned there4 is not enough security staff available the web servers and database
server located in the DMZ around the clock. Which of the following technologies, when deployed, would provide
the BEST round the clock automated protection?

An attacker has gained access to the company’s web server by using the administrator’s credentials. The
attacker then begins to work on compromising the sensitive data on other servers.
Which of the following BEST describes this type of attack?