Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. Which of the following Disaster Recovery (DR) sites is the MOST difficult to test?
A. Hot site
B. Cold site
C. Warm site
D. Mobile site
Answer: B
Q2. Refer.to the information below to answer the question.
During the investigation of a security incident, it is determined that an unauthorized individual accessed a system which hosts a database containing financial information.
Aside from the potential records which may have been viewed, which of the following should be the PRIMARY concern regarding the database information?
A. Unauthorized database changes
B. Integrity of security logs
C. Availability of the database
D. Confidentiality of the incident
Answer: A
Q3. What do Capability Maturity Models (CMM) serve as a benchmark for in an organization?
A. Experience in the industry
B. Definition of security profiles
C. Human resource planning efforts
D. Procedures in systems development
Answer: D
Q4. What is the.BEST.first step.for determining if the appropriate security controls are in place for protecting data at rest?
A. Identify regulatory requirements
B. Conduct a risk assessment
C. Determine.business drivers
D. Review the.security baseline configuration
Answer: B
Q5. What would be the PRIMARY concern when designing and coordinating a security assessment for an Automatic Teller Machine (ATM) system?
A. Physical access to the electronic hardware
B. Regularly scheduled maintenance process
C. Availability of the network connection
D. Processing delays
Answer: A
Q6. Which of the following is a network intrusion detection technique?
A. Statistical anomaly
B. Perimeter intrusion
C. Port scanning
D. Network spoofing
Answer: A
Q7. What is the FIRST step in developing a security test and its evaluation?
A. Determine testing methods
B. Develop testing procedures
C. Identify all applicable security requirements
D. Identify people, processes, and products not in compliance
Answer: C
Q8. With data labeling, which of the following MUST be the key decision maker?
A. Information security
B. Departmental management
C. Data custodian
D. Data owner
Answer: D
Q9. Who is ultimately responsible to ensure that information assets are categorized and adequate measures are taken to protect them?
A. Data Custodian
B. Executive Management
C. Chief Information Security Officer
D. Data/Information/Business Owners
Answer: B
Q10. Discretionary Access Control (DAC) is based on which of the following?
A. Information source and destination
B. Identification of subjects and objects
C. Security labels and privileges
D. Standards and guidelines
Answer: B
Q11. Which of the following is the MOST effective attack against cryptographic hardware modules?
A. Plaintext.
B. Brute force
C. Power analysis
D. Man-in-the-middle (MITM)
Answer: C
Q12. HOTSPOT
Which.Web Services Security (WS-Security) specification.handles the management of security tokens and the underlying policies for granting access? Click on the correct specification in the image below.
Answer:
Q13. Refer.to the information below to answer the question.
In a Multilevel Security (MLS) system, the following sensitivity labels are used in increasing levels of sensitivity: restricted, confidential, secret, top secret. Table A lists the clearance levels for four users, while Table B lists the security classes of four different files.
In a Bell-LaPadula system, which user cannot write to File 3?
A. User A
B. User B
C. User C
D. User D
Answer: D
Q14. When building a data center, site location and construction factors that increase the level of vulnerability to physical threats include
A. hardened building construction with consideration of seismic factors.
B. adequate distance from and lack of access to adjacent buildings.
C. curved roads approaching the data center.
D. proximity to high crime areas of the city.
Answer: D
Q15. Which of the following is a method used to prevent Structured Query Language (SQL)
injection attacks?
A. Data compression
B. Data classification
C. Data warehousing
D. Data validation
Answer: D