Blank Calendar Format Xwy Calendar Template For Mac

The security administrator at ABC company received the following log information from an external party: 10:45:01 EST, SRC 10.4.3.7:3056, DST 8.4.2.1:80, ALERT, Directory traversal 10:45:02 EST, SRC 10.4.3.7:3057, DST 8.4.2.1:80, ALERT, Account brute force 10:45:03 EST, SRC 10.4.3.7:3058, DST 8.4.2.1:80, ALERT, Port scan The external party is reporting attacks coming from abc-company.com. Which of the following is the reason the ABC company's security administrator is unable to determine the origin of the attack? A NIDS was used in place of a NIPS. The log is not in UTC.

1. Blank Calendar Format Xwy Calendar Template For Mac Free

Printable Calendar Mac can be used as attendance tracer, monthly work planner, business planner, trip plans and many more that is easily printed or shared. It makes a note of the date and make changes very easily. Blank calendar templates come in varieties like weekly, monthly and yearly calendars. They enable one to plan schedules and write notes for each day or month. We have an interesting collection of calendar images for you, if you like please visit this website and get what you want.

The external party uses a firewall. ABC company uses PAT. The administrator receives a call from an employee named Joe. Joe says the Internet is down and he is receiving a blank page when typing to connect to a popular sports website. The administrator asks Joe to try visiting a popular search engine site, which Joe reports as successful. Joe then says that he can get to the sports site on this phone. Which of the following might the administrator need to configure?

The access rules on the IDS B. The pop up blocker in the employee's browser C. The sensitivity level of the spam filter D. The default block page on the URL filter. A security engineer is reviewing log data and sees the output below: POST: /payload.php HTTP/1.1 HOST: localhost Accept: / Referrer:. HTTP/1.1 403 Forbidden Connection: close Log: Access denied with 403.

Pattern matches form bypass Which of the following technologies was MOST likely being used to generate this log? Host-based Intrusion Detection System B. Web application firewall C.

Network-based Intrusion Detection System D. Stateful Inspection Firewall E. URL Content Filter. Sara, a security technician, has received notice that a vendor coming in for a presentation will require access to a server outside of the network.

Currently, users are only able to access remote sites through a VPN connection. How could Sara BEST accommodate the vendor? Allow incoming IPSec traffic into the vendor's IP address. Set up a VPN account for the vendor, allowing access to the remote site. Turn off the firewall while the vendor is in the office, allowing access to the remote site. Write a firewall rule to allow the vendor to have access to the remote site. A database administrator contacts a security administrator to request firewall changes for a connection to a new internal application.

The security administrator notices that the new application uses a port typically monopolized by a virus. The security administrator denies the request and suggests a new port or service be used to complete the application's task.

Which of the following is the security administrator practicing in this example? Explicit deny B. Port security C.

Access control lists D. Implicit deny.

An administrator needs to connect a router in one building to a router in another using Ethernet. Each router is connected to a managed switch and the switches are connected to each other via a fiber line. Which of the following should be configured to prevent unauthorized devices from connecting to the network? Configure each port on the switches to use the same VLAN other than the default one B. Enable VTP on both switches and set to the same domain C. Configure only one of the routers to run DHCP services D. Implement port security on the switches.

On Monday, all company employees report being unable to connect to the corporate wireless network, which uses 802.1x with PEAP. A technician verifies that no configuration changes were made to the wireless network and its supporting infrastructure, and that there are no outages. Which of the following is the MOST likely cause for this issue?

Too many incorrect authentication attempts have caused users to be temporarily disabled. The DNS server is overwhelmed with connections and is unable to respond to queries. The company IDS detected a wireless attack and disabled the wireless network. The Remote Authentication Dial-In User Service server certificate has expired. A network administrator wants to block both DNS requests and zone transfers coming from outside IP addresses. The company uses a firewall which implements an implicit allow and is currently configured with the following ACL applied to its external interface. PERMIT TCP ANY ANY 80 PERMIT TCP ANY ANY 443 Which of the following rules would accomplish this task?

(Select TWO). Change the firewall default settings so that it implements an implicit deny B. Apply the current ACL to all interfaces of the firewall C. Remove the current ACL D.

