Group 10

Question 1

Which of the following management processes allots ONLY those services required for users to accomplish their tasks, change default user passwords, and set servers to retrieve antivirus updates?
A. Compliance
B. Configuration
C. Identity
D. Patch

Answer 1

Answer: B

Question 2

Which of the following practices provides the development team with a definition of security and identification of threats in designing software?
A. Penetration testing
B. Stakeholder review
C. Threat modeling
D. Requirements review

Answer 2

Answer: C

Question 3

Which of the following is a peor entity authentication method for Point-to-Point Protocol (PPP)?
A. Challenge Handshake Authentication Protocol (CHAP)
B. Message Authentication Code (MAC)
C. Transport Layer Security (TLS) handshake protocol
D. Challenge-response authentication mechanism

Answer 3

Answer: A

Question 4

What form of attack could this represent?
A. A Denial of Service (DoS) attack against the gateway router because the router can no longer accept packets from
B. A transport layer attack that prevents the resolution of 10.102.10.6 address
C. A Denial of Service (DoS) attack against 10.102.10.2 because it cannot respond correctly to ARP requests
D. A masquerading attack that sends packets intended for 10.102.10.6 to 10.102.10.2

Answer 4

Answer: D

Question 5

Which of the following value comparisons MOST accurately reflects the agile development approach?
A. Processes and toots over individuals and interactions
B. Contract negotiation over customer collaboration
C. Following a plan over responding to change
D. Working software over comprehensive documentation

Answer 5

Answer: D

Question 6

Which of the following needs to be included in order for High Availability (HA) to continue operations during planned system outages?
A. Redundant hardware, disk spanning, and patching
B. Load balancing, power reserves, and disk spanning
C. Backups, clustering, and power reserves
D. Clustering, load balancing, and fault-tolerant options

Answer 6

Answer: D

Question 7

Which of the following is the MOST effective countermeasure against Man-in-the Middle (MITM) attacks while using online banking?
A. Transport Layer Security (TLS)
B. Secure Sockets Layer (SSL)
C. Pretty Good Privacy (PGP)
D. Secure Shell (SSH)

Answer 7

Answer: A

Question 8

According to the Capability Maturity Model Integration (CMMI), which of the following levels is identified by a managed process that is tailored from the organization’s set of standard processes according to the organization’s tailoring guidelines?
A. Level 0: Incomplete
B. Level 1: Performed
C. Level 2: Managed
D. Level 3: Defined

Answer 8

Answer: D

Question 9

Point-to-Point Protocol (PPP) was designed to specifically address what issue?
A. A common design flaw in telephone modems
B. Speed and reliability issues between dial-up users and Internet Service Providers (ISP).
C. Compatibility issues with personal computers and web browsers
D. The security of dial-up connections to remote networks

Answer 9

Answer: B

Question 10

Which of the following is an advantage of’ Secure Shell (SSH)?
A. It operates at the network layer.
B. It encrypts transmitted User ID and passwords.
C. It uses challenge-response to authenticate each party.
D. It uses the International Data Encryption Algorithm (IDEA) for data privacy.

Answer 10

Answer: C

Question 11

A security engineer is designing a Customer Relationship Management (CRM) application for a third- party vendor. In which phase of the System Development Life Cycle (SDLC) will it be MOST beneficial to conduct a data sensitivity assessment?
A. Development / Acquisition
B. Initiation
C. Enumeration
D. Operation / Maintenance

Answer 11

Answer: B

Question 12

Which of the following is a PRIMARY challenge when running a penetration test?
A. Determining the cost
B. Establishing a business case
C. Remediating found vulnerabilities
D. Determining the depth of coverage

Answer 12

Answer: D

Question 13

Which one of the following would cause an immediate review and possible change to the security policies of an organization?
A. Change in technology
B. Change in senior management
C. Change to organization processes
D. Change to organization goals

Answer 13

Answer: D

Question 14

An audit of an application reveals that the current configuration does not match the configuration of the originally implemented application. Which of the following is the FIRST action to be taken?
A. Recommend an update to the change control process.
B. Verify the approval of the configuration change.
C. Roll back the application to the original configuration.
D. Document the changes to the configuration.

Answer 14

Answer: B

Question 15

What is the BEST method if an investigator wishes to analyze a hard drive which may be used as evidence?
A. Leave the hard drive in place and use only verified and authenticated Operating Systems (OS) utilities …
B. Log into the system and immediately make a copy of all relevant files to a Write Once, Read Many
…
C. Remove the hard drive from the system and make a copy of the hard drive’s contents using imaging hardware.
D. Use a separate bootable device to make a copy of the hard drive before booting the system and analyzing the hard drive.

