Domain 1: Security Principles

Question 1

Which region enacted comprehensive legislation addressing personal privacy in 2016?

Answer 1

European Union

Question 2

What is the purpose of implementing security controls in the risk management process?

Answer 2

To mitigate減輕 the risk to an acceptable level

Question 3

If a pickpocket is a threat, what would be their attack vector?

Answer 3

Their technique and approach

Question 4

How do companies that offer identity theft insurance manage their own financial risk?

Answer 4

By calculating premium payments against potential payouts

Question 5

What term is used to refer to information that, when combined with other pieces of data, significantly narrows缩小 the possibility of association with more individuals?

Answer 5

Personally Identifiable Information (PII)个人身份信息

Question 6

What potential risk can occur when a remote worker’s laptop is left unattended or unlocked?

Answer 6

Accidental introduction of unauthorized software with malware

Question 7

In the United States, which act governs the privacy of medical information?

Answer 7

HIPAA

Question 8

In e-commerce and electronic transactions, what does non-repudiation protect against?

Answer 8

Falsely虛假地 denying transactions

Question 9

What is an “asset” in the context of risk management terminology?

Answer 9

Something in need of protection

Question 10

Who is responsible for determining risk tolerance in an organization?

Answer 10

Executive management and board of directors

Question 11

Executive management and board of directors

Answer 11

Evaluate the likelihood of the event and take appropriate actions to mitigate the risk

Question 12

Which regulation grants data protection and control to individuals within the EU, regardless of citizenship?

Answer 12

General Data Protection Regulation (GDPR)

Question 13

What role might security professionals play in risk assessment at a system level?

Answer 13

Assisting in risk assessment at a system level

Security professionals are likely to assist in risk assessment at a system level, focusing on process, control, monitoring, or incident response and recovery activities.

Question 14

Who is responsible for identifying risks within an organization?

Answer 14

Employees at all levels of the organization

Question 15

What is an example of a physical control?

Answer 15

Walls, fences, guards, locks

Question 16

According to the code of ethics, what are information security professionals expected to uphold堅持?

Answer 16

Be honorable, honest, just and responsible within legal conduct

Question 17

Multifactor authentication involves using two or more instances of different authentication factors.

Which of the following are considered a widely accepted factor for authentication?

Answer 17

Something you have
Something you are
Something you know

Question 18

Kristal is the security administrator for a large online service provider. Kristal learns that the company is harvesting the personal data of its customers and sharing the data with local governments where the company operates, without the knowledge of the users, to allow the governments to persecute users on the basis of their political and philosophical beliefs.

The published user agreement states that the company will not share personal user data with any entities without the users’ explicit permission.

According to the ISC2 Code of Ethics, to whom does Kristal ultimately owe a duty in this situation?

Answer 18

The users

Question 19

What is the primary purpose of the ISC2 Code of Ethics?

Answer 19

Ensuring the safety and welfare of society and the common good

Question 20

While taking the certification exam for this certification, you notice another candidate for the certification cheating.

What should you do?

Answer 20

Report the candidate to ISC2

Question 21

What type of authentication process is used at the bank with an ATM card?

Answer 21

Two-factor authentication

The use of an ATM card (something you have) and a PIN (something you know) at the bank, providing two different factors of authentication.

Question 22

What type of cyber attack often targets the availability of data?

Answer 22

Ransomware attacks勒索軟體

Ransomware attacks often target the availability of data by locking up systems and blocking access to vital information and services. Access is typically restored only after a ransom is paid.

Question 23

What does knowledge-based authentication involve?

Answer 23

Differentiating between authorized and unauthorized users using a passphrase or secret code

passphrase or secret code (e.g., PIN or password)

Question 24

What is the purpose of using a risk matrix?

Answer 24

To prioritize risks based on likelihood and impact

Question 25

What measures would a trauma center be most likely to take to ensure zero tolerance for power failure?

Answer 25

Redundancy in emergency power supplies, battery backup, and generators

Question 26

Which of the following is NOT one of the four typical ways of managing risk?

Answer 26

Conflate 合併

typical ways of managing risk:
Avoidance
Acceptance
Mitigation
Transfer

Question 27

When a company chooses to ignore a risk and proceed with a risky activity, which treatment is being applied by default?

