A security analyst, Ann, is reviewing an IRC channel and notices that a malicious exploit has
been created for a frequently used application. She notifies the software vendor and asks
them for remediation steps, but is alarmed to find that no patches are available to mitigate
this vulnerability. Which of the following BEST describes this exploit?

A security administrator has concerns about new types of media which allow for the mass
distribution of personal comments to a select group of people. To mitigate the risks involved
with this media, employees should receive training on which of the following?

A network administrator is responsible for securing applications against external attacks.
Every month, the underlying operating system is updated. There is no process in place for
other software updates. Which of the following processes could MOST effectively mitigate
these risks?

A software developer is responsible for writing the code on an accounting application.
Another software developer is responsible for developing code on a system in human
resources. Once a year they have to switch roles for several weeks. Which of the following
practices is being implemented?

A network engineer is designing a secure tunneled VPN. Which of the following protocols
would be the MOST secure?

Which of the following implementation steps would be appropriate for a public wireless
hotspot?

Which of the following is a step in deploying a WPA2-Enterprise wireless network?

Which of the following controls would allow a company to reduce the exposure of sensitive
systems from unmanaged devices on internal networks?

Which of the following preventative controls would be appropriate for responding to a
directive to reduce the attack surface of a specific host?

A security manager must remain aware of the security posture of each system. Which of the
following supports this requirement?