Add the following ACL at the top of the current ACL DENY TCP ANY ANY 53 E. Add the following ACL at the bottom of the current ACL DENY ICMP ANY ANY 53 F. Add the following ACL at the bottom of the current ACL DENY IP ANY ANY 53.

The Human Resources department has a parent shared folder setup on the server. There are two groups that have access, one called managers and one called staff. There are many sub folders under the parent shared folder, one is called payroll. The parent folder access control list propagates all subfolders and all subfolders inherit the parent permission.

Which of the following is the quickest way to prevent the staff group from gaining access to the payroll folder? Remove the staff group from the payroll folder B. Implicit deny on the payroll folder for the staff group C. Implicit deny on the payroll folder for the managers group D. Remove inheritance from the payroll folder.

A small company can only afford to buy an all-in-one wireless router/switch. The company has 3 wireless BYOD users and 2 web servers without wireless access. Which of the following should the company configure to protect the servers from the user devices? (Select TWO). Deny incoming connections to the outside router interface. Change the default HTTP port C.

Messenger for Mac. Download latest version 0.1.13 (requires Mac OS 10.10 or newer) Disclaimer: This is not an official Facebook product. It's a free and open-source project created by fans of Messenger. The strategy is to reload messenger.com when the app is in the background or hidden (or while the computer is locked or displaying a. Telecharger messenger gratuit pour pc. Microsoft Messenger for Mac. 19 votes, 3.7 /5| Developer. Microsoft Version. 14.2.3 (latest version) Download Freeware (25.44 MB) Mac OS X, English. Messenger Microsoft was developed for the official users Communications Server on 2007. This program offers to the working colleagues a new manner of spreading easily between them.

Implement EAP-TLS to establish mutual authentication D. Disable the physical switch ports E. Create a server VLAN F. Create an ACL to access the server. An administrator connects VoIP phones to the same switch as the network PCs and printers. Which of the following would provide the BEST logical separation of these three device types while still allowing traffic between them via ACL?

Create three VLANs on the switch connected to a router B. Define three subnets, configure each device to use their own dedicated IP address range, and then connect the network to a router C. Install a firewall and connect it to the switch D. Install a firewall and connect it to a dedicated switch for each device type. Review the following diagram depicting communication between PC1 and PC2 on each side of a router. Analyze the network traffic logs which show communication between the two computers as captured by the computer with IP 10.2.2.10.

DIAGRAM PC1 PC2 192.168.1.30-INSIDE 192.168.1.1 router OUTSIDE 10.2.2.1-10.2.2.10 LOGS 10:30:22, SRC 10.2.2.1:3030, DST 10.2.2.10:80, SYN 10:30:23, SRC 10.2.2.10:80, DST 10.2.2.1:3030, SYN/ACK 10:30:24, SRC 10.2.2.1:3030, DST 10.2.2.10:80, ACK Given the above information, which of the following can be inferred about the above environment? 192.168.1.30 is a web server. The web server listens on a non-standard port. The router filters port 80 traffic. The router implements NAT. The server administrator has noted that most servers have a lot of free disk space and low memory utilization.

Which of the following statements will be correct if the server administrator migrates to a virtual server environment? The administrator will need to deploy load balancing and clustering.

The administrator may spend more on licensing but less on hardware and equipment. The administrator will not be able to add a test virtual environment in the data center. Servers will encounter latency and lowered throughput issues. The Chief Information Officer (CIO) has mandated web based Customer Relationship Management (CRM) business functions be moved offshore to reduce cost, reduce IT overheads, and improve availability. The Chief Risk Officer (CRO) has agreed with the CIO's direction but has mandated that key authentication systems be run within the organization's network. Which of the following would BEST meet the CIO and CRO's requirements? Software as a Service B.

Infrastructure as a Service C. Platform as a Service D. Hosted virtualization service. A security analyst noticed a colleague typing the following command: `Telnet some-host 443' Which of the following was the colleague performing? A hacking attempt to the some-host web server with the purpose of achieving a distributed denial of service attack. A quick test to see if there is a service running on some-host TCP/443, which is being routed correctly and not blocked by a firewall.

Trying to establish an insecure remote management session. The colleague should be using SSH or terminal services instead. A mistaken port being entered because telnet servers typically do not listen on port 443. A firewall technician has been instructed to disable all non-secure ports on a corporate firewall.

