Joe a website administrator believes he owns the intellectual property for a company invention and has
been replacing image files on the company’s public facing website in the DMZ. Joe is using steganography
to hide stolen data. Which of the following controls can be implemented to mitigate this type of inside
threat?

The process of applying a salt and cryptographic hash to a password then repeating the process many
times is known as which of the following?

Which of the following is commonly used for federated identity management across multiple
organizations?

While performing surveillance activities, an attacker determines that an organization is using 802.1X to
secure LAN access. Which of the following attack mechanisms can the attacker utilize to bypass the
identified network security?

A security administrator has been asked to implement a VPN that will support remote access over IPSEC.
Which of the following is an encryption algorithm that would meet this requirement?

A security administrator is evaluating three different services: radius, diameter, and Kerberos. Which of
the following is a feature that is UNIQUE to Kerberos?

Which of the following can affect electrostatic discharge in a network operations center?

a malicious attacker has intercepted HTTP traffic and inserted an ASCII line that sets the referrer URL.
Which of the following is the attacker most likely utilizing?

A company would like to prevent the use of a known set of applications from being used on company
computers. Which of the following should the security administrator implement?

A new hire wants to use a personally owned phone to access company resources. The new hire expresses
concern about what happens to the data on the phone when they leave the company. Which of the
following portions of the company’s mobile device management configuration would allow the company
data to be removed from the device without touching the new hire’s data?