Exam practise
300 Questions
26 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

Physical assets defined in an organization's business impact analysis (BIA) could include which of the following?

  • Personal belongings of organizational staff members
  • Disaster recovery (DR) line-item revenues
  • Cloud-based applications
  • Supplies kept off-site a remote facility (correct)
  • When assessing the audit capability of an application, which of the following activities is MOST important?

  • Identify procedures to investigate suspicious activity.
  • Determine if audit records contain sufficient information. (correct)
  • Verify if sufficient storage is allocated for audit records.
  • Review security plan for actions to be taken in the event of audit failure.
  • An organization would like to implement an authorization mechanism that would simplify the assignment of various system access permissions for many users with similar job responsibilities. Which type of authorization mechanism would be the BEST choice for the organization to implement?

  • Role-based access control (RBAC) (correct)
  • Discretionary access control (DAC)
  • Content-dependent Access Control
  • Rule-based Access Control
  • What is the PRIMARY reason for criminal law being difficult to enforce when dealing with cybercrime?

    <p>Jurisdiction is hard to define.</p> Signup and view all the answers

    Wi-Fi Protected Access 2 (WPA2) provides users with a higher level of assurance that their data will remain protected by using which protocol?

    <p>Extensible Authentication Protocol (EAP)</p> Signup and view all the answers

    Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?

    <p>Security kernel</p> Signup and view all the answers

    What process facilitates the balance of operational and economic costs of protective measures with gains in mission capability?

    <p>Risk Management</p> Signup and view all the answers

    Clothing retailer employees are provisioned with user accounts that provide access to resources at partner businesses. All partner businesses use common identity and access management (IAM) protocols and differing technologies. Under the Extended Identity principle, what is the process flow between partner businesses to allow this IAM action?

    <p>Clothing retailer acts as identity provider (IdP), confirms identity of user using industry standards, then sends credentials to partner businesses that act as a Service Provider and allows access to services.</p> Signup and view all the answers

    Which of the following statements BEST describes least privilege principle in a cloud environment?

    <p>Network segments remain private if unneeded to access the internet.</p> Signup and view all the answers

    An organization has been collecting a large amount of redundant and unusable data and filling up the storage area network (SAN). Management has requested the identification of a solution that will address ongoing storage problems. Which is the BEST technical solution?

    <p>Deduplication</p> Signup and view all the answers

    Which Wide Area Network (WAN) technology requires the first router in the path to determine the full path the packet will travel, removing the need for other routers in the path to make independent determinations?

    <p>Multiprotocol Label Switching (MPLS)</p> Signup and view all the answers

    Which of the following would an information security professional use to recognize changes to content, particularly unauthorized changes?

    <p>File Integrity Checker</p> Signup and view all the answers

    Which of the following is included in change management?

    <p>Business continuity testing</p> Signup and view all the answers

    A company is enrolled in a hard drive reuse program where decommissioned equipment is sold back to the vendor when it is no longer needed. The vendor pays more money for functioning drives than equipment that is no longer operational. Which method of data sanitization would provide the most secure means of preventing unauthorized data loss, while also receiving the most money from the vendor?

    <p>Multi-pass wipes</p> Signup and view all the answers

    When reviewing vendor certifications for handling and processing of company data, which of the following is the BEST Service Organization Controls (SOC) certification for the vendor to possess?

    <p>SOC 2 Type 2</p> Signup and view all the answers

    Which application type is considered high risk and provides a common way for malware and viruses to enter a network?

    <p>Peer-to-Peer (P2P) file sharing applications</p> Signup and view all the answers

    An organization is looking to include mobile devices in its asset management system for better tracking. In which system tier of the reference architecture would mobile devices be tracked?

    <p>2</p> Signup and view all the answers

    Which of the following is the BEST way to protect an organization's data assets?

    <p>Monitor and enforce adherence to security policies.</p> Signup and view all the answers

    During an internal audit of an organizational Information Security Management System (ISMS), nonconformities are identified. In which of the following management stages are nonconformities reviewed, assessed and/or corrected by the organization?

    <p>B. Operation</p> Signup and view all the answers

    What is the purpose of an internal audit of an organizational Information Security Management System (ISMS)?

    <p>A. To identify nonconformities</p> Signup and view all the answers

    Which management stage of an organizational Information Security Management System (ISMS) involves planning and establishing security objectives and processes?

    <p>A. Planning</p> Signup and view all the answers

    During an internal audit of an organizational Information Security Management System (ISMS), nonconformities are identified. In which of the following management stages are nonconformities reviewed, assessed and/or corrected by the organization?

    <p>B. Operation</p> Signup and view all the answers

    What is the purpose of an internal audit of an organizational Information Security Management System (ISMS)?

    <p>A. To identify nonconformities</p> Signup and view all the answers

    Clothing retailer employees are provisioned with user accounts that provide access to resources at partner businesses. Under the Extended Identity principle, what is the process flow between partner businesses to allow this IAM action?

    <p>A. Federated identity management</p> Signup and view all the answers

    Which of the following features are unlocked instantly after purchasing Contributor Access for CISSP?

    <p>Access to ExamTopics database</p> Signup and view all the answers

    Under the Extended Identity principle, what is the process flow between partner businesses to allow clothing retailer employees access to resources?

    <p>Common identity and access management (IAM) protocols are used</p> Signup and view all the answers

    Which part of the computing system is responsible for providing security interfaces among the hardware, operating system, and other parts?

    <p>Security interfaces</p> Signup and view all the answers

    In the "Do" phase of the Plan-Do-Check-Act model, which of the following is performed?

    <p>C. Ensure the business continuity policy, controls, processes, and procedures have been implemented.</p> Signup and view all the answers

    What industry-recognized document could be used as a baseline reference that is related to data security and business operations or conducting a security assessment?

    <p>D. Service Organization Control (SOC) 2 Type 1</p> Signup and view all the answers

    A criminal organization is planning an attack on a government network. Which of the following scenarios presents the HIGHEST risk to the organization?

    <p>A. Organization loses control of their network devices.</p> Signup and view all the answers

    Which reporting type requires a service organization to describe its system and define its control objectives and controls that are relevant to users' internal control over financial reporting?

    <p>B. Service Organization Control 1 (SOC1)</p> Signup and view all the answers

    Which of the following is the BEST method to validate secure coding techniques against injection and overflow attacks?

    <p>C. Using automated programs to test for the latest known vulnerability patterns</p> Signup and view all the answers

    When resolving ethical conflicts, the information security professional MUST consider many factors. In what order should the considerations be prioritized?

    <p>C. Public safety, duties to principals, duties to individuals, and duties to the profession</p> Signup and view all the answers

    Which service management process BEST helps information technology (IT) organizations with reducing cost, mitigating risk, and improving customer service?

    <p>D. Information Technology Infrastructure Library (ITIL)</p> Signup and view all the answers

    A company is attempting to enhance the security of its user authentication processes. After evaluating several options, the company has decided to utilize Identity as a Service (IDaaS). Which of the following factors leads the company to choose an IDaaS as their solution?

    <p>A. In-house team lacks resources to support an on-premise solution.</p> Signup and view all the answers

    An organization recently suffered from a web-application attack that resulted in stolen user session cookie information. The attacker was able to obtain the information when a user's browser executed a script upon visiting a compromised website. What type of attack MOST likely occurred?

