Which of the following is an unintended communication path that is NOT protected by the system’s normal
security mechanisms?

Which of the following security controls might force an operator into collusion with personnel assigned
organizationally within a different function in order to gain access to unauthorized data?

Which of the following is used to interrupt the opportunity to use or perform collusion to subvert operation forfraudulent purposes?

You are a criminal hacker and have infiltrated a corporate network via a compromised host and a
misconfigured firewall. You find many targets inside the network but all appear to be hardened except for one. It
has several notable vulnerable services and it therefore seems out of place with an otherwise secured network.
(Except for the misconfigured firewall, of course)
What is it that you are likely seeing here?

Which of the following BEST describes Configuration Management controls?

Which of the following is a reasonable response from the Intrusion Detection System (IDS) when it detects
Internet Protocol (IP) packets where the IP source address and port is the same as the destination IP address
and port?

Why would anomaly detection IDSs often generate a large number of false positives?

Detective/Technical measures:

What would you call a network security control deployed in line to detects, alerts, and takes action when a
possible intrusion is detected.

Which of the following is an IDS that acquires data and defines a “normal” usage profile for the network or
host?