1. A small company's Chief Executive Officer (CEO) has asked its Chief Security Officer (CSO) to improve corporate security policies quickly with respect to the targeted attacks. Which of the following, the CSO must conduct FIRST?

A) Survey threat feeds from services within the same sector
B) None
C) Implement a UTM solution that receives frequent updates from a trusted industry provider.
D) Conduct an internal audit against best practices to conduct a qualitative analysis to
E) Purchase multiple threat feeds to introduce diversity to ensure and off blocks malicious traffic.


2. A security engineer is a new member to the board configuration at the request of management. The company has two new major IT projects starting this year and wants to find safety in the deployment. The board is primarily concerned with the applicationsà ¬ Ÿ compliance with federal evaluation and authorization standards. The security engineer requires determine a timeline for when assessing the safety of both applications must be made and any subsequent meetings configuration management to attend. When the security engineer just about a security assessment, which of the following steps in the system of authorization of the security engineer is omitted to perform? (Choose two).(Select 2answers)

A) See the results of the user acceptance testing
B) Share applications to use
C) Build the application based on the development of software safety
D) Determine the security baseline
E) Consultation with to determine the stakeholders, which standards may be omitted


3. The help desk manager wants a solution enabling the help desk employees to company employees who call computer-related problems are better. The helpdesk is currently unable to perform effective troubleshooting and relies on callers to describe their technological problems. Given that the helpdesk is located in the main office and 90% of callers are telecommuters, which of the following tools should use the help desk manager to make staff more effective in solving problems, while the cost to reduce business? (Choose two)(Select 2answers)

A) Web cameras
B) E-mail
C) desktop sharing
D) instant messaging
E) BYOD


4. An analyst connects hosted on a company web conference on www.webconference.com/meetingID#01234 noting that many guests are allowed to participate, without identifying information. The topics to be considered during the web conference as company property. Which of the following security concerns does the analyst present management?

A) Guest users may be a risk to the integrity of information from the company
B) Unauthenticated users can put at risk the confidential information of the company
C) Authenticated users can access for guests, which was previously approved by management sponsorship
D) Meeting owners could sponsor guest access if they have passed a background chec
E) None


5. An organization has decided to credit applications to a supplier located in another country from back office to reduce labor costs by outsourcing processing. Data sovereignty and privacy concerns of the security team resulted in the third-party provider only accessing and processing the data through remote desktop sessions. To improve to facilitate communication and productivity, has staff on the third party and provided corporate e-mail accounts that are only accessible via the remote desktop sessions. E-mail forwarding is disabled and the members of the third party can only communicate with staff within the organization. Which of the following additional checks must be performed to prevent data loss? (Choose three.)(Select 3answers)

A) Sessions recording and capturing
B) Implementation hashing of data in transit
C) Monitor approved credit account
D) Users access audit reviews
E) Disable cross session cut and paste
F) Source IP whitelisting