In a situation where data is to be recovered from an attacker’s location, which of the following are the FIRST
things to capture? (Select TWO).

A project manager working for a large city government is required to plan and build a WAN, which will be
required to host official business and public access. It is also anticipated that the city’s emergency and first
response communication systems will be required to operate across the same network. The project manager
has experience with enterprise IT projects, but feels this project has an increased complexity as a result of the
mixed business / public use and the critical infrastructure it will provide. Which of the following should the
project manager release to the public, academia, and private industry to ensure the city provides due care in
considering all project factors prior to building its new WAN?

ODBC access to a database on a network-connected host is required. The host does not have a security
mechanism to authenticate the incoming ODBC connection, and the application requires that the connection
have read/write permissions. In order to further secure the data, a nonstandard configuration would need to be
implemented. The information in the database is not sensitive, but was not readily accessible prior to the
implementation of the ODBC connection. Which of the following actions should be taken by the security
analyst?

A critical system audit shows that the payroll system is not meeting security policy due to missing OS security
patches. Upon further review, it appears that the system is not being patched at all. The vendor states that the
system is only supported on the current OS patch level. Which of the following compensating controls should
be used to mitigate the vulnerability of missing OS patches on this system?

A security solutions architect has argued consistently to implement the most secure method of encrypting
corporate messages. The solution has been derided as not being cost effective by other members of the IT
department. The proposed solution uses symmetric keys to encrypt all messages and is very resistant to
unauthorized decryption. The method also requires special handling and security for all key material that goes
above and beyond most encryption systems.
Which of the following is the solutions architect MOST likely trying to implement?

A system administrator has just installed a new Linux distribution. The distribution is configured to be “secure
out of the box”. The system administrator cannot make updates to certain system files and services. Each time
changes are attempted, they are denied and a system error is generated. Which of the following
troubleshooting steps should the security administrator suggest?

A security administrator is tasked with increasing the availability of the storage networks while enhancing the
performance of existing applications. Which of the following technologies should the administrator implement to
meet these goals? (Select TWO).

An administrator is implementing a new network-based storage device. In selecting a storage protocol, the
administrator would like the data in transit’s integrity to be the most important concern. Which of the following
protocols meets these needs by implementing either AES- CMAC or HMAC-SHA256 to sign data?

A risk manager has decided to use likelihood and consequence to determine the risk of an event occurring to a
company asset. Which of the following is a limitation of this approach to risk management?

An accountant at a small business is trying to understand the value of a server to determine if the business can
afford to buy another server for DR. The risk manager only provided the accountant with the SLE of $24,000,
ARO of 20% and the exposure factor of 25%. Which of the following is the correct asset value calculated by the
accountant?