Q1. A security consultant has been asked to research an organization's legal obligations to protect privacy-related information. What kind of reading material is MOST relevant to this project? A. The organization's current security policies concerning privacy issues B. Privacy-related regulations enforced by governing bodies applicable to the organization C. Privacy best practices published by recognized security standards organizations D. Organizational procedures designed to protect…
Q1. Refer.to the information below to answer the question. A security practitioner detects client-based attacks on the organization’s network. A plan will be necessary to address these concerns. In addition to web browsers, what PRIMARY areas need to be addressed concerning mobile code used for malicious purposes? A. Text editors, database, and Internet phone applications B. Email, presentation, and database applications C. Image libraries, presentation…
Q1. An organization has decided to contract with a cloud-based service provider to leverage their identity as a service offering. They will use.Open Authentication (OAuth) 2.0 to authenticate external users to the organization's services..As part of the authentication process, which of the following.must.the end user provide? A. An access token B. A username and password C. A username D. A password View AnswerAnswer: A Q2. Which…
Q1. In order for a security policy to be effective within an organization, it MUST include A. strong statements that clearly define the problem. B. a list of all standards that apply to the policy. C. owner information and date of last revision. D. disciplinary measures for non compliance. View AnswerAnswer: D Q2. Which of the following is the BEST mitigation from phishing attacks? A. Network activity…
Q1. When designing a vulnerability test, which one of the following is likely to give the BEST indication of what components currently operate on the network? A. Topology diagrams B. Mapping tools C. Asset register D. Ping testing View AnswerAnswer: B Q2. Multi-threaded applications are more at risk than single-threaded applications to A. race conditions. B. virus infection. C. packet sniffing. D. database injection. View AnswerAnswer: A Q3. A security professional is…
Q1. Which of the following is the MOST beneficial to review when performing an IT audit? A. Audit policy B. Security log C. Security policies D. Configuration settings View AnswerAnswer: C Q2. Which of the following could elicit a.Denial of.Service (DoS).attack against a credential management system? A. Delayed revocation or destruction of credentials B. Modification of Certificate Revocation List C. Unauthorized renewal or re-issuance D. Token use after decommissioning View AnswerAnswer:…
Q1. In a data classification scheme, the data is owned by the A. Information Technology (IT) managers. B. business managers. C. end users. D. system security managers. View AnswerAnswer: B Q2. Which of the following describes the concept of a Single Sign-On (SSO) system? A. Users are authenticated to one system at a time. B. Users are.identified to multiple systems with several credentials. C. Users are authenticated to.multiple systems…
Q1. Without proper signal protection, embedded systems may be prone to which type of attack? A. Brute force B. Tampering C. Information disclosure D. Denial of Service (DoS) View AnswerAnswer: C Q2. Which of the following is the FIRST step of a penetration test plan? A. Analyzing a network diagram of the target network B. Notifying the company's customers C. Obtaining the approval of the company's management D. Scheduling the…
Q1. Which of the following is a limitation of the Common Vulnerability Scoring System (CVSS) as it relates to conducting code review? A. It has normalized severity ratings. B. It has many worksheets and practices to implement. C. It aims to calculate the risk of published vulnerabilities. D. It requires a robust risk management framework to be put in place. View AnswerAnswer: C Q2. An organization's…
Q1. Which of the following assures that rules are followed in an identity management architecture? A. Policy database B. Digital signature C. Policy decision point D. Policy enforcement point View AnswerAnswer: D Q2. A mobile device application that restricts the storage of user information to just that which is needed to accomplish lawful business goals adheres to what privacy principle? A. Onward transfer B. Collection Limitation C. Collector Accountability D.…
Q1. If an attacker in a SYN flood attack uses someone else's valid host address as the source address, the system under attack will send a large number of.Synchronize/Acknowledge (SYN/ACK) packets to the A. default gateway. B. attacker's address. C. local interface being attacked. D. specified source address. View AnswerAnswer: D Q2. From a security perspective, which of the following is a best practice to configure…
Q1. Which of the following is an attacker MOST likely to target to gain privileged access to a system? A. Programs that write to system resources B. Programs that write to user directories C. Log files containing sensitive information D. Log files containing system calls View AnswerAnswer: A Q2. Which security.approach.will BEST.minimize.Personally Identifiable.Information (PII) loss from a data breach? A. A strong breach notification process B. Limited collection…
Q1. Which of the following methods provides the MOST protection for user credentials? A. Forms-based authentication B. Digest authentication C. Basic authentication D. Self-registration View AnswerAnswer: B Q2. An engineer in a software company has created a virus creation tool. The tool can generate thousands of polymorphic viruses. The engineer is planning to use the tool in a controlled environment to test the company's next generation…
