Which of the following lists are valid data-gathering activities associated with a risk assessment?

A network security administrator is worried about potential man-in-the-middle attacks when users
access a corporate web site from their workstations. Which of the following is the best remediation
against this type of attack?

Which command line switch would be used in NMAP to perform operating system detection?

Bluetooth uses which digital modulation technique to exchange information between paired
devices?

A security consultant decides to use multiple layers of anti-virus defense, such as end user
desktop anti-virus and E-mail gateway. This approach can be used to mitigate which kind of
attack?

A security policy will be more accepted by employees if it is consistent and has the support of

There is a WEP encrypted wireless access point (AP) with no clients connected. In order to crack
the WEP key, a fake authentication needs to be performed. What information is needed when
performing fake authentication to an AP? (Choose two.)

What type of OS fingerprinting technique sends specially crafted packets to the remote OS and
analyzes the received response?

How do employers protect assets with security policies pertaining to employee surveillance
activities?

When analyzing the IDS logs, the system administrator noticed an alert was logged when the
external router was accessed from the administrator’s computer to update the router configuration.
What type of an alert is this?