Which of the following can the security administrator implement to mitigate the risk of an online password att
A security administrator is concerned about the strength of user’s passwords. The company does
not want to implement a password complexity policy. Which of the following can the security
administrator implement to mitigate the risk of an online password attack against users with weak
passwords?
Which of the following types of authentication is being utilized here?
A company has purchased an application that integrates into their enterprise user directory for
account authentication. Users are still prompted to type in their usernames and passwords. Which
of the following types of authentication is being utilized here?
Which of the following are Data Loss Prevention (DLP) strategies that address data in transit issues?
Which of the following are Data Loss Prevention (DLP) strategies that address data in transit
issues? (Select TWO).
Which of the following is MOST likely to be contained in the download?
A user casually browsing the Internet is redirected to a warez site where a number of pop-ups
appear. After clicking on a pop-up to complete a survey, a drive-by download occurs. Which of the
following is MOST likely to be contained in the download?
Which of the following should the security administrator do in regards to the application?
A security administrator plans on replacing a critical business application in five years. Recently,
there was a security flaw discovered in the application that will cause the IT department to
manually re-enable user accounts each month at a cost of $2,000. Patching the application today
would cost $140,000 and take two months to implement. Which of the following should the security
administrator do in regards to the application?
which of the following control types?
The IT department has setup a share point site to be used on the intranet. Security has
established the groups and permissions on the site. No one may modify the permissions and all
requests for access are centrally managed by the security team. This is an example of which of
the following control types?
Which of the following attack types is this?
Purchasing receives a phone call from a vendor asking for a payment over the phone. The phone
number displayed on the caller ID matches the vendor’s number. When the purchasing agent asks
to call the vendor back, they are given a different phone number with a different area code. Which
of the following attack types is this?
Which of the following attack types is this?
Purchasing receives an automated phone call from a bank asking to input and verify credit card
information. The phone number displayed on the caller ID matches the bank. Which of the
following attack types is this?
Which of the following account management practices does this help?
The IT department has setup a website with a series of questions to allow end users to reset their
own accounts. Which of the following account management practices does this help?
Which of the following authentication services should be used on this port by default?
An information bank has been established to store contacts, phone numbers and other records. A
UNIX application needs to connect to the index server using port 389. Which of the following
authentication services should be used on this port by default?