A security administrator wants to perform routine tests on the network during working hours when
certain applications are being accessed by the most people. Which of the following would allow
the security administrator to test the lack of security controls for those applications with the least
impact to the system?

Which of the following risk concepts requires an organization to determine the number of failures
per year?

A system security analyst using an enterprise monitoring tool notices an unknown internal host
exfiltrating files to several foreign IP addresses. Which of the following would be an appropriate
mitigation technique?

Three of the primary security control types that can be implemented are.

The helpdesk reports increased calls from clients reporting spikes in malware infections on their
systems. Which of the following phases of incident response is MOST appropriate as a FIRST
response?

Which of the following protocols operates at the HIGHEST level of the OSI model?

Joe, the system administrator, has been asked to calculate the Annual Loss Expectancy (ALE) for
a $5,000 server, which often crashes. In the past year, the server has crashed 10 times, requiring
a system reboot to recover with only 10% loss of data or function. Which of the following is the
ALE of this server?

Which of the following should an administrator implement to research current attack
methodologies?

Which of the following can be implemented in hardware or software to protect a web server from
cross-site scripting attacks?

Which of the following means of wireless authentication is easily vulnerable to spoofing?