An organization receives an email that provides instruction on how to protect a system from being
a target of new malware that is rapidly infecting systems. The incident response team investigates
the notification and determines it to invalid and notifies users to disregard the email. Which of the
following Best describes this occurrence?

Joe an employee has reported to Ann a network technician an unusual device plugged into a USB
port on a workstation in the call center. Ann unplugs the workstation and brings it to the IT
department where an incident is opened. Which of the following should have been done first?

A company is implementing a system to transfer direct deposit information to a financial institution.
One of the requirements is that the financial institution must be certain that the deposit amounts

within the file have not been changed. Which of the following should be used to meet the
requirement?

An organization uses a Kerberos-based LDAP service for network authentication. The service is
also utilized for internal web applications. Finally access to terminal applications is achieved using
the same authentication method by joining the legacy system to the Kerberos realm. This
company is using Kerberos to achieve which of the following?

A recent audit has revealed that all employees in the bookkeeping department have access to
confidential payroll information, while only two members of the bookkeeping department have job
duties that require access to the confidential information. Which of the following can be
implemented to reduce the risk of this information becoming compromised in this scenario?
(Select TWO)

A Chief Executive Officer (CEO) is steering company towards cloud computing. The CEO is
requesting a federated sign-on method to have users sign into the sales application. Which of the
following methods will be effective for this purpose?

An administrator is configuring a new Linux web server where each user account is confined to a
cheroot jail. Which of the following describes this type of control?

Recently clients are stating they can no longer access a secure banking site’s webpage. In
reviewing the clients’ web browser settings, the certificate chain is showing the following:
Certificate Chain:
X Digi Cert

Digi Cert High assurance C3
* banksite.com
Certificate Store:
Digi Cert – Others Certificate Store
Digi Cert High assurance C3 – Others Certificate Store
Based on the information provided, which of the following is the problem when connecting to the
website?

A company often processes sensitive data for the government. The company also processes a
large amount of commercial work and as such is often providing tours to potential customers that
take them into various workspaces. Which of the following security methods can provide protection
against tour participants viewing sensitive information at minimal cost?

Joe is a helpdesk specialist. During a routine audit, a company discovered that his credentials
were used while he was on vacation. The investigation further confirmed that Joe still has his
badge and it was last used to exit the facility. Which of the following access control methods is

MOST appropriate for preventing such occurrences in the future?