Dump - 10

Management has decided that a core application will be used on personal cellular phones. As an implementation requirement, regularly scheduled analysis of the security posture needs to be conducted. Management has also directed that continuous monitoring be implemented. Which of the following is required to accomplish management's directive?

What is the FIRST step prior to executing a test of an disaster recovery (DR) or business continuity plan (BCP)?

Which of the following security tools will ensure authorized data is sent to the application when implementing a cloud based application?

Before implementing an internet-facing router, a network administrator ensures that the equipment is baselined/hardened according to approved configurations and settings. This action provides protection against which of the following attacks?

A cloud service provider requires its customer organizations to enable maximum audit logging for its data storage service and to retain the logs for the period of three months. The audit logging generates extremely high amount of logs. What is the MOST appropriate strategy for the log retention?

Which of the following is the MOST comprehensive Business Continuity (BC) test?

The disaster recovery (DR) process should always include

Which of the following BEST describes the purpose of software forensics?

The security architect has been assigned the responsibility of ensuring integrity of the organization's electronic records. Which of the following methods provides the strongest level of integrity?

An application is used for funds transfer between an organization and a third-party. During a security audit, an issue with the business continuity/disaster recovery policy and procedures for this application. Which of the following reports should the audit file with the organization?

An organization purchased a commercial off-the-shelf (COTS) software several years ago. The information technology (IT) Director has decided to migrate the application into the cloud, but is concerned about the application security of the software in the organization's dedicated environment with a cloud service provider. What is the BEST way to prevent and correct the software's security weaknesses?

Which reporting type requires a service organization to describe its system and define its control objectives and controls that are relevant to users internal control over financial reporting?

The Chief Information Security Officer (CISO) is concerned about business application availability. The organization was recently subject to a ransomware attack that resulted in the unavailability of applications and services for 10 working days that required paper-based running of all main business processes. There are now aggressive plans to enhance the Recovery Time Objective (RTO) and cater for more frequent data captures. Which of the following solutions should be implemented to fully comply to the new business requirements?

Which of the following is the GREATEST risk of relying only on Capability Maturity Models (CMM) for software to guide process improvement and assess capabilities of acquired software?

Which of the following should exist in order to perform a security audit?

Which of the following encryption technologies has the ability to function as a stream cipher?

An attack utilizing social engineering and a malicious Uniform Resource Locator (URL) link to take advantage of a victim's existing browser session with a web application is an example of which of the following types of attack?

Which of the following is the BEST method to identify security controls that should be implemented for a web-based application while in development?

A security professional has reviewed a recent site assessment and has noted that a server room on the second floor of a building has Heating, Ventilation, and Air Conditioning (HVAC) intakes on the ground level that have ultraviolet light filters installed, Aero-K Fire suppression in the server room, and pre-action fire suppression on floors above the server room. Which of the following changes can the security professional recommend to reduce risk associated with these conditions?

An organization is setting a security assessment scope with the goal of developing a Security Management Program (SMP). The next step is to select an approach for conducting the risk assessment. Which of the following approaches is MOST effective for the SMP?

Which combination of cryptographic algorithms are compliant with Federal Information Processing Standard (FIPS) Publication 140-2 for non-legacy systems?

An international trading organization that holds an International Organization for Standardization (ISO) 27001 certification is seeking to outsource their security monitoring to a managed security service provider (MSSP), The trading organization's security officer is tasked with drafting the requirements that need to be included in the outsourcing contract. Which of the following MUST be included in the contract?

Which of the following is the MOST effective measure for dealing with rootkit attacks?

While classifying credit card data related to Payment Card Industry Data Security Standards (PCI-DSS), which of the following is a PRIMARY security requirement?

Write Once, Read Many (WORM) data storage devices are designed to BEST support which of the following core security concepts?

What is the MOST important factor in establishing an effective Information Security Awareness Program?

Which of the following events prompts a review of the disaster recovery plan (DRP)?

An organization plans to acquire a commercial off-the-shelf (COTS) system to replace their aging home-built reporting system. When should the organization's security team FIRST get involved in this acquisition's life cycle?

A developer begins employment with an information technology (IT) organization. On the first day, the developer works through the list of assigned projects and finds that some files within those projects aren't accessible, Other developers working on the same project have no trouble locating and working on the. What is the MOST likely for the discrepancy in access?

Which of the following measures serves as the BEST means for protecting data on computers, smartphones, and external storage devices when traveling to high-risk countries?

Which of the following implementations will achieve high availability in a website?

