Two members of the finance department have access to sensitive information. The company is concerned they
may work together to steal information. Which of the following controls could be implemented to discover if they
are working together?

Which of the following should Pete, a security manager, implement to reduce the risk of employees working in
collusion to embezzle funds from their company?

Which of the following provides the BEST explanation regarding why an organization needs to implement IT
security policies?

A major security risk with co-mingling of hosts with different security requirements is:

Pete, a security analyst, has been informed that the development team has plans to develop an application
which does not meet the company’s password policy. Which of the following should Pete do NEXT?

Joe, a newly hired employee, has a corporate workstation that has been compromised due to several visits to
P2P sites. Joe insisted that he was not aware of any company policy that prohibits the use of such websites.
Which of the following is the BEST method to deter employees from the improper use of the company’s
information systems?

Joe, a security analyst, asks each employee of an organization to sign a statement saying that they understand
how their activities may be monitored. Which of the following BEST describes this statement? (Choose two.)

A company storing data on a secure server wants to ensure it is legally able to dismiss and prosecute staff who
intentionally access the server via Telnet and illegally tamper with customer data. Which of the following
administrative controls should be implemented to BEST achieve this?

Which of the following is an example of a false negative?

Ann, a security technician, is reviewing the IDS log files. She notices a large number of alerts for multicast
packets from the switches on the network. After investigation, she discovers that this is normal activity for her
network. Which of the following BEST describes these results?