Podcast
Questions and Answers
Which of the following is applicable to a publicly held company concerned about information
handling and storage requirement specific to the financial reporting?
Which of the following is applicable to a publicly held company concerned about information handling and storage requirement specific to the financial reporting?
Answer hidden
Which of the following is used to detect steganography?
Which of the following is used to detect steganography?
Answer hidden
Which is the MOST critical aspect of computer-generated evidence?
Which is the MOST critical aspect of computer-generated evidence?
Answer hidden
Which of the following media is LEAST problematic with data remanence?
Which of the following media is LEAST problematic with data remanence?
Answer hidden
Which open standard could l large corporation deploy for authorization services for single sign-on
(SSO) use across multiple internal and external application?
Which open standard could l large corporation deploy for authorization services for single sign-on (SSO) use across multiple internal and external application?
Answer hidden
Which of the following statements is TRUE regarding equivalence class testing?
Which of the following statements is TRUE regarding equivalence class testing?
Answer hidden
A large corporation is looking for a solution to automate access based on where the request is
coming from, who the user is, what device they are connecting with, and what and time of day they
are attempting this access. What type of solution would suit their needs?
A large corporation is looking for a solution to automate access based on where the request is coming from, who the user is, what device they are connecting with, and what and time of day they are attempting this access. What type of solution would suit their needs?
Answer hidden
Which of the following techniques is MOST useful when dealing with Advanced persistent Threat
(APT) intrusions on live virtualized environments?
Which of the following techniques is MOST useful when dealing with Advanced persistent Threat (APT) intrusions on live virtualized environments?
Answer hidden
Which of the following MUST an organization do to effectively communicate is security strategy to all
affected parties?
Which of the following MUST an organization do to effectively communicate is security strategy to all affected parties?
Answer hidden
When using Security Assertion markup language (SAML), it is assumed that the principal subject
When using Security Assertion markup language (SAML), it is assumed that the principal subject
Answer hidden
A vulnerability assessment report has been submitted to a client. The client indicates that one third of the hosts that were in scope are missing from the report.
In which phase of the assessment was this error MOST likely made?
A vulnerability assessment report has been submitted to a client. The client indicates that one third of the hosts that were in scope are missing from the report. In which phase of the assessment was this error MOST likely made?
Answer hidden
Which of the below strategies would MOST comprehensively address the risk of malicious insiders
leaking sensitive information?
Which of the below strategies would MOST comprehensively address the risk of malicious insiders leaking sensitive information?
Answer hidden
What is the FIRST step required in establishing a records retention program?
What is the FIRST step required in establishing a records retention program?
Answer hidden
Functional security testing is MOST critical during which phase of the system development life cycle
(SDLC)?
Functional security testing is MOST critical during which phase of the system development life cycle (SDLC)?
Answer hidden
What is the threat modeling order using process for Attack simulation and threat analysis (PASTA)?
What is the threat modeling order using process for Attack simulation and threat analysis (PASTA)?
Answer hidden
Which is the RECOMMENDED configuration mode for sensors for an intrusion prevention system
(IPS) if the prevention capabilities will be used?
Which is the RECOMMENDED configuration mode for sensors for an intrusion prevention system (IPS) if the prevention capabilities will be used?
Answer hidden
An organization implements a remote access server (RAS), Once users connect to the server, digital
certificates are used to authenticate their identity. What type of extensible Authentication protocol
(EAP) would the organization use during this authentication?
An organization implements a remote access server (RAS), Once users connect to the server, digital certificates are used to authenticate their identity. What type of extensible Authentication protocol (EAP) would the organization use during this authentication?
Answer hidden
An analysis finds unusual activity coming from a computer that was thrown away several months
prior, which of the following steps ensure the proper removal of the system?
An analysis finds unusual activity coming from a computer that was thrown away several months prior, which of the following steps ensure the proper removal of the system?
Answer hidden
As a security manger which of the following is the MOST effective practice for providing value to an
organization?
As a security manger which of the following is the MOST effective practice for providing value to an organization?
Answer hidden
DRAG DROP
Rank the Hypertext Transfer protocol (HTTP) authentication types shows below in order of relative
strength.
Drag the authentication type on the correct positions on the right according to strength from weakest
to strongest.
