Podcast
Questions and Answers
What is the PRIMARY reason that a bit-level copy is more desirable than a file-level copy when
replicating a hard drive's contents for an e-discovery investigation?
What is the PRIMARY reason that a bit-level copy is more desirable than a file-level copy when replicating a hard drive's contents for an e-discovery investigation?
Answer hidden
While reviewing the financial reporting risks of a third-party application, which of the following
Service Organization Control (SOC) reports will be the MOST useful?
While reviewing the financial reporting risks of a third-party application, which of the following Service Organization Control (SOC) reports will be the MOST useful?
Answer hidden
A large manufacturing organization arranges to buy an industrial machine system to produce a new
line of products. The system includes software provided to the vendor by a thirdparty organization.
The financial risk to the manufacturing organization starting production is high. What step should the
manufacturing organization take to minimize its financial risk in
the new venture prior to the purchase?
A large manufacturing organization arranges to buy an industrial machine system to produce a new line of products. The system includes software provided to the vendor by a thirdparty organization. The financial risk to the manufacturing organization starting production is high. What step should the manufacturing organization take to minimize its financial risk in the new venture prior to the purchase?
Answer hidden
Which of the following types of hosts should be operating in the demilitarized zone (DMZ)?
Which of the following types of hosts should be operating in the demilitarized zone (DMZ)?
Answer hidden
In systems security engineering, what does the security principle of modularity provide?
In systems security engineering, what does the security principle of modularity provide?
Answer hidden
Which of the following is MOST appropriate to collect evidence of a zero-day attack?
Which of the following is MOST appropriate to collect evidence of a zero-day attack?
Answer hidden
Which of the following is required to verify the authenticity of a digitally signed document?
Which of the following is required to verify the authenticity of a digitally signed document?
Answer hidden
Which of the following is the BEST method to gather evidence from a computer's hard drive?
Which of the following is the BEST method to gather evidence from a computer's hard drive?
Answer hidden
Who should perform the design review to uncover security design flaws as part of the Software
Development Life Cycle (SDLC)?
Who should perform the design review to uncover security design flaws as part of the Software Development Life Cycle (SDLC)?
Answer hidden
During a penetration test, what are the three PRIMARY objectives of the planning phase?
During a penetration test, what are the three PRIMARY objectives of the planning phase?
Answer hidden
What term is commonly used to describe hardware and software assets that are stored in a
configuration management database (CMDB)?
What term is commonly used to describe hardware and software assets that are stored in a configuration management database (CMDB)?
Answer hidden
Which of the following Disaster recovery (DR) testing processes is LEAST likely to disrupt normal
business operations?
Which of the following Disaster recovery (DR) testing processes is LEAST likely to disrupt normal business operations?
Answer hidden
The Open Web Application Security Project's (OWASP) Software Assurance Maturity Model (SAMM) allows organizations to implement a flexible software security strategy to measure organizational impact based on what risk management aspect?
The Open Web Application Security Project's (OWASP) Software Assurance Maturity Model (SAMM) allows organizations to implement a flexible software security strategy to measure organizational impact based on what risk management aspect?
Answer hidden
The security architect is designing and implementing an internal certification authority to generate
digital certificates for all employees. Which of the following is the BEST solution to securely store the
private keys?
The security architect is designing and implementing an internal certification authority to generate digital certificates for all employees. Which of the following is the BEST solution to securely store the private keys?
Answer hidden
Which of the following is a common risk with fiber optical communications, and what is the
associated mitigation measure?
Which of the following is a common risk with fiber optical communications, and what is the associated mitigation measure?
Answer hidden
During an internal audit of an organizational Information Security Management System (ISMS),
nonconformities are identified. In which of the following management stages are nonconformities
reviewed, assessed and/or corrected by the organization?
During an internal audit of an organizational Information Security Management System (ISMS), nonconformities are identified. In which of the following management stages are nonconformities reviewed, assessed and/or corrected by the organization?
Answer hidden
What is the BEST reason to include supply chain risks in a corporate risk register?
