An organization currently uses FTP for the transfer of large files, due to recent security enhancements, is
now required to use a secure method of file transfer and is testing both SFTP and FTPS as alternatives.Which of the following ports should be opened on the firewall in order to test the two alternatives?
(Select Two)

Which of the following types of malware, attempts to circumvent malware detection by trying to hide its
true location on the infected system?

An attacker went to a local bank and collected disposed paper for the purpose of collecting data that
could be used to steal funds and information from the bank’s customers. This is an example of:

An employee reports work was being completed on a company owned laptop using a public wireless hotspot. A pop-up screen appeared and the user closed the pop-up. Seconds later the desktop background
was changed to the image of a padlock with a message demanding immediate payment to recover the
data. Which of the following types of malware MOST likely caused this issue?

A small IT security form has an internal network composed of laptops, servers, and printers. The network
has both wired and wireless segments and supports VPN access from remote sites. To protect the
network from internal and external threats, including social engineering attacks, the company decides to
implement stringent security controls. Which of the following lists is the BEST combination of security
controls to implement?

A security analyst is working on a project team responsible for the integration of an enterprise SSO
solution. The SSO solution requires the use of an open standard for the exchange of authentication and
authorization across numerous web based applications. Which of the following solutions is most
appropriate for the analyst to recommend in this scenario?

A thief has stolen mobile device and removed its battery to circumvent GPS location tracking. The device
user is a four digit PIN. Which of the following is a mobile device security control that ensures the
confidentiality of company data?

A user has called the help desk to report an enterprise mobile device was stolen. The technician receiving
the call accesses the MDM administration portal to identify the device’s last known geographic location.
The technician determines the device is still communicating with the MDM. After taking note of the last
known location, the administrator continues to follow the rest of the checklist. Which of the following
identifies a possible next step for the administrator?

A risk management team indicated an elevated level of risk due to the location of a corporate datacenter
in a region with an unstable political climate. The chief information officer (CIO) accepts the
recommendation to transition the workload to an alternate datacenter in a more stable region. Which of
the following forms of risk mitigation has the CIO elected to pursue?

During a recent audit, the auditors cited the company’s current virtual machine infrastructure as a
concern. The auditors cited the fact that servers containing sensitive customer information reside on the
same physical host as numerous virtual machines that follow less stringent security guild lines. Which of
the following would be the best choice to implement to address this audit concern while maintain the
current infrastructure?