While reviewing the monthly internet usage it is noted that there is a large spike in traffic classified as “unknown” and does not appear to be within the bounds of the
organizations Acceptable Use Policy. Which of the following tool or technology would work BEST for obtaining more information on this traffic?

The Chief Security Officer (CISO) at a multinational banking corporation is reviewing a plan to upgrade the entire corporate IT infrastructure. The architecture
consists of a centralized cloud environment hosting the majority of data, small server clusters at each corporate location to handle the majority of customer
transaction processing, ATMs, and a new mobile banking application accessible from smartphones, tablets, and the Internet via HTTP. The corporation does
business having varying data retention and privacy laws. Which of the following technical modifications to the architecture and corresponding security controls
should be implemented to provide the MOST complete protection of data?

A technician has installed new vulnerability scanner software on a server that is joined to the company domain. The vulnerability scanner is able to provide visibility
over the patch posture of all company’s clients. Which of the following is being used?

A security administrator must implement a system to ensure that invalid certificates are not used by a custom developed application. The system must be able to
check the validity of certificates even when internet access is unavailable. Which of the following MUST be implemented to support this requirement?

A portable data storage device has been determined to have malicious firmware. Which of the following is the BEST course of action to ensure data confidentiality?

Technicians working with servers hosted at the company’s datacenter are increasingly complaining of electric shocks when touching metal items which have been
linked to hard drive failures. Which of the following should be implemented to correct this issue?

A web application is configured to target browsers and allow access to bank accounts to siphon money to a foreign account. This is an example of which of the
following attacks?

Which of the following works by implanting software on systems but delays execution until a specific set of conditions is met?

Which of the following should identify critical systems and components?

During a routine audit, it is discovered that someone has been using a stale administrator account to log into a seldom used server. The person has been using the
server to view inappropriate websites that are prohibited to end users. Which of the following could best prevent this from occurring again?