    <p>C. Cross-Site Scripting (XSS)</p> Signup and view all the answers

    An attack utilizing social engineering and a malicious Uniform Resource Locator (URL) link to take advantage of a victim's existing browser session with a web application is an example of which of the following types of attack?

    <p>B. Cross-site request forgery (CSRF)</p> Signup and view all the answers

    Which of the following encryption technologies has the ability to function as a stream cipher?

    <p>C. Cipher Feedback (CFB)</p> Signup and view all the answers

    In a disaster recovery (DR) test, which of the following would be a trait of crisis management?

    <p>B. Anticipate</p> Signup and view all the answers

    Which of the following BEST describes the purpose of the reference monitor when defining access control to enforce the security model?

    <p>B. Policies to validate organization rules</p> Signup and view all the answers

    Which of the following is security control volatility?

    <p>B. A reference to the likelihood of change in the security control.</p> Signup and view all the answers

    When auditing the Software Development Life Cycle (SDLC) which of the following is one of the high-level audit phases?

    <p>Requirements</p> Signup and view all the answers

    What is the term used to define where data is geographically stored in the cloud?

    <p>B. Data sovereignty</p> Signup and view all the answers

    Which of the following does the security design process ensure within the System Development Life Cycle (SDLC)?

    <p>Proper security controls, security objectives, and security goals are properly initiated.</p> Signup and view all the answers

    Which of the following is MOST important to follow when developing information security controls for an organization?

    <p>B. Exercise due diligence with regard to all risk management information to tailor appropriate controls.</p> Signup and view all the answers

    When recovering from an outage, what is the Recovery Point Objective (RPO), in terms of data recovery?

    <p>D. The RPO is the maximum amount of time for which loss of data is acceptable.</p> Signup and view all the answers

    Which of the following attacks, if successful, could give an intruder complete control of a software-defined networking (SDN) architecture?

    <p>A. A brute force password attack on the Secure Shell (SSH) port of the controller</p> Signup and view all the answers

    Which of the following is the BEST option to reduce the network attack surface of a system?

    <p>A. Disabling unnecessary ports and services</p> Signup and view all the answers

    The security architect is designing and implementing an internal certification authority to generate digital certificates for all employees. Which of the following is the BEST solution to securely store the private keys?

    <p>B. Trusted Platform Module (TPM)</p> Signup and view all the answers

    The existence of physical barriers, card and personal identification number (PIN) access systems, cameras, alarms, and security guards BEST describes this security approach?

    <p>C. Defense-in-depth</p> Signup and view all the answers

    A hospital enforces the Code of Fair Information Practices. What practice applies to a patient requesting their medical records from a web portal?

    <p>D. Individual participation</p> Signup and view all the answers

    A colleague who recently left the organization asked a security professional for a copy of the organization's confidential incident management policy. Which of the following is the BEST response to this request?

    <p>D. Submit the request using company official channels to ensure the policy is okay to distribute.</p> Signup and view all the answers

    Which of the following BEST describes when an organization should conduct a black box security audit on a new software protect?

    <p>C. When the organization is confident the final source code is complete</p> Signup and view all the answers

    In software development, which of the following entities normally signs the code to protect the code integrity?

    <p>C. The developer</p> Signup and view all the answers

    Which of the following technologies can be used to monitor and dynamically respond to potential threats on web applications?

    <p>C. Runtime application self-protection (RASP)</p> Signup and view all the answers

    A security architect is developing an information system for a client. One of the requirements is to deliver a platform that mitigates against common vulnerabilities and attacks. What is the MOST efficient option used to prevent buffer overflow attacks?

    <p>C. Address Space Layout Randomization (ASLR)</p> Signup and view all the answers

    In a quarterly system access review, an active privileged account was discovered that did not exist in the prior review on the production system. The account was created one hour after the previous access review. Which of the following is the BEST option to reduce overall risk in addition to quarterly access reviews?

    <p>B. Create policies for system access.</p> Signup and view all the answers

    Question #51Topic 1 A corporation does not have a formal data destruction policy. During which phase of a criminal legal proceeding will this have the MOST impact?

    <p>C. Discovery</p> Signup and view all the answers

    What is considered the BEST explanation when determining whether to provide remote network access to a third-party security service?

    <p>C. Business need</p> Signup and view all the answers

    The acquisition of personal data being obtained by a lawful and fair means is an example of what principle?

    <p>A. Collection Limitation Principle</p> Signup and view all the answers

    Which of the following is the MOST appropriate control for asset data labeling procedures?

    <p>A. Categorizing the types of media being used</p> Signup and view all the answers

    What is the BEST approach to anonymizing personally identifiable information (PII) in a test environment?

    <p>B. Randomizing data</p> Signup and view all the answers

    Which of the following departments initiates the request, approval, and provisioning business process?

    <p>A. Operations</p> Signup and view all the answers

    An organization is setting a security assessment scope with the goal of developing a Security Management Program (SMP). The next step is to select an approach for conducting the risk assessment. Which of the following approaches is MOST effective for the SMP?

    <p>C. Asset driven risk assessment with a focus on the assets</p> Signup and view all the answers

    Which technique helps system designers consider potential security concerns of their systems and applications?

    <p>A. Threat modeling</p> Signup and view all the answers

    A security professional can BEST mitigate the risk of using a Commercial Off-The-Shelf (COTS) solution by deploying the application with which of the following controls in place?

    <p>A. Network segmentation</p> Signup and view all the answers

    Which of the following BEST describes centralized identity management?

    <p>C. Service providers agree to integrate identity system recognition across organizational boundaries.</p> Signup and view all the answers

    What is the MOST significant benefit of role-based access control (RBAC)?

    <p>D. Reduction in authorization administration overhead</p> Signup and view all the answers

    What is the MOST common security risk of a mobile device?

    <p>D. Data leakage</p> Signup and view all the answers

    What level of Redundant Array of Independent Disks (RAID) is configured PRIMARILY for high-performance data reads and writes?

    <p>RAID-0</p> Signup and view all the answers

    What type of risk is related to the sequences of value-adding and managerial activities undertaken in an organization?

    <p>D. Process risk</p> Signup and view all the answers

    International bodies established a regulatory scheme that defines how weapons are exchanged between the signatories. It also addresses cyber weapons, including malicious software, Command and Control (C2) software, and internet surveillance software. This is a description of which of the following?

    <p>C. Wassenaar arrangement</p> Signup and view all the answers

    An organization has implemented a protection strategy to secure the network from unauthorized external access. The new Chief Information Security Officer (CISO) wants to increase security by better protecting the network from unauthorized internal access. Which Network Access Control (NAC) capability BEST meets this objective?

    <p>A. Port security</p> Signup and view all the answers

    Which section of the assessment report addresses separate vulnerabilities, weaknesses, and gaps?

    <p>D. Key findings section</p> Signup and view all the answers

    Why is data classification control important to an organization?

    <p>B. To ensure security controls align with organizational risk appetite</p> Signup and view all the answers

    To monitor the security of buried data lines inside the perimeter of a facility, which of the following is the MOST effective control?

    <p>B. Ground sensors installed and reporting to a security event management (SEM) system</p> Signup and view all the answers

    An enterprise is developing a baseline cybersecurity standard its suppliers must meet before being awarded a contract. Which of the following statements is TRUE about the baseline cybersecurity standard?

