Which of the following would be the BEST course of action?
A new intern in the purchasing department requires read access to shared documents. Permissions are
normally controlled through a group called “Purchasing”, however, the purchasing group permissions
allow write access. Which of the following would be the BEST course of action?
Which of the following should be used in the code?
A software developer wants to ensure that the application is verifying that a key is valid before
establishing SSL connections with random remote hosts on the internet. Which of the following should be
used in the code? (Select TWO)
Which of the following should be configured on the VPN concentrator during the IKE phase?
A system adminitrator is configuring a site-to-site VPN tunnel. Which of the following should be
configured on the VPN concentrator during the IKE phase?
Which the following is the GREATEST risk to a company by allowing employees to physically bring their personal
Which the following is the GREATEST risk to a company by allowing employees to physically bring their
personal smartphones to work?
what she is looking?
The Chief Technology Officer (CTO) of a company, Ann, is putting together a hardware budget for the
next 10 years. She is asking for the average lifespan of each hardware device so that she is able to
calculate when she will have to replace each device. Which of the following categories BEST describes
what she is looking?
Which of the following summarizes the BEST response to programmer’s proposal?
A software development company needs to share information between two remote server, using
encryption to protect it. A programmer suggests developing a new encryption protocol, arguing that
using an unknown protocol with secure, existing cryptographic algorithem libraries will provide strong
encryption without being susceptible to attacks on other unknown protocols. Which of the following
summarizes the BEST response to programmer’s proposal?
Which of the following has the administrator been tasked to perform?
A security administrator is tasked with conducting an assessment made to establish the baseline security
posture of the corporate IT infrastructure. The assessment must report actual flaws and weaknesses in
the infrastructure. Due to the expense of hiring outside consultant, the testing must be performed usingin-house or cheaply available resources. There cannot be a possibility of equipment being damaged in the
test. Which of the following has the administrator been tasked to perform?
which of the following types of attacks?
Anne, the Chief Executive Officer (CEO), has reported that she is getting multiple telephone calls from
someone claiming to be from the helpdesk. The caller is asking to verify her network authentication
credentials because her computer is broadcasting across the network. This is MOST likely which of the
following types of attacks?
which of the following types of attacks?
A security guard has informed the Chief information Security Officer that a person with a tablet has been
walking around the building. The guard also noticed strange white markings in different areas of the
parking lot. The person is attempting which of the following types of attacks?
Which of the following principles BEST describes the weakness being exploited?
Phishing emails frequently take advantage of high-profile catastrophes reported in the news. Which of
the following principles BEST describes the weakness being exploited?