A security administrator at Company XYZ is trying to develop a body of knowledge to enable
heuristic and behavior based security event monitoring of activities on a geographically distributed
network. Instrumentation is chosen to allow for monitoring and measuring the network. Which of
the following is the BEST methodology to use in establishing this baseline?

A new IDS device is generating a very large number of irrelevant events. Which of the following
would BEST remedy this problem?

The Chief Information Security Officer (CISO) at a software development company is concerned
about the lack of introspection during a testing cycle of the company’s flagship product. Testing
was conducted by a small offshore consulting firm and the report by the consulting firm clearly
indicates that limited test cases were used and many of the code paths remained untested.
The CISO raised concerns about the testing results at the monthly risk committee meeting,
highlighting the need to get to the bottom of the product behaving unexpectedly in only some large
enterprise deployments.
The Security Assurance and Development teams highlighted their availability to redo the testing if
required.
Which of the following will provide the MOST thorough testing?

A security code reviewer has been engaged to manually review a legacy application. A number of
systemic issues have been uncovered relating to buffer overflows and format string vulnerabilities.
The reviewer has advised that future software projects utilize managed code platforms if at all
possible.

Which of the following languages would suit this recommendation? (Select TWO).

A bank now has a major initiative to virtualize as many servers as possible, due to power and rack
space capacity at both data centers. The bank has prioritized by virtualizing older servers first as
the hardware is nearing end-of-life.
The two initial migrations include:
Windows 2000 hosts: domain controllers and front-facing web servers
RHEL3 hosts: front-facing web servers
Which of the following should the security consultant recommend based on best practices?

After being informed that the company DNS is unresponsive, the system administrator issues the
following command from a Linux workstation:

SSH –p 2020 -l user dnsserver.company.com
Once at the command prompt, the administrator issues the below commanD.
Service bind restart
The system returns the below response:
Unable to restart BIND
Which of the following is true about the above situation?

Which of the following is an example of single sign-on?

Company XYZ has just purchased Company ABC through a new acquisition. A business decision
has been made to integrate the two company’s networks, application, and several basic services.
The initial integration of the two companies has specified the following requirements:

Company XYZ requires access to the web intranet, file, print, secure FTP server, and
authentication domain resources
Company XYZ is being on boarded into Company ABC’s authentication domain
Company XYZ is considered partially trusted
Company XYZ does not want performance issues when accessing ABC’s systems
Which of the following network security solutions will BEST meet the above requirements?

In developing a new computing lifecycle process for a large corporation, the security team is
developing the process for decommissioning computing equipment. In order to reduce the
potential for data leakage, which of the following should the team consider? (Select TWO).

A Security Manager is part of a team selecting web conferencing systems for internal use. The
system will only be used for internal employee collaboration. Which of the following are the MAIN
concerns of the security manager? (Select THREE).