Based on information leaked to industry websites, business management is concerned that unauthorized
employees are accessing critical project information for a major, well-known new product. To identify any
such users, the security administrator could:

Joe, an administrator, installs a web server on the Internet that performs credit card transactions for
customer payments. Joe also sets up a second web server that looks like the first web server.
However, the second server contains fabricated files and folders made to look like payments were
processed on this server but really were not. Which of the following is the second server?

Which of the following can Joe, a security administrator, implement on his network to capture attack
details that are occurring while also protecting his production network?

What is a system that is intended or designed to be broken into by an attacker?

The security team would like to gather intelligence about the types of attacks being launched against the
organization. Which of the following would provide them with the MOST information?

Jane, a security analyst, is reviewing logs from hosts across the Internet which her company uses to
gather data on new malware. Which of the following is being implemented by Jane’s company?

A security administrator wants to get a real time look at what attackers are doing in the wild, hoping to
lower the risk of zero-day attacks. Which of the following should be used to accomplish this goal?

During a security assessment, an administrator wishes to see which services are running on a remote
server. Which of the following should the administrator use?

Which of the following tools would a security administrator use in order to identify all running services
throughout an organization?

Sara, the Chief Information Officer (CIO), has requested an audit take place to determine what services
and operating systems are running on the corporate network. Which of the following should be used to
complete this task?