A web developer is responsible for a simple web application that books holiday accommodations. The frontfacing web server offers an HTML form, which asks for a user’s
age. This input gets placed into a signed integer variable and is then checked to ensure that the user is in the
adult age range. Users have reported that the website is not functioning correctly. The web developer has
inspected log files and sees that a very large number (in the billions) was submitted just before the issue started
occurring. Which of the following is the MOST likely situation that has occurred?

A medical device manufacturer has decided to work with another international organization to develop the
software for a new robotic surgical platform to be introduced into hospitals within the next 12 months. In order to
ensure a competitor does not become aware, management at the medical device manufacturer has decided to
keep it secret until formal contracts are signed. Which of the following documents is MOST likely to contain a
description of the initial terms and arrangement and is not legally enforceable?

A vulnerability scanner report shows that a client-server host monitoring solution operating in the credit card
corporate environment is managing SSL sessions with a weak algorithm which does not meet corporate policy.
Which of the following are true statements? (Select TWO).

A storage as a service company implements both encryption at rest as well as encryption in transit of
customers’ data. The security administrator is concerned with the overall security of the encrypted customer
data stored by the company servers and wants the development team to implement a solution that will
strengthen the customer’s encryption key. Which of the following, if implemented, will MOST increase the time
an offline password attack against the
customers’ data would take?

The helpdesk is receiving multiple calls about slow and intermittent Internet access from the finance
department. The following information is compiled:
Caller 1, IP 172.16.35.217, NETMASK 255.255.254.0
Caller 2, IP 172.16.35.53, NETMASK 255.255.254.0
Caller 3, IP 172.16.35.173, NETMASK 255.255.254.0
All callers are connected to the same switch and are routed by a router with five built-in interfaces. The
upstream router interface’s MAC is 00-01-42-32-ab-1a A packet capture shows the following:
09:05:15.934840 arp reply 172.16.34.1 is-at 00:01:42:32:ab:1a (00:01:42:32:ab:1a)
09:06:16.124850 arp reply 172.16.34.1 is-at 00:01:42:32:ab:1a (00:01:42:32:ab:1a)
09:07:25.439811 arp reply 172.16.34.1 is-at 00:01:42:32:ab:1a (00:01:42:32:ab:1a)
09:08:10.937590 IP 172.16.35.1 > 172.16.35.255: ICMP echo request, id 2305, seq 1, length 65534
09:08:10.937591 IP 172.16.35.1 > 172.16.35.255: ICMP echo request, id 2306, seq 2, length 65534
09:08:10.937592 IP 172.16.35.1 > 172.16.35.255: ICMP echo request, id 2307, seq 3, length 65534 Which of
the following is occurring on the network?

An IT manager is working with a project manager from another subsidiary of the same
multinational organization. The project manager is responsible for a new software development effort that is
being outsourced overseas, while customer acceptance testing will be performed in house. Which of the
following capabilities is MOST likely to cause issues with network availability?

Since the implementation of IPv6 on the company network, the security administrator has been unable to
identify the users associated with certain devices utilizing IPv6 addresses, even when the devices are centrally
managed.
en1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu ether f8:1e:af:ab:10:a3
inet6 fw80::fa1e:dfff:fee6:9d8%en1 prefixlen 64 scopeid 0x5 inet 192.168.1.14 netmask 0xffffff00 broadcast
192.168.1.255
inet6 2001:200:5:922:1035:dfff:fee6:9dfe prefixlen 64 autoconf inet6 2001:200:5:922:10ab:5e21:aa9a:6393
prefixlen 64 autoconf temporary nd6 options=1<PERFORMNUD>
media: autoselect status: active
Given this output, which of the following protocols is in use by the company and what can the system
administrator do to positively map users with IPv6 addresses in the future? (Select TWO).

A system worth $100,000 has an exposure factor of eight percent and an ARO of four. Which of the following
figures is the system’s SLE?

An employee is performing a review of the organization’s security functions and noticed that there is some
cross over responsibility between the IT security team and the financial fraud
team. Which of the following security documents should be used to clarify the roles and responsibilities
between the teams?

The telecommunications manager wants to improve the process for assigning company- owned mobile devices
and ensuring data is properly removed when no longer needed. Additionally, the manager wants to onboardand offboard personally owned mobile devices that will be used in the BYOD initiative. Which of the following
should be implemented to ensure these processes can be automated? (Select THREE).