Dump - 12

An organization implements Network Access Control (NAC) ay Institute of Electrical and Electronics Engineers (IEEE) 802.1x and discovers the printers do not support the IEEE 802.1x standard. Which of the following is the BEST resolution?

What process facilitates the balance of operational and economic costs of protective measures with gains in mission capability?

Which of the following BEST describes why software assurance is critical in helping prevent an increase in business and mission risk for an organization?

In software development, which of the following entities normally signs the code to protect the code integrity?

Which security evaluation model assesses a product's Security Assurance Level (SAL) in comparison to similar solutions?

Which of the following is a risk matrix?

Which evidence collecting technique would be utilized when it is believed an attacker is employing a rootkit and a quick analysis is needed?

A user is allowed to access the file labeled "Financial Forecast," but only between 9:00 a.m. and 5:00 p.m., Monday through Friday. Which type of access mechanism should be used to accomplish this?

An organization wants to share data securely with their partners via the Internet. Which standard port is typically used to meet this requirement?

Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?

Recently, an unknown event has disrupted a single Layer-2 network that spans between two geographically diverse data centers. The network engineers have asked for assistance in identifying the root cause of the event. Which of the following is the MOST likely cause?

What would be the BEST action to take in a situation where collected evidence was left unattended overnight in an unlocked vehicle?

Which of the following contributes MOST to the effectiveness of a security officer?

An Org wants a service provider to authenticate users via the users' ORg domain credentials. Which markup language should the organization's security personnel use to support the integration?

A recent security audit is reporting several unsuccessful login attempts being repeated at specific times during the day on an Internet facing authentication server. No alerts have been generated by the security information and event management (SIEM) system. What PRIMARY action should be taken to improve SIEM performance?

What is a security concern when considering implementing software-defined networking (SDN)?

Which of the following is the MOST important rule for digital investigations?

A cybersecurity engineer has been tasked to research and implement an ultra-secure communications channel to protect the organization's most valuable intellectual property (IP). The primary directive in this initiative is to ensure there Is no possible way the communications can be intercepted without detection. Which of the following is the only way to ensure this outcome?

An organization is trying to secure instant messaging (IM) communications through its network perimeter. Which of the following is the MOST significant challenge?

A company wants to store data related to users on an offsite server. What method can be deployed to protect the privacy of user's information while maintaining the field-level configuration of the database?

What is the FIRST step in developing a patch management plan?

When resolving ethical conflicts, the information security professional MUST consider many factors. In what order should these considerations be prioritized?

An organization is implementing security review as part of system development. Which of the following is the BEST technique to follow?

How does Radio-Frequency Identification (RFID) assist with asset management?

Which of the following services can be deployed via a cloud service or on-premises to integrate with Identity as a Service (IDaaS) as the authoritative source of user identities?

Which of the following security tools monitors devices and records the information in a central database for further analysis?

Secure coding can be developed by applying which one of the following?

A company is moving from the V model to Agile development. How can the information security department BEST ensure that secure design principles are implemented in the new methodology?

An organization wants to define its physical perimeter. What primary device should be used to accomplish this objective if the organization's perimeter MUST cost-efficiently deter casual trespassers?

The acquisition of personal data being obtained by a lawful and fair means is an example of what principle?

What is the BEST control to be implemented at a login page in a web application to mitigate the ability to enumerate users?

If the wide area network (WAN) is supporting converged applications like Voice over Internet Protocol (VoIP), which of the following becomes even MORE essential to the assurance of network?

A cloud service accepts Security Assertion Markup Language (SAML) assertions from users to on and security However, an attacker was able to spoof a registered account on the network and query the SAML provider. What is the MOST common attack leverage against this flaw?

A company is attempting to enhance the security of its user authentication processes. After evaluating several options, the company has decided to utilize Identity as a Service (IDaaS). Which of the following factors leads the company to choose an IDaaS as their solution?

In which of the following system life cycle processes should security requirements be developed?

Which of the following virtual network configuration options is BEST to protect virtual machines (VM)?

