Which of the following would a security administrator implement in order to discover comprehensive
security threats on a network?

An administrator is concerned that a company’s web server has not been patched. Which of the following
would be the BEST assessment for the administrator to perform?

Which of the following would be used to identify the security posture of a network without actually
exploiting any weaknesses?

Which of the following should an administrator implement to research current attack methodologies?

Based on information leaked to industry websites, business management is concerned that unauthorized
employees are accessing critical project information for a major, well-known new product. To identify any
such users, the security administrator could:

Joe, an administrator, installs a web server on the Internet that performs credit card transactions for
customer payments. Joe also sets up a second web server that looks like the first web server.
However, the second server contains fabricated files and folders made to look like payments were
processed on this server but really were not. Which of the following is the second server?

Which of the following can Joe, a security administrator, implement on his network to capture attack
details that are occurring while also protecting his production network?

What is a system that is intended or designed to be broken into by an attacker?

The security team would like to gather intelligence about the types of attacks being launched against the
organization. Which of the following would provide them with the MOST information?

Jane, a security analyst, is reviewing logs from hosts across the Internet which her company uses to
gather data on new malware. Which of the following is being implemented by Jane’s company?