Which of the following is a management control?

Which of the following can result in significant administrative overhead from incorrect reporting?

A vulnerability scan is reporting that patches are missing on a server. After a review, it is determined that
the application requiring the patch does not exist on the operating system.
Which of the following describes this cause?

Ann, a security technician, is reviewing the IDS log files. She notices a large number of alerts for multicast
packets from the switches on the network. After investigation, she discovers that this is normal activity
for her network. Which of the following BEST describes these results?

Which of the following is an example of a false negative?

A company storing data on a secure server wants to ensure it is legally able to dismiss and prosecute staff
who intentionally access the server via Telnet and illegally tamper with customer data. Which of the
following administrative controls should be implemented to BEST achieve this?

Joe, a security analyst, asks each employee of an organization to sign a statement saying that they
understand how their activities may be monitored. Which of the following BEST describes this statement?
(Select TWO).

Joe, a newly hired employee, has a corporate workstation that has been compromised due to several
visits to P2P sites. Joe insisted that he was not aware of any company policy that prohibits the use of such
web sites. Which of the following is the BEST method to deter employees from the improper use of the
company’s information systems?

Pete, a security analyst, has been informed that the development team has plans to develop an
application which does not meet the company’s password policy. Which of the following should Pete do
NEXT?

A major security risk with co-mingling of hosts with different security requirements is: