During a routine configuration audit, a systems administrator determines that a former employee placed an executable on an application server. Once the system
was isolated and diagnosed, it was determined that the executable was programmed to establish a connection to a malicious command and control server. Which
of the following forms of malware is best described in the scenario?

Given the following set of firewall rules:
From the inside to outside allow source any destination any port any From inside to dmz allow source any destination any port tcp-80 From inside to dmz allow
source any destination any port tcp-443 Which of the following would prevent FTP traffic from reaching a server in the DMZ from the inside network?

A network manager needs a cost-effective solution to allow for the restoration of information with a RPO of 24 hours. The disaster recovery plan also requires that
backups occur within a restricted timeframe during the week and be take offsite weekly. Which of the following should the manager choose to BEST address these
requirements?

Which of the following is a best practice when setting up a client to use the LDAPS protocol with a server?

A user, Ann, has been issued a smart card and is having problems opening old encrypted email. Ann published her certificates to the local windows store and to the
global address list. Which of the following would still need to be performed?

A security administrator is using a software program to test the security of a wireless access point. After running the program for a few hours, the access point
sends the wireless secret key back to the software program.
Which of the following attacks is this an example of?

A technician has been assigned a service request to investigate a potential vulnerability in the organization’s extranet platform. Once the technician performs initial
investigative measures, it is determined that the potential vulnerability was a false-alarm. Which of the following actions should the technician take in regards to the
findings?

A security administrator needs to implement a technology that creates a secure key exchange. Neither party involved in the key exchange will have pre-existing
knowledge of one another. Which of the following technologies would allow for this?

An administrator performs a risk calculation to determine if additional availability controls need to be in place. The administrator estimates that a server fails and
needs to be replaced once every 2 years at a cost of $8,000. Which of the following represents the factors that the administrator would use to facilitate this
calculation?

Which of the following internal security controls is aimed at preventing two system administrators from completing the same tasks?