NO.256 An organization's corporate offices were destroyed due to a natural disaster, so the

organization is now setting up offices in a temporary work space. Which of the following will the

organization MOST likely consult?

NO.257 Which of the following describes the ability of code to target a hypervisor from inside

NO.258 An information security policy stales that separation of duties is required for all highly

sensitive database changes that involve customers' financial data. Which of the following will this be

BEST to prevent?

NO.259 A user recent an SMS on a mobile phone that asked for bank delays. Which of the following

social-engineering techniques was used in this case?

NO.260 A company wants to deploy PKI on its Internet-facing website. The applications that are

currently deployed are:

* www.company.com (main website)

* contactus.company.com (for locating a nearby location)

* quotes.company.com (for requesting a price quote)

The company wants to purchase one SSL certificate that will work for all the existing applications and

any future applications that follow the same naming conventions, such as store.company.com. Which

of the following certificate types would BEST meet the requirements?

NO.261 An attack relies on an end user visiting a website the end user would typically visit, however,

the site is compromised and uses vulnerabilities in the end users browser to deploy malicious

software. Which of the blowing types of attack does this describe?

NO.262 Which of the following will MOST likely adversely impact the operations of unpatched

traditional programmable-logic controllers, running a back-end LAMP server and OT systems with

human-management interfaces that are accessible over the Internet via a web interface? (Choose

two.)