Which of the following types of security services are used to support authentication for remote
users and devices?

A Chief Information Security Officer (CISO) is tasked with outsourcing the analysis of security logs.
These will need to still be reviewed on a regular basis to ensure the security of the company has
not been breached. Which of the following cloud service options would support this requirement?

A security administrator needs a locally stored record to remove the certificates of a terminated
employee. Which of the following describes a service that could meet these requirements?

A security analyst informs the Chief Executive Officer (CEO) that a security breach has just
occurred. This results in the Risk Manager and Chief Information Officer (CIO) being caught
unaware when the CEO asks for further information. Which of the following strategies should be
implemented to ensure the Risk Manager and CIO are not caught unaware in the future?

Which of the following relies on the use of shared secrets to protect communication?

A security administrator wants to test the reliability of an application which accepts user provided
parameters. The administrator is concerned with data integrity and availability. Which of the
following should be implemented to accomplish this task?

Which of the following concepts is a term that directly relates to customer privacy considerations?

Which of the following is a Data Loss Prevention (DLP) strategy and is MOST useful for securing
data in use?

Which of the following is a concern when encrypting wireless data with WEP?

A security administrator is tasked with calculating the total ALE on servers. In a two year period of
time, a company has to replace five servers. Each server replacement has cost the company
$4,000 with downtime costing $3,000. Which of the following is the ALE for the company?