The technician has blocked traffic on port 21, 69, 80, and 137-139. The technician has allowed traffic on ports 22 and 443. Which of the following correctly lists the protocols blocked and allowed? Blocked: TFTP, HTTP, NetBIOS; Allowed: HTTPS, FTP B. Blocked: FTP, TFTP, HTTP, NetBIOS; Allowed: SFTP, SSH, SCP, HTTPS C. Blocked: SFTP, TFTP, HTTP, NetBIOS; Allowed: SSH, SCP, HTTPS D. Blocked: FTP, HTTP, HTTPS; Allowed: SFTP, SSH, SCP, NetBIOS.

Which of the following BEST describes the weakness in WEP encryption? The initialization vector of WEP uses a crack-able RC4 encryption algorithm.

Once enough packets are captured an XOR operation can be performed and the asymmetric keys can be derived. The WEP key is stored in plain text and split in portions across 224 packets of random data. Once enough packets are sniffed the IV portion of the packets can be removed leaving the plain text key.

The WEP key has a weak MD4 hashing algorithm used. A simple rainbow table can be used to generate key possibilities due to MD4 collisions. The WEP key is stored with a very small pool of random numbers to make the cipher text. As the random numbers are often reused it becomes easy to derive the remaining WEP key. Ann, a sales manager, successfully connected her company-issued smartphone to the wireless network in her office without supplying a username/password combination. Upon disconnecting from the wireless network, she attempted to connect her personal tablet computer to the same wireless network and could not connect. Which of the following is MOST likely the reason?

The company wireless is using a MAC filter. The company wireless has SSID broadcast disabled. The company wireless is using WEP. The company wireless is using WPA2. After entering the following information into a SOHO wireless router, a mobile device's user reports being unable to connect to the network: PERMIT 0A: D1: FA. B1: 03: 37 DENY 01: 33: 7F: AB: 10: AB Which of the following is preventing the device from connecting?

WPA2-PSK requires a supplicant on the mobile device. Hardware address filtering is blocking the device. TCP/IP Port filtering has been implemented on the SOHO router. IP address filtering has disabled the device from connecting. Ann, a security administrator, has concerns regarding her company's wireless network.

The network is open and available for visiting prospective clients in the conference room, but she notices that many more devices are connecting to the network than should be. Which of the following would BEST alleviate Ann's concerns with minimum disturbance of current functionality for clients? Enable MAC filtering on the wireless access point. Configure WPA2 encryption on the wireless access point.

Lower the antenna's broadcasting power. Disable SSID broadcasting. After reviewing the firewall logs of her organization's wireless APs, Ann discovers an unusually high amount of failed authentication attempts in a particular segment of the building. She remembers that a new business moved into the office space across the street. Which of the following would be the BEST option to begin addressing the issue? Reduce the power level of the AP on the network segment B.

Blank Calendar Format Xwy Calendar Template For Mac Free

Implement MAC filtering on the AP of the affected segment C. Perform a site survey to see what has changed on the segment D. Change the WPA2 encryption key of the AP in the affected segment. A company administrator has a firewall with an outside interface connected to the Internet and an inside interface connected to the corporate network. Which of the following should the administrator configure to redirect traffic destined for the default HTTP port on the outside interface to an internal server listening on port 8080? Create a dynamic PAT from port 80 on the outside interface to the internal interface on port 8080 B.

Create a dynamic NAT from port 8080 on the outside interface to the server IP address on port 80 C. Create a static PAT from port 80 on the outside interface to the internal interface on port 8080 D. Create a static PAT from port 8080 on the outside interface to the server IP address on port 80. Ann, the network administrator, is receiving reports regarding a particular wireless network in the building. The network was implemented for specific machines issued to the developer department, but the developers are stating that they are having connection issues as well as slow bandwidth.

Reviewing the wireless router's logs, she sees that devices not belonging to the developers are connecting to the access point. Which of the following would BEST alleviate the developer's reports? Configure the router so that wireless access is based upon the connecting device's hardware address. Modify the connection's encryption method so that it is using WEP instead of WPA2.