What is the BEST reason to include supply chain risks in a corporate risk register?
Answer hidden
An employee's home address should be categorized according to which of the following references?
An employee's home address should be categorized according to which of the following references?
Answer hidden
Why is authentication by ownership stronger than authentication by knowledge?
Why is authentication by ownership stronger than authentication by knowledge?
Answer hidden
A network security engineer needs to ensure that a security solution analyzes traffic for protocol
manipulation and various sorts of common attacks. In addition, all Uniform Resource Locator (URL)
traffic must be inspected and users prevented from browsing inappropriate websites. Which of the
following solutions should be implemented to enable administrators the capability to analyze traffic,
blacklist external sites, and log user traffic for later analysis?
A network security engineer needs to ensure that a security solution analyzes traffic for protocol manipulation and various sorts of common attacks. In addition, all Uniform Resource Locator (URL) traffic must be inspected and users prevented from browsing inappropriate websites. Which of the following solutions should be implemented to enable administrators the capability to analyze traffic, blacklist external sites, and log user traffic for later analysis?
Answer hidden
Which of the following is the BEST way to protect an organization's data assets?
Which of the following is the BEST way to protect an organization's data assets?
Answer hidden
Which of the following would qualify as an exception to the "right to be forgotten" of the General
Data Protection Regulation's (GDPR)?
Which of the following would qualify as an exception to the "right to be forgotten" of the General Data Protection Regulation's (GDPR)?
Answer hidden
Which of the following is the name of an individual or group that is impacted by a change?
Which of the following is the name of an individual or group that is impacted by a change?
Answer hidden
What is the MINIMUM standard for testing a disaster recovery plan (DRP)?
What is the MINIMUM standard for testing a disaster recovery plan (DRP)?
Answer hidden
What is the MOST significant benefit of role-based access control (RBAC)?
What is the MOST significant benefit of role-based access control (RBAC)?
Answer hidden
A software development company found odd behavior in some recently developed software,
creating a need for a more thorough code review. What is the MOST effective argument for a more
thorough code review?
A software development company found odd behavior in some recently developed software, creating a need for a more thorough code review. What is the MOST effective argument for a more thorough code review?
Answer hidden
A new site's gateway isn't able to form a tunnel to the existing site-to-site Internet Protocol Security
(IPsec) virtual private network (VPN) device at headquarters. Devices at the new site have no
problem accessing resources on the Internet. When testing connectivity between remote site's
gateway, it was observed that the external Internet Protocol (IP) address of the gateway was set to
192.168.1.1. and was configured to send outbound traffic to the Internet Service Provider (ISP)
gateway at4 192.168.1.2. Which of the following would be the BEST way to resolve the issue and get
the remote site connected?
A new site's gateway isn't able to form a tunnel to the existing site-to-site Internet Protocol Security (IPsec) virtual private network (VPN) device at headquarters. Devices at the new site have no problem accessing resources on the Internet. When testing connectivity between remote site's gateway, it was observed that the external Internet Protocol (IP) address of the gateway was set to 192.168.1.1. and was configured to send outbound traffic to the Internet Service Provider (ISP) gateway at4 192.168.1.2. Which of the following would be the BEST way to resolve the issue and get the remote site connected?
Answer hidden
Which of the following examples is BEST to minimize the attack surface for a customer's private
information?
Which of the following examples is BEST to minimize the attack surface for a customer's private information?
Answer hidden
What are the essential elements of a Risk Assessment Report (RAR)?
What are the essential elements of a Risk Assessment Report (RAR)?
Answer hidden
What is the PRIMARY benefit of incident reporting and computer crime investigations?
What is the PRIMARY benefit of incident reporting and computer crime investigations?
Answer hidden
Which of the following determines how traffic should flow based on the status of the infrastructure
layer?
Which of the following determines how traffic should flow based on the status of the infrastructure layer?
Answer hidden
In a multi-tenant cloud environment, what approach will secure logical access to assets?
In a multi-tenant cloud environment, what approach will secure logical access to assets?
