During a review a company was cited for allowing requestors to approve and implement their own change
request. Which of the following would resolve the issue? (Choose two.)

Anne, an employee, receives the following email:
From: Human Resources
To: Employee
Subject: Updated employee code of conduct
Please click on the following link: http//external.site.com/codeofconduct.exe to review the updated code of
conduct at your earliest convenience.
After clicking the email link, her computer is compromised. Which of the following principles of social
engineering was used to lure Anne into clicking the phishing link in the above email?

A company has implemented full disk encryption. Clients must authenticate with a username and password at a
pre-boot level to unlock the disk and again a username and password at the network login. Which of the
following are being used? (Choose two.)

A technician has been tasked with installing and configuring a wireless access point for the engineering
department. After the AP has been installed, there have been reports the employees from other departments
have been connecting to it without approval. Which of the following would BEST address these concerns?

Which of the following authentication services uses a default TCP port of 88?

A security administrator is reviewing the company’s data backup plan. The plan implements nightly offsite data
replication to a third party company. Which of the following documents specifies how much data can be stored
offsite, and how quickly the data can be retrieved by the company from the third party?

The Chief Executive Officer (CEO) Joe notices an increase in the wireless signal in this office and thanks the IT
director for the increase in network speed, Upon investigation the IT department finds an access point hidden in
the dropped ceiling outside of joe’s office. Which of the following types of attack is MOST likely occurring?

Company A and Company B both supply contractual services to a fast paced and growing auto parts
manufacturer with a small local Area Network (LAN) at its local site. Company A performs in-house billing and
invoices services for the local auto parts manufactacturer. Company B provides in-house parts and widgets
services for the local auto parts manufacturers. Which of the following is the BEST method to mitigate security
risk within the environment?

An SSL session is taking place. After the handshake phase has been established and the cipher has been
selected, which of the following are being used to secure data in transport? (Choose two.)

A security analyst has a sample of malicious software and needs to know what the sample does. The analyst
runs the sample in a carefully-controlled and monitored virtual machine to observe the software’s behavior. The
approach of malware analysis can BEST be described as: