Several users report to the administrator that they are having issues downloading files from the file
server. Which of the following assessment tools can be used to determine if there is an issue with the file
server?

One of the servers on the network stops responding due to lack of available memory. Server
administrators did not have a clear definition of what action should have taken place based on the
available memory. Which of the following would have BEST kept this incident from occurring?

Ann, the software security engineer, works for a major software vendor. Which of the following practices
should be implemented to help prevent race conditions, buffer overflows, and other similar
vulnerabilities prior to each production release?

Which of the following assessment techniques would a security administrator implement to ensure that
systems and software are developed properly?

A financial company requires a new private network link with a business partner to cater for realtime and
batched data flows.
Which of the following activities should be performed by the IT security staff member prior to
establishing the link?

Which of the following assessments would Pete, the security administrator, use to actively test that an
application’s security controls are in place?

Which of the following is the MOST intrusive type of testing against a production system?

During an anonymous penetration test, Jane, a system administrator, was able to identify a shared print
spool directory, and was able to download a document from the spool. Which statement BEST describes
her privileges?

During a penetration test from the Internet, Jane, the system administrator, was able to establish a
connection to an internal router, but not successfully log in to it. Which ports and protocols are MOST
likely to be open on the firewall? (Select FOUR).

Mike, a security professional, is tasked with actively verifying the strength of the security controls on a
company’s live modem pool. Which of the following activities is MOST appropriate?