Answer 15

Answer: C

Question 16

Which of the following provides the GREATEST level of data security for a Virtual Private Network (VPN) connection?
A. Internet Protocol Payload Compression (IPComp)
B. Internet Protocol Security (IPSec)
C. Extensible Authentication Protocol (EAP)
D. Remote Authentication Dial-In User Service (RADIUS)

Answer 16

Answer: B

Question 17

A. The signer verifies that the software being loaded is the software originated by the signer.
B. The vendor certifies the software being loaded is free of malicious code and that it was originated by the signer.
C. The signer verifies that the software being loaded is free of malicious code.
D. Both vendor and the signer certify the software being loaded is free of malicious code and it was originated by the signer.

Answer 17

Answer: A

Question 18

What is the PRIMARY objective for conducting an internal security audit?
A. Verify that all systems and Standard Operating Procedures (SOP) are properly documented.
B. Verify that all personnel supporting a system are knowledgeable of their responsibilities.
C. Verify that security controls are established following best practices.
D. Verify that applicable security controls are implemented and effective.

Answer 18

Answer: D

Question 19

What is the PRIMARY purpose for an organization to conduct a security audit?
A. To ensure the organization is adhering to a well-defined standard
B. To ensure the organization is applying security controls to mitigate identified risks
C. To ensure the organization is configuring information systems efficiently
D. To ensure the organization is documenting findings

Answer 19

Answer: A

Question 20

Which testing method requires very limited or no information about the network infrastructure?
A. While box
B. Static
C. Black box
D. Stress

Answer 20

Answer: C

Question 21

Which of the following is a MAJOR concern when there is a need to preserve or retain information for future retrieval?
A. Laws and regulations may change in the interim, making it unnecessary to retain the information.
B. The expense of retaining the information could become untenable for the organization.
C. The organization may lose track of the information and not dispose of it securely.
D. The technology needed to retrieve the information may not be available in the future.

Answer 21

Answer: C

Question 22

Which of the following types of data would be MOST difficult to detect by a forensic examiner?
A. Slack space data
B. Steganographic data
C. File system deleted data
D. Data stored with a different file type extension

Answer 22

Answer: C

Question 23

Following a penetration test, what should an organization do FIRST?
A. Review all security policies and procedures.
B. Ensure staff is trained in security.
C. Determine if you need to conduct a full security assessment.
D. Evaluate the problems identified in the test result.

Answer 23

Answer: D

Question 24

An Intrusion Detection System (IDS) is based on the general hypothesis that a security violation is associated with a pattern of system usage which can be
A. differentiated from a normal usage pattern.
B. used to detect known violations.
C. used to detect a masquerader.
D. differentiated to detect all security violations.

Answer 24

Answer: A

Question 25

Which of the following models uses unique groups contained in unique conflict classes?
A. Chinese Wall
B. Bell-LaPadula
C. Clark-Wilson
D. Biba

Answer 25

Answer: C

Question 26

When developing the entitlement review process, which of the following roles is responsible for determining who has a need for the information?
A. Data Custodian
B. Data Owner
C. Database Administrator
D. Information Technology (IT) Director

Answer 26

Answer: B

Question 27

What should an auditor do when conducting a periodic audit on media retention?
A. Check electronic storage media to ensure records are not retained past their destruction date.
B. Ensure authorized personnel are in possession of paper copies containing Personally Identifiable Information….
C. Check that hard disks containing backup data that are still within a retention cycle are being destroyed….
D. Ensure that data shared with outside organizations is no longer on a retention schedule.

Answer 27

Answer: A

Question 28

Which of the following factors is á PRIMARY reason to drive changes in an Information Security Continuous Monitoring (ISCM) strategy?
A. Testing and Evaluation (TE) personnel changes
B. Changes to core missions or business processes
C. Increased Cross-Site Request Forgery (CSRF) attacks
D. Changes in Service Organization Control (SOC) 2 reporting requirements

Answer 28

Answer: B

Question 29

Digital non-repudiation requires which of the following?
A. A trusted third-party
B. Appropriate corporate policies
C. Symmetric encryption
D. Multifunction access cards

Answer 29

Answer: A

Question 30

Data remanence is the biggest threat in which of the following scenarios?
A. A physical disk drive has been overwritten and reused within a datacenter.
B. A physical disk drive has been degaussed, verified, and released to a third party for dest…….
C. A flash drive has been overwritten, verified, and reused within a datacenter.
D. A flash drive has been overwritten and released to a third party for destruction.

