A security auditor has full knowledge of company configuration and equipment. The auditor performs a test on the network, resulting in an exploitation of a zero-day
vulnerability.

A security administrator is responsible for deployment of a new two factor authentication solution. The administrator has been informed that the solution will use soft
tokens. Which of the following are valid token password schemes for the two factor solution being deployed? (Select TWO)

When responding to an incident on a new Windows server, the administrator needs to disable unused services. Which of the following commands can be used to
see processes that are listening on a TCP port?

The border firewall rules were recently modified by a network administrator to allow access to a new service on Server 1 using the default https port. When testing
the new rules internal to the company network there are no issues and when testing from an external connection it does not work. The host running the service
does not receive external packets. Other services hosted on Server 1 are responding fine to to both internal and external connection attempts. Which of the
following is MOST likely configured improperly?

A security analyst at a nuclear power plant needs to secure network traffic from the legacy SCADA systems. Which of the following methods can the analyst use to
secure network in this static environment?

An employee has been terminated due to inappropriate Internet use. A computer forensics technician at the organization acquired an image of the hard drive and
hashed it using MD5. The former employee has filed a lawsuit. The former employee’s attorney requests a copy of the image so it can be independently reviewed
by the legal team. Upon receiving the image, the attorney’s technician also generates a MD5 hash of the image and comes up with a different output than what was
provided. Which of the following MOST likely occurred?

A network administrator for a small business is configuring a wireless network for 20 users. Which of the following explains why the administrator would choose
WPA2 Personal over WPA Enterprise?

A server administrator is investigating a breach and determines that an attacker modified the application log to obfuscate the attack vector. During the lessons
learned activity the facilitator asks for a mitigation response to protect the integrity of the logs should a similar attack occur. Which of the following mitigations would
be MOST appropriate to fulfill the requirement?

A company has completed a continuity of operations plan and needs to validate that everyone knows what actions to perform. Which of the following can be
performed instead of completing a full fail over to validate the requirement?

Joe has been in the same IT position for the last 27 years and has developed a lot of homegrown applications that the company utilizes. The company is concerned
that Joe is the only one who can administer these applications. The company should enforce which of the following best security practices and avoid Joe being a
single point of failure?