1. Which of the following policies BEST explains the purpose of a data ownership policy?

A) The policy should establish the protocol for retaining information types based on regulatory or business needs.
B) The policy should describe the roles and responsibilities between users and managers, and the management of specific data types.
C) The policy should document practices that users must adhere to in order to access data on the corporate network or Internet.
D) The policy should outline the organizations administration of accounts for authorized users to access the appropriate data.



2. A security analyst has been asked to remediate a server vulnerability. Once the analyst has located a patch for the vulnerability, which of the following shouldhappen NEXT?

A) Rescan to ensure the vulnerability still exists.
B) Begin the incident response process.
C) Start the change control process.
D) Implement continuous monitoring.



3. A company has several internal-only, web-based applications on the internal network. Remote employees are allowed to connect to the internal corporate networkwith a company-supplied VPN client. During a project to upgrade the internal application, contractors were hired to work on a database server and were givencopies of the VPN client so they could work remotely. A week later, a security analyst discovered an internal web-server had been compromised by malware thatoriginated from one of the contractors laptops. Which of the following changes should be made to BEST counter the threat presented in this scenario?

A) Deploy a web application firewall in the DMZ to stop Internet-based attacks on the web server.
B) Require the contractors to bring their laptops on site when accessing the internal network instead of using the VPN from a remote location.
C) Deploy an application layer firewall with network access control lists at the perimeter, and then create alerts for suspicious Layer 7 traffic.
D) Create a restricted network segment for contractors, and set up a jump box for the contractors to use to access internal resources.
E) Implement NAC to check for updated anti-malware signatures and location-based rules for PCs connecting to the internal network.


4. A network administrator is attempting to troubleshoot an issue regarding certificates on a secure website.During the troubleshooting process, the network administrator notices that the web gateway proxy on the local network has signed all of the certificates on the localmachine.Which of the following describes the type of attack the proxy has been legitimately programmed to perform?

A) Spoofing
B) Replay
C) Transitive access
D) Man-in-the-middle



5. An organization wants to remediate vulnerabilities associated with its web servers. An initial vulnerability scan has been performed, and analysts are reviewing theresults. Before starting any remediation, the analysts want to remove false positives to avoid spending time on issues that are not actual vulnerabilities. Which of thefollowing would be an indicator of a likely false positive?

A) The scan result version is different from the automated asset inventory.
B) Reports show the scanner compliance plug-in is out-of-date.
C) HTTPS entries indicate the web page is encrypted securely.
D) Any items labeled low are considered informational only.