Which of the following might the CISO present?
A chief information security officer (CISO) is providing a presentation to a group of network
engineers. In the presentation, the CISO presents information regarding exploit kits. Which of the
following might the CISO present?
Which of the following could be used to help mitigate the risk of these machines becoming compromised?
During a company-wide initiative to harden network security, it is discovered that end users who
have laptops cannot be removed from the local administrator group. Which of the following could
be used to help mitigate the risk of these machines becoming compromised?
Which of the following can an employee use to validate the authenticity if the email?
An administrator receives a security alert that appears to be from one of the company’s vendors.
The email contains information and instructions for patching a serious flaw that has not been
publicly announced. Which of the following can an employee use to validate the authenticity if the
email?
Which of the following would be added requirements will satisfy the regulatory requirement?
A project team is developing requirements of the new version of a web application used by internal
and external users. The application already features username and password requirements for
login, but the organization is required to implement multifactor authentication to meet regulatory
requirements. Which of the following would be added requirements will satisfy the regulatory
requirement? (Select THREE.)
Which of the following could the bank implement?
A bank is planning to implement a third factor to protect customer ATM transactions. Which of the
following could the bank implement?
Which of the following internal security controls is aimed at preventing two system administrators from comple
Which of the following internal security controls is aimed at preventing two system administrators
from completing the same tasks?
Which of the following represents the factors that the administrator would use to facilitate this calculation?
An administrator performs a risk calculation to determine if additional availability controls need to
be in place. The administrator estimates that a server fails and needs to be replaced once every 2
years at a cost of $8,000. Which of the following represents the factors that the administrator
would use to facilitate this calculation?
Which of the following technologies would allow for this?
A security administrator needs to implement a technology that creates a secure key exchange.
Neither party involved in the key exchange will have pre-existing knowledge of one another. Which
of the following technologies would allow for this?
Which of the following actions should the technician take in regards to the findings?
A technician has been assigned a service request to investigate a potential vulnerability in the
organization’s extranet platform. Once the technician performs initial investigative measures, it is
determined that the potential vulnerability was a false-alarm. Which of the following actions should
the technician take in regards to the findings?
Which of the following attacks is this an example of?
A security administrator is using a software program to test the security of a wireless access point.
After running the program for a few hours, the access point sends the wireless secret key back to
the software program. Which of the following attacks is this an example of?