A network administrator recently implemented two caching proxy servers on the network. How can the administrator BEST aggregate the log files from the proxy
servers?

A security engineer wants to communicate securely with a third party via email using PGP. Which of the following should the engineer send to the third party to
securely encrypt email replies?

A company wants to ensure that all software executing on a corporate server have been authorized to do so by a central control point. Which of the following can be
implemented to enable such a control?

A new help desk employee at a cloud services provider receives a call from a customer. The customer is unable to log into the provider’s web application database.
The help desk employee is unable to find the customer’s user account in the directory services console, but see the customer information in the application
database. The application does nit appear to have any fields for a password. The customer then remembers the password and is able to log in. The help desk
employee still does not see the user account in directory services. Which of the following is the MOST likely ?

An organization uses a Kerberos-based LDAP service for network authentication. The service is also utilized by internal web applications. Finally, access to terminal
applications is achieved using the same authentication method by joining the legacy system to the Kerberos realm. The company is using Kerberos to achieve
which of the following?

A security program manager wants to actively test the security posture of a system. The system is not yet in production and has no uptime requirement or active
user base. Which of the following methods will produce a report which shows vulnerabilities that were actually exploited?

The chief security officer (CS0) has issued a new policy that requires that all internal websites be configured for HTTPS traffic only. The network administrator has
been tasked to update all internal sites without incurring additional costs. Which of the following is the best solution for the network administrator to secure each
internal website?

An administrator intends to configure an IPSec solution that provides ESP with integrity protection, but not confidentiality protection. Which of the following AES

modes of operation would meet this integrity-only requirement?

A company wants to ensure that the validity of publicly trusted certificates used by its web server can be determined even during an extended internet outage.
Which of the following should be implemented?

A computer on a company network was infected with a zero-day exploit after an employee accidentally opened an email that contained malicious content. The
employee recognized the email as malicious and was attempting to delete it, but accidentally opened it. Which of the following should be done to prevent this
scenario from occurring again in the future?