An achievement in providing worldwide Internet security was the signing of certificates associated
with which of the following protocols?

A Chief Information Security Officer (CISO) wants to implement two-factor authentication within
the company. Which of the following would fulfill the CISO’s requirements?

Which of the following can a security administrator implement on mobile devices that will help
prevent unwanted people from viewing the data if the device is left unattended?

Which of the following would a security administrator implement in order to identify a problem
between two systems that are not communicating properly?

Which of the following can result in significant administrative overhead from incorrect reporting?

A security administrator wants to perform routine tests on the network during working hours when
certain applications are being accessed by the most people. Which of the following would allow
the security administrator to test the lack of security controls for those applications with the least
impact to the system?

Which of the following risk concepts requires an organization to determine the number of failures
per year?

A system security analyst using an enterprise monitoring tool notices an unknown internal host
exfiltrating files to several foreign IP addresses. Which of the following would be an appropriate
mitigation technique?

Three of the primary security control types that can be implemented are.

The helpdesk reports increased calls from clients reporting spikes in malware infections on their
systems. Which of the following phases of incident response is MOST appropriate as a FIRST
response?