In the case of a major outage or business interruption, the security office has documented the expected loss of earnings, potential fines and potential consequence
to customer service. Which of the following would include the MOST detail on these objectives?

A security administrator is tasked with calculating the total ALE on servers. In a two year period of time, a company has to replace five servers. Each server
replacement has cost the company $4,000 with downtime costing $3,000. Which of the following is the ALE for the company?

Key elements of a business impact analysis should include which of the following tasks?

An advantage of virtualizing servers, databases, and office applications is:

Sara, a security analyst, is trying to prove to management what costs they could incur if their customer database was breached. This database contains 250
records with PII. Studies show that the cost per record for a breach is $300. The likelihood that their database would be breached in the next year is only 5%.
Which of the following is the ALE that Sara should report to management for a security breach?

A datacenter requires that staff be able to identify whether or not items have been removed from the facility. Which of the following controls will allow the
organization to provide automated notification of item removal?

Key cards at a bank are not tied to individuals, but rather to organizational roles. After a break in, it becomes apparent that extra efforts must be taken to
successfully pinpoint who exactly enters secure areas. Which of the following security measures can be put in place to mitigate the issue until a new key card
system can be installed?

The incident response team has received the following email message.
From: monitor@ext-company.com
To: security@company.com
Subject: Copyright infringement
A copyright infringement alert was triggered by IP address 13.10.66.5 at 09: 50: 01 GMT. After reviewing the following web logs for IP 13.10.66.5, the team is
unable to correlate and identify the incident.
09: 45: 33 13.10.66.5 http: //remote.site.com/login.asp?user=john
09: 50: 22 13.10.66.5 http: //remote.site.com/logout.asp?user=anne
10: 50: 01 13.10.66.5 http: //remote.site.com/access.asp?file=movie.mov
11: 02: 45 13.10.65.5 http: //remote.site.com/download.asp?movie.mov=ok
Which of the following is the MOST likely reason why the incident response team is unable to identify and correlate the incident?

Joe, a security administrator, is concerned with users tailgating into the restricted areas. Given a limited budget, which of the following would BEST assist Joe with
detecting this activity?

A forensic analyst is reviewing electronic evidence after a robbery. Security cameras installed at the site were facing the wrong direction to capture the incident. The
analyst ensures the cameras are turned to face the proper direction. Which of the following types of controls is being used?