Sara, a security manager, has decided to force expiration of all company passwords by the close
of business day. Which of the following BEST supports this reasoning?

Which of the following presents the STRONGEST access control?

Which of the following encompasses application patch management?

Sara, an application developer, implemented error and exception handling alongside input
validation. Which of the following does this help prevent?

Which of the following is the LEAST volatile when performing incident response procedures?

Pete, a developer, writes an application. Jane, the security analyst, knows some things about the
overall application but does not have all the details. Jane needs to review the software before it is
released to production. Which of the following reviews should Jane conduct?

The information security team does a presentation on social media and advises the participants
not to provide too much personal information on social media web sites. This advice would BEST
protect people from which of the following?

Pete’s corporation has outsourced help desk services to a large provider. Management has
published a procedure that requires all users, when receiving support, to call a special number.
Users then need to enter the code provided to them by the help desk technician prior to allowing
the technician to work on their PC. Which of the following does this procedure prevent?

Pete, the security engineer, would like to prevent wireless attacks on his network. Pete has
implemented a security control to limit the connecting MAC addresses to a single port. Which of
the following wireless attacks would this address?

Which of the following can be implemented with multiple bit strength?