DRAG DROP Rank the Hypertext Transfer protocol (HTTP) authentication types shows below in order of relative strength. Drag the authentication type on the correct positions on the right according to strength from weakest to strongest.
Answer hidden
Which of the following BEST provides for non-repudiation od user account actions?
Which of the following BEST provides for non-repudiation od user account actions?
Answer hidden
What type of access control determines the authorization to resource based on pre-defined job titles
within an organization?
What type of access control determines the authorization to resource based on pre-defined job titles within an organization?
Answer hidden
As users switch roles within an organization, their accounts are given additional permissions to
perform the duties of their new position. After a recent audit, it was discovered that many of these
accounts maintained their old permissions as well. The obsolete permissions identified by the audit
have been remediated and accounts have only the appropriate permissions to complete their jobs.
As users switch roles within an organization, their accounts are given additional permissions to perform the duties of their new position. After a recent audit, it was discovered that many of these accounts maintained their old permissions as well. The obsolete permissions identified by the audit have been remediated and accounts have only the appropriate permissions to complete their jobs.
Answer hidden
Continuity of operations is BEST supported by which of the following?
Continuity of operations is BEST supported by which of the following?
Answer hidden
Which of the following is true of Service Organization Control (SOC) reports?
Which of the following is true of Service Organization Control (SOC) reports?
Answer hidden
What testing technique enables the designer to develop mitigation strategies for potential
vulnerabilities?
What testing technique enables the designer to develop mitigation strategies for potential vulnerabilities?
Answer hidden
Asymmetric algorithms are used for which of the following when using Secure Sockets
Layer/Transport Layer Security (SSL/TLS) for implementing network security?
Asymmetric algorithms are used for which of the following when using Secure Sockets Layer/Transport Layer Security (SSL/TLS) for implementing network security?
Answer hidden
What is the MOST common component of a vulnerability management framework?
What is the MOST common component of a vulnerability management framework?
Answer hidden
A new Chief Information Officer (CIO) created a group to write a data retention policy based on
applicable laws. Which of the following is the PRIMARY motivation for the policy?
A new Chief Information Officer (CIO) created a group to write a data retention policy based on applicable laws. Which of the following is the PRIMARY motivation for the policy?
Answer hidden
What determines the level of security of a combination lock?
What determines the level of security of a combination lock?
Answer hidden
A user downloads a file from the Internet, then applies the Secure Hash Algorithm 3 (SHA-3c?
A user downloads a file from the Internet, then applies the Secure Hash Algorithm 3 (SHA-3c?
Answer hidden
Which of the following is held accountable for the risk to organizational systems and data that result
from outsourcing Information Technology (IT) systems and services?
Which of the following is held accountable for the risk to organizational systems and data that result from outsourcing Information Technology (IT) systems and services?
Answer hidden
Which of the following is the BEST definition of Cross-Site Request Forgery (CSRF)?
Which of the following is the BEST definition of Cross-Site Request Forgery (CSRF)?
Answer hidden
Which of the following is a process in the access provisioning lifecycle that will MOST likely identify
access aggregation issues?
Which of the following is a process in the access provisioning lifecycle that will MOST likely identify access aggregation issues?
Answer hidden
Which of the following is the PRIMARY reason a sniffer operating on a network is collecting packets
only from its own host?
Which of the following is the PRIMARY reason a sniffer operating on a network is collecting packets only from its own host?
Answer hidden
Which of the following is the final phase of the identity and access provisioning lifecycle?
Which of the following is the final phase of the identity and access provisioning lifecycle?
Answer hidden
Which of the following is mobile device remote fingerprinting?
Which of the following is mobile device remote fingerprinting?
Answer hidden
Which of the following trust services principles refers to the accessibility of information used by the
systems, products, or services offered to a third-party provider's customers?
Which of the following trust services principles refers to the accessibility of information used by the systems, products, or services offered to a third-party provider's customers?
Answer hidden
Which of the following open source software issues pose the MOST risk to an application?
Which of the following open source software issues pose the MOST risk to an application?
Answer hidden
Which of the following is the PRIMARY mechanism used to limit the range of objects available to a
given subject within different execution domains?
Which of the following is the PRIMARY mechanism used to limit the range of objects available to a given subject within different execution domains?
Answer hidden
Once the types of information have been identified, who should an information security practitioner
work with to ensure that the information is properly categorized?