Which of the following is the BEST method to validate secure coding techniques against injection and overflow attacks?

A Distributed Denial of Service (DDoS) attack was carried out using malware called Mirai to create a large-scale command and control system to launch a botnet. Which of the following devices were the PRIMARY sources used to generate the attack traffic?

An established information technology (IT) consulting firm is considering acquiring a successful local startup. To gain a comprehensive understanding of the startup's security posture, which type of assessment provides the BEST information?

As a design principle, which one of the following actors is responsible for identifying and approving data security requirements in a cloud ecosystem?

A company is enrolled in a hard drive reuse program where decommissioned equipment is sold back to the vendor when it is no longer needed. The vendor pays more money for functioning drives than equipment that is no longer operational. Which method of data sanitization would provide the most secure means of preventing unauthorized data loss, while also receiving the most money from the vendor?

In supervisory control and data acquisition (SCADA) systems, which of the following controls can be used to reduce device exposure to malware?

What is considered a compensating control for not having electrical surge protectors installed?

What is considered the BEST when determining whether to provide remote network access to a third-party security service?

When network management is outsourced to third parties, which of the following is the MOST effective method of protecting critical data assets?

What is the FIRST step in reducing the exposure of a network to Internet Control Message Protocol (ICMP) based attacks?

A system developer has a requirement for an application to check for a secure digital signature before the application is accessed on a user's laptop. Which security mechanism addresses this requirement?

The security organization is looking for a solution that could help them determine with a strong level of confidence that attackers have breached their network. Which solution is MOST effective at discovering a successful network breach?

A security architect is reviewing plans for an application with a Recovery Point Objective (RPO) of 15 minutes. The current design has all of the application infrastructure located within one co-location data center. Which security principle is the architect currently assessing?

Which of the following outsourcing agreement provisions has the HIGHEST priority from a security operations perspective?

When designing a Cyber-Physical System (CPS), which of the following should be a security practitioner's first consideration?

A security professional was tasked with rebuilding a company's wireless infrastructure. Which of the following are the MOST important factors to consider while making a decision on which wireless spectrum to deploy?

A subscription service which provides power, climate control, raised flooring, and telephone wiring but NOT the computer and peripheral equipment is BEST described as a:

Which of the following is the PRIMARY goal of logical access controls?

The ability to send malicious code, generally in the form of a client side script, to a different end user is categorized as which type of vulnerability?

The security architect has been mandated to assess the security of various brands of mobile devices. At what phase of the product lifecycle would this be MOST likely to occur?

A hacker can use a lockout capability to start which of the following attacks?

An Internet media company produces and broadcasts highly popular television shows. The company

is suffering a huge revenue loss due to piracy. What technique should be used to track the

distribution of content?

Using the cipher text and resultant clear text message to derive the non-alphabetic cipher key is an example of which method of cryptanalytic attack?

All hosts on the network are sending logs via syslog-ng to the log collector. The log collector is behind its own firewall, The security professional wants to make sure not to put extra load on the firewall due to the amount of traffic that is passing through it. Which of the following types of filtering would

MOST likely be used?

An organization has been collecting a large amount of redundant and unusable data and filling up the storage area network (SAN). Management has requested the identification of a solution that will address ongoing storage problems. Which is the BEST technical solution?

A security practitioner has been asked to model best practices for disaster recovery (DR) and business continuity. The practitioner has decided that a formal committee is needed to establish a business continuity policy. Which of the following BEST describes this stage of business continuity development?

What is the MOST appropriate hierarchy of documents when implementing a security program?

Which of the following is the MOST common cause of system or security failures?

Which access control method is based on users issuing access requests on system resources, features assigned to those resources, the operational or situational context, and a set of policies specified in terms of those features and context?

Information security practitioners are in the midst of implementing a new firewall. Which of the following failure methods would BEST prioritize security in the event of failure?

Which of the following is a PRIMARY security weakness in the design of Domain Name System (DNS)?

Which of the following BEST describes the purpose of the reference monitor when defining access control to enforce the security model?

