Which of the following BEST describes the appropriate method of testing or technique to use in this scenario?
A security assurance officer is preparing a plan to measure the technical state of a customer’s
enterprise. The testers employed to perform the audit will be given access to the customer facility
and network. The testers will not be given access to the details of custom developed software
used by the customer. However the testers with have access to the source code for several open
source applications and pieces of networking equipment used at the facility, but these items will
not be within the scope of the audit. Which of the following BEST describes the appropriate
method of testing or technique to use in this scenario? (Select TWO)
Which of the following authentication services combines authentication and authorization in a use profile and
Which of the following authentication services combines authentication and authorization in a use
profile and use UDP?
which of the following is the BEST combination of factors?
A security administrator is designing an access control system, with an unlimited budget, to allow
authenticated users access to network resources. Given that a multifactor authentication solution
is more secure, which of the following is the BEST combination of factors?
Will Ann and Joe be able to run the file?
The access control list (ACL) for a file on a server is as follows:
User: rwx
User: Ann: r- –
User: Joe: r- –
Group: rwx
Group: sales: r-x
Other: r-x
Joe and Ann are members of the Human Resources group. Will Ann and Joe be able to run the
file?
Which of the following should the consultant recommend to the company, in order to mitigate the risk of employ
Using a protocol analyzer, a security consultant was able to capture employee’s credentials.
Which of the following should the consultant recommend to the company, in order to mitigate the
risk of employees credentials being captured in the same manner in the future?
Which of the following will once defined, be the requirement for restoration of these systems within a certain
A Company has recently identified critical systems that support business operations. Which of the
following will once defined, be the requirement for restoration of these systems within a certain
period of time?
Which of the following practices are they following to ensure application integrity?
The software developer is responsible for writing the code and promoting from the development
network to the quality network. The network administrator is responsible for promoting code to the
application servers. Which of the following practices are they following to ensure application
integrity?
Which of the following should Ann do to retrieve her email messages?
Ann is traveling for business and is attempting to use the hotel’s wireless network to check for new
messages. She selects the hotel’s wireless SSID from a list of networks and successfully
connects. After opening her email client and waiting a few minutes, the connection times out.
Which of the following should Ann do to retrieve her email messages?
Which of the following password attacks involves attempting all kinds of keystroke combinations on the keyboar
Which of the following password attacks involves attempting all kinds of keystroke combinations
on the keyboard with the intention to gain administrative access?
Which of the following should Ann recommend that would BEST address her concerns?
Ann, a security administrator, is strengthening the security controls of the company’s campus. Her
goal is to prevent people from accessing open locations that are not supervised, such as around
the receiving dock. She is also concerned that employees are using these entry points as a way of
bypassing the security guard at the main entrance. Which of the following should Ann recommend
that would BEST address her concerns?