Once the types of information have been identified, who should an information security practitioner work with to ensure that the information is properly categorized?
Answer hidden
What should be the FIRST action for a security administrator who detects an intrusion on the
network based on precursors and other indicators?
What should be the FIRST action for a security administrator who detects an intrusion on the network based on precursors and other indicators?
Answer hidden
Which of the following needs to be taken into account when assessing vulnerability?
Which of the following needs to be taken into account when assessing vulnerability?
Answer hidden
For the purpose of classification, which of the following is used to divide trust domain and trust
boundaries?
For the purpose of classification, which of the following is used to divide trust domain and trust boundaries?
Answer hidden
Which of the following is the key requirement for test results when implementing forensic
procedures?
Which of the following is the key requirement for test results when implementing forensic procedures?
Answer hidden
An application team is running tests to ensure that user entry fields will not accept invalid input of
any length. What type of negative testing is this an example of?
An application team is running tests to ensure that user entry fields will not accept invalid input of any length. What type of negative testing is this an example of?
Answer hidden
An Internet software application requires authentication before a user is permitted to utilize the
resource. Which testing scenario BEST validates the functionality of the application?
An Internet software application requires authentication before a user is permitted to utilize the resource. Which testing scenario BEST validates the functionality of the application?
Answer hidden
Which of the following techniques BEST prevents buffer overflows?
Which of the following techniques BEST prevents buffer overflows?
Answer hidden
A security architect is responsible for the protection of a new home banking system. Which of the
following solutions can BEST improve the confidentiality and integrity of this external system?
A security architect is responsible for the protection of a new home banking system. Which of the following solutions can BEST improve the confidentiality and integrity of this external system?
Answer hidden
A security professional recommends that a company integrate threat modeling into its Agile
development processes. Which of the following BEST describes the benefits of this approach?
A security professional recommends that a company integrate threat modeling into its Agile development processes. Which of the following BEST describes the benefits of this approach?
Answer hidden
A security consultant has been hired by a company to establish its vulnerability management
program. The consultant is now in the deployment phase. Which of the following tasks is part of this
process?
A security consultant has been hired by a company to establish its vulnerability management program. The consultant is now in the deployment phase. Which of the following tasks is part of this process?
Answer hidden
Directive controls are a form of change management policy and procedures. Which of the following
subsections are recommended as part of the change management process?
Directive controls are a form of change management policy and procedures. Which of the following subsections are recommended as part of the change management process?
Answer hidden
Which of the following BEST describes how access to a system is granted to federated user accounts?
Which of the following BEST describes how access to a system is granted to federated user accounts?
Answer hidden
Which of the following is the primary advantage of segmenting Virtual Machines (VM) using physical
networks?
Which of the following is the primary advantage of segmenting Virtual Machines (VM) using physical networks?
Answer hidden
Which of the following would an internal technical security audit BEST validate?
Which of the following would an internal technical security audit BEST validate?
Answer hidden
Which of the following processes has the PRIMARY purpose of identifying outdated software
versions, missing patches, and lapsed system updates?
Which of the following processes has the PRIMARY purpose of identifying outdated software versions, missing patches, and lapsed system updates?
Answer hidden
A development operations team would like to start building new applications delegating the
cybersecurity responsibility as much as possible to the service provider. Which of the following
environments BEST fits their need?
A development operations team would like to start building new applications delegating the cybersecurity responsibility as much as possible to the service provider. Which of the following environments BEST fits their need?
Answer hidden
Change management policies and procedures belong to which of the following types of controls?
Change management policies and procedures belong to which of the following types of controls?
Answer hidden
What access control scheme uses fine-grained rules to specify the conditions under which access to
each data item or applications is granted?
What access control scheme uses fine-grained rules to specify the conditions under which access to each data item or applications is granted?
Answer hidden
Why is planning the MOST critical phase of a Role Based Access Control (RBAC) implementation?
Why is planning the MOST critical phase of a Role Based Access Control (RBAC) implementation?
Answer hidden
Vulnerability scanners may allow for the administrator to assign which of the following in order to
assist in prioritizing remediation activities?
Vulnerability scanners may allow for the administrator to assign which of the following in order to assist in prioritizing remediation activities?
