Ann, a security administrator, is strengthening the security controls of the company’s campus. Her goal is to
prevent people from accessing open locations that are not supervised, such as around the receiving dock. She
is also concerned that employees are using these entry points as a way of bypassing the security guard at the
main entrance. Which of the following should Ann recommend that would BEST address her concerns?

Which of the following password attacks involves attempting all kinds of keystroke combinations on the
keyboard with the intention to gain administrative access?

Ann is traveling for business and is attempting to use the hotel’s wireless network to check for new messages.
She selects the hotel’s wireless SSID from a list of networks and successfully connects. After opening her email
client and waiting a few minutes, the connection times out. Which of the following should Ann do to retrieve her
email messages?

The software developer is responsible for writing the code and promoting from the development network to the
quality network. The network administrator is responsible for promoting code to the application servers. Which
of the following practices are they following to ensure application integrity?

A Company has recently identified critical systems that support business operations. Which of the following will
once defined, be the requirement for restoration of these systems within a certain period of time?

Using a protocol analyzer, a security consultant was able to capture employee’s credentials. Which of thefollowing should the consultant recommend to the company, in order to mitigate the risk of employees
credentials being captured in the same manner in the future?

The access control list (ACL) for a file on a server is as follows:
User: rwx
User: Ann: r- –
User: Joe: r- –
Group: rwx
Group: sales: r-x
Other: r-x
Joe and Ann are members of the Human Resources group. Will Ann and Joe be able to run the file?

A security administrator is designing an access control system, with an unlimited budget, to allow authenticated
users access to network resources. Given that a multifactor authentication solution is more secure, which of the
following is the BEST combination of factors?

Which of the following authentication services combines authentication and authorization in a use profile and
use UDP?

A security assurance officer is preparing a plan to measure the technical state of a customer’s enterprise. The
testers employed to perform the audit will be given access to the customer facility and network. The testers will
not be given access to the details of custom developed software used by the customer. However, the testers
with have access to the source code for several open source applications and pieces of networking equipment
used at the facility, but these items will not be within the scope of the audit.
Which of the following BEST describes the appropriate method of testing or technique to use in this scenario?
(Choose two.)