Implement connections via secure tunnel with additional software on the developer's computers. Configure the router so that its name is not visible to devices scanning for wireless networks. An organization has three divisions: Accounting, Sales, and Human Resources. Users in the Accounting division require access to a server in the Sales division, but no users in the Human Resources division should have access to resources in any other division, nor should any users in the Sales division have access to resources in the Accounting division. Which of the following network segmentation schemas would BEST meet this objective?

Create two VLANS, one for Accounting and Sales, and one for Human Resources. Create one VLAN for the entire organization. Create two VLANs, one for Sales and Human Resources, and one for Accounting. Create three separate VLANS, one for each division. A retail store uses a wireless network for its employees to access inventory from anywhere in the store. Due to concerns regarding the aging wireless network, the store manager has brought in a consultant to harden the network. During the site survey, the consultant discovers that the network was using WEP encryption.

Which of the following would be the BEST course of action for the consultant to recommend? Replace the unidirectional antenna at the front of the store with an omni-directional antenna. Change the encryption used so that the encryption protocol is CCMP-based. Disable the network's SSID and configure the router to only access store devices based on MAC addresses. Increase the access point's encryption from WEP to WPA TKIP.

Pete, a security analyst, has been informed that the development team has plans to develop an application which does not meet the company's password policy. Which of the following should Pete do NEXT? Contact the Chief Information Officer and ask them to change the company password policy so that the application is made compliant. Tell the application development manager to code the application to adhere to the company's password policy. Ask the application development manager to submit a risk acceptance memo so that the issue can be documented.

Inform the Chief Information Officer of non-adherence to the security policy so that the developers can be reprimanded. The Chief Security Officer (CSO) is concerned about misuse of company assets and wishes to determine who may be responsible. Which of the following would be the BEST course of action? Create a single, shared user account for every system that is audited and logged based upon time of use. Implement a single sign-on application on equipment with sensitive data and high-profile shares.

Enact a policy that employees must use their vacation time in a staggered schedule. Separate employees into teams led by a person who acts as a single point of contact for observation purposes. Sara, the Chief Security Officer (CSO), has had four security breaches during the past two years. Each breach has cost the company $3,000. A third party vendor has offered to repair the security hole in the system for $25,000. The breached system is scheduled to be replaced in five years.

CompTIA SY0-401 Exam 'Pass Any Exam. www.actualtests.com 124 Which of the following should Sara do to address the risk? Accept the risk saving $10,000.

Ignore the risk saving $5,000. Mitigate the risk saving $10,000. Transfer the risk saving $5,000. Users can authenticate to a company's web applications using their credentials from a popular social media site. Which of the following poses the greatest risk with this integration? Malicious users can exploit local corporate credentials with their social media credentials B.

Changes to passwords on the social media site can be delayed from replicating to the company C. Data loss from the corporate servers can create legal liabilities with the social media site D. Password breaches to the social media site affect the company application as well.

Which of the following is the GREATEST security risk of two or more companies working together under a Memorandum of Understanding? Budgetary considerations may not have been written into the MOU, leaving an entity to absorb more cost than intended at signing. MOUs have strict policies in place for services performed between the entities and the penalties for compromising a partner are high. MOUs are generally loose agreements and therefore may not have strict guidelines in place to protect sensitive data between the two entities. MOUs between two companies working together cannot be held to the same legal standards as SLAs. A security administrator plans on replacing a critical business application in five years.

Recently, there was a security flaw discovered in the application that will cause the IT department to manually re-enable user accounts each month at a cost of $2,000. Patching the application today would cost $140,000 and take two months to implement.

Which of the following should the security administrator do in regards to the application? Avoid the risk to the user base allowing them to re-enable their own accounts B.

Mitigate the risk by patching the application to increase security and saving money C. Transfer the risk replacing the application now instead of in five years D. Accept the risk and continue to enable the accounts each month saving money. Acme Corp has selectively outsourced proprietary business processes to ABC Services. Due to some technical issues, ABC services wants to send some of Acme Corp's debug data to a third party vendor for problem resolution. Which of the following MUST be considered prior to sending data to a third party? The data should be encrypted prior to transport B.

This would not constitute unauthorized data sharing C. This may violate data ownership and non-disclosure agreements D. Acme Corp should send the data to ABC Services' vendor instead. An administrator wants to minimize the amount of time needed to perform backups during the week. It is also acceptable to the administrator for restoration to take an extended time frame. Which of the following strategies would the administrator MOST likely implement?

