1. There are some shortcomings in the company internally focused website. A security engineer WAF has found the cause of the failures. System logs show that the WAF is not guaranteed for 14 hours during the past month, in four separate cases. One of these cases was a two-hour scheduled maintenance time, aimed at improving the stability of the WAF. Using the MTTR based on performance figures for the previous month, which of the following calculations, the percentage of uptime is the assumption that there were 722 hours a month?

A) 98.34 percent
B) None
C) 99.72 percent
D) 92.24 percent
E) 92.24 percent


2. During a recent audit of servers, a company discovers that a network administrator who needs remote access, had an unauthorized remote access application over common ports policy already deployed permitted to communicate through the firewall. A network scan showed that the remote access application that already a third of the servers in the company was installed. Which of the following is the most appropriate action to be taken by the company to provide a more suitable solution?

A) Implementing the remote application to the rest of the servers
B) Deploy SSL VPN with SAML standards for federated
C) Implementation of an IPS block the request to the network
D) None
E) Implement ACL firewall NAT for RAS


3. An administrator wants a legacy clinical software product to be replaced because it has become a security risk. The legacy product generates $ 10,000 in revenue per month. The new software product has an initial cost of $ 180,000 and annual maintenance of $ 2,000 after the first year. However, it will generate $ 15,000 in revenue per month and are more secure. How many years until there is a return on investment for this new package?

A) None
B) 2
C) 1
D) 4
E) 3


4. Joe, the Chief Executive Officer (CEO), was a professor and Information Security Subject Matter Expert for over 20 years. He designed a network defense method that he says is significantly better than leading international standards. He recommended that the company make use of its cryptographic method. Which of the following methods should be adopted?

A) The company's method should recommend use other respected information security organizations.
B) The company has a secre an in-house solution development and the algorithm
C) The company must use a combination of both systems to meet minimum standards.
D) None
E) The company CEO should use the encryption method.


5. Company ABC is hiring customer service of XYZ Company. The elected members in the XYZ company headquarters. Which of the following BEST prevents XYZ Company representatives access unauthorized Company ABC systems?

A) Require a site-to-site VPN for intercompany communication
B) Require that each employee of the company XYZ to an IPSec connection with the necessary systems
C) None
D) Require Company XYZ employees required for an encrypted session VDI systems
E) ABC Company require employees to use two-factor authentication on the necessary systems