Which of the following incident response plan steps would MOST likely engaging business professionals
with the security team to discuss changes to existing procedures?

A company is starting to allow employees to use their own personal without centralized management.
Employees must contract IT to have their devices configured to use corporate email; access is also
available to the corporate cloud-based services. Which of the following is the BEST policy to implement
under these circumstances?

Which of the following BEST explains Platform as a Service?

One of the senior managers at a company called the help desk to report to report a problem. The
manager could no longer access data on a laptop equipped with FDE. The manager requested that the
FDE be removed and the laptop restored from a backup. The help desk informed the manager that the
recommended solution was to decrypt the hard drive prior to reinstallation and recovery. The senior
manager did not have a copy of the private key associated with the FDE on the laptop. Which of the
following tools or techniques did the help desk use to avoid losing the data on the laptop?

An employee in the accounting department recently received a phishing email that instructed them to
click a link in the email to view an important message from the IRS which threatened penalties if a
response was not received by the end of the business day. The employee clicked on the link and the
machine was infected with malware. Which of the following principles BEST describes why this social
engineering ploy was successful?

A security technician received notification of a remotely exploitable vulnerability affecting all
multifunction printers firmware installed throughout the organization. The vulnerability allows a malicious
user to review all the documents processed by the affected printers. Which of the following
compensating controls can the security technician to mitigate the security risk of a sensitive document
leak?

A systems administrator has made several unauthorized changes to the server cluster that resulted in a
major outage. This event has been brought to the attention of the Chief Information Office (CIO) and he
has requested immediately implement a risk mitigation strategy to prevent this type of event from
reoccurring. Which of the following would be the BEST risk mitigation strategy to implement in order to
meet this request?

An incident occurred when an outside attacker was able to gain access to network resources. During the
incident response, investigation security logs indicated multiple failed login attempts for a network
administrator. Which of the following controls, if in place could have BEST prevented this successful
attack?

Joe needs to track employees who log into a confidential database and edit files. In the past, critical files
have been edited, and no one admits to making the edits. Which of the following does Joe need to
implement in order to enforce accountability?

A new mobile banking application is being developed and uses SSL / TLS certificates but penetration tests
show that it is still vulnerable to man-in-the-middle attacks, such as DNS hijacking. Which of the following
would mitigate this attack?