Full backups on the weekend and incremental during the week B. Full backups on the weekend and full backups every day C. Incremental backups on the weekend and differential backups every day D.

Differential backups on the weekend and full backups every day. A security engineer is given new application extensions each month that need to be secured prior to implementation. They do not want the new extensions to invalidate or interfere with existing application security. Additionally, the engineer wants to ensure that the new requirements are approved by the appropriate personnel. Which of the following should be in place to meet these two goals? (Select TWO). Patch Audit Policy B.

Change Control Policy C. Incident Management Policy D. Regression Testing Policy E. Escalation Policy F. Application Audit Policy. A user has received an email from an external source which asks for details on the company's new product line set for release in one month. The user has a detailed spec sheet but it is marked 'Internal Proprietary Information'.

Which of the following should the user do NEXT? Contact their manager and request guidance on how to best move forward B. Contact the help desk and/or incident response team to determine next steps C. Provide the requestor with the email information since it will be released soon anyway D.

Reply back to the requestor to gain their contact information and call them. A security administrator is responsible for performing periodic reviews of user permission settings due to high turnover and internal transfers at a corporation. Which of the following BEST describes the procedure and security rationale for performing such reviews?

Review all user permissions and group memberships to ensure only the minimum set of permissions required to perform a job is assigned. Review the permissions of all transferred users to ensure new permissions are granted so the employee can work effectively. Ensure all users have adequate permissions and appropriate group memberships, so the volume of help desk calls is reduced.

Ensure former employee accounts have no permissions so that they cannot access any network file stores and resources. Various network outages have occurred recently due to unapproved changes to network and security devices. All changes were made using various system credentials. The security analyst has been tasked to update the security policy.

Which of the following risk mitigation strategies would also need to be implemented to reduce the number of network outages due to unauthorized changes? User rights and permissions review B. Configuration management C.

Incident management D. Implement security controls on Layer 3 devices. After an audit, it was discovered that the security group memberships were not properly adjusted for employees' accounts when they moved from one role to another. Which of the following has the organization failed to properly implement?

(Select TWO). Mandatory access control enforcement. User rights and permission reviews. Technical controls over account management.

Account termination procedures. Management controls over account management. Incident management and response plan.

The incident response team has received the following email message. From: monitor@ext-company.com To: security@company.com Subject: Copyright infringement A copyright infringement alert was triggered by IP address 13.10.66.5 at 09: 50: 01 GMT. After reviewing the following web logs for IP 13.10.66.5, the team is unable to correlate and identify the incident. 09: 45: 33 13.10.66.5 http: //remote.site.com/login.asp?user=john 09: 50: 22 13.10.66.5 http: //remote.site.com/logout.asp?user=anne 10: 50: 01 13.10.66.5 http: //remote.site.com/access.asp?file=movie.mov 11: 02: 45 13.10.65.5 http: //remote.site.com/download.asp?movie.mov=ok Which of the following is the MOST likely reason why the incident response team is unable to identify and correlate the incident? The logs are corrupt and no longer forensically sound.

Traffic logs for the incident are unavailable. Chain of custody was not properly maintained.

Incident time offsets were not accounted for. A recent intrusion has resulted in the need to perform incident response procedures. The incident response team has identified audit logs throughout the network and organizational systems which hold details of the security breach. Prior to this incident, a security consultant informed the company that they needed to implement an NTP server on the network.

Which of the following is a problem that the incident response team will likely encounter during their assessment? Chain of custody B. Tracking man hours C. Record time offset D. Capture video traffic.

A server dedicated to the storage and processing of sensitive information was compromised with a rootkit and sensitive data was extracted. Which of the following incident response procedures is best suited to restore the server? Wipe the storage, reinstall the OS from original media and restore the data from the last known good backup. Keep the data partition, restore the OS from the most current backup and run a full system antivirus scan.

Format the storage and reinstall both the OS and the data from the most current backup. Erase the storage, reinstall the OS from most current backup and only restore the data that was not compromised. Sara, an employee, tethers her smartphone to her work PC to bypass the corporate web security gateway while connected to the LAN. While Sara is out at lunch her PC is compromised via the tethered connection and corporate data is stolen. Which of the following would BEST prevent this from occurring again?

