Ann, a recently terminated programmer, can access the program she wrote without using any login credentials. Which of the following attack types is this?

A company is providing mobile devices to all employees. The system administrator has been tasked with providing input for the company’s new mobile device
policy. Which of the following are valid security concepts that the system administrator should include when offering feedback to management? (Select TWO)

The firewall administrator is installing a VPN application and must allow GRE through the firewall. Which of the following MUST the administrator allow through the
firewall?

A security administrator recently implemented IPSec for remote users. Which of the following ports must be allowed through the firewall in order for remote access
to be successful if the tunneling protocol is PPTP?

A forensics expert needs to be able to prove that digital evidence, originally taken into custody, has not been tampered with. Which of the following are useful in this
scenario?

Due to the commonality of Content Management System (CMS) platforms, a website administrator is concerned about security for the organization’s new CMS
application. Which of the following practices should the administrator implement FIRST to mitigate risks associated with CMS platform implementations?

An organization received a subpoena requesting access to data that resides on an employee’s computer. The organization uses PKI. Which of the following is the
BEST way to comply with the request?

A data breach is suspected on a currently unidentified server in a datacenter. Which of the following is the BEST method of determining which server was
breached?

A system administrator decided to perform maintenance on a production server servicing retail store operations. The system rebooted in the middle of the day due
to the installation of monthly operating system patches. The downtime results in lost revenue due to the system being unavailable. Which of the following would
reduce the likelihood of this issue occurring again?

On a campus network, users frequently remove the network cable from desktop NICs and plug personal laptops into the school network. Which of the following

could be used to reduce the likelihood of unauthorized laptops on the campus network?