Which of the following solutions provides the most flexibility when testing new security controls
prior to implementation?

A file on a Linux server has default permissions of rw-rw-r–. The system administrator has verified
that Ann, a user, is not a member of the group owner of the file. Which of the following should be
modified to assure that Ann has read access to the file?

CORRECT TEXT
A security administrator discovers that an attack has been completed against a node on the
corporate network. All available logs were collected and stored.
You must review all network logs to discover the scope of the attack, check the box of the node(s)
that have been compromised and drag and drop the appropriate actions to complete the incident
response on the network. The environment is a critical production environment; perform the
LEAST disruptive actions on the network, while still performing the appropriate incid3nt responses.
Instructions: The web server, database server, IDS, and User PC are clickable. Check the box of
the node(s) that have been compromised and drag and drop the appropriate actions to complete
the incident response on the network. Not all actions may be used, and order is not important. If at
anytime you would like to bring back the initial state of the simulation, please select the Reset
button. When you have completed the simulation, please select the Done button to submit. Once
the simulation is submitted, please select the Next button to continue.

DRAG DROP
A security administrator is given the security and availability profiles for servers that are being
deployed.
1) Match each RAID type with the correct configuration and MINIMUM number of drives.
2) Review the server profiles and match them with the appropriate RAID type based on integrity,
availability, I/O, storage requirements. Instructions:
• All drive definitions can be dragged as many times as necessary
• Not all placeholders may be filled in the RAID configuration boxes
• If parity is required, please select the appropriate number of parity checkboxes
• Server profiles may be dragged only once
If at any time you would like to bring back the initial state of the simulation, please select the Reset
button. When you have completed the simulation, please select the Done button to submit. Once
the simulation is submitted, please select the Next button to continue.

HOTSPOT
The security administrator has installed a new firewall which implements an implicit DENY policy
by default Click on the firewall and configure it to allow ONLY the following communication.
1. The Accounting workstation can ONLY access the web server on the public network over the
default HTTPS port. The accounting workstation should not access other networks.
2. The HR workstation should be restricted to communicate with the Financial server ONLY, over
the default SCP port
3. The Admin workstation should ONLY be able to access the servers on the secure network over
the default TFTP port.
Instructions: The firewall will process the rules in a top-down manner in order as a first match
The port number must be typed in and only one port number can be entered per rule Type ANY for
all ports. The original firewall configuration can be reset at any time by pressing the reset button.
Once you have met the simulation requirements, click save and then Done to submit.