Joe, a user, upon arriving to work on Monday morning noticed several files were deleted from the system.
There were no records of any scheduled network outages or upgrades to the system. Joe notifies the security
department of the anomaly found and removes the system from the network.

A breach at a credit card company resulted in customer’s credit card information being exposed. The company
has conducted a full forensic investigation and identified the source of the breach.
Which of the following should the company do NEXT?

A security administrator is reviewing the web logs and notices multiple attempts by users to access: http://
www.comptia.org/idapsearch?user-*
Having identified the attack, which of the following will prevent this type of attack on the web server?

A security engineer discovers that during certain times of day, the corporate wireless network is dropping
enough packets to significantly degrade service. Which of the following should be the engineer’s FIRST step in
troubleshooting the issues?

A company is exploring the option of letting employees use their personal laptops on the internal network.
Which of the following would be the MOST common security concern in this scenario?

A user has reported inadvertently sending an encrypted email containing PII to an incorrect distribution group.
Which of the following potential incident types is this?

While testing a new host based firewall configuration a security administrator inadvertently blocks access to
localhost which causes problems with applications running on the host. Which of the following addresses refer
to localhost?

A software developer places a copy of the source code for a sensitive internal application on a company laptop
to work remotely. Which of the following policies is MOST likely being violated?

The helpdesk is receiving numerous reports that a newly installed biometric reader at the entrance of the data
center has a high of false negatives. Which of the following is the consequence of this reported problem?

A company discovers an unauthorized device accessing network resources through one of many network drops
in a common area used by visitors. The company decides that is wants to quickly prevent unauthorized devices
from accessing the network but policy prevents the company from making changes on every connecting client.
Which of the following should the company implement?