Answer hidden
A company hired an external vendor to perform a penetration test of a new payroll system. The company's internal test team had already performed an in-depth application and security test of the system and determined that it met security requirements. However, the external vendor uncovered significant security weaknesses where sensitive personal data was being sent unencrypted to the tax processing systems. What is the MOST likely cause of the security issues?
A company hired an external vendor to perform a penetration test of a new payroll system. The company's internal test team had already performed an in-depth application and security test of the system and determined that it met security requirements. However, the external vendor uncovered significant security weaknesses where sensitive personal data was being sent unencrypted to the tax processing systems. What is the MOST likely cause of the security issues?
Answer hidden
Which of the following is the MOST effective method of detecting vulnerabilities in web-based
applications early in the secure Software Development Life Cycle (SDLC)?
Which of the following is the MOST effective method of detecting vulnerabilities in web-based applications early in the secure Software Development Life Cycle (SDLC)?
Answer hidden
A malicious user gains access to unprotected directories on a web server. Which of the following is
MOST likely the cause for this information disclosure?
A malicious user gains access to unprotected directories on a web server. Which of the following is MOST likely the cause for this information disclosure?
Answer hidden
Which of the following security objectives for industrial control systems (ICS) can be adapted to
securing any Internet of Things (IoT) system?
Which of the following security objectives for industrial control systems (ICS) can be adapted to securing any Internet of Things (IoT) system?
Answer hidden
Wi-Fi Protected Access 2 (WPA2) provides users with a higher level of assurance that their data will remain protected by using which protocol?
Wi-Fi Protected Access 2 (WPA2) provides users with a higher level of assurance that their data will remain protected by using which protocol?
Answer hidden
A software development company has a short timeline in which to deliver a software product. The
software development team decides to use open-source software libraries to reduce the
development time. What concept should software developers consider when using open-source
software libraries?
A software development company has a short timeline in which to deliver a software product. The software development team decides to use open-source software libraries to reduce the development time. What concept should software developers consider when using open-source software libraries?
Answer hidden
When resolving ethical conflicts, the information security professional MUST consider many factors. In what order should the considerations be prioritized?
When resolving ethical conflicts, the information security professional MUST consider many factors. In what order should the considerations be prioritized?
Answer hidden
When conducting a remote access session using Internet Protocol Security (IPSec), which Open
Systems Interconnection (OSI) model layer does this connection use?
When conducting a remote access session using Internet Protocol Security (IPSec), which Open Systems Interconnection (OSI) model layer does this connection use?
Answer hidden
Which of the following types of web-based attack is happening when an attacker is able to send a
well-crafted, malicious request to an authenticated user without the user realizing it?
Which of the following types of web-based attack is happening when an attacker is able to send a well-crafted, malicious request to an authenticated user without the user realizing it?
Answer hidden
When reviewing the security logs, the password shown for an administrative login event was ' OR '
'1'='1' --. This is an example of which of the following kinds of attack?
When reviewing the security logs, the password shown for an administrative login event was ' OR ' '1'='1' --. This is an example of which of the following kinds of attack?
Answer hidden
An organization's internal audit team performed a security audit on the company's system and
reported that the manufacturing application is rarely updated along with other issues categorized as
minor. Six months later, an external audit team reviewed the same system with the same scope, but
identified severe weaknesses in the manufacturing application's security controls. What is MOST
likely to be the root cause of the internal audit team's failure in detecting these security issues?
An organization's internal audit team performed a security audit on the company's system and reported that the manufacturing application is rarely updated along with other issues categorized as minor. Six months later, an external audit team reviewed the same system with the same scope, but identified severe weaknesses in the manufacturing application's security controls. What is MOST likely to be the root cause of the internal audit team's failure in detecting these security issues?
Answer hidden
Which audit type is MOST appropriate for evaluating the effectiveness of a security program?
Which audit type is MOST appropriate for evaluating the effectiveness of a security program?
Answer hidden
The development team has been tasked with collecting data from biometric devices. The application
will support a variety of collection data streams. During the testing phase, the team utilizes data from
an old production database in a secure testing environment. What principle has the team taken into
consideration?
