Which of the following represents important technical controls for securing a SAN storage infrastructure? (Select TWO).

A vulnerability scanner report shows that a client-server host monitoring solution operating in the credit card corporate environment is managing SSL sessions with
a weak algorithm which does not meet corporate policy. Which of the following are true statements? (Select TWO).

An internal development team has migrated away from Waterfall development to use Agile development. Overall, this has been viewed as a successful initiative by
the stakeholders as it has improved time-to-market. However, some staff within the security team have contended that Agile development is not secure. Which of
the following is the MOST accurate statement?

A port in a fibre channel switch failed, causing a costly downtime on the company’s primary website. Which of the following is the MOST likely cause of the
downtime?

A Chief Information Security Officer (CISO) has requested that a SIEM solution be implemented. The CISO wants to know upfront what the projected TCO would
be before looking further into this concern. Two vendor proposals have been received:
– Vendor A: product-based solution which can be purchased by the pharmaceutical company.
– Capital expenses to cover central log collectors, correlators, storage and management consoles expected to be $150,000. Operational expenses are expected to
be a 0.5 full time employee (FTE) to manage the solution, and 1 full time employee to respond to incidents per year.
– Vendor B: managed service-based solution which can be the outsourcer for the pharmaceutical company’s needs.
Bundled offering expected to be $100,000 per year.
Operational expenses for the pharmaceutical company to partner with the vendor are expected to be a 0.5 FTE per year.

Internal employee costs are averaged to be $80,000 per year per FTE. Based on calculating TCO of the two vendor proposals over a 5 year period, which of the
following options is MOST accurate?

Company ABC is hiring customer service representatives from Company XYZ. The representatives reside at Company XYZ’s headquarters. Which of the following
BEST prevents Company XYZ representatives from gaining access to unauthorized Company ABC systems?

Which of the following technologies prevents an unauthorized HBA from viewing iSCSI target information?

A large company is preparing to merge with a smaller company. The smaller company has been very profitable, but the smaller company’s main applications were
created in-house. Which of the following actions should the large company’s security administrator take in preparation for the merger?

An administrator wishes to replace a legacy clinical software product as it has become a security risk. The legacy product generates $10,000 in revenue a month.
The new software product has an initial cost of $180,000 and a yearly maintenance of $2,000 after the first year. However, it will generate $15,000 in revenue per

month and be more secure. How many years until there is a return on investment for this new package?

An administrator is tasked with securing several website domains on a web server. The administrator elects to secure www.example.com, mail.example.org,
archive.example.com, and www.example.org with the same certificate. Which of the following would allow the administrator to secure those domains with a single
issued certificate?