The network engineer for an organization intends to use certificate-based 802.1X authentication on a network. The engineer’s organization has an existing PKI that
is used to issue server and user certificates. The PKI is currently not configured to support the issuance of 802.1X certificates. Which of the following represents an
item the engineer MUST configure?

Which of the following network design components would assist in separating network traffic based on the logical location of users?

A server administrator is investigating a breach and determines that an attacker modified the application log to obfuscate the attack vector. During the lessons
learned activity, the facilitator asks for a mitigation response to protect the integrity of the logs should a similar attack occur. Which of the following mitigations would
be MOST appropriate to fulfill the requirement?

A security administrator wants to implement a system that will allow the organization to quickly and securely recover from a computer breach. The security
administrator notices that the majority of malware infections are caused by zero-day armored viruses and rootkits. Which of the following solutions should the
system administrator implement?

After Ann arrives at the company’s co-location facility, she determines that she is unable to access the cage that holds the company’s equipment after a co-worker
updated the key card server the night before. This is an example of failure of which of the following?

Which of the following attack types is MOST likely to cause damage or data loss for an organization and be difficult to investigate?

A company has a proprietary device that requires access to the network be disabled. Only authorized users should have access to the device. To further protect the
device from unauthorized access, which of the following would also need to be implemented?

An administrator is reviewing the logs for a content management system that supports the organization’s public-facing website. The administrator is concerned
about the number of attempted login failures from other countries for administrator accounts. Which of the following capabilities is BEST to implement if the
administrator wants the system to dynamically react to such attacks?

An employee is conducting a presentation at an out-of-town conference center using a laptop. The wireless access point at the employee’s office has an SSID of
OFFICE. The laptop was set to remember wireless access points. Upon arriving at the conference, the employee powered on the laptop and noticed that it was
connected to the OFFICE access point. Which of the following MOST likely occurred?

An attacker is attempting to determine the patch level version that a web server is running on its open ports. Which of the following is an active technique that will

MOST efficiently determine the information the attacker is seeking?