Answer hidden
In order for application developers to detect potential vulnerabilities earlier during the Software
Development Life Cycle (SDLC), which of the following safeguards should be implemented FIRST as
part of a comprehensive testing framework?
In order for application developers to detect potential vulnerabilities earlier during the Software Development Life Cycle (SDLC), which of the following safeguards should be implemented FIRST as part of a comprehensive testing framework?
Answer hidden
Physical assets defined in an organization's Business Impact Analysis (BIA) could include which of the following?
Physical assets defined in an organization's Business Impact Analysis (BIA) could include which of the following?
Answer hidden
What is the best way for mutual authentication of devices belonging to the same organization?
What is the best way for mutual authentication of devices belonging to the same organization?
Answer hidden
Which of the following encryption types is used in Hash Message Authentication Code (HMAC) for
key distribution?
Which of the following encryption types is used in Hash Message Authentication Code (HMAC) for key distribution?
Answer hidden
Compared with hardware cryptography, software cryptography is generally
Compared with hardware cryptography, software cryptography is generally
Answer hidden
A financial company has decided to move its main business application to the Cloud. The legal
department objects, arguing that the move of the platform should comply with several regulatory
obligations such as the General Data Protection (GDPR) and ensure data confidentiality. The Chief
Information Security Officer (CISO) says that the cloud provider has met all regulations requirements
and even provides its own encryption solution with internally-managed encryption keys to address
data confidentiality. Did the CISO address all the legal requirements in this situation?
A financial company has decided to move its main business application to the Cloud. The legal department objects, arguing that the move of the platform should comply with several regulatory obligations such as the General Data Protection (GDPR) and ensure data confidentiality. The Chief Information Security Officer (CISO) says that the cloud provider has met all regulations requirements and even provides its own encryption solution with internally-managed encryption keys to address data confidentiality. Did the CISO address all the legal requirements in this situation?
Answer hidden
An employee receives a promotion that entities them to access higher-level functions on the company's accounting system, as well as keeping their access to the previous system that is no longer needed or applicable. What is the name of the process that tries to remove this excess privilege?
An employee receives a promotion that entities them to access higher-level functions on the company's accounting system, as well as keeping their access to the previous system that is no longer needed or applicable. What is the name of the process that tries to remove this excess privilege?
Answer hidden
Which of the following is PRIMARILY adopted for ensuring the integrity of information is preserved?
Which of the following is PRIMARILY adopted for ensuring the integrity of information is preserved?
Answer hidden
Why might a network administrator choose distributed virtual switches instead of stand-alone
switches for network segmentation?
Why might a network administrator choose distributed virtual switches instead of stand-alone switches for network segmentation?
Answer hidden
An organization has implemented a new backup process which protects confidential
data by encrypting the information stored on backup tapes. Which of the following is a
MAJOR data confidentiality concern after the implementation of this new backup
process?
An organization has implemented a new backup process which protects confidential data by encrypting the information stored on backup tapes. Which of the following is a MAJOR data confidentiality concern after the implementation of this new backup process?
Answer hidden
Organization A is adding a large collection of confidential data records that it received when it
acquired Organization B to its data store. Many of the users and staff from Organization B are no
longer available. Which of the following MUST Organization A 0do to property classify and secure the
acquired data?
Organization A is adding a large collection of confidential data records that it received when it acquired Organization B to its data store. Many of the users and staff from Organization B are no longer available. Which of the following MUST Organization A 0do to property classify and secure the acquired data?
Answer hidden
An organization has a short-term agreement with a public Cloud Service Provider
(CSP). Which of the following BEST protects sensitive data once the agreement
expires and the assets are reused?
An organization has a short-term agreement with a public Cloud Service Provider (CSP). Which of the following BEST protects sensitive data once the agreement expires and the assets are reused?
Answer hidden
Which of the following techniques is effective to detect taps in fiber optic cables?
Which of the following techniques is effective to detect taps in fiber optic cables?
Answer hidden
When would an organization review a Business Continuity Management (BCM) system?
When would an organization review a Business Continuity Management (BCM) system?
Answer hidden
Which of the following is a characteristic of the independent testing of a program?
Which of the following is a characteristic of the independent testing of a program?
Answer hidden
Which of the following MUST be considered when developing business rules for a data loss
prevention (DLP) solution?