Q1. What is the term commonly used to refer to a technique of authenticating one machine to another by forging packets from a trusted source? A. Man-in-the-Middle (MITM) attack B. Smurfing C. Session redirect D. Spoofing View AnswerAnswer: D Q2. Two companies wish to share electronic inventory and purchase orders in a supplier and client relationship. What is the BEST security solution for them? A. Write a…
Q1. An organization publishes and periodically updates its employee policies in a file on their intranet. Which of the following is a PRIMARY security concern? A. Availability B. Confidentiality C. Integrity D. Ownership View AnswerAnswer: C Q2. Refer.to the information below to answer the question. During the investigation of a security incident, it is determined that an unauthorized individual accessed a system which hosts a database containing…
Q1. Which of the following provides the MOST protection against data theft of sensitive information when a laptop is stolen? A. Set up a BIOS and operating system password B. Encrypt the virtual drive where confidential files can be stored C. Implement a mandatory policy in which sensitive data cannot be stored on laptops, but only on the corporate network D. Encrypt the entire…
Q1. Refer.to the information below to answer the question. During the investigation of a security incident, it is determined that an unauthorized individual accessed a system which hosts a database containing financial information. If it is discovered that large quantities of information have been copied by the unauthorized individual, what attribute of the data has been compromised? A. Availability B. Integrity C. Accountability D. Confidentiality View AnswerAnswer:…
Q1. What is the PRIMARY advantage of using automated application security testing tools? A. The application can be protected in the production environment. B. Large amounts of code can be tested using fewer resources. C. The application will fail less when tested using these tools. D. Detailed testing of code functions can be performed. View AnswerAnswer: B Q2. What is one way to mitigate the risk…
Q1. A large university needs to enable student.access to university resources from their homes. Which of the following provides the BEST option for low maintenance and ease of deployment? A. Provide students with Internet Protocol Security (IPSec) Virtual Private Network (VPN) client software. B. Use Secure Sockets Layer (SSL) VPN technology. C. Use Secure Shell (SSH) with public/private keys. D. Require students to purchase…
Q1. Refer.to the information below to answer the question. A large organization uses unique identifiers and requires them at the start of every system session. Application access is based on job classification. The organization is subject to periodic independent reviews of access controls and violations. The organization uses wired and wireless networks and remote access. The organization also uses secure connections…
Q1. Regarding asset security and appropriate retention,.which of the following INITIAL.top three areas are.important.to focus on? A. Security control baselines, access controls, employee awareness and training B. Human resources, asset management, production management C. Supply chain lead time, inventory control, encryption D. Polygraphs, crime statistics, forensics View AnswerAnswer: A Q2. Which of the following secure startup mechanisms are PRIMARILY designed to thwart attacks? A. Timing B. Cold boot C.…
Q1. Which of the following does the Encapsulating Security Payload (ESP) provide? A. Authorization and integrity B. Availability and integrity C. Integrity and confidentiality D. Authorization and confidentiality View AnswerAnswer: C Q2. Which of the following describes the BEST configuration management practice? A. After installing a new system, the configuration files are copied to a separate back-up system and hashed to detect tampering. B. After installing a new…
Q1. Which one of the following considerations has the LEAST impact when considering transmission security? A. Network availability B. Data integrity C. Network bandwidth D. Node locations View AnswerAnswer: C Q2. Which one of the following transmission media is MOST effective in preventing data interception? A. Microwave B. Twisted-pair C. Fiber optic D. Coaxial cable View AnswerAnswer: C Q3. DRAG DROP Place the following information classification steps in.sequential order. View AnswerAnswer: Q4. The goal…
Q1. Which of the following is an advantage of on-premise Credential Management Systems? A. Improved credential interoperability B. Control over system configuration C. Lower infrastructure capital costs D. Reduced administrative overhead View AnswerAnswer: B Q2. Two companies wish to share electronic inventory and purchase orders in a supplier and client relationship. What is the BEST security solution for them? A. Write a Service Level Agreement (SLA) for…
Q1. An internal Service Level Agreement (SLA) covering security is signed by senior managers and is in place. When should compliance to the SLA be reviewed to ensure that a good security posture is being delivered? A. As part of the SLA renewal process B. Prior to a planned security audit C. Immediately after a security breach D. At regularly scheduled meetings View AnswerAnswer: D Q2.…
Q1. An organization publishes and periodically updates its employee policies in a file on their intranet. Which of the following is a PRIMARY security concern? A. Availability B. Confidentiality C. Integrity D. Ownership View AnswerAnswer: C Q2. A system has been scanned for vulnerabilities and has been found to contain a number of communication ports that have been opened without authority. To which of the following…
Q1. Which of the following wraps the decryption key of a full disk encryption implementation and ties the hard disk drive to a particular device? A. Trusted Platform Module (TPM) B. Preboot eXecution Environment (PXE) C. Key Distribution Center (KDC) D. Simple Key-Management for Internet Protocol (SKIP) View AnswerAnswer: A Q2. A disadvantage of an application filtering firewall is that it can lead to A. a crash…
