The security administrator receives an email on a non-company account from a coworker stating that some
reports are not exporting correctly. Attached to the email was an example report file with several customers’
names and credit card numbers with the PIN. Which of the following is the BEST technical controls that willhelp mitigate this risk of disclosing sensitive data?

A company has a security policy that specifies all endpoint computing devices should be assigned a unique
identifier that can be tracked via an inventory management system. Recent changes to airline security
regulations have cause many executives in the company to travel with mini tablet devices instead of laptops.
These tablet devices are difficult to tag and track. An RDP application is used from the tablet to connect into the
company network. Which of the following should be implemented in order to meet the security policy
requirements?

A security administrator is creating a subnet on one of the corporate firewall interfaces to use as a DMZ which
is expected to accommodate at most 14 physical hosts. Which of the following subnets would BEST meet the
requirements?

A new mobile application is being developed in-house. Security reviews did not pick up any major flaws,
however vulnerability scanning results show fundamental issues at the very end of the project cycle. Which of
the following security activities should also have been performed to discover vulnerabilities earlier in the
lifecycle?

After a merger between two companies a security analyst has been asked to ensure that the organization’s
systems are secured against infiltration by any former employees that were terminated during the transition.
Which of the following actions are MOST appropriate to harden applications against infiltration by former
employees? (Choose two.)

A security administrator is trying to encrypt communication. For which of the following reasons should
administrator take advantage of the Subject Alternative Name (SAM) attribute of a certificate?

New magnetic locks were ordered for an entire building. In accordance with company policy, employee safety isthe top priority. In case of a fire where electricity is cut, which of the following should be taken into consideration
when installing the new locks?

During a data breach cleanup it is discovered that not all of the sites involved have the necessary data wiping
tools. The necessary tools are quickly distributed to the required technicians, but when should this problem
BEST be revisited?

The chief Security Officer (CSO) has reported a rise in data loss but no break ins have occurred. By doing
which of the following is the CSO most likely to reduce the number of incidents?

A security administrator needs to implement a system that detects possible intrusions based upon a vendor
provided list. Which of the following BEST describes this type of IDS?