Q1. What is the PRIMARY difference between security policies and security procedures?
A. Policies are used to enforce violations, and procedures create penalties
B. Policies point to guidelines, and procedures are more contractual in nature
C. Policies are included in awareness training, and procedures give guidance
D. Policies are generic in nature, and procedures contain operational details
Answer: D
Q2. Which of the following is the PRIMARY benefit of a formalized information classification program?
A. It drives audit processes.
B. It supports risk assessment.
C. It reduces asset vulnerabilities.
D. It minimizes system logging requirements.
Answer: B
Q3. Refer.to the information below to answer the question.
During the investigation of a security incident, it is determined that an unauthorized individual accessed a system which hosts a database containing financial information.
If it is discovered that large quantities of information have been copied by the unauthorized individual, what attribute of the data has been compromised?
A. Availability
B. Integrity
C. Accountability
D. Confidentiality
Answer: D
Q4. Which of the following is a BEST practice when traveling internationally with laptops containing Personally Identifiable Information (PII)?
A. Use a thumb drive to transfer information from a foreign computer.
B. Do not take.unnecessary.information, including sensitive information.
C. Connect the laptop only to well-known networks like the hotel or public Internet cafes.
D. Request international points of contact help scan the laptop on arrival to ensure it is protected..
Answer: B
Q5. The amount of data that will be collected during an audit is PRIMARILY determined by the
A. audit scope.
B. auditor's experience level.
C. availability of the data.
D. integrity of the data.
Answer: A
Q6. Refer.to the information below to answer the question.
A large organization uses unique identifiers and requires them at the start of every system session. Application access is based on job classification. The organization is subject to periodic independent reviews of access controls and violations. The organization uses wired and wireless networks and remote access. The organization also uses secure connections to branch offices and secure backup and recovery strategies for selected information and processes.
What MUST the access control logs contain in addition to the identifier?
A. Time of the access
B. Security classification
C. Denied access attempts
D. Associated clearance
Answer: A
Q7. When is security personnel involvement in the Systems Development Life Cycle (SDLC) process MOST beneficial?
A. Testing phase
B. Development phase
C. Requirements definition phase
D. Operations and maintenance phase
Answer: C
Q8. Which of the following BEST describes the purpose of the security functional requirements of Common Criteria?
A. Level of assurance of the Target of Evaluation (TOE) in intended operational environment
B. Selection to meet the security objectives stated in test documents
C. Security behavior expected of a TOE
D. Definition of the roles and responsibilities
Answer: C
Q9. What technique BEST describes antivirus software that detects viruses by watching anomalous behavior?
A. Signature
B. Inference
C. Induction
D. Heuristic
Answer: D
Q10. Which of the following is an attacker MOST likely to target to gain privileged access to a system?
A. Programs that write to system resources
B. Programs that write to user directories
C. Log files containing sensitive information
D. Log files containing system calls
Answer: A
Q11. Which one of the following is the MOST important in designing a biometric access system if it is essential that no one other than authorized individuals are admitted?
A. False Acceptance Rate (FAR)
B. False Rejection Rate (FRR)
C. Crossover Error Rate (CER)
D. Rejection Error Rate
Answer: A
Q12. What is the PRIMARY goal for using Domain Name System.Security Extensions (DNSSEC) to sign records?
A. Integrity
B. Confidentiality
C. Accountability
D. Availability
Answer: A
Q13. An auditor carrying out a compliance audit requests passwords that are encrypted in the system to verify that the passwords are compliant with policy. Which of the following is the BEST response to the auditor?
A. Provide the encrypted passwords and analysis tools to the auditor for analysis.
B. Analyze the encrypted passwords for the auditor and show them the results.
C. Demonstrate that non-compliant passwords cannot be created in the system.
D. Demonstrate that non-compliant passwords cannot be encrypted in the system.
Answer: C
Q14. What do Capability Maturity Models (CMM) serve as a benchmark for in an organization?
A. Experience in the industry
B. Definition of security profiles
C. Human resource planning efforts
D. Procedures in systems development
Answer: D
Q15. In the Open System Interconnection (OSI) model, which layer is responsible for the transmission of binary data over a communications network?
A. Application Layer
B. Physical Layer
C. Data-Link Layer
D. Network Layer
Answer: B