Q1. Which of the following does the Encapsulating Security Payload (ESP) provide?
A. Authorization and integrity
B. Availability and integrity
C. Integrity and confidentiality
D. Authorization and confidentiality
Answer: C
Q2. Which of the following describes the BEST configuration management practice?
A. After installing a new system, the configuration files are copied to a separate back-up system and hashed to detect tampering.
B. After installing a new system, the configuration files are copied to an air-gapped system and hashed to detect tampering.
C. The firewall rules are backed up to an air-gapped system.
D. A baseline configuration is created and maintained for all relevant systems.
Answer: D
Q3. Which of the following is the BEST example of weak management commitment to the protection of security assets and resources?
A. poor governance over security processes and procedures
B. immature security controls and procedures
C. variances against regulatory requirements
D. unanticipated increases in security incidents and threats
Answer: A
Q4. During an audit, the auditor finds evidence of potentially illegal activity. Which of the following is the MOST appropriate action to take?
A. Immediately call the police
B. Work with the client to resolve the issue internally
C. Advise.the.person performing the illegal activity to cease and desist
D. Work with the client to report the activity to the appropriate authority
Answer: D
Q5. Secure Sockets Layer (SSL) encryption protects
A. data at rest.
B. the source IP address.
C. data transmitted.
D. data availability.
Answer: C
Q6. Which of the following BEST describes Recovery Time Objective (RTO)?
A. Time of data validation after disaster
B. Time of data restoration from backup after disaster
C. Time of application resumption after disaster
D. Time of application verification after disaster
Answer: C
Q7. After acquiring the latest security updates, what must be done before deploying to production systems?
A. Use tools to detect missing system patches
B. Install the patches on a test system
C. Subscribe to notifications for vulnerabilities
D. Assess the severity of the situation
Answer: B
Q8. Which of the following is TRUE about Disaster Recovery Plan (DRP) testing?
A. Operational networks are usually shut down during testing.
B. Testing should continue even if components of the test fail.
C. The company is fully prepared for a disaster if all tests pass.
D. Testing should not be done until the entire disaster plan can be tested.
Answer: B
Q9. The Structured Query Language (SQL) implements Discretionary Access Controls (DAC) using
A. INSERT and DELETE.
B. GRANT and REVOKE.
C. PUBLIC.and PRIVATE.
D. ROLLBACK.and TERMINATE.
Answer: B
Q10. Which of the following is an authentication protocol in which a new random number is generated uniquely for each login session?
A. Challenge Handshake Authentication Protocol (CHAP)
B. Point-to-Point Protocol (PPP)
C. Extensible Authentication Protocol (EAP)
D. Password Authentication Protocol (PAP)
Answer: A
Q11. Which of the following is a security feature of Global Systems for Mobile Communications (GSM)?
A. It uses a Subscriber Identity Module (SIM) for authentication.
B. It uses encrypting techniques for all communications.
C. The radio spectrum is divided with multiple frequency carriers.
D. The signal is difficult to read as it provides end-to-end encryption.
Answer: A
Q12. A security professional is asked to provide a solution that restricts a.bank.teller to only perform a savings deposit transaction but allows a supervisor to perform corrections after the transaction. Which of the following is the MOST effective solution?
A. Access is based on rules.
B. Access is determined by the system.
C. Access is based on user's role.
D. Access is based on data sensitivity.
Answer: C
Q13. HOTSPOT
Identify the component that MOST likely lacks digital accountability related to.information access.
Click on the correct device in the image below.
Answer:
Q14. Which of the following assures that rules are followed in an identity management architecture?
A. Policy database
B. Digital signature
C. Policy decision point
D. Policy enforcement point
Answer: D
Q15. Which of the following is an appropriate source for test data?
A. Production.data that is secured and maintained only in the production environment.
B. Test data that has no similarities to production.data.
C. Test data that is mirrored and kept up-to-date with production data.
D. Production.data that has been.sanitized before loading into a test environment.
Answer: D