An attacker has gained access to the company’s web server by using the administrator’s credentials. The attacker then begins to work on compromising the
sensitive data on other servers. Which off the following BEST describes this type of attack?

An administrator deploys a WPA2 Enterprise wireless network with EAP-PEAP-MSCHAPv2. The deployment is successful and company laptops are able to
connect automatically with no user intervention. A year later, the company begins to deploy phones with wireless capabilities. Users report that they are receiving a
warning when they attempt to connect to the wireless network from their phones. Which of the following is the MOST likely cause of the warning message?

A security analyst, while doing a security scan using packet capture security tools, noticed large volumes of data images of company products being exfiltrated to
foreign IP addresses. Which of the following is the FIRST step in responding to scan results?

A company requires that all wireless communication be compliant with the advanced encryption standard (AES). The current wireless infrastructure implements
WEP + TKIP. Which of the following wireless protocols should be implemented?

A corporate wireless guest network uses an open SSID with a captive portal to authenticate guest users. Guests can obtain their portal password at the service
desk. A security consultant alerts the administrator that the captive portal is easily bypassed, as long as one other wireless guest user is on the network. Which of
the following attacks did the security consultant use?

The security administrator receives a service ticket saying a host based firewall is interfering with the operation of a new application that is being tested in
development. The administrator asks for clarification on which ports need to be open. The software vendor replies that it could use up to 20 ports and many
customers have disabled the host based firewall. After examining the system the administrator sees several ports that are open for database and application
servers that only used locally. The vendor continues to recommend disabling the host based firewall. Which of the following is the best course of action for the
administrator to take?

A chief information officer (CIO) is concerned about PII contained in the organization’s various data warehouse platforms. Since not all of the PII transferred to the
organization is required for proper operation of the data warehouse application, the CIO requests the needed PII data be parsed and securely discarded. Which of
the following controls would be MOST appropriate in this scenario?

An employee finds a usb drive in the employee lunch room and plugs the drive into a shared workstation to determine who owns the drive. When the drive is
inserted, a command prompt opens and a script begins to run. The employee notifies a technician who determines that data on a server have been compromised.

This is an example of:

Employees are reporting that they have been receiving a large number of emails advertising products and services. Links in the email direct the users’ browsers to
the websites for the items being offered. No reports of increased virus activity have been observed. A security administrator suspects that the users are the targets
of:

A security administrator is selecting an MDM solution for an organization, which has strict security requirements for the confidentiality of its data on end user
devices. The organization decides to allow BYOD, but requires that users wishing to participate agree to the following specific device configurations; camera
disablement, password enforcement, and application whitelisting. The organization must be able to support a device portfolio of differing mobile operating systems.
Which of the following represents the MOST relevant technical security criteria for the MDM?