An administrator discovers the following log entry on a server.
Nov 12 2013 00:23:45 httpd[2342]: /app2/prod/process.php?input=change.cd%20./././ect:
cat%20shadow
Which of the following attacks is being attempted?

An organization relies heavily on an application that has a high frequency of security updates. At present,
the security team only updates the application the security updates are released as often as twice a week.
Which of the following would be the BEST method of updating this application?

Joe, the security administrator, sees this in a vulnerability scan report:
‘The server 10.1..2.232 is running Apache 2.2.20 which may be vulnerabel to a mod_cgi exploit.”
Joe verifies that mod_cgi module is not enabled on 10.1.2.232. This message is an example of

Which of the following is the summary of loss for a given year?

A Security team wants to establish an Incident Response plan. The team has never experienced an
incident. Which of the following would BEST help them establish plans and procedures?

A Security Officer on a military base needs to encrypt several smart phones that will be going into the
field. Which of the following ports should they block on the firewall?

A new intern in the purchasing department requires read access to shared documents. Permissions are
normally controlled through a group called “Purchasing”, however, the purchasing group permissions
allow write access. Which of the following would be the BEST course of action?

A software developer wants to ensure that the application is verifying that a key is valid before
establishing SSL connections with random remote hosts on the internet. Which of the following should be
used in the code? (Select TWO)

A system adminitrator is configuring a site-to-site VPN tunnel. Which of the following should be
configured on the VPN concentrator during the IKE phase?

Which the following is the GREATEST risk to a company by allowing employees to physically bring their
personal smartphones to work?