In the course of troubleshooting wireless issues from users, a technician discovers that users are connecting to their home SSIDs while at work. The technician
scans detects none of those SSIDs. The technician eventually discovers a rogue access point that spoofs any SSID that a client requests. Which of the following
allows wireless use while mitigating this type of attack?

An employee connects a wireless access point to the only jack in the conference room to provide Internet access during a movie. The access point is configured to
secure its users with WPA2-TKIP. A malicious user is able to intercept clear text HTTP communication between the meeting attendees and the Internet. Which of

the following is the reason the malicious user is able to intercept and see clear text communications?

A security engineer notices that unknown devices are connecting to the company’s wireless network and trying to access the database server. The wireless access
point is configured with WPA for encryption and the network administrator setup a 8 digit pin for easy setup to the wireless access point. Which of the following is
the MOST likely type of attack?

A user contacts the help desk after being unable to log in to the corporate website. The user can log into the site from another computer in the next office, but not
from the PC. The user’s PC was able to connect earlier in the day. The help desk has the user restart the NTP service. Afterwards, the user is able to log into the
website. The MOST likely reason for the initial failure was that the website was configured to use which of the following authentication mechanisms?

Which of the following attacks takes advantage of user provided input to inject executable binary code into a running program?

A network administrator recently implemented two caching proxy servers on the network. How can the administrator BEST aggregate the log files from the proxy
servers?

A security engineer wants to communicate securely with a third party via email using PGP. Which of the following should the engineer send to the third party to
securely encrypt email replies?

A company wants to ensure that all software executing on a corporate server have been authorized to do so by a central control point. Which of the following can be
implemented to enable such a control?

A new help desk employee at a cloud services provider receives a call from a customer. The customer is unable to log into the provider’s web application database.
The help desk employee is unable to find the customer’s user account in the directory services console, but see the customer information in the application
database. The application does nit appear to have any fields for a password. The customer then remembers the password and is able to log in. The help desk
employee still does not see the user account in directory services. Which of the following is the MOST likely ?

An organization uses a Kerberos-based LDAP service for network authentication. The service is also utilized by internal web applications. Finally, access to terminal
applications is achieved using the same authentication method by joining the legacy system to the Kerberos realm. The company is using Kerberos to achieve
which of the following?