Company ABC has recently completed the connection of its network to a national high speed
private research network. Local businesses in the area are seeking sponsorship from Company
ABC to connect to the high speed research network by directly connecting through Company
ABC’s network. Company ABC’s Chief Information Officer (CIO) believes that this is an
opportunity to increase revenues and visibility for the company, as well as promote research and
development in the area.
Which of the following must Company ABC require of its sponsored partners in order to document
the technical security requirements of the connection?

A security analyst at Company A has been trying to convince the Information Security Officer
(ISO) to allocate budget towards the purchase of a new intrusion prevention system (IPS) capable
of analyzing encrypted web transactions.
Which of the following should the analyst provide to the ISO to support the request? (Select TWO).

The IT department of a pharmaceutical research company is considering whether the company
should allow or block access to social media websites during lunch time. The company is
considering the possibility of allowing access only through the company’s guest wireless network,
which is logically separated from the internal research network. The company prohibits the use of
personal devices; therefore, such access will take place from company owned laptops.
Which of the following is the HIGHEST risk to the organization?

A security audit has uncovered a lack of security controls with respect to employees’ network
account management. Specifically, the audit reveals that employee’s network accounts are not
disabled in a timely manner once an employee departs the organization. The company policy
states that the network account of an employee should be disabled within eight hours of
termination. However, the audit shows that 5% of the accounts were not terminated until three
days after a dismissed employee departs. Furthermore, 2% of the accounts are still active.
Which of the following is the BEST course of action that the security officer can take to avoid
repeat audit findings?

Which of the following is true about an unauthenticated SAMLv2 transaction?

A company which manufactures ASICs for use in an IDS wants to ensure that the ASICs’ code is
not prone to buffer and integer overflows. The ASIC technology is copyrighted and the
confidentiality of the ASIC code design is exceptionally important. The company is required to
conduct internal vulnerability testing as well as testing by a third party.
Which of the following should be implemented in the SDLC to achieve these requirements?

The security administrator is receiving numerous alerts from the internal IDS of a possible
Conficker infection spreading through the network via the Windows file sharing services. Given the
size of the company which deploys over 20,000 workstations and 1,000 servers, the security
engineer believes that the best course of action is to block the file sharing service across the
organization by placing ACLs on the internal routers.
Which of the following should the security administrator do before applying the ACL?

A company currently does not use any type of authentication or authorization service for remote
access. The new security policy states that all remote access must be locked down to only
authorized personnel. The policy also dictates that only authorized external networks will be
allowed to access certain internal resources.
Which of the following would MOST likely need to be implemented and configured on the
company’s perimeter network to comply with the new security policy? (Select TWO).

Which of the following displays an example of a buffer overflow attack?

Which of the following displays an example of a XSS attack?