    <p>B. It should be expressed as technical requirements.</p> Signup and view all the answers

    Which access control method is based on users issuing access requests on system resources, features assigned to those resources, the operational or situational context, and a set of policies specified in terms of those features and context?

    <p>B. Attribute Based Access Control (ABAC)</p> Signup and view all the answers

    What is a security concern when considering implementing software-defined networking (SDN)?

    <p>B. It increases the attack footprint.</p> Signup and view all the answers

    What is the BEST way to restrict access to a file system on computing systems?

    <p>A. Use least privilege at each level to restrict access.</p> Signup and view all the answers

    Which of the following is the PRIMARY reason for selecting the appropriate level of detail for audit record generation?

    <p>C. Facilitate a root cause analysis (RCA)</p> Signup and view all the answers

    What is the correct order of execution for security architecture?

    <p>B. Governance, strategy and program management, project delivery, operations</p> Signup and view all the answers

    An international organization has decided to use a Software as a Service (SaaS) solution to support its business operations. Which of the following compliance standards should the organization use to assess the international code security and data privacy of the solution?

    <p>A. Service Organization Control (SOC) 2</p> Signup and view all the answers

    An authentication system that uses challenge and response was recently implemented on an organization's network, because the organization conducted an annual penetration test showing that testers were able to move laterally using authenticated credentials. Which attack method was MOST likely used to achieve this?

    <p>B. Pass the ticket</p> Signup and view all the answers

    Which of the following would qualify as an exception to the "right to be forgotten" of the General Data Protection Regulation (GDPR)?

    <p>A. For the establishment, exercise, or defense of legal claims</p> Signup and view all the answers

    Dumpster diving is a technique used in which stage of penetration testing methodology?

    <p>Discovery</p> Signup and view all the answers

    Which of the following is performed to determine a measure of success of a security awareness training program designed to prevent social engineering attacks?

    <p>B. Internal assessment of the training program's effectiveness</p> Signup and view all the answers

    The security team is notified that a device on the network is infected with malware. Which of the following is MOST effective in enabling the device to be quickly located and remediated?

    <p>D. Information Technology Asset Management (ITAM)</p> Signup and view all the answers

    Which of the following threats would be MOST likely mitigated by monitoring assets containing open source libraries for vulnerabilities?

    <p>B. Advanced persistent threat (APT) attempt</p> Signup and view all the answers

    As a design principle, which one of the following actors is responsible for identifying and approving data security requirement in a cloud ecosystem?

    <p>D. Cloud consumer</p> Signup and view all the answers

    Which of the following is the MOST effective way to ensure the endpoint devices used by remote users are compliant with an organization's approved policies before being allowed on the network?

    <p>A. Network Access Control (NAC)</p> Signup and view all the answers

    Which one of the following BEST protects vendor accounts that are used for emergency maintenance?

    <p>C. Role-based access control (RBAC)</p> Signup and view all the answers

    Which event magnitude is defined as deadly, destructive, and disruptive when a hazard interacts with human vulnerability?

    <p>Disaster</p> Signup and view all the answers

    Which of the following BEST describes the purpose of software forensics?

    <p>C. To determine the author and behavior of the code</p> Signup and view all the answers

    A web developer is completing a new web application security checklist before releasing the application to production. The task of disabling unnecessary services is on the checklist. Which web application threat is being mitigated by this action?

    <p>B. Security misconfiguration</p> Signup and view all the answers

    What is the BEST method to use for assessing the security impact of acquired software?

    <p>A. Threat modeling</p> Signup and view all the answers

    Which of the following ensures old log data is not overwritten?

    <p>A. Log retention</p> Signup and view all the answers

    Under the General Data Protection Regulation (GDPR), what is the maximum amount of time allowed for reporting a personal data breach?

    <p>A. 72hours</p> Signup and view all the answers

    A financial organization that works according to agile principles has developed a new application for their external customer base to request a line of credit. A security analyst has been asked to assess the security risk of the minimum viable product (MVP). Which is the MOST important activity the analyst should assess?

    <p>D. The software has been code reviewed.</p> Signup and view all the answers

    An application developer receives a report back from the security team showing their automated tools were able to successfully enter unexpected data into the organization's customer service portal, causing the site to crash. This is an example of which type of testing?

    <p>Negative</p> Signup and view all the answers

    Which of the following is the MOST effective strategy to prevent an attacker from disabling a network?

    <p>D. Implement network segmentation to achieve robustness.</p> Signup and view all the answers

    What is the FIRST step that should be considered in a Data Loss Prevention (DLP) program?

    <p>C. Data classification</p> Signup and view all the answers

    Which change management role is responsible for the overall success of the project and supporting the change throughout the organization?

    <p>B. Project manager</p> Signup and view all the answers

    A company needs to provide shared access of sensitive data on a cloud storage to external business partners. Which of the following identity models is the BEST to blind identity providers (IdP) and relying parties (RP) so that subscriber lists of other parties are not disclosed?

    <p>A. Proxied federation</p> Signup and view all the answers

    A security professional needs to find a secure and efficient method of encrypting data on an endpoint. Which solution includes a root key?

    <p>B. Trusted Platform Module (TPM)</p> Signup and view all the answers

    Which combination of cryptographic algorithms are compliant with Federal Information Processing Standard (FIPS) Publication 140-2 for non-legacy systems?

    <p>A. Diffie-hellman (DH) key exchange: DH (&gt;=2048 bits) Symmetric Key: Advanced Encryption Standard (AES) &gt; 128 bits Digital Signature: Digital Signature Algorithm (DSA) (&gt;=2048 bits)</p> Signup and view all the answers

    What is the PRIMARY purpose of creating and reporting metrics for a security awareness, training, and education program?

    <p>A. Measure the effect of the program on the organization's workforce.</p> Signup and view all the answers

    In a DevOps environment, which of the following actions is MOST necessary to have confidence in the quality of the changes being made?

    <p>D. Receive approval from the change review board.</p> Signup and view all the answers

    What is the MAIN purpose of a security assessment plan?

    <p>B. Provide the objectives for the security and privacy control assessments and a detailed roadmap of how to conduct such assessments.</p> Signup and view all the answers

    What documentation is produced FIRST when performing an effective physical loss control process?

    <p>D. Inventory list</p> Signup and view all the answers

    Which organizational department is ultimately responsible for information governance related to e-mail and other e-records?

    <p>Compliance</p> Signup and view all the answers

    A cloud service provider requires its customer organizations to enable maximum audit logging for its data storage service and to retain the logs for the period of three months. The audit logging gene has extremely high amount of logs. What is the MOST appropriate strategy for the log retention?

    <p>C. Keep last week's logs in an online storage and the rest in a near-line storage.</p> Signup and view all the answers

    In Federated Identity Management (FIM), which of the following represents the concept of federation?

    <p>D. Collection of domains that have established trust among themselves</p> Signup and view all the answers

    Which of the following is an indicator that a company's new user security awareness training module has been effective?

    <p>B. More incidents of phishing attempts are being reported.</p> Signup and view all the answers

    An organization is trying to secure instant messaging (IM) communications through its network perimeter. Which of the following is the MOST significant challenge?

    <p>C. IM clients can utilize random port numbers.</p> Signup and view all the answers

    Using the cipher text and resultant cleartext message to derive the monoalphabetic cipher key is an example of which method of cryptanalytic attack?

