A system administrator has noticed vulnerability on a high impact production server. A recent update was made available by the vendor that addresses the vulnerability but requires a reboot of the system afterwards. Which of the following steps should the system administrator implement to address the vulnerability? A. Test the update in a lab environment, schedule downtime to install the patch, install the patch and reboot the server and monitor for any changes B. Test the update in a lab environment, backup the server, schedule downtime to install the patch, install the patch, and monitor for any changes C. Test the update in a lab environment, backup the server, schedule downtime to install the patch, install the update, reboot the server, and monitor for any changes D. Backup the server, schedule downtime to install the patch, installs the patch and monitor for any changes A firewall technician has been instructed to disable all non-secure ports on a corporate firewall. The technician has blocked traffic on port 21, 69, 80, and 137-139. The technician has allowed traffic on ports 22 and 443. Which of the following correctly lists the protocols blocked and allowed? A. Blocked: TFTP, HTTP, NetBIOS; Allowed: HTTPS, FTP B. Blocked: FTP, TFTP, HTTP, NetBIOS; Allowed: SFTP, SSH, SCP, HTTPS C. Blocked: SFTP, TFTP, HTTP, NetBIOS; Allowed: SSH, SCP, HTTPS D. Blocked: FTP, HTTP, HTTPS; Allowed: SFTP, SSH, SCP, NetBIOS Review the following diagram depicting communication between PC1 and PC2 on each side of a router. Analyze the network traffic logs which show communication between the two computers as captured by the computer with IP 10.2.2.10. DIAGRAM PC1 PC2 [192.168.1.30]--------[INSIDE 192.168.1.1 router OUTSIDE 10.2.2.1]----- ----[10.2.2.10] LOGS 10:30:22, SRC 10.2.2.1:3030, DST 10.2.2.10:80, SYN 10:30:23, SRC 10.2.2.10:80, DST 10.2.2.1:3030, SYN/ACK 10:30:24, SRC 10.2.2.1:3030, DST 10.2.2.10:80, ACK Given the above information, which of the following can be inferred about the above environment? A. 192.168.1.30 is a web server. B. The web server listens on a non-standard port. C. The router filters port 80 traffic. D. The router implements NAT. When a communications plan is developed for disaster recovery and business continuity plans, the MOST relevant items to include would be: (Select TWO). A. Methods and templates to respond to press requests, institutional and regulatory reporting requirements. B. Methods to exchange essential information to and from all response team members, employees, suppliers, and customers. C. Developed recovery strategies, test plans, post-test evaluation and update processes. D. Defined scenarios by type and scope of impact and dependencies, with quantification of loss potential. E. Methods to review and report on system logs, incident response, and incident handling. Key elements of a business impact analysis should include which of the following tasks? A. Develop recovery strategies, prioritize recovery, create test plans, post-test evaluation, and update processes. B. Identify institutional and regulatory reporting requirements, develop response teams and communication trees, and develop press release templates. C. Employ regular preventive measures such as patch management, change management, antivirus and vulnerability scans, and reports to management. D. Identify critical assets systems and functions, identify dependencies, determine critical downtime limit, define scenarios by type and scope of impact, and quantify loss potential. The security administrator at ABC company received the following log information from an external party: 10:45:01 EST, SRC 10.4.3.7:3056, DST 22.214.171.124:80, ALERT, Directory traversal 10:45:02 EST, SRC 10.4.3.7:3057, DST 126.96.36.199:80, ALERT, Account brute force 10:45:03 EST, SRC 10.4.3.7:3058, DST 188.8.131.52:80, ALERT, Port scan The external party is reporting attacks coming from abc-company.com. Which of the following is the reason the ABC company's security administrator is unable to determine the origin of the attack? A. A NIDS was used in place of a NIPS. B. The log is not in UTC. C. The external party uses a firewall. D. ABC company uses PAT. Jane, an IT security technician, needs to create a way to secure company mobile devices. Which of the following BEST meets this need? A. Implement voice encryption, pop-up blockers, and host-based firewalls. B. Implement firewalls, network access control, and strong passwords. C. Implement screen locks, device encryption, and remote wipe capabilities. D. Implement application patch management, antivirus, and locking cabinets.