A security administrator determined that users within the company are installing unapproved software. Company policy dictates that only certain applications may be
installed or ran on the user’s computer without exception. Which of the following should the administrator do to prevent all unapproved software from running on the
user’s computer?

A security administrator is tasked with conducting an assessment made to establish the baseline security posture of the corporate IT infrastructure. The
assessment must report actual flaws and weaknesses in the infrastructure. Due to the expense of hiring outside consultants, the testing must be performed using
in-house or cheaply available resources. There cannot be a possibility of any equipment being damaged in the test. Which of the following has the administrator
been tasked to perform?

A company utilizes a copier on the finance subnet. The security administrator is worried that the copier could have undisclosed vulnerabilities, as it has an
embedded operating system that can not be maintained. Which of the following should the administrator do to reduce the attack surface of the copier?

A network administrator recently implemented two caching proxy servers on the network. How can the network administrator BEST aggregate the log files for the
proxy servers?

A major breach occurred at an organization. The incident response team contained the breach and recovered from the incident. A number of things were wrong
during the incident response process and now the team must discuss and correct these items. Which of the following parts of the incident response process is the
team conducting?

A company wants to ensure that all software executing on a corporate server has been authorized to do so by a central control point. Which of the following can be
implemented to enable such control.

A single server hosts a sensitive SQL-based database and a web service containing static content. A few of the database fields need to be encrypted due to
regulatory requirements. Which of the following would provide the BEST encryption solution for this particular server?

A building engineer just installed a new environmental control system (ECS) for a room that is critical to the company’s operation and needs the ability to manage
and monitor the system from any part of the network. Which of the following should the security administrator utilize to minimize the attack surface and still allow the
needed access?

A company has implemented a public facing authentication system which uses PKI and extended attributes to allow third party web based application integration.
Which of the following is this an example of? (Select THREE)

Following a site survey for an upcoming 5GHz wireless network implementation, the project manager determines that several areas of the facility receive
inadequate coverage due to the use of vertical antennas on all access points. Which of the following activities would be MOST likely to remediate the issue without
changing the current access point layout in the facility?