The VoIP administrator starts receiving reports that users are having problems placing phone calls. The VoIP
administrator cannot determine the issue, and asks the security administrator for help. The security
administrator reviews the switch interfaces and does not see an excessive amount of network traffic on the
voice network. Using a protocol analyzer, the security administrator does see an excessive number of SIP
INVITE packets destined for the SIP proxy. Based on the information given, which of the following types of
attacks is underway and how can it be remediated?

A data processing server uses a Linux based file system to remotely mount physical disks on a shared SAN.
The server administrator reports problems related to processing of files where the file appears to be
incompletely written to the disk. The network administration team has conducted a thorough review of all
network infrastructure and devices and found everything running at optimal performance. Other SAN customers
are unaffected. The data being processed consists of millions of small files being written to disk from a network
source one file at a time. These files are then accessed by a local Java program for processing before being
transferred over the network to a SE Linux host for processing. Which of the following is the MOST likely cause
of the processing problem?

A data breach has occurred at Company A and as a result, the Chief Information Officer (CIO) has resigned.
The CIO’s laptop, cell phone and PC were all wiped of data per company policy. A month later, prosecutors in
litigation with Company A suspect the CIO knew about the data breach long before it was discovered and have
issued a subpoena requesting all the CIO’s email from the last 12 months. The corporate retention policy
recommends keeping data for no longer than 90 days. Which of the following should occur?

After connecting to a secure payment server at https://pay.xyz.com, an auditor notices that the SSL certificate
was issued to *.xyz.com. The auditor also notices that many of the internal development servers use the same
certificate. After installing the certificate on dev1.xyz.com, one of the developers reports misplacing the USB
thumb-drive where the SSL certificate was stored. Which of the following should the auditor recommend
FIRST?

A team is established to create a secure connection between software packages in order to list employee’sremaining or unused benefits on their paycheck stubs. Which of the following business roles would be MOST
effective on this team?

A small customer focused bank with implemented least privilege principles, is concerned about the possibility of
branch staff unintentionally aiding fraud in their day to day interactions with customers. Bank staff has been
encouraged to build friendships with customers to make the banking experience feel more personal. The
security and risk team have decided that a policy needs to be implemented across all branches to address the
risk. Which of the following BEST addresses the security and risk team’s concerns?

Due to cost and implementation time pressures, a security architect has allowed a NAS to be used instead of a
SAN for a non-critical, low volume database. Which of the following would make a NAS unsuitable for a
business critical, high volume database application that required a high degree of data confidentiality and data
availability? (Select THREE).

A small company hosting multiple virtualized client servers on a single host is considering adding a new host to
create a cluster. The new host hardware and operating system will be different from the first host, but the
underlying virtualization technology will be compatible. Both hosts will be connected to a shared iSCSI storage
solution. Which of the following is the hosting company MOST likely trying to achieve?

Company XYZ finds itself using more cloud-based business tools, and password management is becoming
onerous. Security is important to the company; as a result, password replication and shared accounts are not
acceptable. Which of the following implementations addresses the distributed login with centralized
authentication and has wide compatibility among SaaS vendors?

After the install process, a software application executed an online activation process. After a few months, the
system experienced a hardware failure. A backup image of the system was restored on a newer revision of the
same brand and model device. After the restore, the specialized application no longer works. Which of the
following is the MOST likely cause of the problem?