    <p>A. Known-plaintext attack</p> Signup and view all the answers

    When developing an organization's information security budget, it is important that the:

    <p>B. expected risk can be managed appropriately with the funds allocated.</p> Signup and view all the answers

    A subscription service which provides power, climate control, raised flooring, and telephone wiring but NOT the computer and peripheral equipment is BEST described as a:

    <p>cold site.</p> Signup and view all the answers

    An international trading organization that holds an International Organization for Standardization (ISO) 27001 certification is seeking to outsource their security monitoring to a managed security service provider (MSSP). The trading organization's security officer is tasked with drafting the requirements that need to be included in the outsourcing contract. Which of the following MUST be included in the contract?

    <p>D. The right to audit the MSSP's security process</p> Signup and view all the answers

    Which of the following is the PRIMARY type of cryptography required to support non-repudiation of a digitally signed document?

    <p>Asymmetric</p> Signup and view all the answers

    What is the MOST effective method to enhance security of a single sign-on (SSO) solution that interfaces with critical systems?

    <p>A. Two-factor authentication</p> Signup and view all the answers

    Which of the following is MOST appropriate to collect evidence of a zero-day attack?

    <p>Honeypot</p> Signup and view all the answers

    When assessing web vulnerabilities, how can navigating the dark web add value to a penetration test?

    <p>C. Information may be found on related breaches and hacking.</p> Signup and view all the answers

    The quality assurance (QA) department is short-staffed and is unable to test all modules before the anticipated release date of an application. What security control is MOST likely to be violated?

    <p>A. Change management</p> Signup and view all the answers

    Which of the following criteria ensures information is protected relative to its importance to the organization?

    <p>A. Legal requirements, value, criticality, and sensitivity to unauthorized disclosure or modification</p> Signup and view all the answers

    What is the FIRST step when developing an Information Security Continuous Monitoring (ISCM) program?

    <p>C. Define an ISCM strategy based on risk tolerance.</p> Signup and view all the answers

    An organization has requested storage area network (SAN) disks for a new project. What Redundant Array of Independent Disks (RAID) level provides the BEST redundancy and fault tolerance?

    <p>A. RAID level 5</p> Signup and view all the answers

    Compared to a traditional network, which of the following is a security-related benefit that software-defined networking (SDN) provides?

    <p>C. Centralized network administrative control</p> Signup and view all the answers

    What is the MOST effective response to a hacker who has already gained access to a network and will attempt to pivot to other resources?

    <p>C. Segment the network.</p> Signup and view all the answers

    Which of the following is a common term for log reviews, synthetic transactions, and code reviews?

    <p>C. Security control testing</p> Signup and view all the answers

    A database server for a financial application is scheduled for production deployment. Which of the following controls will BEST prevent tampering?

    <p>B. Data validation</p> Signup and view all the answers

    The Industrial Control System (ICS) Computer Emergency Response Team (CERT) has released an alert regarding ICS-focused malware specifically propagating through Windows-based business networks. Technicians at a local water utility note that their dams, canals, and locks controlled by an internal Supervisory Control and Data Acquisition (SCADA) system have been malfunctioning. A digital forensics professional is consulted in the Incident Response (IR) and recovery. Which of the following is the MOST challenging aspect of this investigation?

    <p>D. Volatility of data</p> Signup and view all the answers

    What term is commonly used to describe hardware and software assets that are stored in a configuration management database (CMDB)?

    <p>A. Configuration item</p> Signup and view all the answers

    A company is planning to implement a private cloud infrastructure. Which of the following recommendations will support the move to a cloud infrastructure?

    <p>A. Implement software-defined networking (SDN) to provide the ability to apply high-level policies to shape and reorder network traffic based on users, devices and applications.</p> Signup and view all the answers

    Which is MOST important when negotiating an Internet service provider (ISP) service-level agreement (SLA) by an organization that solely provides Voice over Internet Protocol (VoIP) services?

    <p>B. Quality of Service (QoS) between applications</p> Signup and view all the answers

    A company hired an external vendor to perform a penetration test of a new payroll system. The company's internal test team had already performed an in-depth application and security test of the system and determined that it met security requirements. However, the external vendor uncovered significant security weaknesses where sensitive personal data was being sent unencrypted to the tax processing systems. What is the MOST likely cause of the security issues?

    <p>D. Failure to perform interface testing</p> Signup and view all the answers

    An organization wants to define as physical perimeter. What primary device should be used to accomplish this objective if the organization's perimeter MUST cost- efficiently deter casual trespassers?

    <p>A. Fences three to four feet high with a turnstile</p> Signup and view all the answers

    Which of the following vulnerabilities can be BEST detected using automated analysis?

    <p>D. Typical source code vulnerabilities</p> Signup and view all the answers

    A project manager for a large software firm has acquired a government contract that generates large amounts of Controlled Unclassified Information (CUI). The organization's information security manager had received a request to transfer project-related CUI between systems of differing security classifications. What role provides the authoritative guidance for this transfer?

    <p>B. Information owner</p> Signup and view all the answers

    Which of the following determines how traffic should flow based on the status of the infrastructure layer?

    <p>A. Control plane</p> Signup and view all the answers

    When testing password strength, which of the following is the BEST method for brute forcing passwords?

    <p>A. Conduct an offline attack on the hashed password information.</p> Signup and view all the answers

    Which of the following is the name of an individual or group that is impacted by a change?

    <p>C. Stakeholder</p> Signup and view all the answers

    The European Union (EU) General Data Protection Regulation (GDPR) requires organizations to implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk. The Data Owner should therefore consider which of the following requirements?

    <p>B. Data masking and encryption of personal data</p> Signup and view all the answers

    What is the PRIMARY benefit of incident reporting and computer crime investigations?

    <p>B. Repairing the damage and preventing future occurrences</p> Signup and view all the answers

    Which of the following is the MOST common method of memory protection?

    <p>C. Segmentation</p> Signup and view all the answers

    What testing technique enables the designer to develop mitigation strategies for potential vulnerabilities?

    <p>B. Threat modelinG</p> Signup and view all the answers

    Assuming an individual has taken all of the steps to keep their internet connection private, which of the following is the BEST to browse the web privately?

    <p>B. Prevent information about browsing activities from being stored on the personal device.</p> Signup and view all the answers

    A software engineer uses automated tools to review application code and search for application flaws, back doors, or other malicious code. Which of the following is the FIRST Software Development Life Cycle (SDLC) phase where this takes place?

    <p>Development</p> Signup and view all the answers

    A company developed a web application which is sold as a Software as a Service (SaaS) solution to the customer. The application is hosted by a web server running on a specific operating system (OS) on a virtual machine (VM). During the transition phase of the service, it is determined that the support team will need access to the application logs. Which of the following privileges would be the MOST suitable?

    <p>B. Administrative privileges on the application folders</p> Signup and view all the answers

    A security practitioner detects an Endpoint attack on the organization's network. What is the MOST reasonable approach to mitigate future Endpoint attacks?

    <p>B. Harden the client image before deployment.</p> Signup and view all the answers

    What are the essential elements of a Risk Assessment Report (RAR)?

