A recent audit has revealed weaknesses in the process of deploying new servers and network
devices. Which of the following practices could be used to increase the security posture during
deployment? (Select TWO).

Ann, the Chief Information Officer (CIO) of a company, sees cloud computing as a way to save

money while providing valuable services. She is looking for a cost-effective solution to assist in
capacity planning as well as visibility into the performance of the network. Which of the following
cloud technologies should she look into?

Which of the following is the BEST reason for placing a password lock on a mobile device?

When performing the daily review of the system vulnerability scans of the network Joe, the
administrator, noticed several security related vulnerabilities with an assigned vulnerability
identification number. Joe researches the assigned vulnerability identification number from the
vendor website. Joe proceeds with applying the recommended solution for identified vulnerability.
Which of the following is the type of vulnerability described?

Joe is the accounts payable agent for ABC Company. Joe has been performing accounts payable
function for the ABC Company without any supervision. Management has noticed several new
accounts without billing invoices that were paid. Which of the following is the BEST management
option for review of the new accounts?

Ann, the network administrator, is receiving reports regarding a particular wireless network in the
building. The network was implemented for specific machines issued to the developer department,
but the developers are stating that they are having connection issues as well as slow bandwidth.
Reviewing the wireless router’s logs, she sees that devices not belonging to the developers are
connecting to the access point. Which of the following would BEST alleviate the developer’s
reports?

Joe analyzed the following log and determined the security team should implement which of the
following as a mitigation method against further attempts?

Host 192.168.1.123
[00:00:01]Successful Login: 015 192.168.1.123 : local
[00:00:03]Unsuccessful Login: 022 214.34.56.006 :RDP 192.168.1.124
[00:00:04]UnSuccessful Login: 010 214.34.56.006 :RDP 192.168.1.124
[00:00:07]UnSuccessful Login: 007 214.34.56.006 :RDP 192.168.1.124
[00:00:08]UnSuccessful Login: 003 214.34.56.006 :RDP 192.168.1.124

Four weeks ago, a network administrator applied a new IDS and allowed it to gather baseline data.
As rumors of a layoff began to spread, the IDS alerted the network administrator that access to
sensitive client files had risen far above normal. Which of the following kind of IDS is in use?

An organization recently switched from a cloud-based email solution to an in-house email server.
The firewall needs to be modified to allow for sending and receiving email. Which of the following
ports should be open on the firewall to allow for email traffic? (Select THREE).

A new web server has been provisioned at a third party hosting provider for processing credit card
transactions. The security administrator runs the netstat command on the server and notices that
ports 80, 443, and 3389 are in a ‘listening’ state. No other ports are open. Which of the following
services should be disabled to ensure secure communications?