A recent computer breach has resulted in the incident response team needing to perform a
forensics examination. Upon examination, the forensics examiner determines that they cannot tell
which captured hard drive was from the device in question. Which of the following would have
prevented the confusion experienced during this examination?

An IT staff member was entering the datacenter when another person tried to piggyback into the
datacenter as the door was opened. While the IT staff member attempted to question the other
individual by politely asking to see their badge, the individual refused and ran off into the
datacenter. Which of the following should the IT staff member do NEXT?

During a recent user awareness and training session, a new staff member asks the Chief
Information Security Officer (CISO) why the company does not allow personally owned devices
into the company facilities. Which of the following represents how the CISO should respond?

A user has received an email from an external source which asks for details on the company’s
new product line set for release in one month. The user has a detailed spec sheet but it is marked
“Internal Proprietary Information”. Which of the following should the user do NEXT?

Which of the following techniques enables a highly secured organization to assess security
weaknesses in real time?

Which of the following techniques can be used to prevent the disclosure of system information
resulting from arbitrary inputs when implemented properly?

Encryption of data at rest is important for sensitive information because of which of the following?

Which of the following is synonymous with a server’s certificate?

A network administrator noticed various chain messages have been received by the company.
Which of the following security controls would need to be implemented to mitigate this issue?

Which of the following types of application attacks would be used to specifically gain unauthorized
information from databases that did not have any input validation implemented?