A security administrator is creating a subnet on one of the corporate firewall interfaces to use as a DMZ which is expected to accommodate at most 14 physical
hosts. Which of the following subnets would BEST meet the requirements?

A new mobile application is being developed in-house. Security reviews did not pick up any major flaws, however vulnerability scanning results show fundamental
issues at the very end of the project cycle. Which of the following security activities should also have been performed to discover vulnerabilities earlier in the
lifecycle?

After a merger between two companies a security analyst has been asked to ensure that the organization’s systems are secured against infiltration by any former
employees that were terminated during the transition. Which of the following actions are MOST appropriate to harden applications against infiltration by former
employees? (Select TWO)

A security administrator is trying to encrypt communication. For which of the following reasons should administrator take advantage of the Subject Alternative
Names (SAN) attribute of a certificate?

New magnetic locks were ordered for an entire building. In accordance with company policy, employee safety is the top priority. In case of a fire where electricity is
cut, which of the following should be taken into consideration when installing the new locks?

A security administrator needs to implement a system that detects possible intrusions based upon a vendor provided list. Which of the following BEST describes
this type of IDS?

Which of the following is the proper way to quantify the total monetary damage resulting from an exploited vulnerability?

A company exchanges information with a business partner. An annual audit of the business partner is conducted against the SLA in order to verify:

After a merger, it was determined that several individuals could perform the tasks of a network administrator in the merged organization. Which of the following
should have been performed to ensure that employees have proper access?

During an application design, the development team specifics a LDAP module for single sign-on communication with the company’s access control database. This
is an example of which of the following?