Answer 27

Acceptance

Question 28

What is risk tolerance often likened to?

Answer 28

Risk appetite

Question 29

Siobhan is deciding whether to make a purchase online; the vendor wants Siobhan to create a new user account and is requesting Siobhan’s full name, home address, credit card number, phone number, email address, the ability to send marketing messages to Siobhan, and permission to share this data with other vendors.

Siobhan decides that the item for sale is not worth the value of Siobhan’s personal information, and decides to not make the purchase.

What kind of risk management approach did Siobhan make?

Answer 29

Avoidance

Question 30

What is done with the result of the risk assessment process?

Answer 30

It is presented as a report or presentation to the management

Question 31

A chief information security officer (CISO) at a large organization documented a policy that establishes the acceptable use of cloud environments for all staff.

Answer 31

Management/Administrative control

Policies, standards, processes, procedures and guidelines set by corporate administrative entities (e.g., executive- and/or mid-level management) are management/administrative controls.

Question 32

Software security practitioners seek to maintain the CIA of systems and software based on business needs.

Which aspect of the CIA is focused on guaranteeing that authorized subjects are granted uninterrupted access to objects in a timely fashion?

Answer 32

Availability

Question 33

What is the correct sequence of the elements in governance, starting from the highest level?

Answer 33

Regulations, standards, policies, procedures

Question 34

Guillermo is the system administrator for a midsized retail organization. Guillermo has been tasked with writing a document that describes, step-by-step, how to securely install the operating system on a new laptop.

This document is an example of a ________.

Answer 34

Procedure

Question 35

Lankesh is the security administrator for a small food distribution company. A new law is published by the country in which Lankesh’s company operates; the law conflicts with the company’s policies.

Which governance element should Lankesh’s company follow?

Answer 35

The law

Question 36

What term is sometimes used interchangeably可交替地 with “incident management”?

Question 37

What is the purpose of a red book in the context of business continuity?

Answer 37

To serve as a hard copy backup accessible outside the facility , containing outlined procedures in case electronic access is unavailable.

Question 38

Why are notification systems and call trees important in a business continuity plan?

Answer 38

To alert personnel when the BCP is being enacted實行

Question 39

What is a key outcome of a Business Impact Analysis (BIA)?

Answer 39

Identification of functions and dependencies

Question 40

In the United States, what type of networks can be used to maintain essential activity during a severe cyberattack that affects communications?

Answer 40

Military-grade networks

Question 41

What is the first phase in the components of an incident response plan?

Answer 41

Preparation

The components of the incident response plan are:
Preparation,
Detection & Analysis,
Containment, Eradication根除 & Recovery, and
Post-Incident Activity.

Question 42

What are the four primary responsibilities of a response team when an incident occurs?

Answer 42

Determining damage, assessing compromise, implementing recovery procedures, and supervising security measures

Question 43

What is the next step after detection and analysis in the incident response process?

Answer 43

Finding the appropriate containment strategy

Question 44

What is the key responsibility of the incident response team in the plan?

Answer 44

Assessing and scoping out damage

Question 45

An external entity has tried to gain access to your organization’s IT environment without proper authorization.

This is an example of a(n) _________.

Answer 45

Intrusion

Question 46

What is the key characteristic of a Zero Day vulnerability?

Answer 46

It does not fit recognized patterns, signatures, or methods

Question 47

What is the primary distinction 不同between business continuity planning (BCP) and disaster recovery planning (DRP)?

Answer 47

DRP is about restoring IT, while BCP focuses on business operations

Question 48

Which of the following is very likely to be used in a disaster recovery (DR) effort?

Answer 48

Data backups

Question 49

What is the purpose of the Executive Summary in a Disaster Recovery Plan?

Answer 49

To offer a high-level overview of the plan

Question 50

Who must provide support for business continuity planning efforts?

Answer 50

Executive management or an executive sponsor

Question 51

Which of these components is very likely to be instrumental to any disaster recovery (DR) effort?

Answer 51

Backups

Question 52

Why is it necessary to consider not only the server level but also the database and dependencies on other systems in disaster recovery plans for complex systems?

