Vendors typically ship software applications with security settings disabled by default to ensure a
wide range of interoperability with other applications and devices. A security administrator should
perform which of the following before deploying new software?

A technician is deploying virtual machines for multiple customers on a single physical host to
reduce power consumption in a data center. Which of the following should be recommended to
isolate the VMs from one another?

Mandatory vacations are a security control which can be used to uncover which of the following?

Each server on a subnet is configured to only allow SSH access from the administrator’s
workstation. Which of the following BEST describes this implementation?

During a security assessment, an administrator wishes to see which services are running on a
remote server. Which of the following should the administrator use?

In which of the following categories would creating a corporate privacy policy, drafting acceptable
use policies, and group based access control be classified?

In which of the following categories would creating a corporate privacy policy, drafting acceptable
use policies, and group based access control be classified?

Disabling unnecessary services, restricting administrative access, and enabling auditing controls
on a server are forms of which of the following?

A system administrator has noticed vulnerability on a high impact production server. A recent
update was made available by the vendor that addresses the vulnerability but requires a reboot of
the system afterwards. Which of the following steps should the system administrator implement to
address the vulnerability?

Which of the following services are used to support authentication services for several local
devices from a central location without the use of tokens?