Chapter 14

Question 1

Which of the following terms identifies the process of reviewing log files for suspicious activity and threshold compliance?

Phishing
Scanning
CompSec
Auditing

Answer 1

Auditing

Question 2

Which of the following is a collection of recorded data that may include details about logons, object access, and other activities deemed important by your security policy and is often used to detect unwanted and unauthorized user activity?

Audit trail
Chain of custody
Syslog
CPS (Certificate Practice Statement)

Answer 2

Audit trail

Question 3

A recreation of historical events is made possible through which of the following?

Incident reports
Audit trails
Audits
Penetration testing

Answer 3

Audit trails

Question 4

Which type of audit is performed by either a consultant or an auditing firm employee?

External audit
Financial audit
Usage audit
Internal audit

Answer 4

External audit

Question 5

Which of the following is true concerning internal audits?

The process is very formal.
They are generally nonobjective.
They are always highly rigorous.
The auditor works independently.

Answer 5

They are generally nonobjective.

Question 6

Which of the following standards relates to the use of credit cards?

Financial audit
SOX
PCI DSS
PoLP

Answer 6

PCI DSS

Question 7

Which of the following describes privilege auditing?

No single user is granted sufficient privileges to compromise the security of an entire environment.

Users’ and groups’ rights and privileges are checked to guard against creeping privileges.

An employee is granted the minimum privileges required to perform the duties of his or her position.

Users’ activities are logged to document incidents for security investigations and incident response.

Answer 7

Users’ and groups’ rights and privileges are checked to guard against creeping privileges.

Question 8

Which component of an IT security audit evaluates defense in depth and IT-related fraud?

User access and rights review
Financial audit
External audit
Risk evaluation

Answer 8

Risk evaluation

Question 9

Which of the following is a government audit by the SEC that relates to internal controls and focuses on IT security, access controls, data backup, change management, and physical security?

PCI DSS
Financial audit
PoLP
SOX

Answer 9

SOX

Question 10

Which of the following types of auditing verifies that systems are utilized appropriately and in accordance with written organizational policies?

Financial audit
Internal audit
PoLP
Usage audit

Answer 10

Usage audit

Question 11

Which of the following are control categories? (Select three.)

Technical
Deterrent
Preventative
Physical
Compensating
Operational
Managerial

Answer 11

Technical
Operational
Managerial

Question 12

Which of the following BEST describes compensating controls?

Partial control solution that is implemented when a control cannot fully meet a requirement.

Attempts to fix any controls that aren’t working properly.

Discourages malicious actors from attempting to breach a network.

Monitors network activity and informs the security team of a potential security event.

Answer 12

Partial control solution that is implemented when a control cannot fully meet a requirement.

Question 13

Which type of control is used to discourage malicious actors from attempting to breach a network?

Preventative
Physical
Deterrent
Detective

Answer 13

Deterrent

Question 14

Which type of control makes use of policies, DPRs, and BCPs?

Preventative
Managerial
Technical
Operational

Answer 14

Managerial

Question 15

Which of the following is an example of a preventative control type?

An advanced network appliance
Intrusion detection systems
Network monitoring applications
Real-time monitoring alerts

Answer 15

An advanced network appliance

Question 16

Which ISO publication lays out guidelines for selecting and implementing security controls?

27001
31000
27002
27701

Answer 16

27002

Question 17

Which of the following frameworks introduced the first cloud-centric individual certification?

NIST
ISO
CCM
CSA

Answer 17

CSA

Question 18

Which type of report is used for marketing and letting future partners know that compliance has been met?

ISO 27001
SOC Type II
ISO 31000
SOC Type III

Answer 18

SOC Type III

Question 19

Which of the following security frameworks is used by the federal government and all its departments, including the Department of Defense?

CSA
ISO
SOC Type II/III
NIST

Answer 19

NIST

Question 20

Which SOC type reports focus on predetermined controls that are audited and a detailed report that attests to a company’s compliance?

II
I
III
IV

Answer 20

II

Question 21

Your organization has discovered that an overseas company has reverse-engineered and copied your main product and is now selling a counterfeit version.

Which of the following BEST describes the type of consequence your organization has suffered?

Reputation damage
IP theft
Fines
Escalation

Answer 21

IP theft

Question 22

Your organization has suffered a data breach, and it was made public. As a result, stock prices have fallen, as consumers no longer trust the organization.

Which of the following BEST describes the type of consequence your organization has suffered due to the breach?

Notifications
IP theft
Identity theft
Reputation damage

Answer 22

Reputation damage

Question 23

If you lose your wallet or purse and it ends up in the wrong hands, several pieces of information could be used to do personal harm to you. These pieces of information include the following:

Name and address

Driver license number

Credit card numbers

Date of birth

Which of the following classifications does this information fall into?

Private internal information
Private restricted information
Proprietary information
Personally identifiable information (PII)

Answer 23

Personally identifiable information (PII)

Question 24

The lowest level of classified information used by the military. Release of this information could cause damage to military efforts.

Unclassified
Sensitive But Unclassified
Confidential
Secret
Top Secret

Answer 24

Confidential

Question 25

If this information is released, it poses grave consequences to national security.

Unclassified
Sensitive But Unclassified
Confidential
Secret
Top Secret

Answer 25

Top Secret

Question 26

This information can be accessed by the public and poses no security threat.

Unclassified
Sensitive But Unclassified
Confidential
Secret
Top Secret

Answer 26

Unclassified

Question 27

If this information is disclosed, it could cause some harm, but not a national disaster.

Unclassified
Sensitive But Unclassified
Confidential
Secret
Top Secret

Answer 27

Sensitive But Unclassified

Question 28

If this information is disclosed, it could cause severe and permanent damage to military actions.

Unclassified
Sensitive But Unclassified
Confidential
Secret
Top Secret

Answer 28

Secret

Question 29

Which of the following laws was designed to protect a child’s information on the internet?

CCPA
GDPR
GLBA
COPPA

Answer 29

COPPA

Question 30

Which of the following government acts protects medical records and personal health information?

FISMA
HIPAA
FACTA
ACA

Answer 30

HIPAA

Question 31

HIPAA is a set of federal regulations that define security guidelines. What do HIPAA guidelines protect?

Non-repudiation
Availability
Privacy
Integrity

Answer 31

Privacy

Question 32

Which of the following is the LEAST reliable means of cleaning or purging media?

Degaussing
Overwriting every sector with alternating 1s and 0s
OS low-level formatting
Drive controller hardware-level formatting

Answer 32

Degaussing

Question 33

When you dispose of a computer or sell used hardware, it is crucial that none of the data on the hard disks can be recovered.

Which of the following actions can you take to ensure that no data is recoverable?

Damage the hard disks so badly that all data remanence is gone.
Delete all files from all the hard disks in the computer.
Encrypt all data on the hard disks.
Reformat all the hard disks in the computer.

Answer 33

Damage the hard disks so badly that all data remanence is gone.

Question 34

Which of the following data destruction techniques uses a punch press or hammer system to crush a hard disk?

Degaussing
Shredding
Pulverizing
Pulping
Purging

Answer 34

Pulverizing