A business has set up a Customer Service kiosk within a shopping mall. The location will be staffed by an employee using a laptop during the mall business hours,
but there are still concerns regarding the physical safety of the equipment after business hours. Which of the following controls would BEST address this security
concern?

Which of the following BEST represents a security challenge faced primarily by organizations employing a mobility BYOD strategy?

The Chief Security Officer (CSO) has issued a new policy that requires that all internal website be configured for HTTPS traffic only. The network administrator has
been tasked to update all internal sites without incurring additional costs. Which of the following is the BEST solution for the network administrator to secure each
internal website?

Which of the following is an active penetration testing method?

A third party has been contracted to perform a remote penetration test of the DMZ network. The company has only provided the third party with the billing
department contact information for final payment and a technical point of contact who will receive the penetration test results. Which of the following tests will be
performed?

A security administrator receives reports from various organizations that a system on the company network is port scanning hosts on various networks across the
Internet. The administrator determines that the compromised system is a Linux host and notifies the owner that the system will be quarantined and isolated from the
network. The system does not contain confidential data, and the root user was not compromised. The administrator would like to know how the system was
compromised, what the attackers did, and what remnants the attackers may have left behind. Which of the following are the administrator’s NEXT steps in the
investigation? (Select TWO).

A security manager has noticed several unrecognized devices connecting to the company’s internal wireless network. Only company-issued devices should be
connected to the network. Which of the following controls should be implemented to prevent the unauthorized devices from connecting to the wireless network?
(Select TWO).

Which of the following is the MAIN purpose for incorporating a DMZ into the design of a network?

A vulnerability in the underlying SSL/TLS library used by a web server has been announced. The vulnerability allows an attacker to access the web server’s
memory. Which of the following actions should be taken after the vulnerability is patched? (Select TWO).

A security administrator suspects that an employee has altered some fields within a noSQL database. Which of the following should the security administrator do to
confirm the suspicion and identify the employee?