Answer 52

To address the intricate難理解的 dependencies of the systems

Question 53

You are working in your organization’s security office. You receive a call from a user who has tried to log in to the network several times with the correct credentials, with no success.

After a brief investigation, you determine that the user’s account has been compromised.

This is an example of a(n)_________.

Answer 53

Incident detection

Incident detection refers to the identification and recognition of a security incident, such as a compromised user account, within an organization’s network or information systems.

Question 54

Which of the following is an example of security control?

Answer 54

Firewall

Question 55

What is the definition of an object in the context of access controls?

Answer 55

An entity that responds to a request for service

Question 56

Derrick logs on to a system to read a file.

In this example, Derrick is the ______.

Answer 56

Subject

Question 57

Which of the following is a subject? -

Answer 57

User

Question 58

What is the strategy that integrates people, technology, and operations capabilities to establish variable barriers across multiple layers and missions of an organization?

Answer 58

Layered Defense

Question 59

How does privileged access management implement the principle of least privilege?

Answer 59

By granting each user access only to the items they need

Question 60

Which of the following is an example of a logical access control method?

Answer 60

Biometrics on a smartphone

Question 61

Limiting access to data on the network would be considered which of the following controls?

Answer 61

Logical or technical controls

Question 62

What would be considered an administrative control in the context of seat belt usage?

Answer 62

Passing a law requiring seat belt use

Question 63

What alternative control could be used if biometric locks on multiple doors are not necessary and access does not need to be audited?

Answer 63

Replacing doors with deadbolt locks

Question 64

Which of these combinations of physical security controls share a single point of failure?

Answer 64

High-illumination lighting 高照度照明and cameras

Both lighting and cameras require power. A power failure will disable both the cameras and the lights.

Question 65

Which of the following is an example of a physical access control?

Answer 65

Motion detectors

Question 66

What challenges do small and medium businesses face regarding technical controls in payroll 工資稅systems?

Answer 66

Insufficient personnel for duty separation

Question 67

What does behavioral biometrics measure?

Answer 67

User actions, such as voiceprints and keystroke dynamics

Question 68

Which is a physical control that prevents “piggybacking” or “tailgating,” 緊隨when an unauthorized person follows an authorized person into a controlled area?

Answer 68

Turnstile

Question 69

In what type of environment does role-based access control work well?

Answer 69

High-staff turnover and similar access requirements

Question 70

What is user provisioning in identity management?

Answer 70

Managing access to resources and information systems

Question 71

What term is used to describe the situation where someone inherits expanded permissions that are not appropriate for their role in Role-based Access Control (RBAC)?

Answer 71

Privilege creep

Question 72

What is the key feature of just-in-time privileged access management?

Answer 72

Role-based subsets of privileges

Question 73

In Mandatory Access Control (MAC), what determines the level of access to certain areas in certain government agencies?

Answer 73

Government policy and security clearance

Question 74

Who can modify security rules in a system governed by Mandatory Access Control (MAC)?

Answer 74

Trusted subjects designated as security administrators

Question 75

Duncan and Mira work in the data center at Triffid, Inc. There is a policy in place that requires both to be present in the data center at the same time.

If one has to leave for any reason, the other must step out, too, until they can both re-enter.

This is called ________.

Answer 75

Two-person integrity

Question 76

Why is Discretionary Access Control (DAC) not considered very scalable?

Answer 76

It relies on the discretion of individual object owners

Question 77

What is the two-person rule in the context of security strategy?

Answer 77

Two people must be in an area together

Question 78

Why is it recommended to disable accounts for a period before deletion when an employee leaves the company?

Answer 78

To preserve the integrity of audit trails or files

Question 79

Lakshmi presents a user ID and a password to a system to log on.

Which of the following characteristics must the password have?

Answer 79

Confidential

Question 80

Which of the following is an example of a monitoring tool?

Answer 80

Cameras

Question 81

Which of the following is the responsibility of systems administrators who use privileged accounts?

Answer 81

Operating systems and applications

Systems administrators with privileged accounts have the principal responsibilities for operating systems, application deployment, and performance management.