A Chief Information Security Officer (CISO) has requested that a SIEM solution be implemented. The CISO
wants to know upfront what the projected TCO would be before looking further into this concern. Two vendor
proposals have been received:
Vendor A: product-based solution which can be purchased by the pharmaceutical company.
Capital expenses to cover central log collectors, correlators, storage and management consoles expected to
be $150,000. Operational expenses are expected to be a 0.5 full time employee (FTE) to manage the
solution, and 1 full time employee to respond to incidents per year.
Vendor B: managed service-based solution which can be the outsourcer for the pharmaceutical company’s
needs.
Bundled offering expected to be $100,000 per year.
Operational expenses for the pharmaceutical company to partner with the vendor are expected to be a 0.5 FTE
per year.
Internal employee costs are averaged to be $80,000 per year per FTE. Based on calculating TCO of the two
vendor proposals over a 5 year period, which of the following options is MOST accurate?

Company ABC is hiring customer service representatives from Company XYZ. The representatives reside at
Company XYZ’s headquarters. Which of the following BEST prevents Company XYZ representatives from
gaining access to unauthorized Company ABC systems?

Which of the following technologies prevents an unauthorized HBA from viewing iSCSI target information?

A large company is preparing to merge with a smaller company. The smaller company has been very profitable,
but the smaller company’s main applications were created in-house. Which of the following actions should the
large company’s security administrator take in preparation for the merger?

An administrator wishes to replace a legacy clinical software product as it has become a security risk. The
legacy product generates $10,000 in revenue a month. The new software product has an initial cost of
$180,000 and a yearly maintenance of $2,000 after the first year. However, it will generate $15,000 in revenue
per month and be more secure. How many years until there is a return on investment for this new package?

An administrator is tasked with securing several website domains on a web server. The administrator elects to
secure www.example.com, mail.example.org, archive.example.com, and www.example.org with the same
certificate. Which of the following would allow the administrator to secure those domains with a single issued
certificate?

A business unit of a large enterprise has outsourced the hosting and development of a new external website
which will be accessed by premium customers, in order to speed up the time to market timeline. Which of the
following is the MOST appropriate?

It has come to the IT administrator’s attention that the “post your comment” field on the company blog page has
been exploited, resulting in cross-site scripting attacks against customers reading the blog. Which of the
following would be the MOST effective at preventing the “post your comment” field from being exploited?

A company has decided to change its current business direction and refocus on core business. Consequently,
several company sub-businesses are in the process of being sold-off. A security consultant has been engaged
to advise on residual information security concerns with a de-merger. From a high-level perspective, which of
the following BEST provides the procedure that the consultant should follow?

A web developer is responsible for a simple web application that books holiday accommodations. The frontfacing web server offers an HTML form, which asks for a user’s age. This input gets placed into a signedinteger variable and is then checked to ensure that the user is in the adult age range.
Users have reported that the website is not functioning correctly. The web developer has inspected log files and
sees that a very large number (in the billions) was submitted just before the issue started occurring. Which of
the following is the MOST likely situation that has occurred?