Which of the following would be used in forensic analysis of a compromised Linux system? (Select THREE).

An accountant at a small business is trying to understand the value of a server to determine if the business canafford to buy another server for DR. The risk manager only provided the accountant with the SLE of $24,000,
ARO of 20% and the exposure factor of 25%. Which of the following is the correct asset value calculated by the
accountant?

Wireless users are reporting issues with the company’s video conferencing and VoIP systems. The security
administrator notices internal DoS attacks from infected PCs on the network causing the VoIP system to drop
calls. The security administrator also notices that the SIP servers are unavailable during these attacks. Which
of the following security controls will MOST likely mitigate the VoIP DoS attacks on the network? (Select TWO).

A web developer is responsible for a simple web application that books holiday accommodations. The frontfacing web server offers an HTML form, which asks for a user’s
age. This input gets placed into a signed integer variable and is then checked to ensure that the user is in the
adult age range. Users have reported that the website is not functioning correctly. The web developer has
inspected log files and sees that a very large number (in the billions) was submitted just before the issue started
occurring. Which of the following is the MOST likely situation that has occurred?

A medical device manufacturer has decided to work with another international organization to develop the
software for a new robotic surgical platform to be introduced into hospitals within the next 12 months. In order to
ensure a competitor does not become aware, management at the medical device manufacturer has decided to
keep it secret until formal contracts are signed. Which of the following documents is MOST likely to contain a
description of the initial terms and arrangement and is not legally enforceable?

A vulnerability scanner report shows that a client-server host monitoring solution operating in the credit card
corporate environment is managing SSL sessions with a weak algorithm which does not meet corporate policy.
Which of the following are true statements? (Select TWO).

A storage as a service company implements both encryption at rest as well as encryption in transit of
customers’ data. The security administrator is concerned with the overall security of the encrypted customer
data stored by the company servers and wants the development team to implement a solution that will
strengthen the customer’s encryption key. Which of the following, if implemented, will MOST increase the time
an offline password attack against the
customers’ data would take?

The helpdesk is receiving multiple calls about slow and intermittent Internet access from the finance
department. The following information is compiled:
Caller 1, IP 172.16.35.217, NETMASK 255.255.254.0
Caller 2, IP 172.16.35.53, NETMASK 255.255.254.0
Caller 3, IP 172.16.35.173, NETMASK 255.255.254.0
All callers are connected to the same switch and are routed by a router with five built-in interfaces. The
upstream router interface’s MAC is 00-01-42-32-ab-1a A packet capture shows the following:
09:05:15.934840 arp reply 172.16.34.1 is-at 00:01:42:32:ab:1a (00:01:42:32:ab:1a)
09:06:16.124850 arp reply 172.16.34.1 is-at 00:01:42:32:ab:1a (00:01:42:32:ab:1a)
09:07:25.439811 arp reply 172.16.34.1 is-at 00:01:42:32:ab:1a (00:01:42:32:ab:1a)
09:08:10.937590 IP 172.16.35.1 > 172.16.35.255: ICMP echo request, id 2305, seq 1, length 65534
09:08:10.937591 IP 172.16.35.1 > 172.16.35.255: ICMP echo request, id 2306, seq 2, length 65534
09:08:10.937592 IP 172.16.35.1 > 172.16.35.255: ICMP echo request, id 2307, seq 3, length 65534 Which of
the following is occurring on the network?

An IT manager is working with a project manager from another subsidiary of the same
multinational organization. The project manager is responsible for a new software development effort that is
being outsourced overseas, while customer acceptance testing will be performed in house. Which of the
following capabilities is MOST likely to cause issues with network availability?

Since the implementation of IPv6 on the company network, the security administrator has been unable to
identify the users associated with certain devices utilizing IPv6 addresses, even when the devices are centrally
managed.
en1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu ether f8:1e:af:ab:10:a3
inet6 fw80::fa1e:dfff:fee6:9d8%en1 prefixlen 64 scopeid 0x5 inet 192.168.1.14 netmask 0xffffff00 broadcast
192.168.1.255
inet6 2001:200:5:922:1035:dfff:fee6:9dfe prefixlen 64 autoconf inet6 2001:200:5:922:10ab:5e21:aa9a:6393
prefixlen 64 autoconf temporary nd6 options=1<PERFORMNUD>
media: autoselect status: active
Given this output, which of the following protocols is in use by the company and what can the system
administrator do to positively map users with IPv6 addresses in the future? (Select TWO).