During a recent audit of servers, a company discovered that a network administrator, who required remote access, had deployed an unauthorized remote access application that communicated over common ports already allowed through the firewall. A network scan showed that this remote access application had already been installed on one third of the servers in the company. Which of the following is the MOST appropriate action that the company should take to provide a more appropriate solution?

• A.Implement an IPS to block the application on the network
• B.Implement the remote application out to the rest of the servers
• C.Implement SSL VPN with SAML standards for federation
• D.Implement an ACL on the firewall with NAT for remote access

Comment: *

Name: *

Email: *

Verification: *

A hospital is deploying new imaging softwares that requires a web server for access to image for both local and remote users. The web server allows user authentication via secure LDAP. The information security officer wants to ensure the server does not allow unencrypted access to the imaging server by using Nmap to gather additional information. Given the following.
* The imaging server IP is 192.168.101.24
* The domain controller IP is 192.168.100.1
* The client machine IP is 192.168.200.37
Which of the following should be used to confirm this is the only open post on the web server?

• A.nmap "p 80,443 192.168.101.24
• B.nmap "p" 192.168.101.24
• C.nmap "p 80,443,389,636 192.168.100.1
• D.nmap "p 80,389 192.168.200.37

Comment: *

Name: *

Email: *

Verification: *

A vulnerability scanner report shows that a client-server host monitoring solution operating in the credit card corporate environment is managing SSL sessions with a weak algorithm which does not meet corporate policy. Which of the following are true statements? (Select TWO).

• A.The X509 V3 certificate was issued by a non trusted public CA.
• B.The client-server handshake could not negotiate strong ciphers.
• C.The client-server handshake is configured with a wrong priority.
• D.The client-server handshake is based on TLS authentication.
• E.The X509 V3 certificate is expired.
• F.The client-server implements client-server mutual authentication with different certificates.

Comment: *

Name: *

Email: *

Verification: *

A risk manager has decided to use likelihood and consequence to determine the risk of an event occurring to a company asset. Which of the following is a limitation of this approach to risk management?

• A.Subjective and based on an individual's experience.
• B.Requires a high degree of upfront work to gather environment details.
• C.Difficult to differentiate between high, medium, and low risks.
• D.Allows for cost and benefit analysis.
• E.Calculations can be extremely complex to manage.

Comment: *

Name: *

Email: *

Verification: *

An investigator wants to collect the most volatile data first in an incident to preserve the data that runs the highest risk of being lost. After memory, which of the following BEST represents the remaining order of volatility that the investigator should follow?

• A.File system information, swap files, network processes, system processes and raw disk blocks.
• B.Raw disk blocks, network processes, system processes, swap files and file system information.
• C.System processes, network processes, file system information, swap files and raw disk blocks.
• D.Raw disk blocks, swap files, network processes, system processes, and file system information.

Comment: *

Name: *

Email: *

Verification: *