Disable the wireless access and implement strict router ACLs. Reduce restrictions on the corporate web security gateway. Security policy and threat awareness training.

Perform user rights and permissions reviews. Results from a vulnerability analysis indicate that all enabled virtual terminals on a router can be accessed using the same password. The company's network device security policy mandates that at least one virtual terminal have a different password than the other virtual terminals. Which of the following sets of commands would meet this requirement? Line vty 0 6 P@s5W0Rd password line vty 7 Qwer!Y password B. Line console 0 password password line vty 0 4 password P@s5W0Rd C.

Line vty 0 3 password Qwer!Y line vty 4 password P@s5W0Rd D. Line vty 0 3 password Qwer!Y line console 0 password P@s5W0Rd. Which of the following is a security concern regarding users bringing personally-owned devices that they connect to the corporate network? Cross-platform compatibility issues between personal devices and server-based applications B. Lack of controls in place to ensure that the devices have the latest system patches and signature files C. Non-corporate devices are more difficult to locate when a user is terminated D.

Non-purchased or leased equipment may cause failure during the audits of company-owned assets. Key elements of a business impact analysis should include which of the following tasks? Develop recovery strategies, prioritize recovery, create test plans, post-test evaluation, and update processes. Identify institutional and regulatory reporting requirements, develop response teams and communication trees, and develop press release templates. Employ regular preventive measures such as patch management, change management, antivirus and vulnerability scans, and reports to management. Identify critical assets systems and functions, identify dependencies, determine critical downtime limit, define scenarios by type and scope of impact, and quantify loss potential.

After an assessment, auditors recommended that an application hosting company should contract with additional data providers for redundant high speed Internet connections. Which of the following is MOST likely the reason for this recommendation? (Select TWO). To allow load balancing for cloud support B. To allow for business continuity if one provider goes out of business C. To eliminate a single point of failure D.

To allow for a hot site in case of disaster E. To improve intranet communication speeds.

A security administrator is reviewing the company's continuity plan. The plan specifies an RTO of six hours and RPO of two days. Which of the following is the plan describing?

Systems should be restored within six hours and no later than two days after the incident. Systems should be restored within two days and should remain operational for at least six hours.

Systems should be restored within six hours with a minimum of two days worth of data. Systems should be restored within two days with a minimum of six hours worth of data. Pete, the system administrator, is reviewing his disaster recovery plans. He wishes to limit the downtime in the event of a disaster, but does not have the budget approval to implement or maintain an offsite location that ensures 99.99% availability. Which of the following would be Pete's BEST option? Use hardware already at an offsite location and configure it to be quickly utilized. Move the servers and data to another part of the company's main campus from the server room.

Retain data back-ups on the main campus and establish redundant servers in a virtual environment. Move the data back-ups to the offsite location, but retain the hardware on the main campus for redundancy. When a communications plan is developed for disaster recovery and business continuity plans, the MOST relevant items to include would be: (Select TWO). Methods and templates to respond to press requests, institutional and regulatory reporting requirements. Methods to exchange essential information to and from all response team members, employees, suppliers, and customers. Developed recovery strategies, test plans, post-test evaluation and update processes.

Defined scenarios by type and scope of impact and dependencies, with quantification of loss potential. Methods to review and report on system logs, incident response, and incident handling. Joe, the system administrator, is performing an overnight system refresh of hundreds of user computers.

The refresh has a strict timeframe and must have zero downtime during business hours. Which of the following should Joe take into consideration? A disk-based image of every computer as they are being replaced. A plan that skips every other replaced computer to limit the area of affected users. An offsite contingency server farm that can act as a warm site should any issues appear.

A back-out strategy planned out anticipating any unforeseen problems that may arise. An online store wants to protect user credentials and credit card information so that customers can store their credit card information and use their card for multiple separate transactions. Which of the following database designs provides the BEST security for the online store? Use encryption for the credential fields and hash the credit card field B. Encrypt the username and hash the password C. Hash the credential fields and use encryption for the credit card field D.

