Q1. If an attacker in a SYN flood attack uses someone else's valid host address as the source address, the system under attack will send a large number of.Synchronize/Acknowledge (SYN/ACK) packets to the
A. default gateway.
B. attacker's address.
C. local interface being attacked.
D. specified source address.
Answer: D
Q2. From a security perspective, which of the following is a best practice to configure a Domain Name Service (DNS) system?
A. Configure secondary servers to use the primary server as a zone forwarder.
B. Block all Transmission Control Protocol (TCP) connections.
C. Disable all recursive queries on the name servers.
D. Limit zone transfers to authorized devices.
Answer: D
Q3. Which of the following is the BEST reason to review audit logs periodically?
A. Verify they are operating properly
B. Monitor employee productivity
C. Identify anomalies in use patterns
D. Meet compliance regulations
Answer: C
Q4. The application of which of the following standards would BEST reduce the potential for data breaches?
A. ISO 9000
B. ISO 20121
C. ISO 26000
D. ISO 27001
Answer: D
Q5. Which item below is a federated identity standard?
A. 802.11i
B. Kerberos
C. Lightweight Directory Access Protocol (LDAP)
D. Security Assertion Markup Language (SAML)
Answer: D
Q6. Which one of the following effectively obscures network addresses from external exposure when implemented on a firewall or router?
A. Network Address Translation (NAT)
B. Application Proxy
C. Routing Information Protocol (RIP) Version 2
D. Address Masking
Answer: A
Q7. Which of the following is the best practice for testing a Business Continuity Plan (BCP)?
A. Test.before the IT Audit
B. Test when environment changes
C. Test after installation of security patches
D. Test after implementation of system patches
Answer: B
Q8. Discretionary Access Control (DAC) restricts access according to
A. data classification labeling.
B. page views within an application.
C. authorizations granted to the user.
D. management accreditation.
Answer: C
Q9. During a fingerprint verification process, which of the following is used to verify identity and authentication?
A. A pressure value is compared with a stored template
B. Sets of digits are matched with stored values
C. A hash table is matched to a database of stored value
D. A template of minutiae is compared with a stored template
Answer: D
Q10. How can lessons learned from business continuity training and actual recovery incidents BEST be used?
A. As a means for improvement
B. As alternative options for awareness and training
C. As indicators of a need for policy
D. As business function gap indicators
Answer: A
Q11. Which of the following is an essential step before performing Structured Query Language (SQL) penetration tests on a production system?
A. Verify countermeasures have been deactivated.
B. Ensure firewall logging has been activated.
C. Validate target systems have been backed up.
D. Confirm warm site is ready to accept connections.
Answer: C
Q12. Which of the following is a security limitation of File Transfer Protocol (FTP)?
A. Passive FTP is not compatible with web browsers.
B. Anonymous access is allowed.
C. FTP uses Transmission Control Protocol (TCP) ports 20 and 21.
D. Authentication is not encrypted.
Answer: D
Q13. After acquiring the latest security updates, what must be done before deploying to production systems?
A. Use tools to detect missing system patches
B. Install the patches on a test system
C. Subscribe to notifications for vulnerabilities
D. Assess the severity of the situation
Answer: B
Q14. The World Trade Organization's (WTO) agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPS) requires authors of computer software to be given the
A. right to refuse or permit commercial rentals.
B. right to disguise the software's geographic origin.
C. ability to tailor security parameters based on location.
D. ability to confirm license authenticity of.their works.
Answer: A
Q15. DRAG DROP
Drag the following Security Engineering terms on the left to the BEST definition on the right.
Answer: