A security architect is designing an enterprise solution for the sales force of a corporation which handles sensitive customer data. The solution must allow users to
work from remote offices and support traveling users. Which of the following is the MOST appropriate control for the architect to focus onto ensure confidentiality of
data stored on laptops?

Joe is a helpdesk specialist. During a routine audit, a company discovered that his credentials were used while he was on vacation. The investigation further
confirmed that Joe still has his badge and it was last used to exit the facility. Which of the following access control methods is MOST appropriate for preventing
such occurrences in the future?

A company often processes sensitive data for the government. The company also processes a large amount of commercial work and as such is often providing
tours to potential customers that take them into various workspaces. Which of the following security methods can provide protection against tour participants
viewing sensitive information at minimal cost?

Recently clients are stating they can no longer access a secure banking site’s webpage. In reviewing the clients’ web browser settings, the certificate chain is
showing the following:
Certificate Chain:
X Digi Cert
Digi Cert High assurance C3
* banksite.com
Certificate Store:
Digi Cert Others Certificate Store
Digi Cert High assurance C3 Others Certificate Store
Based on the information provided, which of the following is the problem when connecting to the website?

An administrator is configuring a new Linux web server where each user account is confined to a cheroot jail.
Which of the following describes this type of control?

A Chief Executive Officer (CEO) is steering company towards cloud computing. The CEO is requesting a federated sign-on method to have users sign into the
sales application. Which of the following methods will be effective for this purpose?

A recent audit has revealed that all employees in the bookkeeping department have access to confidential payroll information, while only two members of the
bookkeeping department have job duties that require access to the confidential information. Which of the following can be implemented to reduce the risk of this
information becoming compromised in this scenario? (Select TWO)

An organization uses a Kerberos-based LDAP service for network authentication. The service is also utilized for internal web applications. Finally access to terminal
applications is achieved using the same authentication method by joining the legacy system to the Kerberos realm. This company is using Kerberos to achieve
which of the following?

A company is implementing a system to transfer direct deposit information to a financial institution. One of the requirements is that the financial institution must be
certain that the deposit amounts within the file have not been changed. Which of the following should be used to meet the requirement?

Joe an employee has reported to Ann a network technician an unusual device plugged into a USB port on a workstation in the call center. Ann unplugs the
workstation and brings it to the IT department where an incident is opened. Which of the following should have been done first?