Q1. A system is developed so that its business users can perform business functions but not user administration functions. Application administrators can perform administration functions but not user business functions. These capabilities are BEST described as
A. least privilege.
B. rule based access controls.
C. Mandatory Access Control (MAC).
D. separation of duties.
Answer: D
Q2. Sensitive customer data is going to be added to a database. What is the MOST effective implementation for ensuring data privacy?
A. Discretionary Access Control (DAC) procedures
B. Mandatory Access Control (MAC) procedures
C. Data link encryption
D. Segregation of duties
Answer: B
Q3. During a fingerprint verification process, which of the following is used to verify identity and authentication?
A. A pressure value is compared with a stored template
B. Sets of digits are matched with stored values
C. A hash table is matched to a database of stored value
D. A template of minutiae is compared with a stored template
Answer: D
Q4. Which of the following is the BIGGEST weakness when using native Lightweight Directory Access Protocol (LDAP) for authentication?
A. Authorizations are not included in the server response
B. Unsalted hashes are passed over the network
C. The authentication session can be replayed
D. Passwords are passed in cleartext
Answer: D
Q5. How can a forensic specialist exclude from examination a large percentage of operating system files residing on a copy of the target system?
A. Take another backup of the media in question then delete all irrelevant operating system files.
B. Create a comparison database of cryptographic hashes of the files from a system with the same operating system and patch level.
C. Generate a message digest (MD) or secure hash on the drive image to detect tampering of the media being examined.
D. Discard harmless files for the operating system, and known installed programs.
Answer: B
Q6. Which of the following is an authentication protocol in which a new random number is generated uniquely for each login session?
A. Challenge Handshake Authentication Protocol (CHAP)
B. Point-to-Point Protocol (PPP)
C. Extensible Authentication Protocol (EAP)
D. Password Authentication Protocol (PAP)
Answer: A
Q7. The process of mutual authentication involves a computer system authenticating a user and authenticating the
A. user to the audit process.
B. computer system to the user.
C. user's access to all authorized objects.
D. computer system to the audit process.
Answer: B
Q8. Which of the following is critical for establishing an initial baseline for software components in the operation and maintenance of applications?
A. Application monitoring procedures
B. Configuration control procedures
C. Security audit procedures
D. Software patching procedures
Answer: B
Q9. Refer.to the information below to answer the question.
A large organization uses unique identifiers and requires them at the start of every system session. Application access is based on job classification. The organization is subject to periodic independent reviews of access controls and violations. The organization uses wired and wireless networks and remote access. The organization also uses secure connections to branch offices and secure backup and recovery strategies for selected information and processes.
Following best practice, where should the permitted access for each department and job classification combination be specified?
A. Security procedures
B. Security standards
C. Human resource policy
D. Human resource standards
Answer: B
Q10. Which of the following is the PRIMARY benefit of implementing.data-in-use controls?
A. If the data is lost, it must be decrypted to be opened.
B. If the data is lost, it will not be accessible to unauthorized users.
C. When the data is being viewed, it can only be printed by.authorized users.
D. When the data is being viewed, it must be accessed using secure protocols.
Answer: C
Q11. Which of the following is the BEST method to assess the effectiveness of an organization's vulnerability management program?
A. Review automated patch deployment reports
B. Periodic third party vulnerability assessment
C. Automated vulnerability scanning
D. Perform vulnerability scan by security team
Answer: B
Q12. The PRIMARY outcome of a certification process is that it provides documented
A. system weaknesses for remediation.
B. standards for security assessment, testing, and process evaluation.
C. interconnected systems and their implemented security controls.
D. security analyses needed to make a risk-based decision.
Answer: D
Q13. Which of the following analyses is performed to protect information assets?
A. Business impact analysis
B. Feasibility analysis
C. Cost benefit analysis
D. Data analysis
Answer: A
Q14. Refer.to the information below to answer the question.
An organization has hired an information security officer to lead their security department. The officer has adequate people resources but is lacking the other necessary components to have an effective security program. There are numerous initiatives requiring security involvement.
Which of the following is considered the MOST important priority for the information security officer?
A. Formal acceptance of the security strategy
B. Disciplinary actions taken against unethical behavior
C. Development of an awareness program for new employees
D. Audit of all organization system configurations for faults
Answer: A
Q15. Retaining system logs for six months or longer can be valuable for what activities?.
A. Disaster recovery and business continuity
B. Forensics and incident response
C. Identity and authorization management
D. Physical and logical access control
Answer: B