The development team has been tasked with collecting data from biometric devices. The application will support a variety of collection data streams. During the testing phase, the team utilizes data from an old production database in a secure testing environment. What principle has the team taken into consideration?
Answer hidden
An attacker has intruded into the source code management system and is able to download but not
modify the code. Which of the following aspects of the code theft has the HIGHEST security impact?
An attacker has intruded into the source code management system and is able to download but not modify the code. Which of the following aspects of the code theft has the HIGHEST security impact?
Answer hidden
Which of the following statements BEST describes least privilege principle in a cloud environment?
Which of the following statements BEST describes least privilege principle in a cloud environment?
Answer hidden
Which is the BEST control to meet the Statement on Standards for Attestation Engagements 18
(SSAE-18) confidentiality category?
Which is the BEST control to meet the Statement on Standards for Attestation Engagements 18 (SSAE-18) confidentiality category?
Answer hidden
The initial security categorization should be done early in the system life cycle and should be
reviewed periodically. Why is it important for this to be done correctly?
The initial security categorization should be done early in the system life cycle and should be reviewed periodically. Why is it important for this to be done correctly?
Answer hidden
Which of the following vulnerabilities can be BEST detected using automated analysis?
Which of the following vulnerabilities can be BEST detected using automated analysis?
Answer hidden
An organization wants to migrate to Session Initiation Protocol (SIP) to save on telephony expenses.
Which of the following security related statements should be
considered in the decision-making process?
An organization wants to migrate to Session Initiation Protocol (SIP) to save on telephony expenses. Which of the following security related statements should be considered in the decision-making process?
Answer hidden
An organization's retail website provides its only source of revenue, so the disaster recovery plan
(DRP) must document an estimated time for each step in the plan.
Which of the following steps in the DRP will list the GREATEST duration of time for the service to be fully operational?
An organization's retail website provides its only source of revenue, so the disaster recovery plan (DRP) must document an estimated time for each step in the plan. Which of the following steps in the DRP will list the GREATEST duration of time for the service to be fully operational?
Answer hidden
Why is it important that senior management clearly communicates the formal Maximum Tolerable
Downtime (MTD) decision?
Why is it important that senior management clearly communicates the formal Maximum Tolerable Downtime (MTD) decision?
Answer hidden
Which of the following activities should a forensic examiner perform FIRST when determining the
priority of digital evidence collection at a crime scene?
Which of the following activities should a forensic examiner perform FIRST when determining the priority of digital evidence collection at a crime scene?
Answer hidden
When assessing web vulnerabilities, how can navigating the dark web add value to a penetration
test?
When assessing web vulnerabilities, how can navigating the dark web add value to a penetration test?
Answer hidden
Which of the following is the top barrier for companies to adopt cloud technology?
Which of the following is the top barrier for companies to adopt cloud technology?
Answer hidden
In which of the following scenarios is locking server cabinets and limiting access to keys preferable to
locking the server room to prevent unauthorized access?
In which of the following scenarios is locking server cabinets and limiting access to keys preferable to locking the server room to prevent unauthorized access?
Answer hidden
Which of the following criteria ensures information is protected relative to its importance to the
organization?
Which of the following criteria ensures information is protected relative to its importance to the organization?
Answer hidden
What is the FIRST step for an organization to take before allowing personnel to access social media
from a corporate device or user account?
What is the FIRST step for an organization to take before allowing personnel to access social media from a corporate device or user account?
Answer hidden
Which of the following is an indicator that a company's new user security awareness training module has been effective?
Which of the following is an indicator that a company's new user security awareness training module has been effective?
Answer hidden
An access control list (ACL) on a router is a feature MOST similar to which type of firewall?
An access control list (ACL) on a router is a feature MOST similar to which type of firewall?
Answer hidden
Which of the following is the BEST way to protect privileged accounts?
Which of the following is the BEST way to protect privileged accounts?
Answer hidden
Which of the following is the FIRST step for defining Service Level Requirements (SLR)?
Which of the following is the FIRST step for defining Service Level Requirements (SLR)?
