An internal auditor is concerned with privilege creep that is associated with transfers inside the
company. Which mitigation measure would detect and correct this?

Which of the following is the default port for TFTP?

Which of the following concepts are included on the three sides of the “security triangle”? (Select
THREE).

Which of the following concepts allows an organization to group large numbers of servers together
in order to deliver a common service?

Which of the following security concepts identifies input variables which are then used to perform
boundary testing?

Users need to exchange a shared secret to begin communicating securely. Which of the following
is another name for this symmetric key?

Which of the following cryptographic related browser settings allows an organization to
communicate securely?

Which of the following is the BEST reason to provide user awareness and training programs for
organizational staff?

A firewall technician has been instructed to disable all non-secure ports on a corporate firewall.
The technician has blocked traffic on port 21, 69, 80, and 137-139. The technician has allowed
traffic on ports 22 and 443. Which of the following correctly lists the protocols blocked and
allowed?

A security administrator is responsible for performing periodic reviews of user permission settings
due to high turnover and internal transfers at a corporation. Which of the following BEST describes
the procedure and security rationale for performing such reviews?