A new employee is plugged into the network on a BYOD machine but cannot access the network. Which of the following
must be configured so the employee can connect to the network?
A newly hired systems administrator is trying to connect a new and fully updated, but very customized, Android device to
access corporate resources. However, the MDM enrollment process continually fails. The administrator asks a security team
member to look into the issue. Which of the following is the MOST likely reason the MDM is not allowing enrollment?
Following a recent outage, a systems administrator is conducting a study to determine a suitable bench stock on server hard
Which of the following metrics is MOST valuable to the administrator in determining how many hard drives to keep-on hand?
A security program was allocated $2 million in funding for the year. The cybersecurity team identified the following potential
projects to deliver:
Which of the following solutions should the cybersecurity team prioritize to obtain the BEST risk reduction within the
A security engineer is designing a system in which offshore, outsourced staff can push code from the development
environment to the production environment securely. The security engineer is concerned with data loss, while the business
does not want to slow down its development process. Which of the following solutions BEST balances security requirements
with business need?
A security administrator adding a NAC requirement for all VPN users to ensure the connecting devices are compliant with
company policy. Which of the following items provides the HIGHEST assurance to meet this requirement?
An organization has recently deployed an EDR solution across its laptops, desktops, and server infrastructure. The
organizations server infrastructure is deployed in an IaaS environment. A database within the non-production environment
has been misconfigured with a routable IP and is communicating with a command and control server. Which of the following
procedures should the security responder apply to the situation? (Choose two.)
A company contracts a security engineer to perform a penetration test of its client-facing web portal. Which of the following
activities would be MOST appropriate?
A security engineer successfully exploits an application during a penetration test. As proof of the exploit, the security
engineer takes screenshots of how data was compromised in the application. Given the information below from the
Which of the following tools was MOST likely used to exploit the application?
A company makes consumer health devices and needs to maintain strict confidentiality of unreleased product designs.
Recently, unauthorized photos of products still in development have been for sale on the dark web. The Chief Information
Security Officer (CISO) suspects an insider threat, but the team that uses the secret outdoor testing area has been vetted
many times, and nothing suspicious has been found. Which of the following is the MOST likely cause of the unauthorized