A company has adopted a BYOD program. The company would like to protect confidential information. However, it has been decided that when an employee
leaves, the company will not completely wipe the personal device. Which of the following would MOST likely help the company maintain security when employees
leave?

A trucking company delivers products all over the country. The executives at the company would like to have better insight into the location of their drivers to ensure
the shipments are following secure routes. Which of the following would BEST help the executives meet this goal?

An administrator believes that the web servers are being flooded with excessive traffic from time to time. The administrator suspects that these traffic floods
correspond to when a competitor makes major announcements. Which of the following should the administrator do to prove this theory?

An organization has several production critical SCADA supervisory systems that cannot follow the normal 30-day patching policy. Which of the following BEST
maximizes the protection of these systems from malicious software?

A security tester is testing a website and performs the following manual query:
https://www.comptia.com/cookies.jsp?products=5%20and%201=1

The following response is received in the payload:
“ORA-000001: SQL command not properly ended”
Which of the following is the response an example of?

An insurance company has an online quoting system for insurance premiums. It allows potential customers to fill in certain details about their car and obtain a
quote. During an investigation, the following patterns were detected:
Pattern 1 Analysis of the logs identifies that insurance premium forms are being filled in but only single fields are incrementally being updated.
Pattern 2 For every quote completed, a new customer number is created; due to legacy systems, customer numbers are running out.
Which of the following is the attack type the system is susceptible to, and what is the BEST way to defend against it? (Select TWO).

A security services company is scoping a proposal with a client. They want to perform a general security audit of their environment within a two week period and
consequently have the following requirements:
Requirement 1 Ensure their server infrastructure operating systems are at their latest patch levels
Requirement 2 Test the behavior between the application and database
Requirement 3 Ensure that customer data can not be exfiltrated
Which of the following is the BEST solution to meet the above requirements?

An employee is performing a review of the organization’s security functions and noticed that there is some cross over responsibility between the IT security team
and the financial fraud team. Which of the following security documents should be used to clarify the roles and responsibilities between the teams?

A company has noticed recently that its corporate information has ended up on an online forum. An investigation has identified that internal employees are sharing
confidential corporate information on a daily basis. Which of the following are the MOST effective security controls that can be implemented to stop the above
problem? (Select TWO).

A security architect has been engaged during the implementation stage of the SDLC to review a new HR software installation for security gaps. With the project
under a tight schedule to meet market commitments on project delivery, which of the following security activities should be prioritized by the security architect?
(Select TWO).