A system administrator runs a network inventory scan every Friday at 10:00 am to track the
progress of a large organization’s operating system upgrade of all laptops. The system
administrator discovers that some laptops are now only being reported as IP addresses. Which of
the following options is MOST likely the cause of this issue?

A security administrator working for a law enforcement organization is asked to secure a computer
system at the scene of a crime for transport to the law enforcement forensic facility. In order to
capture as mush evidence as possible, the computer system has been left running. The security
administrator begins information by image which of the following system components FIRST?

A new employee has been hired to perform system administration duties across a large enterprise
comprised of multiple separate security domains. Each remote location implements a separate
security domain. The new employee has successfully responded to and fixed computer issues for
the main office. When the new employee tries to perform work on remote computers, the following
messages appears. You need permission to perform this action. Which of the following can be
implemented to provide system administrators with the ability to perform administrative tasks on
remote computers using their uniquely assigned account?

An administrator is hardening systems and wants to disable unnecessary services. One Linux
server hosts files used by a Windows web server on another machine. The Linux server is only
used for secure file transfer, but requires a share for the Windows web server as well. The
administrator sees the following output from a netstat -1p command:

Which of the following processes can the administrator kill without risking impact to the purpose
and function of the Linux or Windows servers? (Select Three)

A project manager is evaluating proposals for a cloud commuting project. The project manager is
particularly concerned about logical security controls in place at the service provider’s facility.
Which of the following sections of the proposal would be MOST important to review, given the
project manager’s concerns?

A security administrator would like to ensure that some members of the building’s maintenance
staff are only allowed access to the facility during weekend hours. Access to the facility is

controlled by badge swipe and a man trap. Which of the following options will BEST accomplish
this goal?

A security manager received reports of several laptops containing confidential data stolen out of a
lab environment. The lab is not a high security area and is secured with physical key locks. The
security manager has no information to provide investigators related to who may have stolen the
laptops. Which of the following should the security manager implement to improve legal and
criminal investigations in the future?

During a Linux security audit at a local college, it was noted that members of the dean’s group
were able to modify employee records in addition to modifying student records, resulting in an
audit exception. The college security policy states that the dean’s group should only have the
ability to modify student records. Assuming that the correct user and group ownerships are in
place, which of the following sets of permissions should have been assigned to the directories
containing the employee records?

An employee reports work was being completed on a company-owned laptop using a public
wireless hot-spot. A pop-up screen appeared, and the user closed the pop-up. Seconds later, the
desktop background was changed to the image of a padlock with a message demanding
immediate payment to recover the data. Which of the following types of malware MOST likely
caused this issue?

Which of the following can be mitigated with proper secure coding techniques?