Pete, the system administrator, wishes to monitor and limit users’ access to external websites.
Which of the following would BEST address this?

Sara, the security administrator, must configure the corporate firewall to allow all public IP
addresses on the internal interface of the firewall to be translated to one public IP address on the
external interface of the same firewall. Which of the following should Sara configure?

Matt, a security analyst, needs to select an asymmetric encryption method that allows for the
same level of encryption strength with a lower key length than is typically necessary. Which of the

following encryption methods offers this capability?

Sara, a security analyst, is trying to prove to management what costs they could incur if their
customer database was breached. This database contains 250 records with PII. Studies show that
the cost per record for a breach is $300. The likelihood that their database would be breached in
the next year is only 5%. Which of the following is the ALE that Sara should report to management
for a security breach?

Methods to test the responses of software and web applications to unusual or unexpected inputs
is known as:

Pete needs to open ports on the firewall to allow for secure transmission of files. Which of the
following ports should be opened on the firewall?

Sara, a security architect, has developed a framework in which several authentication servers
work together to increase processing power for an application. Which of the following does this
represent?

Which statement is TRUE about the operation of a packet sniffer?

Which of the following firewall rules only denies DNS zone transfers?

Which of the following BEST explains the use of an HSM within the company servers?