A system worth $100,000 has an exposure factor of eight percent and an ARO of four. Which of the following
figures is the system’s SLE?

An employee is performing a review of the organization’s security functions and noticed that there is some
cross over responsibility between the IT security team and the financial fraud
team. Which of the following security documents should be used to clarify the roles and responsibilities
between the teams?

The telecommunications manager wants to improve the process for assigning company- owned mobile devices
and ensuring data is properly removed when no longer needed. Additionally, the manager wants to onboardand offboard personally owned mobile devices that will be used in the BYOD initiative. Which of the following
should be implemented to ensure these processes can be automated? (Select THREE).

Joe is a security architect who is tasked with choosing a new NIPS platform that has the ability to perform SSLinspection, analyze up to 10Gbps of traffic, can be centrally managed and only reveals inspected application
payload data to specified internal security employees. Which of the following steps should Joe take to reach the
desired outcome?

An administrator is tasked with securing several website domains on a web server. The administrator elects to
secure www.example.com, mail.example.org, archive.example.com, and
www.example.org with the same certificate. Which of the following would allow the administrator to secure
those domains with a single issued certificate?

Which of the following technologies prevents an unauthorized HBA from viewing iSCSI target information?

Which of the following technologies prevents an unauthorized HBA from viewing iSCSI target information?

An insurance company has an online quoting system for insurance premiums. It allows potential customers to
fill in certain details about their car and obtain a quote. During an investigation, the following patterns were
detected:
Pattern 1 Analysis of the logs identifies that insurance premium forms are being filled in but only single fieldsare incrementally being updated. Pattern 2 For every quote completed, a new customer number is created;
due to legacy systems, customer numbers are running out.
Which of the following is the attack type the system is susceptible to, and what is the BEST way to defend
against it? (Select TWO).

An organization recently upgraded its wireless infrastructure to support 802.1x and requires all clients to use
this method. After the upgrade, several critical wireless clients fail to connect because they are only pre-shared
key compliant. For the foreseeable future, none of the affected clients have an upgrade path to put them into
compliance with the 802.1x requirement. Which of the following provides the MOST secure method of
integrating the non-compliant clients into the network?

A security analyst, Ann, states that she believes Internet facing file transfer servers are being attacked. Which
of the following is evidence that would aid Ann in making a case tomanagement that action needs to be taken to safeguard these servers?