An administrator identifies some locations on the third floor of the building that have a poor wireless signal Multiple users confirm the incident and report it is not an isolated event. Which of the following should the administrator use to find the areas with a poor or non-existent wireless signal?


A. Heat map
B. Input validation
C. Site survey
D. Embedded systems

An audit report indicates multiple suspicious attempts to access company resources were made. These attempts were not detected by the company. Which of the following would be the best solution to implement on the company's network?


A. Intrusion prevention system
B. Proxy server
C. Jump server
D. Security zones

Employees in the research and development business unit receive extensive training to ensure they understand how to best protect company data. Which of the following is the type of data these employees are most likely to use in day to-day work activities?


A. Encrypted
B. Intellectual property
C. Critical
D. Data in transit

Which of the following authentication methods is considered to be the LEAST secure?


A. TOTP
B. SMS
C. HOTP
D. Token key

A security engineer is hardening existing solutions to reduce application vulnerabilities. Which of the following solutions should the engineer implement FIRST? (Choose two.)


A. Auto-update
B. HTTP headers
C. Secure cookies
D. Third-party updates
E. Full disk encryption
F. Sandboxing
G. Hardware encryption

Which of the following can be used to calculate the total loss expected per year due to a threat targeting an asset?


A. EF x asset value
B. ALE / SLE
C. MTBF x impact
D. SLE x ARO

Sales team members have been receiving threatening voicemail messages and have reported these incidents to the IT security team. Which of the following would be MOST appropriate for the IT security team to analyze?


A. Access control
B. Syslog
C. Session Initiation Protocol traffic logs
D. Application logs

An analyst is working on an email security incident in which the target opened an attachment containing a worm. The analyst wants to implement mitigation techniques to prevent further spread. Which of the following is the best course of action for the analyst to take?


A. Apply a DLP solution
B. Implement network segmentation
C. Utilize email content filtering.
D. Isolate the infected attachment

A security administrator needs a method to secure data in an environment that includes some form of checks so that the administrator can track any changes. Which of the following should the administrator set up to achieve this goal?


A. SPF
B. GPO
C. NAC
D. FIM

A dynamic application vulnerability scan identified that code injection could be performed using a web form.
Which of the following will be the best remediation to prevent this vulnerability?


A. Implement input validations
B. Deploy MFA
C. Utilize a WAF
D. Configure HIPS