A small IT security form has an internal network composed of laptops, servers, and printers. The network
has both wired and wireless segments and supports VPN access from remote sites. To protect the
network from internal and external threats, including social engineering attacks, the company decides to
implement stringent security controls. Which of the following lists is the BEST combination of security
controls to implement?

A security analyst is working on a project team responsible for the integration of an enterprise SSO
solution. The SSO solution requires the use of an open standard for the exchange of authentication and
authorization across numerous web based applications. Which of the following solutions is most
appropriate for the analyst to recommend in this scenario?

A thief has stolen mobile device and removed its battery to circumvent GPS location tracking. The device
user is a four digit PIN. Which of the following is a mobile device security control that ensures the
confidentiality of company data?

A user has called the help desk to report an enterprise mobile device was stolen. The technician receiving
the call accesses the MDM administration portal to identify the device’s last known geographic location.
The technician determines the device is still communicating with the MDM. After taking note of the last
known location, the administrator continues to follow the rest of the checklist. Which of the following
identifies a possible next step for the administrator?

A risk management team indicated an elevated level of risk due to the location of a corporate datacenter
in a region with an unstable political climate. The chief information officer (CIO) accepts the
recommendation to transition the workload to an alternate datacenter in a more stable region. Which of
the following forms of risk mitigation has the CIO elected to pursue?

During a recent audit, the auditors cited the company’s current virtual machine infrastructure as a
concern. The auditors cited the fact that servers containing sensitive customer information reside on the
same physical host as numerous virtual machines that follow less stringent security guild lines. Which of
the following would be the best choice to implement to address this audit concern while maintain the
current infrastructure?

A switch is set up to allow only 2 simultaneous MAC addresses per switch port. An administrator is
reviewing a log and determines that a switch ort has been deactivated in a conference room after it
detected 3 or more MAC addresses on the same port. Which of the following reasons could have caused
this port to be disabled?

A network administrator was to implement a solution that will allow authorized traffic, deny unauthorized
traffic and ensure that appropriate ports are being used for a number of TCP and UDP protocols. Which of
the following network controls would meet these requirements?

Client computers login at specified times to check and update antivirus definitions using a dedicated
account configured by the administrator. One day the clients are unable to login with the account, but
the server still responds to ping requests. The administrator has not made any changed. Which of the
following most likely happened?

In performing an authorized penetration test of an organization’s system security, a penetration tester
collects information pertaining to the application versions that reside on a server. Which of the following
is the best way to collect this type of information?