    <p>A. Executive summary, body of the report, and appendices</p> Signup and view all the answers

    The security operations center (SOC) has received credible intelligence that a threat actor is planning to attack with multiple variants of a destructive virus. After obtaining a sample set of this virus' variants and reverse engineering them to understand how they work, a commonality was found. All variants are coded to write to a specific memory location. It is determined this virus is of no threat to the organization because they had the foresight to enable what feature on all endpoints?

    <p>A. Address Space Layout Randomization (ASLR)</p> Signup and view all the answers

    The Chief Information Security Officer (CISO) is to establish a single, centralized, and relational repository to hold all information regarding the software and hardware assets. Which of the following s ions would be the BEST option?

    <p>B. Configuration Management Database (CMDB)</p> Signup and view all the answers

    What type of investigation applies when malicious behavior is suspected between two organizations?

    <p>Civil</p> Signup and view all the answers

    Which of the following techniques evaluates the secure design principles of network or software architectures?

    <p>C. Threat modeling</p> Signup and view all the answers

    Which element of software supply chain management has the GREATEST security risk to organizations?

    <p>A. Unsupported libraries are often used.</p> Signup and view all the answers

    Which of the following should be done at a disaster site before any item is removed, repaired, or replaced?

    <p>C. Take photos of the damage</p> Signup and view all the answers

    When designing a new Voice over Internet Protocol (VoIP) network, an organization's top concern is preventing unauthorized users accessing the VoIP network. Which of the following will BEST help secure the VoIP network?

    <p>D. 802.1x</p> Signup and view all the answers

    A user's credential for an application is stored in a relational database. Which control protects the confidentiality of the credential while it is stored?

    <p>A. Use a salted cryptographic hash of the password.</p> Signup and view all the answers

    Which of the following frameworks provides vulnerability metrics and characteristics to support the National Vulnerability Database (NVD)?

    <p>C. Common Vulnerability Scoring System (CVSS)</p> Signup and view all the answers

    A security architect is reviewing plans for an application with a Recovery Point Objective (RPO) of 15 minutes. The current design has all of the application infrastructure located within one co-location data center. Which security principle is the architect currently assessing?

    <p>B. Availability</p> Signup and view all the answers

    Which factors MUST be considered when classifying information and supporting assets for risk management, legal discovery, and compliance?

    <p>C. Data stewardship roles, data handling and storage standards, data lifecycle requirements</p> Signup and view all the answers

    The Chief Information Security Officer (CISO) of a small organization is making a case for building a security operations center (SOC). While debating between an in-house, fully outsourced, or a hybrid capability, which of the following would be the MAIN consideration, regardless of the model?

    <p>B. Scope and service catalog</p> Signup and view all the answers

    An organization would like to ensure that all new users have a predefined departmental access template applied upon creation. The organization would also like additional access for users to be granted on a per-project basis. What type of user access administration is BEST suited to meet the organization's needs?

    <p>Hybrid</p> Signup and view all the answers

    Which of the following is a secure design principle for a new product?

    <p>C. Build in appropriate levels of fault tolerance.</p> Signup and view all the answers

    What is the PRIMARY benefit of relying on Security Content Automation Protocol (SCAP)?

    <p>A. Standardize specifications between software security products.</p> Signup and view all the answers

    What are the three key benefits that application developers should derive from the northbound application programming interface (API) of software defined networking (SDN)?

    <p>D. Familiar syntax, abstraction of network topology, and abstraction of network protocols</p> Signup and view all the answers

    Which of the following is a unique feature of attribute-based access control (ABAC)?

    <p>A. A user is granted access to a system at a particular time of day.</p> Signup and view all the answers

    Which of the following is the BEST approach to implement multiple servers on a virtual system?

    <p>A. Implement one primary function per virtual server and apply individual security configuration for each virtual server.</p> Signup and view all the answers

    Which of the following is the MOST common cause of system or security failures?

    <p>B. Lack of change control</p> Signup and view all the answers

    The Chief Information Officer (CIO) has decided that as part of business modernization efforts the organization will move towards a cloud architecture. All business-critical data will be migrated to either internal or external cloud services within the next two years. The CIO has a PRIMARY obligation to work with personnel in which role in order to ensure proper protection of data during and after the cloud migration?

    <p>C. Chief Information Security Officer (CISO)</p> Signup and view all the answers

    A developer is creating an application that requires secure logging of all user activity. What is the BEST permission the developer should assign to the log file to ensure requirements are met?

    <p>append</p> Signup and view all the answers

    When performing an investigation with the potential for legal action, what should be the analyst's FIRST consideration?

    <p>B. Chain-of-custody</p> Signup and view all the answers

    Building blocks for software-defined networks (SDN) require which of the following?

    <p>C. The SDN is mostly composed of virtual machines (VM).</p> Signup and view all the answers

    What is the MINIMUM standard for testing a disaster recovery plan (DRP)?

    <p>D. Semi-annually and in alignment with a fiscal half-year business cycle</p> Signup and view all the answers

    Which security audit standard provides the BEST way for an organization to understand a vendor's Information Systems (IS) in relation to confidentiality, integrity, and availability?

    <p>A. Service Organization Control (SOC) 2</p> Signup and view all the answers

    An application team is running tests to ensure that user entry fields will not accept invalid input of any length. What type of negative testing is this an example of?

    <p>C. Reasonable data</p> Signup and view all the answers

    An organization is considering partnering with a third-party supplier of cloud services. The organization will only be providing the data and the third-party supplier will be providing the security controls. Which of the following BEST describes this service offering?

    <p>D. Software as a Service (SaaS)</p> Signup and view all the answers

    Which of the following factors should be considered characteristics of Attribute Based Access Control (ABAC) in terms of the attributes used?

    <p>D. Role Based Access Control (RBAC) and Access Control List (ACL)</p> Signup and view all the answers

    Which of the following is the MOST significant key management problem due to the number of keys created?

    <p>A. Exponential growth when using symmetric keys</p> Signup and view all the answers

    Systems Security Professional (CISSP) with identity and access management (IAM) responsibilities is asked by the Chief Information Security Officer (CISO) to perform a vulnerability assessment on a web application to pass a Payment Card Industry (PCI) audit. The CISSP has never performed this before. According to the (ISC) Code of Professional Ethics, which of the following should the CISSP do?

    <p>A. Inform the CISO that they are unable to perform the task because they should render only those services for which they are fully competent and qualified</p> Signup and view all the answers

    While performing a security review for a new product, an information security professional discovers that the organization's product development team is proposing to collect government-issued identification (ID) numbers from customers to use as unique customer identifiers. Which of the following recommendations should be made to the product development team?

    <p>C. Customer identifiers that do not resemble the user's government-issued ID number should be used.</p> Signup and view all the answers

    The development team has been tasked with collecting data from biometric devices. The application will support a variety of collection data streams. During the testing phase, the team utilizes data from an old production database in a secure testing environment. What principle has the team taken into consideration?

    <p>C. Biometric data must be protected from disclosure.</p> Signup and view all the answers

    Information security practitioners are in the midst of implementing a new firewall. Which of the following failure methods would BEST prioritize security in the event of failure?

    <p>Fail-Closed</p> Signup and view all the answers

    Which of the following services can be deployed via a cloud service or on-premises to integrate with Identity as a Service (IDaaS) as the authoritative source of user identities?

    <p>Directory</p> Signup and view all the answers

    Which of the following statements is TRUE about Secure Shell (SSH)?

