Dump - 11

What is the PRIMARY reason that a bit-level copy is more desirable than a file-level copy when replicating a hard drive's contents for an e-discovery investigation?

While reviewing the financial reporting risks of a third-party application, which of the following Service Organization Control (SOC) reports will be the MOST useful?

A large manufacturing organization arranges to buy an industrial machine system to produce a new line of products. The system includes software provided to the vendor by a thirdparty organization. The financial risk to the manufacturing organization starting production is high. What step should the manufacturing organization take to minimize its financial risk in the new venture prior to the purchase?

Which of the following types of hosts should be operating in the demilitarized zone (DMZ)?

In systems security engineering, what does the security principle of modularity provide?

Which of the following is MOST appropriate to collect evidence of a zero-day attack?

Which of the following is required to verify the authenticity of a digitally signed document?

Which of the following is the BEST method to gather evidence from a computer's hard drive?

Who should perform the design review to uncover security design flaws as part of the Software Development Life Cycle (SDLC)?

During a penetration test, what are the three PRIMARY objectives of the planning phase?

What term is commonly used to describe hardware and software assets that are stored in a configuration management database (CMDB)?

Which of the following Disaster recovery (DR) testing processes is LEAST likely to disrupt normal business operations?

The Open Web Application Security Project's (OWASP) Software Assurance Maturity Model (SAMM) allows organizations to implement a flexible software security strategy to measure organizational impact based on what risk management aspect?

The security architect is designing and implementing an internal certification authority to generate digital certificates for all employees. Which of the following is the BEST solution to securely store the private keys?

Which of the following is a common risk with fiber optical communications, and what is the associated mitigation measure?

During an internal audit of an organizational Information Security Management System (ISMS), nonconformities are identified. In which of the following management stages are nonconformities reviewed, assessed and/or corrected by the organization?

What is the BEST reason to include supply chain risks in a corporate risk register?

An employee's home address should be categorized according to which of the following references?

Why is authentication by ownership stronger than authentication by knowledge?

A network security engineer needs to ensure that a security solution analyzes traffic for protocol manipulation and various sorts of common attacks. In addition, all Uniform Resource Locator (URL) traffic must be inspected and users prevented from browsing inappropriate websites. Which of the following solutions should be implemented to enable administrators the capability to analyze traffic, blacklist external sites, and log user traffic for later analysis?

Which of the following is the BEST way to protect an organization's data assets?

Which of the following would qualify as an exception to the "right to be forgotten" of the General Data Protection Regulation's (GDPR)?

Which of the following is the name of an individual or group that is impacted by a change?

What is the MINIMUM standard for testing a disaster recovery plan (DRP)?

What is the MOST significant benefit of role-based access control (RBAC)?

A software development company found odd behavior in some recently developed software, creating a need for a more thorough code review. What is the MOST effective argument for a more thorough code review?

A new site's gateway isn't able to form a tunnel to the existing site-to-site Internet Protocol Security (IPsec) virtual private network (VPN) device at headquarters. Devices at the new site have no problem accessing resources on the Internet. When testing connectivity between remote site's gateway, it was observed that the external Internet Protocol (IP) address of the gateway was set to 192.168.1.1. and was configured to send outbound traffic to the Internet Service Provider (ISP) gateway at4 192.168.1.2. Which of the following would be the BEST way to resolve the issue and get the remote site connected?

Which of the following examples is BEST to minimize the attack surface for a customer's private information?

What are the essential elements of a Risk Assessment Report (RAR)?

What is the PRIMARY benefit of incident reporting and computer crime investigations?

Which of the following determines how traffic should flow based on the status of the infrastructure layer?

In a multi-tenant cloud environment, what approach will secure logical access to assets?

A company hired an external vendor to perform a penetration test of a new payroll system. The company's internal test team had already performed an in-depth application and security test of the system and determined that it met security requirements. However, the external vendor uncovered significant security weaknesses where sensitive personal data was being sent unencrypted to the tax processing systems. What is the MOST likely cause of the security issues?

Which of the following is the MOST effective method of detecting vulnerabilities in web-based applications early in the secure Software Development Life Cycle (SDLC)?

A malicious user gains access to unprotected directories on a web server. Which of the following is MOST likely the cause for this information disclosure?

Which of the following security objectives for industrial control systems (ICS) can be adapted to securing any Internet of Things (IoT) system?

Wi-Fi Protected Access 2 (WPA2) provides users with a higher level of assurance that their data will remain protected by using which protocol?

A software development company has a short timeline in which to deliver a software product. The software development team decides to use open-source software libraries to reduce the development time. What concept should software developers consider when using open-source software libraries?

When resolving ethical conflicts, the information security professional MUST consider many factors. In what order should the considerations be prioritized?

When conducting a remote access session using Internet Protocol Security (IPSec), which Open Systems Interconnection (OSI) model layer does this connection use?

Which of the following types of web-based attack is happening when an attacker is able to send a well-crafted, malicious request to an authenticated user without the user realizing it?

When reviewing the security logs, the password shown for an administrative login event was ' OR ' '1'='1' --. This is an example of which of the following kinds of attack?

An organization's internal audit team performed a security audit on the company's system and reported that the manufacturing application is rarely updated along with other issues categorized as minor. Six months later, an external audit team reviewed the same system with the same scope, but identified severe weaknesses in the manufacturing application's security controls. What is MOST likely to be the root cause of the internal audit team's failure in detecting these security issues?

Which audit type is MOST appropriate for evaluating the effectiveness of a security program?

