A security auditor is reviewing the following output from file integrity monitoring software installed on a very busy server at a large service provider. The server has not been updates since it was installed. Drag and drop the log entry that identifies the first instance of server compromise.

Despite having implemented password policies, users continue to set the same weak passwords and reuse old passwords. Which of the following technical controls would help prevent these policy violations? (Select two.)

During the penetration testing of an organization, the tester was provided with the names of a few key servers, along with their IP address. Which of the following is the organization conducting?

A company is performing an analysis of the corporate enterprise network with the intent of identifying any one system, person, function, or service that, when neutralized, will cause or cascade disproportionate damage to the company's revenue, referrals, and reputation. Which of the following is an element of the BIA that this action is addressing?

A system's administrator has finished configuring firewall ACL to allow access to a new web server.

The security administrator confirms form the following packet capture that there is network traffic from the internet to the web server:

The company's internal auditor issues a security finding and requests that immediate action be taken. With which of the following is the auditor MOST concerned?