A company decides to purchase commercially available software packages. This can introduce new security
risks to the network. Which of the following is the BEST description of why this is true?

A company that must comply with regulations is searching for a laptop encryption product to use for its 40,000
end points. The product must meet regulations but also be flexible enough to minimize overhead and support in
regards to password resets and lockouts. Which of the following implementations would BEST meet the
needs?

During a new desktop refresh, all hosts are hardened at the OS level before deployment to comply with policy.
Six months later, the company is audited for compliance to regulations. The audit discovers that 40 percent of
the desktops do not meet requirements. Which of the following is the MOST likely cause of the noncompliance?

Which of the following would be used in forensic analysis of a compromised Linux system? (Select THREE).

Which of the following would be used in forensic analysis of a compromised Linux system? (Select THREE).

Which of the following would be used in forensic analysis of a compromised Linux system? (Select THREE).

The latest independent research shows that cyber attacks involving SCADA systems grew an average of 15%
per year in each of the last four years, but that this year’s growth has slowed to around 7%. Over the same time
period, the number of attacks against applications has decreased or stayed flat each year. At the start of the
measure period, the incidence of PC boot loader or BIOS based attacks was negligible. Starting two years ago,
the growth in the number of PC boot loader attacks has grown exponentially. Analysis of these trends would
seem to suggest which of the following strategies should be employed?

An administrator has enabled salting for users’ passwords on a UNIX box. A penetration tester must attempt to
retrieve password hashes. Which of the following files must the penetration tester use to eventually obtain
passwords on the system? (Select TWO).

A user is suspected of engaging in potentially illegal activities. Law enforcement has requested that the user
continue to operate on the network as normal. However, they would like to have a copy of any communications
from the user involving certain key terms. Additionally, the law enforcement agency has requested that the
user’s ongoing communication be retained in the user’s account for future investigations. Which of the following
will BEST meet the goals of law enforcement?

A recently hired security administrator is advising developers about the secure integration of a legacy in-house
application with a new cloud based processing system. The systems must exchange large amounts of fixed
format data such as names, addresses, and phone numbers, as well as occasional chunks of data in
unpredictable formats. The developers want to construct a new data format and create custom tools to parse
and process the data. The security administrator instead suggests that the developers: