A bank is planning to implement a third factor to protect customer ATM transactions. Which of the following could the bank implement?

A project team is developing requirements of the new version of a web application used by internal and external users. The application already features username
and password requirements for login, but the organization is required to implement multifactor authentication to meet regulatory requirements. Which of the
following would be added requirements will satisfy the regulatory requirement? (Select THREE.)

An administrator receives a security alert that appears to be from one of the company’s vendors. The email contains information and instructions for patching a
serious flaw that has not been publicly announced. Which of the following can an employee use to validate the authenticity if the email?

During a company-wide initiative to harden network security, it is discovered that end users who have laptops cannot be removed from the local administrator group.
Which of the following could be used to help mitigate the risk of these machines becoming compromised?

A chief information security officer (CISO) is providing a presentation to a group of network engineers. In the presentation, the CISO presents information regarding
exploit kits. Which of the following might the CISO present?

A company hosts a web server that requires entropy in encryption initialization and authentication. To meet this goal, the company would like to select a block cipher
mode of operation that allows an arbitrary length IV and supports authenticated encryption. Which of the following would meet these objectives?

A company wishes to prevent unauthorized employee access to the data center. Which of the following is the MOST secure way to meet this goal?

A risk assessment team is concerned about hosting data with a cloud service provider (CSP) which of the following findings would justify this concern?

An administrator is implementing a new management system for the machinery on the company’s production line. One requirement is that the system only be
accessible while within the production facility. Which of the following will be the MOST effective solution in limiting access based on this requirement?

To mitigate the risk of intrusion, an IT Manager is concerned with using secure versions of protocols and services whenever possible. In addition, the security
technician is required to monitor the types of traffic being generated. Which of the following tools is the technician MOST likely to use?