Customers are receiving emails containing a link to malicious software. These emails are subverting spam
filters. The email reads as follows:
Delivered-To: customer@example.com
Received: by 10.14.120.205
Mon, 1 Nov 2010 11:15:24 -0700 (PDT)
Received: by 10.231.31.193
Mon, 01 Nov 2010 11:15:23 -0700 (PDT)
Return-Path: <IT@company.com>
Received: from 127.0.0.1 for <customer@example.com>; Mon, 1 Nov 2010 13:15:14 -0500 (envelope-from
<IT@company.com>)
Received: by smtpex.example.com (SMTP READY)
with ESMTP (AIO); Mon, 01 Nov 2010 13:15:14 -0500
Received: from 172.18.45.122 by 192.168.2.55; Mon, 1 Nov 2010 13:15:14 -0500
From: Company <IT@Company.com>
To: “customer@example.com” <customer@example.com>
Date: Mon, 1 Nov 2010 13:15:11 -0500
Subject: New Insurance Application
Thread-Topic: New Insurance Application
Please download and install software from the site below to maintain full access to your account.
www.examplesite.com
________________________________
Additional information: The authorized mail servers IPs are 192.168.2.10 and 192.168.2.11.
The network’s subnet is 192.168.2.0/25.
Which of the following are the MOST appropriate courses of action a security administrator could take to
eliminate this risk? (Select TWO).

A company with 2000 workstations is considering purchasing a HIPS to minimize the impact of a system
compromise from malware. Currently, the company projects a total cost of $50,000 for the next three years
responding to and eradicating workstation malware. The Information Security Officer (ISO) has received three
quotes from different companies that provide HIPS.
The first quote requires a $10,000 one-time fee, annual cost of $6 per workstation, and a 10% annual
support fee based on the number of workstations.
The second quote requires a $15,000 one-time fee, an annual cost of $5 per workstation, and a 12% annual
fee based on the number of workstations.
The third quote has no one-time fee, an annual cost of $8 per workstation, and a 15% annual fee based on
the number of workstations.
Which solution should the company select if the contract is only valid for three years?

Two universities are making their 802.11n wireless networks available to the other university’s students. The
infrastructure will pass the student’s credentials back to the home school for authentication via the Internet.
The requirements are:
Mutual authentication of clients and authentication server
The design should not limit connection speeds
Authentication must be delegated to the home school
No passwords should be sent unencrypted
The following design was implemented:
WPA2 Enterprise using EAP-PEAP-MSCHAPv2 will be used for wireless security
RADIUS proxy servers will be used to forward authentication requests to the home school
The RADIUS servers will have certificates from a common public certificate authority
A strong shared secret will be used for RADIUS server authentication
Which of the following security considerations should be added to the design?

Which of the following BEST constitutes the basis for protecting VMs from attacks from other VMs hosted on
the same physical platform?

Joe, the Chief Executive Officer (CEO), was an Information security professor and a Subject Matter Expert for
over 20 years. He has designed a network defense method which he says is significantly better than prominent
international standards. He has recommended that the company use his cryptographic method. Which of the
following methodologies should be adopted?

An industry organization has implemented a system to allow trusted authentication between all of its partners.
The system consists of a web of trusted RADIUS servers communicating over the Internet. An attacker was
able to set up a malicious server and conduct a successful man-in-the-middle attack. Which of the following
controls should be implemented to mitigate the attack in the future?

Two separate companies are in the process of integrating their authentication infrastructure into a unified single
sign-on system. Currently, both companies use an AD backend and two factor authentication using TOTP. The
system administrators have configured a trust relationship between the authentication backend to ensure
proper process flow. How should the employees request access to shared resources before the authentication
integration is complete?

Ann, a software developer, wants to publish her newly developed software to an online store. Ann wants to
ensure that the software will not be modified by a third party or end users before being installed on mobile
devices. Which of the following should Ann implement to stop modified copies of her software from running on
mobile devices?

A security administrator is tasked with implementing two-factor authentication for the company VPN. The VPN
is currently configured to authenticate VPN users against a backend RADIUS server. New company policies
require a second factor of authentication, and the Information Security Officer has selected PKI as the second
factor. Which of the following should the security administrator configure and implement on the VPN
concentrator to implement the second factor and ensure that no error messages are displayed to the user
during the VPN connection? (Select TWO).

In order to reduce costs and improve employee satisfaction, a large corporation is creating a BYOD policy. It
will allow access to email and remote connections to the corporate enterprise from personal devices; provided
they are on an approved device list. Which of the following security measures would be MOST effective in
securing the enterprise under the new policy? (Select TWO).