Which of the following security risks can result from the configuration in this scenario?
A company has a legacy virtual cluster which was added to the datacenter after a small company
was acquired. All VMs on the cluster use the same virtual network interface to connect to the
corporate data center LAN. Some of the virtual machines on the cluster process customer data,
some process company financial data, and others act as externally facing web servers. Which of
the following security risks can result from the configuration in this scenario?
Which of the following is the MOST likely explanation for this behavior?
A user on a virtual machine downloads a large file using a popular peer-to-peer torrent program.
The user is unable to execute the program on their VM. A security administrator scans the VM and
detects a virus in the program. The administrator reviews the hypervisor logs and correlates
several access attempts to the time of execution of the virus. Which of the following is the MOST
likely explanation for this behavior?
Which of the following issues may potentially occur?
An administrator is troubleshooting availability issues on a FCoE based storage array that uses
deduplication. An administrator has access to the raw data from the SAN and wants to restore the
data to different hardware. Which of the following issues may potentially occur?
Which of the following strategies would be MOST effective in conducting an in-depth assessment and remediation
The security administrator has noticed a range of network problems affecting the proxy server.
Based on reviewing the logs, the administrator notices that the firewall is being targeted with
various web attacks at the same time that the network problems are occurring. Which of the
following strategies would be MOST effective in conducting an in-depth assessment and
remediation of the problems?
Which of the following solutions BEST solves the disagreement?
Company A is merging with Company B. Company B uses mostly hosted services from an outside
vendor, while Company A uses mostly in-house products.
The project manager of the merger states the merged systems should meet these goals:
Ability to customize systems per department
Quick implementation along with an immediate ROI
The internal IT team having administrative level control over all products
The project manager states the in-house services are the best solution. Because of staff
shortages, the senior security administrator argues that security will be best maintained by
continuing to use outsourced services.
Which of the following solutions BEST solves the disagreement?
Which of the following security risks still needs to be addressed in this scenario?
The new security policy states that only authorized software will be allowed on the corporate
network and all personally owned equipment needs to be configured by the IT security staff before
being allowed on the network. The security administrator creates standard images with all the
required software and proper security controls. These images are required to be loaded on all
personally owned equipment prior to connecting to the corporate network. These measures
ensure compliance with the new security policy. Which of the following security risks still needs to
be addressed in this scenario?
Which of the following are typical risks and mitigations associated with this new trend?
The increasing complexity of attacks on corporate networks is a direct result of more and more
corporate employees connecting to corporate networks with mobile and personal devices. In most
cases simply banning these connections and devices is not practical because they support
necessary business needs. Which of the following are typical risks and mitigations associated with
this new trend?
Which of the following is the BEST list of security lifecycle related concerns related to deploying the final
A security engineer at a major financial institution is prototyping multiple secure network
configurations. The testing is focused on understanding the impact each potential design will have
on the three major security tenants of the network. All designs must take into account the stringent
compliance and reporting requirements for most worldwide financial institutions. Which of the
following is the BEST list of security lifecycle related concerns related to deploying the final
design?
Which of the following BEST conveys these customer requirements to the software development team to understand
The sales staff at a software development company has received the following requirements from
a customer: “We need the system to notify us in advance of all software errors and report all
outages”. Which of the following BEST conveys these customer requirements to the software
development team to understand and implement?
Which of the following is the MOST likely cause of this problem?
A programming team is deploying a new PHP module to be run on a Solaris 10 server with trusted
extensions. The server is configured with three zones, a management zone, a customer zone, and
a backend zone. The security model is constructed so that only programs in the management
zone can communicate data between the zones. After installation of the new PHP module, which
handles on-line customer payments, it is not functioning correctly. Which of the following is the
MOST likely cause of this problem?