Which of the following phases in the software acquisition process does developing evaluation criteria take place?

Security Software Development Life Cycle (SDLC) expects application code to be written In a consistent manner to allow ease of auditing and which of the following?

In the common criteria, which of the following is a formal document that expresses an implementation-independent set of security requirements?

Which of the following is considered the FIRST step when designing an internal security control assessment?

The Chief Executive Officer (CEO) wants to implement an internal audit of the company's information security posture. The CEO wants to avoid any bias in the audit process; therefore, has assigned the Sales Director to conduct the audit. After significant interaction over a period of weeks the audit concludes that the company's policies and procedures are sufficient, robust and well established. The CEO then moves on to engage an external penetration testing company in order to showcase the organization's robust information security stance. This exercise reveals significant failings in several critical security controls and shows that the incident response processes remain undocumented. What is the MOST likely reason for this disparity in the results of the audit and the external penetration test?

A small office is running WiFi 4 APs, and neighboring offices do not want to increase the throughput to associated devices. Which of the following is the MOST cost-efficient way for the office to increase network performance?

An engineer notices some late collisions on a half-duplex link. The engineer verifies that the devices on both ends of the connection are configured for half duplex. Which of the following is the MOST likely cause of this issue?

Which of the following VPN configurations should be used to separate Internet and corporate traffic?

A technician wants to install a WAP in the center of a room that provides service in a radius surrounding a radio. Which of the following antenna types should the AP utilize?

To comply with industry requirements, a security assessment on the cloud server should identify which protocols and weaknesses are being exposed to attackers on the Internet. Which of the following tools is the MOST appropriate to complete the assessment?

Which of the following uses the destination IP address to forward packets?

Which of the following would need to be configured to ensure a device with a specific MAC address is always assigned the same IP address from DHCP?

Wireless users are reporting intermittent Internet connectivity. Connectivity is restored when the users disconnect and reconnect, utilizing the web authentication process each time. The network administrator can see the devices connected to the APs at all times. Which of the following steps will MOST likely determine the cause of the issue?

A fiber link connecting two campus networks is broken. Which of the following tools should an engineer use to detect the exact break point of the fiber link?

Two remote offices need to be connected securely over an untrustworthy MAN. Each office needs to access network shares at the other site. Which of the following will BEST provide this functionality?

An IT technician suspects a break in one of the uplinks that provides connectivity to the core switch. Which of the following command-line tools should the technician use to determine where the incident is occurring?

Which of the following needs to be tested to achieve a Cat 6a certification for a company's data cabling?

A technician is troubleshooting a client's report about poor wireless performance. Using a client monitor, the technician notes the following information: Which of the following is MOST likely the cause of the issue?

Which of the following types of devices can provide content filtering and threat protection, and manage multiple IPSec site-to-site connections?

A network administrator is designing a new datacenter in a different region that will need to communicate to the old datacenter with a secure connection. Which of the following access methods would provide the BEST security for this new datacenter?

Which of the following types of datacenter architectures will MOST likely be used in a large SDN and can be extended beyond the datacenter?

At the destination host, which of the following OSI model layers will discard a segment with a bad checksum in the UDP header?

Question: 1054 A network administrator is configuring a database server and would like to ensure the database engine is listening on a certain port. Which of the following commands should the administrator use to accomplish this goal?

Which of the following routing protocols is used to exchange route information between public autonomous systems?

Where can the Open Web Application Security Project (OWASP) list of associated vulnerabilities be found?

What is the BEST approach to anonymizing personally identifiable information (PII) in a test environment?

A customer continues to experience attacks on their email, web, and File Transfer Protocol (FTP) servers. These attacks are impacting their business operations. Which of the following is the BEST recommendation to make?

Which security feature fully encrypts code and data as it passes to the servers and only decrypts below the hypervisor layer?

Which of the following techniques evaluates the secure Bet principles of network or software architectures?

Which of the following is security control volatility?

When performing an investigation with the potential for legal action, what should be the analyst's FIRST consideration?

Which of the following does the security design process ensure within the System Development Life Cycle (SDLC)?

An organization needs a general purpose document to prove that its internal controls properly address security, availability, processing integrity, confidentiality or privacy risks. Which of the following reports is required?

What is the BEST design for securing physical perimeter protection?

Two computers, each with a single connection on the same physical 10 gigabit Ethernet network segment, need to communicate with each other. The first machine has a single Internet Protocol (IP) Classless Inter-Domain Routing (CIDR) address of 192.168.1.3/30 and the second machine has an IP/CIDR address 192.168.1.6/30. Which of the following is correct?

