A security architect is designing an enterprise solution for the sales force of a corporation which handles sensitive customer data. The solution must allow users to work from remote offices and support traveling users. Which of the following is the MOST appropriate control for the architect to focus onto ensure confidentiality of data stored on laptops?

During a lessons learned meeting regarding a previous incident, the security team receives a follow-up action item with the following requirements:
* Allow authentication from within the United States anytime
* Allow authentication if the user is accessing email or a shared file system
* Do not allow authentication if the AV program is two days out of date
* Do not allow authentication if the location of the device is in two specific countries
Given the requirements, which of the following mobile deployment authentication types is being utilized?

A company is performing an analysis of the corporate enterprise network with the intent of identifying what will cause losses in revenue, referrals, and/or reputation when out of commission. Which of the following is an element of a BIA that is being addressed?

Two users need to send each other emails over unsecured channels. The system should support the
principle of non-repudiation. Which of the following should be used to sign the user's certificates?

A security administrator has found a hash m the environment known to belong to malware. The administrator then finds this file to be in the preupdate area of the OS, which indicates it was pushed from the central patch system.

The administrator pulls a report from the patch management system with the following output:

Given the above outputs, which of the following MOST likely happened?