Q1. Which of the following Disaster Recovery (DR) sites is the MOST difficult to test? A. Hot site B. Cold site C. Warm site D. Mobile site View AnswerAnswer: B Q2. Refer.to the information below to answer the question. During the investigation of a security incident, it is determined that an unauthorized individual accessed a system which hosts a database containing financial information. Aside from the potential records…
Q1. Refer.to the information below to answer the question. An organization has hired an information security officer to lead their security department. The officer has adequate people resources but is lacking the other necessary components to have an effective security program. There are numerous initiatives requiring security involvement. The security program can be considered effective when A. vulnerabilities are proactively identified. B. audits are…
Q1. Including a Trusted Platform Module (TPM) in the design of a computer system is an example of a technique to what? A. Interface with the Public Key Infrastructure (PKI) B. Improve the quality of security software C. Prevent Denial of Service (DoS) attacks D. Establish a secure initial state View AnswerAnswer: D Q2. During an audit of system management, auditors find that the system administrator…
Q1. What is the PRIMARY advantage of using automated application security testing tools? A. The application can be protected in the production environment. B. Large amounts of code can be tested using fewer resources. C. The application will fail less when tested using these tools. D. Detailed testing of code functions can be performed. View AnswerAnswer: B Q2. What maintenance activity is responsible for defining, implementing,…
Q1. What is the PRIMARY difference between security policies and security procedures? A. Policies are used to enforce violations, and procedures create penalties B. Policies point to guidelines, and procedures are more contractual in nature C. Policies are included in awareness training, and procedures give guidance D. Policies are generic in nature, and procedures contain operational details View AnswerAnswer: D Q2. Which of the following is…
Q1. Which of the following command line tools can be used in the reconnaisance phase of a network vulnerability assessment? A. dig B. ifconfig C. ipconfig D. nbtstat View AnswerAnswer: A Q2. Which of the following is a method used to prevent Structured Query Language (SQL) injection attacks? A. Data compression B. Data classification C. Data warehousing D. Data validation View AnswerAnswer: D Q3. What should be the INITIAL response to Intrusion Detection…
Q1. Refer.to the information below to answer the question. A new employee is given a laptop computer with full administrator access. This employee does not have a personal computer at home and has a child that uses the computer to send and receive e-mail, search the web, and use instant messaging. The organization’s Information Technology (IT) department discovers that a peer-to-peer…
Q1. By.carefully.aligning.the.pins.in.the.lock, which of the following defines the opening of a mechanical lock without the proper key? A. Lock pinging B. Lock picking C. Lock bumping D. Lock bricking View AnswerAnswer: B Q2. How does an organization verify that.an.information system's.current hardware and software match the standard system configuration? A. By reviewing the configuration after the system goes into production B. By running vulnerability scanning tools on all devices…
Q1. Which of the following is the FIRST action that a system administrator should take when it is revealed during a penetration test that everyone in an organization has unauthorized access to a server holding sensitive data? A. Immediately document the.finding and.report to senior management. B. Use system privileges to alter the permissions to secure the server C. Continue the testing to its…
Q1. What type of test assesses a Disaster Recovery (DR) plan using realistic disaster scenarios while maintaining minimal impact to business operations? A. Parallel B. Walkthrough C. Simulation D. Tabletop View AnswerAnswer: C Q2. Which of the following is considered best.practice.for preventing e-mail spoofing? A. Spam filtering B. Cryptographic signature C. Uniform Resource Locator (URL) filtering D. Reverse Domain Name Service (DNS) lookup View AnswerAnswer: B Q3. Which of the following.is.required to…
Q1. Which of the following is a physical security control that protects Automated Teller Machines (ATM) from skimming? A. Anti-tampering B. Secure card reader C. Radio Frequency (RF) scanner D. Intrusion Prevention System (IPS) View AnswerAnswer: A Q2. What is the MOST effective countermeasure to a malicious code attack.against a.mobile system? A. Sandbox B. Change control C. Memory management D. Public-Key Infrastructure (PKI) View AnswerAnswer: A Q3. Refer.to the information below to…
Q1. If compromised, which of the following would lead to the exploitation of multiple virtual machines? A. Virtual device drivers B. Virtual machine monitor C. Virtual machine instance D. Virtual machine file system View AnswerAnswer: B Q2. In the area of disaster planning and recovery, what strategy entails the presentation of information about the plan? A. Communication B. Planning C. Recovery D. Escalation View AnswerAnswer: A Q3. When planning a penetration test,…
Q1. HOTSPOT Which.Web Services Security (WS-Security) specification.handles the management of security tokens and the underlying policies for granting access? Click on the correct specification in the image below. View AnswerAnswer: Q2. Which of the following is the BEST example of weak management commitment to the protection of security assets and resources? A. poor governance over security processes and procedures B. immature security controls and…
