Which of the following should the administrator perform?
A security administrator is aware that a portion of the company’s Internet-facing network tends to be non-secure due to poorly configured and patched systems.
The business owner has accepted the risk of those systems being compromised, but the administrator wants to determine the degree to which those systems can
be used to gain access to the company intranet. Which of the following should the administrator perform?
Which of the following is BEST utilized to actively tes…
Which of the following is BEST utilized to actively test security controls on a particular system?
Which of the following activities is MOST appropriate?
Mike, a security professional, is tasked with actively verifying the strength of the security controls on a company’s live modem pool. Which of the following activities
is MOST appropriate?
Which ports and protocols are MOST likely to be open on…
During a penetration test from the Internet, Jane, the system administrator, was able to establish a connection to an internal router, but not successfully log in to it.
Which ports and protocols are MOST likely to be open on the firewall? (Select FOUR).
Which statement BEST describes her privileges?
During an anonymous penetration test, Jane, a system administrator, was able to identify a shared print spool directory, and was able to download a document
from the spool. Which statement BEST describes her privileges?
Which of the following is the MOST intrusive type of te…
Which of the following is the MOST intrusive type of testing against a production system?
Which of the following assessments would Pete, the secu…
Which of the following assessments would Pete, the security administrator, use to actively test that an application’s security controls are in place?
Which of the following activities should be performed b…
A financial company requires a new private network link with a business partner to cater for realtime and batched data flows.
Which of the following activities should be performed by the IT security staff member prior to establishing the link?
Which of the following assessment techniques would a se…
Which of the following assessment techniques would a security administrator implement to ensure that systems and software are developed properly?
Which of the following practices should be implemented …
Ann, the software security engineer, works for a major software vendor. Which of the following practices should be implemented to help prevent race conditions,
buffer overflows, and other similar vulnerabilities prior to each production release?