Which of the following is MOST likely occurring so that this application does not run properly?
An administrator implements a new PHP application into an existing website and discovers the
newly added PHP pages do not work. The rest of the site also uses PHP and is functioning
correctly. The administrator tested the new application on their personal workstation thoroughly
before uploading to the server and did not run into any errors. Checking the Apache configuration
file, the administrator verifies that the new virtual directory is added as listed:
<VirtualHost *:80>
DocumentRoot “/var/www”
<Directory “/home/administrator/app”>
AllowOveride none
Order allow, deny
Allow from all
</Directory>
</VirtualHost>
Which of the following is MOST likely occurring so that this application does not run properly?
what is the appropriate remediation step?
Company GHI consolidated their network distribution so twelve network VLANs would be available
over dual fiber links to a modular L2 switch in each of the company’s six IDFs. The IDF modular
switches have redundant switch fabrics and power supplies. Which of the following threats will
have the GREATEST impact on the network and what is the appropriate remediation step?
Which of the following should the security manager suggest to INCREASE each system’s security level?
After a recent outbreak of malware attacks, the Chief Information Officer (CIO) tasks the new
security manager with determining how to keep these attacks from reoccurring. The company has
a standard image for all laptops/workstations and uses a host-based firewall and anti-virus. Which
of the following should the security manager suggest to INCREASE each system’s security level?
Which of the following is the GREATEST concern with the use of a third party patch to mitigate another un-patc
The Chief Information Officer (CIO) of Company XYZ has returned from a large IT conference
where one of the topics was defending against zero day attacks – specifically deploying third party
patches to vulnerable software. Two months prior, the majority of the company systems were
compromised because of a zero day exploit. Due to budget constraints the company only has
operational systems. The CIO wants the Security Manager to research the use of these patches.
Which of the following is the GREATEST concern with the use of a third party patch to mitigate
another un-patched vulnerability?
which of the following is also a common design consideration for remote locations?
When planning a complex system architecture, it is important to build in mechanisms to secure log
information, facilitate audit log reduction, and event correlation. Besides synchronizing system
time across all devices through NTP, which of the following is also a common design consideration
for remote locations?
Which of the following implementations of a continuous monitoring risk mitigation strategy is correct?
Which of the following implementations of a continuous monitoring risk mitigation strategy is
correct?
Which of the following is the BEST location to place other security equipment?
A corporation relies on a server running a trusted operating system to broker data transactions
between different security zones on their network. Each zone is a separate domain and the only
connection between the networks is via the trusted server.
The three zones at the corporation are as followeD.
Zone A connects to a network, which is also connected to the Internet through a router.
Zone B to a closed research and development network.
Zone C to an intermediary switch supporting a SAN, dedicated to long-term audit log and file
storage, so the corporation meets compliance requirements.
A firewall is deployed on the inside edge of the Internet connected router.
Which of the following is the BEST location to place other security equipment?
Which of the following security controls is the BEST to apply to this architecture?
A system architect has the following constraints from the customer:
Confidentiality, Integrity, and Availability (CIA) are all of equal importance.
Average availability must be at least 6 nines (99.9999%).
All devices must support collaboration with every other user device.
All devices must be VoIP and teleconference ready.
Which of the following security controls is the BEST to apply to this architecture?
Why might this still concern the storage administrator?
The security administrator reports that the physical security of the Ethernet network has been
breached, but the fibre channel storage network was not breached. Why might this still concern
the storage administrator? (Select TWO).
Which of the following is the BEST way to proceed?
As part of a new wireless implementation, the Chief Information Officer’s (CIO’s) main objective is
to immediately deploy a system that supports the 802.11r standard, which will help wireless VoIP
devices in moving vehicles. However, the 802.11r standard was not ratified by the IETF. The
wireless vendor’s products do support the pre-ratification version of 802.11r. The security and
network administrators have tested the product and do not see any security or compatibility
issues; however, they are concerned that the standard is not yet final. Which of the following is the
BEST way to proceed?