A project manager for a large software firm has acquired a government contract that generates large amounts of Controlled Unclassified Information (CUI). The organization's information security manager has received a request to transfer project-related CUI between systems of differing security classifications. What role provides the authoritative guidance for this transfer?

Which of the following protects personally identifiable information (PII) used by financial services organizations?

Which of the following is a common term for log reviews, synthetic transactions, and code reviews?

At what stage of the Software Development Life Cycle (SDLC) does software vulnerability remediation MOST likely cost the least to implement?

Clothing retailer employees are provisioned with user accounts that provide access to resources at partner businesses. All partner businesses use common identity and access management (IAM) protocols and differing technologies. Under the Extended Identity principle, what is the process flow between partner businesses to allow this IAM action?

Using Address Space Layout Randomization (ASLR) reduces the potential for which of the following attacks?

Which of the following ensures old log data is not overwritten?

What is the benefit of using Network Admission Control (NAC)?

The European Union (EU) General Data Protection Regulation (GDPR) requires organizations to implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk. The Data Owner should therefore consider which of the following requirements?

Which of the following is the BEST approach to implement multiple servers on a virtual system?

Which of the following is the MOST important consideration in selecting a security testing method based on different Radio-Frequency Identification (RFID) vulnerability types?

A financial services organization has employed a security consultant to review processes used by employees across various teams. The consultant interviewed a member of the application development practice and found gaps in their threat model. Which of the following correctly represents a trigger for when a threat model should be revised?

When testing password strength, which of the following is the BEST method for brute forcing passwords?

What is a use for mandatory access control (MAC)?

Which of the following MUST be done before a digital forensics investigator may acquire digital evidence?

A security engineer is required to integrate security into a software project that is implemented by small groups test quickly, continuously, and independently develop, test, and deploy code to the cloud. The engineer will MOST likely integrate with which software development process?

An authentication system that uses challenge and response was recently implemented on an organization's network, because the organization conducted an annual penetration test showing that testers were able to move laterally using authenticated credentials. Which attack method was MOST likely used to achieve this?

Which of the following is an example of a vulnerability of full-disk encryption (FDE)?

What is the PRIMARY purpose of creating and reporting metrics for a security awareness, training, and education program?

Which one of the following BEST protects vendor accounts that are used for emergency maintenance?

Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?

The Industrial Control System (ICS) Computer Emergency Response Team (CERT) has released an alert regarding ICS-focused malware specifically propagating through Windows-based business networks. Technicians at a local water utility note that their dams, canals, and locks controlled by an internal Supervisory Control and Data Acquisition (SCADA) system have been malfunctioning. A digital forensics professional is consulted in the Incident Response (IR) and recovery. Which of the following is the MOST challenging aspect of this investigation?

To minimize the vulnerabilities of a web-based application, which of the following FIRST actions will lock down the system and minimize the risk of an attack?

A hospital has allowed virtual private networking (VPN) access to remote database developers. Upon auditing the internal firewall configuration, the network administrator discovered that split-tunneling was enabled. What is the concern with this configuration?

A cloud hosting provider would like to provide a Service Organization Control (SOC) report relevant to its security program. This report should an abbreviated report that can be freely distributed. Which type of report BEST meets this requirement?

What action should be taken by a business line that is unwilling to accept the residual risk in a system after implementing compensating controls?

Which of the following BEST represents a defense in depth concept?

Which of the following statements BEST distinguishes a stateful packet inspection firewall from a stateless packet filter firewall?

A client server infrastructure that provides user-to-server authentication describes which one of the following?

An organization has developed a way for customers to share information from their wearable devices with each other. Unfortunately, the users were not informed as to what information collected would be shared. What technical controls should be put in place to remedy the privacy issue while still trying to accomplish the organization's business goals?

In which process MUST security be considered during the acquisition of new software?

An organization contracts with a consultant to perform a System Organization Control (SOC) 2 audit on their internal security controls. An auditor documents a finding related to an Application Programming Interface (API) performing an action that is not aligned with the scope or objective of the system. Which trust service principle would be MOST applicable in this situation?