    <p>A. SSH supports port forwarding, which can be used to protect less secured protocols.</p> Signup and view all the answers

    What is considered a compensating control for not having electrical surge protectors installed?

    <p>B. Having a hot disaster recovery (DR) environment for the site</p> Signup and view all the answers

    What is the FIRST step in risk management?

    <p>A. Identify the factors that have potential to impact business.</p> Signup and view all the answers

    Which of the following is the PRIMARY goal of logical access controls?

    <p>A. Restrict access to an information asset.</p> Signup and view all the answers

    Which of the following is a covert channel type?

    <p>Storage</p> Signup and view all the answers

    A software developer wishes to write code that will execute safely and only as intended. Which of the following programming language types is MOST likely to achieve this goal?

    <p>C. Strongly typed</p> Signup and view all the answers

    Which of the following roles is responsible for ensuring that important datasets are developed, maintained, and are accessible within their defined specifications?

    <p>A. Data Custodian</p> Signup and view all the answers

    What is static analysis intended to do when analyzing an executable file?

    <p>D. Disassemble the file to gather information about the executable file's function.</p> Signup and view all the answers

    A network security engineer needs to ensure that a security solution analyzes traffic for protocol manipulation and various sorts of common attacks. In addition, all Uniform Resource Locator (URL) traffic must be inspected and users prevented from browsing inappropriate websites. Which of the following solutions should be implemented to enable administrators the capability to analyze traffic, blacklist external sites, and log user traffic for later analysis?

    <p>A. Application-Level Proxy</p> Signup and view all the answers

    What is the PRIMARY consideration when testing industrial control systems (ICS) for security weaknesses?

    <p>C. ICS are often sensitive to unexpected traffic.</p> Signup and view all the answers

    The security team plans on using automated account reconciliation in the corporate user access review process. Which of the following must be implemented for the BEST results with fewest errors when running the audit?

    <p>D. Clear provisioning policies</p> Signup and view all the answers

    In the common criteria, which of the following is a formal document that expresses an implementation-independent set of security requirements?

    <p>C. Protection Profile (PP)</p> Signup and view all the answers

    Which of the following is an example of a vulnerability of full-disk encryption (FDE)?

    <p>D. Data at rest has been compromised when the user has authenticated to the device.</p> Signup and view all the answers

    What is the FIRST step in reducing the exposure of a network to Internet Control Message Protocol (ICMP) based attacks?

    <p>A. Implement network access control lists (ACL).</p> Signup and view all the answers

    A large organization's human resources and security teams are planning on implementing technology to eliminate manual user access reviews and improve compliance. Which of the following options is MOST likely to resolve the issues associated with user access?

    <p>C. Implement identity and access management (IAM) platform.</p> Signup and view all the answers

    A cloud service accepts Security Assertion Markup Language (SAML) assertions from users to exchange authentication and authorization data between security domains. However, an attacker was able to spoof a registered account on the network and query the SAML provider. What is the MOST common attack leveraged against this flaw?

    <p>B. Attacker forges requests to authenticate as a different user.</p> Signup and view all the answers

    An organization is implementing security review as part of system development. Which of the following is the BEST technique to follow?

    <p>A. Perform incremental assessments.</p> Signup and view all the answers

    What Hypertext Transfer Protocol (HTTP) response header can be used to disable the execution of inline JavaScript and the execution of eval()-type functions?

    <p>B. Content-Security-Policy</p> Signup and view all the answers

    A security professional was tasked with rebuilding a company's wireless infrastructure. Which of the following are the MOST important factors to consider while making a decision on which wireless spectrum to deploy?

    <p>B. Performance, geographic location, and radio signal interference</p> Signup and view all the answers

    A software development company has a short timeline in which to deliver a software product. The software development team decides to use open-source software libraries to reduce the development time. What concept should software developers consider when using open-source software libraries?

    <p>A. Open source libraries contain known vulnerabilities, and adversaries regularly exploit those vulnerabilities in the wild.</p> Signup and view all the answers

    A security engineer is assigned to work with the patch and vulnerability management group. The deployment of a new patch has been approved and needs to be applied. The research is complete, and the security engineer has provided recommendations. Where should the patch be applied FIRST?

    <p>A. Lower environment</p> Signup and view all the answers

    What BEST describes the confidentiality, integrity, availability triad?

    <p>C. The implementation of security systems to protect the organization's data</p> Signup and view all the answers

    sample

    <p>A</p> Signup and view all the answers

    sample

    <p>B</p> Signup and view all the answers

    sample

    <p>C</p> Signup and view all the answers

    Why is it important that senior management clearly communicates the formal Maximum Tolerable Downtime (MTD) decision?

    <p>A. To provide each manager with precise direction on selecting an appropriate recovery alternative</p> Signup and view all the answers

    A Simple Power Analysis (SPA) attack against a device directly observes which of the following?

    <p>Consumption</p> Signup and view all the answers

    Which of the following MUST the administrator of a security information and event management (SIEM) system ensure?

    <p>A. All sources are synchronized with a common time reference.</p> Signup and view all the answers

    An organization wants to share data securely with their partners via the Internet. Which standard port is typically used to meet this requirement?

    <p>C. Setup a server on Transmission Control Protocol (TCP) port 22</p> Signup and view all the answers

    When designing a business continuity plan (BCP), what is the formula to determine the Maximum Tolerable Downtime (MTD)?

    <p>D. Recovery Time Objective (RTO) + Work Recovery Time (WRT)</p> Signup and view all the answers

    In systems security engineering, what does the security principle of modularity provide?

    <p>C. Isolated functions and data</p> Signup and view all the answers

    Which of the following is the strongest physical access control?

    <p>D. Biometrics, a password, and badge reader</p> Signup and view all the answers

    An access control list (ACL) on a router is a feature MOST similar to which type of firewall?

    <p>B. Packet filtering firewall</p> Signup and view all the answers

    While dealing with the consequences of a security incident, which of the following security controls are MOST appropriate?

    <p>B. Corrective and recovery controls</p> Signup and view all the answers

    A cloud hosting provider would like to provide a Service Organization Control (SOC) report relevant to its security program. This report should an abbreviated report that can be freely distributed. Which type of report BEST meets this requirement?

    <p>D. SOC 3</p> Signup and view all the answers

    Which of the following is TRUE for an organization that is using a third-party federated identity service?

    <p>C. The organization establishes a trust relationship with the other organizations</p> Signup and view all the answers

    Which of the following describes the BEST method of maintaining the inventory of software and hardware within the organization?

    <p>D. Maintaining the inventory through a combination of system configuration, network management, and license management tools</p> Signup and view all the answers

    Which of the following outsourcing agreement provisions has the HIGHEST priority from a security operations perspective?

    <p>D. Escalation process for problem resolution during incidents</p> Signup and view all the answers

    Which of the following is the MOST comprehensive Business Continuity (BC) test?

    <p>A. Full interruption</p> Signup and view all the answers

    A security practitioner needs to implement a solution to verify endpoint security protections and operating system (OS) versions. Which of the following is the BEST solution to implement?

    <p>B. Network Access Control (NAC)</p> Signup and view all the answers

    During an internal audit of an organizational Information Security Management System (ISMS), nonconformities are identified. In which of the following management stages are nonconformities reviewed, assessed and/or corrected by the organization?

