Company XYZ finds itself using more cloud-based business tools, and password management is becoming onerous. Security is important to the company; as a
result, password replication and shared accounts are not acceptable. Which of the following implementations addresses the

distributed login with centralized authentication and has wide compatibility among SaaS vendors?

The Chief Information Security Officer (CISO) at a large organization has been reviewing some security-related incidents at the organization and comparing them to
current industry trends. The desktop security engineer feels that the use of USB storage devices on office computers has contributed to the frequency of security
incidents. The CISO knows the acceptable use policy prohibits the use of USB storage devices. Every user receives a popup warning about this policy upon login.
The SIEM system produces a report of USB violations on a monthly basis; yet violations continue to occur. Which of the following preventative controls would
MOST effectively mitigate the logical risks associated with the use of USB storage devices?

The IT Security Analyst for a small organization is working on a customer’s system and identifies a possible intrusion in a database that contains PII. Since PII is
involved, the analyst wants to get the issue addressed as soon as possible. Which of the following is the FIRST step the analyst should take in mitigating the impact
of the potential intrusion?

An IT manager is working with a project manager from another subsidiary of the same multinational organization. The project manager is responsible for a new
software development effort that is being outsourced overseas, while customer acceptance testing will be performed in house. Which of the following capabilities is
MOST likely to cause issues with network availability?

A finance manager says that the company needs to ensure that the new system can “replay” data, up to the minute, for every exchange being tracked by the
investment departments. The finance manager also states that the company’s transactions need to be tracked against this data for a period of five years for
compliance. How would a security engineer BEST interpret the finance manager’s needs?

A multi-national company has a highly mobile workforce and minimal IT infrastructure. The company utilizes a BYOD and social media policy to integrate presence
technology into global collaboration tools by individuals and teams. As a result of the dispersed employees and frequent international travel, the company is
concerned about the safety of employees and their families when moving in and out of certain countries. Which of the following could the company view as a
downside of using presence technology?

A company is trying to decide how to manage hosts in a branch location connected via a slow WAN link. The company desires to provide the same level of
performance and functionality to the branch office as it provides to the main campus. The company uses Active Directory for its directory service and host
configuration management. The branch location does not have a datacenter, and the physical security posture of the building is weak. Which of the following
designs is MOST appropriate for this scenario?

A small company is developing a new Internet-facing web application. The security requirements are:
1. Users of the web application must be uniquely identified and authenticated.
2. Users of the web application will not be added to the company’s directory services.
3. Passwords must not be stored in the code.
Which of the following meets these requirements?

An educational institution would like to make computer labs available to remote students. The labs are used for various IT networking, security, and programming
courses. The requirements are:
1. Each lab must be on a separate network segment.
2. Labs must have access to the Internet, but not other lab networks.
3. Student devices must have network access, not simple access to hosts on the lab networks.
4. Students must have a private certificate installed before gaining access.
5. Servers must have a private certificate installed locally to provide assurance to the students.
6. All students must use the same VPN connection profile.
Which of the following components should be used to achieve the design in conjunction with directory services?

In an effort to minimize costs, the management of a small candy company wishes to explore a cloud service option for the development of its online applications.
The company does not wish to invest heavily in IT infrastructure. Which of the following solutions should be recommended?