A website is breached, exposing the usernames and MD5 password hashes of its entire user
base. Many of these passwords are later cracked using rainbow tables. Which of the following
actions could have helped prevent the use of rainbow tables on the password hashes?

Joe a network administrator is setting up a virtualization host that has additional storage
requirements. Which of the following protocols should be used to connect the device to the
company SAN? (Select Two)

A security administrator finds that an intermediate CA within the company was recently breached.
The certificates held on this system were lost during the attack, and it is suspected that the
attackers had full access to the system. Which of the following is the NEXT action to take in this
scenario?

A recent online password audit has identified that stale accounts are at risk to brute force attacks.
Which the following controls would best mitigate this risk?

The security administrator generates a key pair and sends one key inside a rest file to a third
party. The third party sends back a signed file. In this scenario, the file sent by the administrator is
a:

Joe, a security technician, is configuring two new firewalls through the web on each. Each time
Joe connects, there is a warning message in the browser window about the certificate being
untrusted. Which of the following will allow Joe to configure a certificate for the firewall so that
firewall administrators are able to connect both firewalls without experiencing the warning
message?

A company has had their web application become unavailable several times in the past few
months due to increased demand. Which of the following should the company perform to increase
availability?

A system administrator wants to prevent password compromises from offline password attacks.
Which of the following controls should be configured to BEST accomplish this task? (Select TWO)

A company recently experienced several security breaches that resulted in confidential data being
infiltrated form the network. The forensic investigation revealed that the data breaches were
caused by an insider accessing files that resided in shared folders who then encrypted the data
and sent it to contacts via third party email. Management is concerned that other employees may
also be sending confidential files outside of the company to the same organization. Management
has requested that the IT department implement a solution that will allow them to:
Track access and sue of files marked confidential, provide documentation that can be sued for
investigations, prevent employees from sending confidential data via secure third party email,
identify other employees that may be involved in these activities.
Which of the following would be the best choice to implement to meet the above requirements?

Which of the following BEST describes malware that tracks a user’s web browsing habits and
injects the attacker’s advertisements into unrelated web pages? (Select TWO)