A system administrator is configuring a site-to-site IPSec VPN tunnel. Which of the following should be configured on the VPN concentrator for payload encryption?

An attacker is attempting to exploit a zero-day vulnerability in a popular enterprise application. The attacker is using personalized information to target high-value
individuals in an attempt to obtain proprietary information from the organization. Which of the following attack methodologies is the attacker using?

During a recent audit, it was discovered that several database services were running with local user accounts named “admin” and “dbadmin”. The following controls
will prevent network administrators from using these types of usernames for services in the future? (Select TWO)

A Chief Information Office (CIO) has recently expressed an interest in ensuring that critical business systems are protected from isolated outages. Which of the
following would provide the CIO a measure of the frequency at which these critical business systems experience breakdowns?

A major banking institution has been the victim of recurring, widespread fraud. The fraud has all occurred on the bank’s web portal. Recently, the bank implemented
a requirement for all users to obtain credentials in person at a physical office. However, this has not reduced the amount of fraud against legitimate customers.
Based on a review of the logs, most fraudulent transactions appear to be conducted with authentic credentials. Which of the following controls should be
strengthened to reduce the fraud through the website?

A security administrator runs a port scan against a server and determines that the following ports are open:
TCP 22
TCP 25
TCP 80
TCP 631
TCP 995
Which of the following MOST likely describes the server?

A Chief Information Office (CIO) is working with his staff to develop a contingency plan for the organization. Which of the following steps should the CIO and his
staff to take FIRST?

Two companies are partnering to bid on a contract. Normally these companies are fierce competitors but for this procurement they have determined that a
partnership is the only way they can win the job. Each company is concerned about unauthorized data sharing and wants to ensure other divisions within each
company will not have access to proprietary data. To best protect against unauthorized data sharing they should each sign a(n):

An attacker is attempting to exploit the username field of an application. The exploitation involves writing more data than the field variable is initialized for. Which of
the following attacks is being leveraged?

A security administrator wishes to monitor incoming traffic to the mail server with minimal risk of disruption of services and functions. Which of the following would
BEST meet this goal?