Answer hidden
Which software defined networking (SDN) architectural component is responsible for translating
network requirements?
Which software defined networking (SDN) architectural component is responsible for translating network requirements?
Answer hidden
When MUST an organization's information security strategic plan be reviewed?
When MUST an organization's information security strategic plan be reviewed?
Answer hidden
A large human resources organization wants to integrate their identity management with a trusted
partner organization. The human resources organization wants to maintain the creation and
management of the identities and may want to share with other partners in the future. Which of the
following options BEST serves their needs?
A large human resources organization wants to integrate their identity management with a trusted partner organization. The human resources organization wants to maintain the creation and management of the identities and may want to share with other partners in the future. Which of the following options BEST serves their needs?
Answer hidden
Which of the following is the PRIMARY type of cryptography required to support non-repudiation of a
digitally signed document?
Which of the following is the PRIMARY type of cryptography required to support non-repudiation of a digitally signed document?
Answer hidden
The quality assurance (QA) department is short-staffed and is unable to test all modules before the
anticipated release date of an application. What security control is MOST likely to be violated?
The quality assurance (QA) department is short-staffed and is unable to test all modules before the anticipated release date of an application. What security control is MOST likely to be violated?
Answer hidden
Which is the PRIMARY mechanism for providing the workforce with the information needed to
protect an agency's vital information resources?
Which is the PRIMARY mechanism for providing the workforce with the information needed to protect an agency's vital information resources?
Answer hidden
What is the FIRST step when developing an Information Security Continuous Monitoring (ISCM)
program?
What is the FIRST step when developing an Information Security Continuous Monitoring (ISCM) program?
Answer hidden
Which of the following minimizes damage to information technology (IT) equipment stored in a data
center when a false fire alarm event occurs?
Which of the following minimizes damage to information technology (IT) equipment stored in a data center when a false fire alarm event occurs?
Answer hidden
Which of the following is the MOST effective corrective control to minimize the effects of a physical
intrusion?
Which of the following is the MOST effective corrective control to minimize the effects of a physical intrusion?
Answer hidden
Which type of access control includes a system that allows only users that are type=managers and
department=sales to access employee records?
Which type of access control includes a system that allows only users that are type=managers and department=sales to access employee records?
Answer hidden
Which of the following describes the BEST method of maintaining the inventory of software and
hardware within the organization?
Which of the following describes the BEST method of maintaining the inventory of software and hardware within the organization?
Answer hidden
Which of the following is a correct feature of a virtual local area network (VLAN)?
Which of the following is a correct feature of a virtual local area network (VLAN)?
Answer hidden
In the "Do" phase of the Plan-Do-Check-Act model, which of the following is performed?
In the "Do" phase of the Plan-Do-Check-Act model, which of the following is performed?
Answer hidden
Commercial off-the-shelf (COTS) software presents which of the following additional security
concerns?
Commercial off-the-shelf (COTS) software presents which of the following additional security concerns?
Answer hidden
What is the correct order of execution for security architecture?
What is the correct order of execution for security architecture?
Answer hidden
Which of the following is the PRIMARY purpose of due diligence when an organization embarks on a
merger or acquisition?
Which of the following is the PRIMARY purpose of due diligence when an organization embarks on a merger or acquisition?
Answer hidden
What should be used to determine the risks associated with using Software as a Service (SaaS) for
collaboration and email?
What should be used to determine the risks associated with using Software as a Service (SaaS) for collaboration and email?
Answer hidden
A federal agency has hired an auditor to perform penetration testing on a critical system as part of
the mandatory, annual Federal Information Security Management Act (FISMA) security assessments.
The auditor is new to this system but has extensive experience with all types of penetration testing.
The auditor has decided to begin with
sniffing network traffic. What type of penetration testing is the auditor conducting?
A federal agency has hired an auditor to perform penetration testing on a critical system as part of the mandatory, annual Federal Information Security Management Act (FISMA) security assessments. The auditor is new to this system but has extensive experience with all types of penetration testing. The auditor has decided to begin with sniffing network traffic. What type of penetration testing is the auditor conducting?