Which of the following MUST be considered when developing business rules for a data loss prevention (DLP) solution?
Answer hidden
What is the BEST approach for maintaining ethics when a security professional is unfamiliar with the culture of a country and is asked to perform a questionable task?
What is the BEST approach for maintaining ethics when a security professional is unfamiliar with the culture of a country and is asked to perform a questionable task?
Answer hidden
Which of the following activities is MOST likely to be performed during a vulnerability assessment?
Which of the following activities is MOST likely to be performed during a vulnerability assessment?
Answer hidden
Which of the following is the BEST defense against password guessing?
Which of the following is the BEST defense against password guessing?
Answer hidden
Why would a security architect specify that a default route pointing to a sinkhole be
injected into internal networks?
Why would a security architect specify that a default route pointing to a sinkhole be injected into internal networks?
Answer hidden
Which one of the following documentation should be included in a Disaster Recovery (DR) package?
Which one of the following documentation should be included in a Disaster Recovery (DR) package?
Answer hidden
How long should the records on a project be retained?
How long should the records on a project be retained?
Answer hidden
Which of the following phases involves researching a target's configuration from
public sources when performing a penetration test?
Which of the following phases involves researching a target's configuration from public sources when performing a penetration test?
Answer hidden
Which of the following provides the BEST method to verify that security baseline
configurations are maintained?
Which of the following provides the BEST method to verify that security baseline configurations are maintained?
Answer hidden
Which attack defines a piece of code that is inserted into software to trigger a malicious function?
Which attack defines a piece of code that is inserted into software to trigger a malicious function?
Answer hidden
Which of the following is the MOST critical success factor in the security patch management process?
Which of the following is the MOST critical success factor in the security patch management process?
Answer hidden
A security professional should consider the protection of which of the following elements FIRST
when developing a defense-in-depth strategy for a mobile workforce?
A security professional should consider the protection of which of the following elements FIRST when developing a defense-in-depth strategy for a mobile workforce?
Answer hidden
Which of the following is the BEST technique to facilitate secure software development?
Which of the following is the BEST technique to facilitate secure software development?
Answer hidden
What is the MAIN reason to ensure the appropriate retention periods are enforced for data stored on
electronic media?
What is the MAIN reason to ensure the appropriate retention periods are enforced for data stored on electronic media?
Answer hidden
For a federated identity solution, a third-party Identity Provider (IdP) is PRIMARILY responsible for
which of the following?
For a federated identity solution, a third-party Identity Provider (IdP) is PRIMARILY responsible for which of the following?
Answer hidden
What is the BEST way to correlate large volumes of disparate data sources in a
Security Operations Center (SOC) environment?
What is the BEST way to correlate large volumes of disparate data sources in a Security Operations Center (SOC) environment?
Answer hidden
Which of the following steps should be conducted during the FIRST phase of software assurance in a
generic acquisition process?
Which of the following steps should be conducted during the FIRST phase of software assurance in a generic acquisition process?
Answer hidden
Assume that a computer was powered off when an information security professional
arrived at a crime scene. Which of the following actions should be performed after
the crime scene is isolated?
Assume that a computer was powered off when an information security professional arrived at a crime scene. Which of the following actions should be performed after the crime scene is isolated?
Answer hidden
Which of the following is used to support the concept of defense in depth during the
development phase of a software product?
Which of the following is used to support the concept of defense in depth during the development phase of a software product?
Answer hidden
An organization is considering outsourcing applications and data to a Cloud Service
Provider (CSP). Which of the following is the MOST important concern regarding
privacy?
An organization is considering outsourcing applications and data to a Cloud Service Provider (CSP). Which of the following is the MOST important concern regarding privacy?
Answer hidden
Individual access to a network is BEST determined based on
Individual access to a network is BEST determined based on
Answer hidden
The MAIN task of promoting security for Personal Computers (PC) is
The MAIN task of promoting security for Personal Computers (PC) is
Answer hidden
The Secure Shell (SSH) version 2 protocol supports.
The Secure Shell (SSH) version 2 protocol supports.
Answer hidden
To control the scope of a Business Continuity Management (BCM) system, a security practitioner should identify which of the following?
To control the scope of a Business Continuity Management (BCM) system, a security practitioner should identify which of the following?
Answer hidden
