Which of the following should the security manager implement to improve legal and criminal investigations in t
A security manager received reports of several laptops containing confidential data stolen out of a lab
environment. The lab is not a high security area and is secured with physical key locks. The security
manager has no information to provide investigators related to who may have stolen the laptops. Which
of the following should the security manager implement to improve legal and criminal investigations in
the future?
which of the following sets of permissions should have been assigned to the directories containing the employe
During a Linux security audit at a local college, it was noted that members of the dean’s group were able
to modify employee records in addition to modifying student records, resulting in an audit exception. The
college security policy states that the dean’s group should only have the ability to modify student records.
Assuming that the correct user and group ownerships are in place, which of the following sets of
permissions should have been assigned to the directories containing the employee records?
Which of the following types of malware MOST likely caused this issue?
An employee reports work was being completed on a company-owned laptop using a public wireless hotspot. A pop-up screen appeared, and the user closed the pop-up. Seconds later, the desktop background
was changed to the image of a padlock with a message demanding immediate payment to recover the
data. Which of the following types of malware MOST likely caused this issue?
Which of the following can be mitigated with proper secure coding techniques?
Which of the following can be mitigated with proper secure coding techniques?
Which of the following could be utilized to notify the network support group when computers without the antivi
Recently the desktop support group has been performing a hardware refresh and has replaced numerous
computers. An auditor discovered that a number of the new computers did not have the company’s
antivirus software installed on them, Which of the following could be utilized to notify the network
support group when computers without the antivirus software are added to the network?
Which of the following actions should be performed?
An administrator needs to protect against downgrade attacks due to various vulnerabilities in SSL/TLS.
Which of the following actions should be performed? (Select TWO)
Which of the following would BEST satisfy these requirements?
A developer needs to utilize AES encryption in an application but requires the speed of encryption and
decryption to be as fast as possible. The data that will be secured is not sensitive so speed is valued over
encryption complexity. Which of the following would BEST satisfy these requirements?
This is an example of:
During a code review a software developer discovers a security risk that may result in hundreds of hours
of rework. The security team has classified these issues as low risk. Executive management has decided
that the code will not be rewritten. This is an example of:
Which of the following would have prevented the network outage?
A network was down for several hours due to a contractor entering the premises and plugging both ends
of a network cable into adjacent network jacks. Which of the following would have prevented the
network outage? (Select Two)
Which of the following attacks may be occurring?
After disabling SSID broadcast, a network administrator still sees the wireless network listed in available
networks on a client laptop. Which of the following attacks may be occurring?