    <p>Improvement</p> Signup and view all the answers

    When developing an external facing web-based system, which of the following would be the MAIN focus of the security assessment prior to implementation and production?

    <p>D. Ensuring that input validation is enforced</p> Signup and view all the answers

    A financial services organization has employed a security consultant to review processes used by employees across various teams. The consultant interviewed a member of the application development practice and found gaps in their threat model. Which of the following correctly represents a trigger for when a threat model should be revised?

    <p>D. A new data repository is added.</p> Signup and view all the answers

    The Chief Information Security Officer (CISO) of an organization has requested that a Service Organization Control (SOC) report be created to outline the security and availability of a particular system over a 12-month period. Which type of SOC report should be utilized?

    <p>C. SOC 2 Type 2</p> Signup and view all the answers

    An organization recently upgraded to a Voice over Internet Protocol (VoIP) phone system. Management is concerned with unauthorized phone usage. The security consultant is responsible for putting together a plan to secure these phones. Administrators have assigned unique personal identification number (PIN) codes for each person in the organization. What is the BEST solution?

    <p>A. Have the administrator enforce a policy to change the PIN regularly. Implement call detail records (CDR) reports to track usage.</p> Signup and view all the answers

    Which of the following protection is provided when using a Virtual Private Network (VPN) with Authentication Header (AH)?

    <p>A. Sender non-repudiation</p> Signup and view all the answers

    An organization contracts with a consultant to perform a System Organization Control (SOC) 2 audit on their internal security controls. An auditor documents a finding a related to an Application Programming Interface (API) performing an action that is not aligned with the scope or objective of the system. Which trust service principle would be MOST applicable in th is situation?

    <p>Processing Integrity</p> Signup and view all the answers

    In which process MUST security be considered during the acquisition of new software?

    <p>A. Request for proposal (RFP)</p> Signup and view all the answers

    Which of the following is the MAIN difference between a network-based firewall and a host-based firewall?

    <p>C. A network-based firewall controls traffic passing through the device, while a host-based firewall controls traffic destined for the device.</p> Signup and view all the answers

    Which of the following measures serves as the BEST means for protecting data on computers, smartphones, and external storage devices when traveling to high- risk countries?

    <p>D. Use multi-factor authentication (MFA) to gain access to data stored on laptops or external storage devices and biometric fingerprint access control mechanisms to unlock smartphones.</p> Signup and view all the answers

    When network management is outsourced to third parties, which of the following is the MOST effective method of protecting critical data assets?

    <p>B. Employ strong access controls</p> Signup and view all the answers

    Which of the following regulations dictates how data breaches are handled?

    <p>D. General Data Protection Regulation (GDPR)</p> Signup and view all the answers

    In software development, developers should use which type of queries to prevent a Structured Query Language (SQL) injection?

    <p>Parameterised</p> Signup and view all the answers

    Which type of access control includes a system that allows only users that are type=managers and department=sales to access employee records?

    <p>B. Attribute-based access control (ABAC)</p> Signup and view all the answers

    Which of the following examples is BEST to minimize the attack surface for a customer's private information?

    <p>D. Collection limitation</p> Signup and view all the answers

    Which evidence collecting technique would be utilized when it is believed an attacker is employing a rootkit and a quick analysis is needed?

    <p>C. Memory collection</p> Signup and view all the answers

    An application is used for funds transfers between an organization and a third-party. During a security audit, an auditor has found an issue with the business continuity disaster recovery policy and procedures for this application. Which of the following reports should the auditor file with the organization?

    <p>D. Service Organization Control (SOC) 2</p> Signup and view all the answers

    When determining data and information asset handling, regardless of the specific toolset being used, which of the following is one of the common components of big data?

    <p>A. Distributed storage locations</p> Signup and view all the answers

    A Chief Information Security Officer (CISO) of a firm which decided to migrate to cloud has been tasked with ensuring an optimal level of security. Which of the following would be the FIRST consideration?

    <p>A. Analyze the firm's applications and data repositories to determine the relevant control requirements.</p> Signup and view all the answers

    Which of the following BEST describes the purpose of Border Gateway Protocol (BGP)?

    <p>D. Maintain a list of efficient network paths between autonomous systems.</p> Signup and view all the answers

    What is the BEST design for securing physical perimeter protection?

    <p>C. Barriers, fences, gates, and walls</p> Signup and view all the answers

    The security organization is looking for a solution that could help them determine with a strong level of confidence that attackers have breached their network. Which solution is MOST effective at discovering a successful network breach?

    <p>C. Deploying a honeypot</p> Signup and view all the answers

    Which of the following is a benefit of implementing data-in-use controls?

    <p>B. When the data is being viewed, it can only be printed by authorized users.</p> Signup and view all the answers

    When configuring Extensible Authentication Protocol (EAP) in a Voice over Internet Protocol (VoIP) network, which of the following authentication types is the

    <p>B. EAP-Transport Layer Security (TLS)</p> Signup and view all the answers

    Which of the following would be the BEST guideline to follow when attempting to avoid the exposure of sensitive data?

    <p>D. Store sensitive data only when necessary.</p> Signup and view all the answers

    All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that

    <p>B. determine the technological dependence of the business processes</p> Signup and view all the answers

    Which of the following actions will reduce risk to a laptop before traveling to a high risk area?

    <p>B. Implement more stringent baseline configurations</p> Signup and view all the answers

    Which of the following represents the GREATEST risk to data confidentiality?

    <p>D. Users have administrative privileges</p> Signup and view all the answers

    What is the MOST important consideration from a data security perspective when an organization plans to relocate?

    <p>C. Conduct a gap analysis of a new facilities against existing security requirements</p> Signup and view all the answers

    A company whose Information Technology (IT) services are being delivered from a Tier 4 data center, is preparing a companywide Business Continuity Planning (BCP). Which of the following failures should the IT manager be concerned with?

    <p>Application</p> Signup and view all the answers

    When assessing an organization's security policy according to standards established by the International Organization for Standardization (ISO) 27001 and 27002, when can management responsibilities be defined?

    <p>A. Only when assets are clearly defined</p> Signup and view all the answers

    Which of the following types of technologies would be the MOST cost-effective method to provide a reactive control for protecting personnel in public areas?

    <p>C. Supply a duress alarm for personnel exposed to the public</p> Signup and view all the answers

    An important principle of defense in depth is that achieving information security requires a balanced focus on which PRIMARY elements?

    <p>C. People, technology, and operations</p> Signup and view all the answers

    Intellectual property rights are PRIMARY concerned with which of the following?

    <p>A. Owner's ability to realize financial gain</p> Signup and view all the answers

    Which of the following is MOST important when assigning ownership of an asset to a department?

    <p>D. All members should be trained on their responsibilities</p> Signup and view all the answers

    Which one of the following affects the classification of data?

    <p>A. Assigned security label</p> Signup and view all the answers

    Which of the following BEST describes the responsibilities of a data owner?

    <p>C. Ensuring accessibility to appropriate users, maintaining appropriate levels of data security</p> Signup and view all the answers

    An organization has doubled in size due to a rapid market share increase. The size of the Information Technology (IT) staff has maintained pace with this growth. The organization hires several contractors whose onsite time is limited. The IT department has pushed its limits building servers and rolling out workstations and has a backlog of account management requests. Which contract is BEST in offloading the task from the IT staff?