Hash both the credential fields and the credit card field. Several departments within a company have a business need to send high volumes of confidential information to customers via email. Which of the following is the BEST solution to mitigate unintentional exposure of confidential information? Employ encryption on all outbound emails containing confidential information. Employ exact data matching and prevent inbound emails with Data Loss Prevention. Employ hashing on all outbound emails containing confidential information.

Employ exact data matching and encrypt inbound e-mails with Data Loss Prevention. A security audit identifies a number of large email messages being sent by a specific user from their company email account to another address external to the company. These messages were sent prior to a company data breach, which prompted the security audit. The user was one of a few people who had access to the leaked data. Review of the suspect's emails show they consist mostly of pictures of the user at various locations during a recent vacation. No suspicious activities from other users who have access to the data were discovered. Which of the following is occurring?

The user is encrypting the data in the outgoing messages. The user is using steganography. The user is spamming to obfuscate the activity.

The user is using hashing to embed data in the emails. A security analyst has been notified that trade secrets are being leaked from one of the executives in the corporation. When reviewing this executive's laptop they notice several pictures of the employee's pets are on the hard drive and on a cloud storage network.

When the analyst hashes the images on the hard drive against the hashes on the cloud network they do not match. Which of the following describes how the employee is leaking these secrets? Social engineering B. Steganography C. Digital signatures.

An Information Systems Security Officer (ISSO) has been placed in charge of a classified peer-to-peer network that cannot connect to the Internet. The ISSO can update the antivirus definitions manually, but which of the following steps is MOST important? A full scan must be run on the network after the DAT file is installed. The signatures must have a hash value equal to what is displayed on the vendor site. The definition file must be updated within seven days.

All users must be logged off of the network prior to the installation of the definition file. Some customers have reported receiving an untrusted certificate warning when visiting the company's website. The administrator ensures that the certificate is not expired and that customers have trusted the original issuer of the certificate. Which of the following could be causing the problem? The intermediate CA certificates were not installed on the server.

The certificate is not the correct type for a virtual server. The encryption key used in the certificate is too short. The client's browser is trying to negotiate SSL instead of TLS. The IT department noticed that there was a significant decrease in network performance during the afternoon hours.

The IT department performed analysis of the network and discovered this was due to users accessing and downloading music and video streaming from social sites. The IT department notified corporate of their findings and a memo was sent to all employees addressing the misuse of company resources and requesting adherence to company policy. Which of the following policies is being enforced? Acceptable use policy B.

Telecommuting policy C. Data ownership policy D. Non disclosure policy.

Several departments in a corporation have a critical need for routinely moving data from one system to another using removable storage devices. Senior management is concerned with data loss and the introduction of malware on the network.

Which of the following choices BEST mitigates the range of risks associated with the continued use of removable storage devices? Remote wiping enabled for all removable storage devices B. Full-disk encryption enabled for all removable storage devices C. A well defined acceptable use policy D.

A policy which details controls on removable storage use. A company executive's laptop was compromised, leading to a security breach. The laptop was placed into storage by a junior system administrator and was subsequently wiped and re-imaged. When it was determined that the authorities would need to be involved, there was little evidence to present to the investigators. Which of the following procedures could have been implemented to aid the authorities in their investigation?

A comparison should have been created from the original system's file hashes B. Witness testimony should have been taken by the administrator C. The company should have established a chain of custody tracking the laptop D.

A system image should have been created and stored. A company has recently allowed employees to take advantage of BYOD by installing WAPs throughout the corporate office. An employee, Joe, has recently begun to view inappropriate material at work using his personal laptop.

When confronted, Joe indicated that he was never told that he could not view that type of material on his personal laptop. Which of the following should the company have employees acknowledge before allowing them to access the corporate WLAN with their personal devices?

Privacy Policy B. Security Policy C. Consent to Monitoring Policy D. Acceptable Use Policy. Pete, a security analyst, has been tasked with explaining the different types of malware to his colleagues. The two malware types that the group seems to be most interested in are botnets and viruses.

Which of the following explains the difference between these two types of malware? Viruses are a subset of botnets which are used as part of SYN attacks. Botnets are a subset of malware which are used as part of DDoS attacks. Viruses are a class of malware which create hidden openings within an OS. Botnets are used within DR to ensure network uptime and viruses are not.