Which of the following types of application attacks would be used to identify malware causing security
breaches that have NOT yet been identified by any trusted sources?

Which of the following may cause Jane, the security administrator, to seek an ACL work around?

Matt, an IT administrator, wants to protect a newly built server from zero day attacks. Which of the
following would provide the BEST level of protection?

Joe, a user, in a coffee shop is checking his email over a wireless network. An attacker records the
temporary credentials being passed to Joe’s browser. The attacker later uses the credentials to
impersonate Joe and creates SPAM messages. Which of the following attacks allows for this
impersonation?

How often, at a MINIMUM, should Sara, an administrator, review the accesses and rights of the users on
her system?

Which of the following types of logs could provide clues that someone has been attempting to
compromise the SQL Server database?

Ann, the security administrator, received a report from the security technician, that an unauthorized new
user account was added to the server over two weeks ago. Which of the following could have mitigated
this event?

A security administrator needs to determine which system a particular user is trying to login to at various
times of the day. Which of the following log types would the administrator check?

The security administrator is analyzing a user’s history file on a Unix server to determine if the user was
attempting to break out of a rootjail. Which of the following lines in the user’s history log shows evidence
that the user attempted to escape the rootjail?

A security technician is attempting to improve the overall security posture of an internal mail server.
Which of the following actions would BEST accomplish this goal?