Q1. Which of the following methods can be used to achieve confidentiality.and integrity.for data in transit? A. Multiprotocol Label Switching (MPLS) B. Internet Protocol Security (IPSec) C. Federated identity management D. Multi-factor authentication View AnswerAnswer: B Q2. What is the BEST method to detect the most common improper initialization problems in programming languages? A. Use and specify a strong character encoding. B. Use automated static analysis tools that…
Q1. In Business Continuity Planning (BCP), what is the importance of documenting business processes? A. Provides senior management with decision-making tools B. Establishes and adopts ongoing testing and maintenance strategies C. Defines who will perform which functions during a disaster or emergency D. Provides an understanding of the organization's interdependencies View AnswerAnswer: D Q2. The BEST example of the concept of "something that a user has"…
Q1. During an investigation of database theft from an organization's web site, it was determined that the Structured Query Language (SQL) injection technique was used despite input validation with client-side scripting. Which of the following provides the GREATEST protection against the same attack occurring again? A. Encrypt communications between the servers B. Encrypt the web server traffic C. Implement server-side filtering D. Filter outgoing…
Q1. A system is developed so that its business users can perform business functions but not user administration functions. Application administrators can perform administration functions but not user business functions. These capabilities are BEST described as A. least privilege. B. rule based access controls. C. Mandatory Access Control (MAC). D. separation of duties. View AnswerAnswer: D Q2. Sensitive customer data is going to be added to…
Q1. Which of the following are required components for implementing software configuration management systems? A. Audit control and signoff B. User training and acceptance C. Rollback and recovery processes D. Regression testing and evaluation View AnswerAnswer: C Q2. A large university needs to enable student.access to university resources from their homes. Which of the following provides the BEST option for low maintenance and ease of deployment? A.…
Q1. The World Trade Organization's (WTO) agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPS) requires authors of computer software to be given the A. right to refuse or permit commercial rentals. B. right to disguise the software's geographic origin. C. ability to tailor security parameters based on location. D. ability to confirm license authenticity of.their works. View AnswerAnswer: A Q2. Copyright provides protection for which…
Q1. A security professional has just completed their organization's Business Impact Analysis (BIA). Following Business Continuity Plan/Disaster Recovery Plan (BCP/DRP) best practices, what would be the professional's NEXT step? A. Identify and select recovery strategies. B. Present the findings to management for funding. C. Select members for the organization's recovery teams. D. Prepare a plan to test the organization's ability to recover its operations. View…
Q1. The.Hardware Abstraction Layer (HAL).is implemented in the A. system software. B. system hardware. C. application software. D. network hardware. View AnswerAnswer: A Q2. An organization is selecting a service provider to assist in the consolidation of multiple computing sites including development, implementation and ongoing support of various computer systems. Which of the following MUST be verified by the Information Security Department? A. The service provider's policies…
Q1. What component of a web application that stores the session state in a cookie can be bypassed by an attacker? A. An initialization check B. An identification check C. An authentication check D. An authorization check View AnswerAnswer: C Q2. Disaster Recovery Plan (DRP) training material should be A. consistent so that all audiences receive the same training. B. stored in a fire proof safe to ensure…
Q1. An organization has hired a security services firm to conduct a penetration test. Which of the following will the organization provide to the tester? A. Limits and scope of the testing. B. Physical location of server room and wiring closet. C. Logical location of filters and concentrators. D. Employee directory and organizational chart. View AnswerAnswer: A Q2. HOTSPOT Which.Web Services Security (WS-Security) specification.handles the management of…
Q1. In the area of disaster planning and recovery, what strategy entails the presentation of information about the plan? A. Communication B. Planning C. Recovery D. Escalation View AnswerAnswer: A Q2. After acquiring the latest security updates, what must be done before deploying to production systems? A. Use tools to detect missing system patches B. Install the patches on a test system C. Subscribe to notifications for vulnerabilities D. Assess…
Q1. A software scanner identifies a region within a binary image having high entropy. What does this MOST likely indicate? A. Encryption routines B. Random number generator C. Obfuscated code D. Botnet command and control View AnswerAnswer: C Q2. Multi-Factor Authentication (MFA) is necessary in many systems given common types of password attacks. Which of the following is a correct list of password attacks? A. Masquerading, salami,…
Q1. Refer.to the information below to answer the question. An organization experiencing a negative financial impact is forced to reduce budgets and the number of Information Technology (IT) operations staff performing basic logical access security administration functions. Security processes have been tightly integrated into normal IT operations and are not separate and distinct roles. Which of the following will MOST likely allow…
