Staff members are reporting an unusual number of device thefts associated with time out of the office. Thefts increased soon after the company deployed a new social networking application. Which of the following should the Chief Information Security Officer (CISO) recommend implementing?

• A.Integrity controls
• B.Automatic location check-ins
• C.NAC checks to quarantine devices
• D.Geolocated presence privacy

Comment: *

Name: *

Email: *

Verification: *

An attacker attempts to create a DoS event against the VoIP system of a company. The attacker uses a tool to flood the network with a large number of SIP INVITE traffic. Which of the following would be LEAST likely to thwart such an attack?

• A.Install IDS/IPS systems on the network
• B.Force all SIP communication to be encrypted
• C.Create separate VLANs for voice and data traffic
• D.Implement QoS parameters on the switches

Comment: *

Name: *

Email: *

Verification: *

The results of an external penetration test for a software development company show a small number of applications account for the largest number of findings. While analyzing the content and purpose of the applications, the following matrix is created.

The findings are then categorized according to the following chart:

Which of the following would BEST reduce the amount of immediate risk incurred by the organization from a compliance and legal standpoint? (Select TWO)

• A.Place a WAF in line with Application 2
• B.Apply the missing OS and software patches to the server hosting Application 4
• C.Install a FIM on the server hosting Application 4
• D.Move Application 3 to a secure VLAN and require employees to use a jump server for access.
• E.Implement an IDS/IPS on the same network segment as Application 3
• F.Use network segmentation and ACLs to control access to Application 5.

Comment: *

Name: *

Email: *

Verification: *

An educational institution would like to make computer labs available to remote students. The labs are used for various IT networking, security, and programming courses. The requirements are:
Each lab must be on a separate network segment.
Labs must have access to the Internet, but not other lab networks.
Student devices must have network access, not simple access to hosts on the lab networks.
Students must have a private certificate installed before gaining access.
Servers must have a private certificate installed locally to provide assurance to the students.
All students must use the same VPN connection profile.
Which of the following components should be used to achieve the design in conjunction with directory services?

• A.L2TP VPN over TLS for remote connectivity, SAML for federated authentication, firewalls between each lab segment
• B.SSL VPN for remote connectivity, directory services groups for each lab group, ACLs on routing equipment
• C.IPSec VPN with mutual authentication for remote connectivity, RADIUS for authentication, ACLs on network equipment
• D.Cloud service remote access tool for remote connectivity, OAuth for authentication, ACL on routing equipment

Comment: *

Name: *

Email: *

Verification: *

A company provides on-demand cloud computing resources for a sensitive project. The company implements a fully virtualized datacenter and terminal server access with two-factor authentication for customer access to the administrative website. The security administrator at the company has uncovered a breach in data confidentiality. Sensitive data from customer A was found on a hidden directory within the VM of company B.
Company B is not in the same industry as company A and the two are not competitors. Which of the following has MOST likely occurred?

• A.Both VMs were left unsecured and an attacker was able to exploit network vulnerabilities to access each and move the data.
• B.A stolen two factor token was used to move data from one virtual guest to another host on the same network segment.
• C.A hypervisor server was left un-patched and an attacker was able to use a resource exhaustion attack to gain unauthorized access.
• D.An employee with administrative access to the virtual guests was able to dump the guest memory onto a mapped disk.

Comment: *

Name: *

Email: *

Verification: *