Answer hidden
A software developer wishes to write code that will execute safely and only as intended. Which of
the following programming language types is MOST likely to achieve this goal?
A software developer wishes to write code that will execute safely and only as intended. Which of the following programming language types is MOST likely to achieve this goal?
Answer hidden
A security professional has been assigned to assess a web application. The assessment report
recommends switching to Security Assertion Markup Language (SAML). What is the
PRIMARY security benefit in switching to SAML?
A security professional has been assigned to assess a web application. The assessment report recommends switching to Security Assertion Markup Language (SAML). What is the PRIMARY security benefit in switching to SAML?
Answer hidden
What is the MOST common security risk of a mobile device?
What is the MOST common security risk of a mobile device?
Answer hidden
Which of the following protection is provided when using a Virtual Private Network (VPN) with
Authentication Header (AH)?
Which of the following protection is provided when using a Virtual Private Network (VPN) with Authentication Header (AH)?
Answer hidden
Which of the following poses the GREATEST privacy risk to personally identifiable information (PII)
when disposing of an office printer or copier?
Which of the following poses the GREATEST privacy risk to personally identifiable information (PII) when disposing of an office printer or copier?
Answer hidden
Which of the following is a key responsibility for a data steward assigned to manage an enterprise
data lake?
Which of the following is a key responsibility for a data steward assigned to manage an enterprise data lake?
Answer hidden
Which of the following are the three MAIN categories of security controls?
Which of the following are the three MAIN categories of security controls?
Answer hidden
What part of an organization's strategic risk assessment MOST likely includes information on items affecting the success of the organization?
What part of an organization's strategic risk assessment MOST likely includes information on items affecting the success of the organization?
Answer hidden
An organization has implemented a protection strategy to secure the network from unauthorized
external access. The new Chief Information Security Officer (CISO) wants to increase security by
better protecting the network from unauthorized internal access. Which Network Access Control
(NAC) capability BEST meets this objective?
An organization has implemented a protection strategy to secure the network from unauthorized external access. The new Chief Information Security Officer (CISO) wants to increase security by better protecting the network from unauthorized internal access. Which Network Access Control (NAC) capability BEST meets this objective?
Answer hidden
What is the BEST way to restrict access to a file system on computing systems?
What is the BEST way to restrict access to a file system on computing systems?
Answer hidden
During testing, where are the requirements to inform parent organizations, law enforcement, and a
computer incident response team documented?
During testing, where are the requirements to inform parent organizations, law enforcement, and a computer incident response team documented?
Answer hidden
What is static analysis intended to do when analyzing an executable file?
What is static analysis intended to do when analyzing an executable file?
Answer hidden
In addition to life, protection of which of the following elements is MOST important when planning a
data center site?
In addition to life, protection of which of the following elements is MOST important when planning a data center site?
Answer hidden
In an IDEAL encryption system, who has sole access to the decryption key?
In an IDEAL encryption system, who has sole access to the decryption key?
Answer hidden
Which of the following roles is responsible for ensuring that important datasets are developed,
maintained, and are accessible within their defined specifications?
Which of the following roles is responsible for ensuring that important datasets are developed, maintained, and are accessible within their defined specifications?
Answer hidden
What is the MOST important criterion that needs to be adhered to during the data collection process
of an active investigation?
What is the MOST important criterion that needs to be adhered to during the data collection process of an active investigation?
Answer hidden
What is the PRIMARY benefit of relying on Security Content Automation Protocol (SCAP)?
What is the PRIMARY benefit of relying on Security Content Automation Protocol (SCAP)?
Answer hidden
A user's credential for an application is stored in a relational database. Which control protects the
confidentiality of the credential while it is stored?
A user's credential for an application is stored in a relational database. Which control protects the confidentiality of the credential while it is stored?
Answer hidden
What is the PRIMARY consideration when testing industrial control systems (ICS) for security
weaknesses?
What is the PRIMARY consideration when testing industrial control systems (ICS) for security weaknesses?
Answer hidden