The development team has been tasked with collecting data from biometric devices. The application will support a variety of collection data streams. During the testing phase, the team utilizes data from an old production database in a secure testing environment. What principle has the team taken into consideration?

An attacker has intruded into the source code management system and is able to download but not modify the code. Which of the following aspects of the code theft has the HIGHEST security impact?

Which of the following statements BEST describes least privilege principle in a cloud environment?

Which is the BEST control to meet the Statement on Standards for Attestation Engagements 18 (SSAE-18) confidentiality category?

The initial security categorization should be done early in the system life cycle and should be reviewed periodically. Why is it important for this to be done correctly?

Which of the following vulnerabilities can be BEST detected using automated analysis?

An organization wants to migrate to Session Initiation Protocol (SIP) to save on telephony expenses. Which of the following security related statements should be considered in the decision-making process?

An organization's retail website provides its only source of revenue, so the disaster recovery plan (DRP) must document an estimated time for each step in the plan. Which of the following steps in the DRP will list the GREATEST duration of time for the service to be fully operational?

Why is it important that senior management clearly communicates the formal Maximum Tolerable Downtime (MTD) decision?

Which of the following activities should a forensic examiner perform FIRST when determining the priority of digital evidence collection at a crime scene?

When assessing web vulnerabilities, how can navigating the dark web add value to a penetration test?

Which of the following is the top barrier for companies to adopt cloud technology?

In which of the following scenarios is locking server cabinets and limiting access to keys preferable to locking the server room to prevent unauthorized access?

Which of the following criteria ensures information is protected relative to its importance to the organization?

What is the FIRST step for an organization to take before allowing personnel to access social media from a corporate device or user account?

Which of the following is an indicator that a company's new user security awareness training module has been effective?

An access control list (ACL) on a router is a feature MOST similar to which type of firewall?

Which of the following is the BEST way to protect privileged accounts?

Which of the following is the FIRST step for defining Service Level Requirements (SLR)?

Which software defined networking (SDN) architectural component is responsible for translating network requirements?

When MUST an organization's information security strategic plan be reviewed?

A large human resources organization wants to integrate their identity management with a trusted partner organization. The human resources organization wants to maintain the creation and management of the identities and may want to share with other partners in the future. Which of the following options BEST serves their needs?

Which of the following is the PRIMARY type of cryptography required to support non-repudiation of a digitally signed document?

The quality assurance (QA) department is short-staffed and is unable to test all modules before the anticipated release date of an application. What security control is MOST likely to be violated?

Which is the PRIMARY mechanism for providing the workforce with the information needed to protect an agency's vital information resources?

What is the FIRST step when developing an Information Security Continuous Monitoring (ISCM) program?

Which of the following minimizes damage to information technology (IT) equipment stored in a data center when a false fire alarm event occurs?

Which of the following is the MOST effective corrective control to minimize the effects of a physical intrusion?

Which type of access control includes a system that allows only users that are type=managers and department=sales to access employee records?

Which of the following describes the BEST method of maintaining the inventory of software and hardware within the organization?

Which of the following is a correct feature of a virtual local area network (VLAN)?

In the "Do" phase of the Plan-Do-Check-Act model, which of the following is performed?

Commercial off-the-shelf (COTS) software presents which of the following additional security concerns?

What is the correct order of execution for security architecture?

Which of the following is the PRIMARY purpose of due diligence when an organization embarks on a merger or acquisition?

What should be used to determine the risks associated with using Software as a Service (SaaS) for collaboration and email?

A federal agency has hired an auditor to perform penetration testing on a critical system as part of the mandatory, annual Federal Information Security Management Act (FISMA) security assessments. The auditor is new to this system but has extensive experience with all types of penetration testing. The auditor has decided to begin with sniffing network traffic. What type of penetration testing is the auditor conducting?

A software developer wishes to write code that will execute safely and only as intended. Which of the following programming language types is MOST likely to achieve this goal?

A security professional has been assigned to assess a web application. The assessment report recommends switching to Security Assertion Markup Language (SAML). What is the PRIMARY security benefit in switching to SAML?

What is the MOST common security risk of a mobile device?

Which of the following protection is provided when using a Virtual Private Network (VPN) with Authentication Header (AH)?

Which of the following poses the GREATEST privacy risk to personally identifiable information (PII) when disposing of an office printer or copier?

Which of the following is a key responsibility for a data steward assigned to manage an enterprise data lake?

Which of the following are the three MAIN categories of security controls?

What part of an organization's strategic risk assessment MOST likely includes information on items affecting the success of the organization?

An organization has implemented a protection strategy to secure the network from unauthorized external access. The new Chief Information Security Officer (CISO) wants to increase security by better protecting the network from unauthorized internal access. Which Network Access Control (NAC) capability BEST meets this objective?

What is the BEST way to restrict access to a file system on computing systems?

During testing, where are the requirements to inform parent organizations, law enforcement, and a computer incident response team documented?

What is static analysis intended to do when analyzing an executable file?

In addition to life, protection of which of the following elements is MOST important when planning a data center site?

In an IDEAL encryption system, who has sole access to the decryption key?

Which of the following roles is responsible for ensuring that important datasets are developed, maintained, and are accessible within their defined specifications?

What is the MOST important criterion that needs to be adhered to during the data collection process of an active investigation?

What is the PRIMARY benefit of relying on Security Content Automation Protocol (SCAP)?

A user's credential for an application is stored in a relational database. Which control protects the confidentiality of the credential while it is stored?

What is the PRIMARY consideration when testing industrial control systems (ICS) for security weaknesses?