The security team is notified that a device on the network is infected with malware. Which of the following is MOST effective in enabling the device to be quickly located and remediated?

A corporation does not have a formal data destruction policy. During which phase of a criminal legal proceeding will this have the MOST impact?

Which of the following is the MOST common use of the Online Certificate Status Protocol (OCSP)?

Why would a system be structured to isolate different classes of information from one another and segregate them by user jurisdiction?

A security professional needs to find a secure and efficient method of encrypting data on an endpoint. Which solution includes a root key?

What method could be used to prevent passive attacks against secure voice communications between an organization and its vendor?

What is the MOST effective response to a hacker who has already gained access to a network and will attempt to pivot to other resources?

A Chief Information Officer (CIO) has delegated responsibility of their system security to the head of the information technology (IT) department. While corporate policy dictates that only the CIO can make decisions on the level of data protection required, technical implementation decisions are done by the head of the IT department. Which of the following BEST describes the security role filled by the head of the IT department?

Which of the following is a term used to describe maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions?

Which of the following is a secure design principle for a new product?

An application developer receives a report back from the security team showing their automated tools were able to successfully enter unexpected data into the organization's customer service portal, causing the site to crash. This is an example of which type of testing?

An organization has determined that its previous waterfall approach to software development is not keeping pace with business demands. To adapt to the rapid changes required for product delivery, the organization has decided to move towards an Agile software development and release cycle. In order to ensure the success of the Agile methodology, who is MOST critical in creating acceptance tests or acceptance criteria for each release?

A hospital enforces the Code of Fair Information Practices. What practice applies to a patient requesting their medical records from a web portal?

When designing a new Voice over Internet Protocol (VoIP) network, an organization's top concern is preventing unauthorized users accessing the VoIP network. Which of the following will BEST help secure the VoIP network?

What is the PRIMARY objective of the post-incident phase of the incident response process in the security operations center (SOC)?

An international organization has decided to use a Software as a Service (SaaS) solution to support its business operations. Which of the following compliance standards should the organization use to assess the international code security and data privacy of the solution?

Which of the following actions should be undertaken prior to deciding on a physical baseline Protection Profile (PP)?

A criminal organization is planning an attack on a government network. Which of the following scenarios presents the HIGHEST risk to the organization?

A Certified Information Systems Security Professional (CISSP) with identity and access management (IAM) responsibilities is asked by the Chief Information Security Officer (CISO) to4 perform a vulnerability assessment on a web application to pass a Payment Card Industry (PCI) audit. The CISSP has never performed this before. According to the (ISC)? Code of Professional Ethics, which of the following should the CISSP do?

A large organization's human resources and security teams are planning on implementing technology to eliminate manual user access reviews and improve compliance. Which of the following options is MOST likely to resolve the issues associated with user access?

A healthcare insurance organization chose a vendor to develop a software application. Upon review of the draft contract, the information security professional notices that software security is not addressed. What is the BEST approach to address the issue?

Which of the following is MOST important to follow when developing information security controls for an organization?

Which of the following is the MAIN difference between a network-based firewall and a host-based firewall?

Which of the following system components enforces access controls on an object?

Building blocks for software-defined networks (SDN) require which of the following?

An organization outgrew its internal data center and is evaluating third-party hosting facilities. In this evaluation, which of the following is a PRIMARY factor for selection?

A company is planning to implement a private cloud infrastructure. Which of the following recommendations will support the move to a cloud infrastructure?

While performing a security review for a new product, an information security professional discovers that the organization's product development team is proposing to collect government-issued identification (ID) numbers from customers to use as unique customer identifiers. Which of the following recommendations should be made to the product development team?

Which of the following is performed to determine a measure of success of a security awareness training program designed to prevent social engineering attacks?

What level of Redundant Array of Independent Disks (RAID) is configured PRIMARILY for highperformance data reads and writes?

A retail company is looking to start a development project that will utilize open source components in its code for the first time. The development team has already acquired several open source components and utilized them in proof of concept (POC) code. The team recognizes that the legal and operational risks are outweighed by the benefits of open-source software use. What MUST the organization do next?

Upon commencement of an audit within an organization, which of the following actions is MOST important for the auditor(s) to take?

An organization is planning a penetration test that simulates the malicious actions of a former network administrator. What kind of penetration test is needed?

An organization has discovered that organizational data is posted by employees to data storage accessible to the general public. What is the PRIMARY step an organization must take to ensure data is properly protected from public release?