    <p>B. Identity as a Service (IDaaS)</p> Signup and view all the answers

    When implementing a data classification program, why is it important to avoid too much granularity?

    <p>A. The process will require too many resources</p> Signup and view all the answers

    In a data classification scheme, the data is owned by the

    <p>B. business managers</p> Signup and view all the answers

    Which of the following is an initial consideration when developing an information security management system?

    <p>B. Understand the value of the information assets</p> Signup and view all the answers

    Which of the following is an effective control in preventing electronic cloning of Radio Frequency Identification (RFID) based access cards?

    <p>D. Asymmetric Card Authentication Key (CAK) challenge-response</p> Signup and view all the answers

    Which security service is served by the process of encryption plaintext with the sender's private key and decrypting cipher text with the sender's public key?

    <p>Integrity</p> Signup and view all the answers

    Which of the following mobile code security models relies only on trust?

    <p>A. Code signing</p> Signup and view all the answers

    Which technique can be used to make an encryption scheme more resistant to a known plaintext attack?

    <p>A. Hashing the data before encryption</p> Signup and view all the answers

    What is the second phase of Public Key Infrastructure (PKI) key/certificate life-cycle management?

    <p>D. Issued Phase</p> Signup and view all the answers

    Which component of the Security Content Automation Protocol (SCAP) specification contains the data required to estimate the severity of vulnerabilities identified automated vulnerability assessments?

    <p>B. Common Vulnerability Scoring System (CVSS)</p> Signup and view all the answers

    Who in the organization is accountable for classification of data information assets?

    <p>A. Data owner</p> Signup and view all the answers

    The use of private and public encryption keys is fundamental in the implementation of which of the following?

    <p>B. Secure Sockets Layer (SSL)</p> Signup and view all the answers

    What is the purpose of an Internet Protocol (IP) spoofing attack?

    <p>D. To convince a system that it is communicating with a known entity</p> Signup and view all the answers

    At what level of the Open System Interconnection (OSI) model is data at rest on a Storage Area Network (SAN) located?

    <p>B. Physical layer</p> Signup and view all the answers

    In a Transmission Control Protocol/Internet Protocol (TCP/IP) stack, which layer is responsible for negotiating and establishing a connection with another node?

    <p>A. Transport layer</p> Signup and view all the answers

    Which of the following is used by the Point-to-Point Protocol (PPP) to determine packet formats?

    <p>B. Link Control Protocol (LCP)</p> Signup and view all the answers

    Which of the following operates at the Network Layer of the Open System Interconnection (OSI) model?

    <p>A. Packet filtering</p> Signup and view all the answers

    An external attacker has compromised an organization's network security perimeter and installed a sniffer onto an inside computer. Which of the following is the MOST effective layer of security the organization could have implemented to mitigate the attacker's ability to gain further information?

    <p>D. Implement logical network segmentation at the switches</p> Signup and view all the answers

    An input validation and exception handling vulnerability has been discovered on a critical web-based system. Which of the following is MOST suited to quickly implement a control?

    <p>A. Add a new rule to the application layer firewall</p> Signup and view all the answers

    Which of the following is the BEST network defense against unknown types of attacks or stealth attacks in progress?

    <p>D. Network Behavior Analysis (NBA) tools</p> Signup and view all the answers

    Which of the following factors contributes to the weakness of Wired Equivalent Privacy (WEP) protocol?

    <p>A. WEP uses a small range Initialization Vector (IV)</p> Signup and view all the answers

    A manufacturing organization wants to establish a Federated Identity Management (FIM) system with its 20 different supplier companies. Which of the following is the BEST solution for the manufacturing organization?

    <p>C. Security Assertion Markup language (SAML)</p> Signup and view all the answers

    Which of the following BEST describes an access control method utilizing cryptographic keys derived from a smart card private key that is embedded within mobile devices?

    <p>A. Derived credential</p> Signup and view all the answers

    Users require access rights that allow them to view the average salary of groups of employees. Which control would prevent the users from obtaining an individual employee's salary?

    <p>C. Implement Role Based Access Control (RBAC)</p> Signup and view all the answers

    What is the BEST approach for controlling access to highly sensitive information when employees have the same level of security clearance?

    <p>B. Role-Based Access Control (RBAC)</p> Signup and view all the answers

    Which of the following is of GREATEST assistance to auditors when reviewing system configurations?

    <p>A. Change management processes</p> Signup and view all the answers

    In which of the following programs is it MOST important to include the collection of security process data?

    <p>B. Security continuous monitoring</p> Signup and view all the answers

    A Virtual Machine (VM) environment has five guest Operating Systems (OS) and provides strong isolation. What MUST an administrator review to audit a user's access to data files?

    <p>D. Guest OS audit logs</p> Signup and view all the answers

    Which of the following is a PRIMARY benefit of using a formalized security testing report format and structure?

    <p>D. Technical and management teams will better understand the testing objectives, results of each test phase, and potential impact levels</p> Signup and view all the answers

    Which of the following could cause a Denial of Service (DoS) against an authentication system?

    <p>B. No archiving of audit logs</p> Signup and view all the answers

    An organization is found lacking the ability to properly establish performance indicators for its Web hosting solution during an audit. What would be the MOST probable cause?

    <p>D. Insufficient Service Level Agreement (SLA)</p> Signup and view all the answers

    Which of the following types of business continuity tests includes assessment of resilience to internal and external risks without endangering live operations?

    <p>Parallel</p> Signup and view all the answers

    What is the PRIMARY reason for implementing change management?

    <p>D. Ensure accountability for changes to the environment</p> Signup and view all the answers

    Which of the following is a PRIMARY advantage of using a third-party identity service?

    <p>A. Consolidation of multiple providers</p> Signup and view all the answers

    With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

    <p>C. At a rate concurrent with the volatility of the security control</p> Signup and view all the answers

    What should be the FIRST action to protect the chain of evidence when a desktop computer is involved?

    <p>C. Start documenting</p> Signup and view all the answers

    What is the MOST important step during forensic analysis when trying to learn the purpose of an unknown application?

    <p>B. Ensure chain of custody</p> Signup and view all the answers

    A Business Continuity Plan/Disaster Recovery Plan (BCP/DRP) will provide which of the following?

    <p>D. Protection from loss of organization resources</p> Signup and view all the answers

    Study Notes

    Review and Correction of Nonconformities in Internal Audits of ISMS

    • Nonconformities are identified during an internal audit of an organizational Information Security Management System (ISMS).
    • The organization reviews, assesses, and corrects these nonconformities in the management stage of Operation.
    • The management stage of Planning is not where nonconformities are reviewed, assessed, and corrected.
    • The management stage of Assessment is not where nonconformities are reviewed, assessed, and corrected.
    • The management stage of Improvement is not where nonconformities are reviewed, assessed, and corrected.
    • The organization's internal audit of the ISMS helps identify nonconformities.
    • Nonconformities refer to deviations from established standards or requirements.
    • The organization is responsible for reviewing, assessing, and correcting nonconformities.
    • The management stage of Operation involves the day-to-day activities of the organization.
    • The review, assessment, and correction of nonconformities occur within the operational management stage.
    • The organization's Information Security Management System (ISMS) is subject to internal audits.
    • The internal audits aim to ensure compliance with established standards and identify areas for improvement.

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    More Like This

    Use Quizgecko on...
    Browser
    Browser