A systems administrator wants to configure an enterprise wireless solution that supports authentication over HTTPS and
wireless encryption using AES. Which of the following should the administrator configure to support these requirements?
(Choose two.)
A E
Which of the following can occur when a scanning tool cannot authenticate to a server and has to rely on limited information
obtained from service banners?
A
The phones at a business are being replaced with VoIP phones that get plugged in-line between the switch and PC. The
voice and data networks still need to be kept separate. Which of the following would allow for this?
D
After a recent internal breach, a company decided to regenerate and reissue all certificates used in the transmission of
confidential information. The company places the greatest importance on confidentiality and non-repudiation, and decided to
generate dual key pairs for each client. Which of the following BEST describes how the company will use these certificates?
A
The availability of a system has been labeled as the highest priority. Which of the following should be focused on the MOST
to ensure the objective?
B
Which of the following provides PFS?
C
An application developer is working on a new calendar and scheduling application. The developer wants to test new
functionality that is time/date dependent and set the local system time to one year in the future. The application also has a
feature that uses SHA-256 hashing and AES encryption for data exchange. The application attempts to connect to a
separate remote server using SSL, but the connection fails. Which of the following is the MOST likely cause and next step?
A
A systems administrator needs to install the same X.509 certificate on multiple servers. Which of the following should the
administrator use?
D
An analyst is part of a team that is investigating a potential breach of sensitive data at a large financial services organization.
The organization suspects a breach occurred when proprietary data was disclosed to the public. The team finds servers
were accessed using shared credentials that have been in place for some time. In addition, the team discovers
undocumented firewall rules, which provided unauthorized external access to a server. Suspecting the activities of a
malicious insider threat, which of the following was MOST likely to have been utilized to exfiltrate the proprietary data?
D
A new hire wants to use a personally owned phone to access company resources. The new hire expresses concern about
what happens to the data on the phone when they leave the company.
Which of the following portions of the company's mobile device management configuration would allow the company data to
be removed from the device without touching the new hire's data?
D
Which of the following allows an application to securely authenticate a user by receiving credentials from a web domain?
D
A penetration tester is crawling a target website that is available to the public. Which of the following represents the actions
the penetration tester is performing?
B
After a breach, a company has decided to implement a solution to better understand the technique used by the attackers.
Which of the following is the BEST solution to be deployed?
C
An organization wants to deliver streaming audio and video from its home office to remote locations all over the world. It
wants the stream to be delivered securely and protected from intercept and replay attacks.
Which of the following protocols is BEST suited for this purpose?
D
A business sector is highly competitive, and safeguarding trade secrets and critical information is paramount. On a seasonal
basis, an organization employs temporary hires and contractor personnel to accomplish its mission objectives. The
temporary and contract personnel require access to network resources only when on the clock.
Which of the following account management practices are the BEST ways to manage these accounts?
A