Which of the following attack types is MOST likely to cause damage or data loss for an organization and be difficult to investigate?

A company has a proprietary device that requires access to the network be disabled. Only authorized users should have access to the device. To further protect the
device from unauthorized access, which of the following would also need to be implemented?

An administrator is reviewing the logs for a content management system that supports the organization’s public-facing website. The administrator is concerned
about the number of attempted login failures from other countries for administrator accounts. Which of the following capabilities is BEST to implement if the
administrator wants the system to dynamically react to such attacks?

An employee is conducting a presentation at an out-of-town conference center using a laptop. The wireless access point at the employee’s office has an SSID of
OFFICE. The laptop was set to remember wireless access points. Upon arriving at the conference, the employee powered on the laptop and noticed that it was
connected to the OFFICE access point. Which of the following MOST likely occurred?

An attacker is attempting to determine the patch level version that a web server is running on its open ports. Which of the following is an active technique that will

MOST efficiently determine the information the attacker is seeking?

The first responder to an incident has been asked to provide an after action report. This supports which of the following Incident Response procedures?

A security administrator wishes to ensure that one file in a confidential location is not altered. With very limited technology or restrictions to the file or folder, which of
the following controls could the security administrator use to determine if the file has been altered?

Joe, a user, wants to configure his workstation to make certain that the certificate he receives when connecting to websites is still valid. Which of the following
should Joe enable on his workstation to achieve this?

Which of the following network configurations provides security analysts with the MOST information regarding threats, while minimizing the risk to internal corporate
assets?

An administrator is tasked with reducing the malware infection rate of PC applications. To accomplish this, the administrator restricts the locations from which
programs can be launched. After this is complete, the administrator notices that malware continues to run from locations on the disk and infect the hosts. Which of
the following did the administrator forget to do?