Answer 30

Answer: D

Question 31

Which of the following is the MOST secure password technique?
A. Passphrase
B. One-time password
C. Cognitive password
D. dphertext

Answer 31

Answer: A

Question 32

Which of the following is a Key Performance Indicator (KPI) for a security training and awareness program?
A. The number of security audits performed
B. The number of attendees at security training events
C. The number of security training materials created
D. The number of security controls implemented

Answer 32

Answer: B

Question 33

When are security requirements the LEAST expensive to implement?
A. When identified by external consultants
B. During the application rollout phase
C. During each phase of the project cycle
D. When built into application design

Answer 33

Answer: D

Question 34

What type of attack sends Internet Control Message Protocol (ICMP) echo requests to the target machine with a larger payload than the target can handle?
A. Man-in-the-Middle (MITM)
B. Denial of Service (DoS)
C. Domain Name Server (DNS) poisoning
D. Buffer overflow

Answer 34

Answer: B

Question 35

What is the HIGHEST priority in agile development?
A. Selecting appropriate coding language
B. Managing costs of product delivery
C. Early and continuous delivery of software
D. Maximizing the amount of code delivered

Answer 35

Answer: C

Question 36

Which of the following is included in the Global System for Mobile Communications (GSM) security framework?
A. Public-Key Infrastructure (PKI)
B. Symmetric key cryptography
C. Digital signatures
D. Biometric authentication

Answer 36

Answer: C

Question 37

Which of the following is the reason that transposition ciphers are easily recognizable?
A. Key
B. Block
C. Stream
D. Character

Answer 37

Answer: B

Question 38

How is it possible to extract private keys securely stored on a cryptographic smartcard?
A. Bluebugging
B. Focused ion-beam
C. Bluejacking
D. Power analysis

Answer 38

Answer: D

Question 39

Which of the following is an important requirement when designing a secure remote access system?
A. Configure a Demilitarized Zone (DMZ) to ensure that user and service traffic is separated.
B. Provide privileged access rights to computer files and systems.
C. Ensure that logging and audit controls are included.
D. Reduce administrative overhead through password self service.

Answer 39

Answer: C

Question 40

Which of the following is the BEST way to mitigate circumvention of access controls?
A. Multi-layer access controls working in isolation
B. Multi-vendor approach to technology implementation
C. Multi-layer firewall architecture with Internet Protocol (IP) filtering enabled
D. Multi-layer access controls with diversification of technologies

Answer 40

Answer: D

Question 41

Which one of the following can be used to detect an anomaly in a system by keeping track of the state of files that do not normally change?\
A. System logs
B. Anti-spyware
C. Integrity checker
D. Firewall logs

Answer 41

Answer: C

Question 42

Which of the following is the MOST effective preventative method to identify security flaws in software?
A. Monitor performance in production environments.
B. Perform a structured code review.
C. Perform application penetration testing.
D. Use automated security vulnerability testing tods.

Answer 42

Answer: B

Question 43

Which of the following BEST describes botnets?
A. Computer systems on the Internet that are set up to trap people who attempt to penetrate other computer system
B. Set of related programs that protects the resources of a private network from other networks
C. Small network inserted in a neutral zone between an organization’s private network and the outside public network
D. Groups of computers that are used to launch destructive attacks

Answer 43

Answer: D

Question 44

A. Require the cloud 1AM provider to use declarative security instead of programmatic authentication checks.
B. Integrate a Web-Application Firewall (WAF) In reverie-proxy mode in front of the service provider.
C. Apply Transport layer Security (TLS) to the cloud-based authentication checks.
D. Install an on-premise Authentication Gateway Service (AGS) In front of the service provider.

Answer 44

Answer: D

Question 45

Which of the following BEST describes the objectives of the Business Impact Analysis (BIA)?
A. Identifying the events and environmental factors that can adversely affect an organization
B. Identifying what is important and critical based on disruptions that can affect the organization.
C. Establishing the need for a Business Continuity Plan (BCP) based on threats that can affect an organization
D. Preparing a program to create an organizational awareness for executing the Business Continuity Plan (BCP)

Answer 45

Answer: B

Question 46

The application owner of a system that handles confidential data leaves an organization. It is anticipated that a replacement will be hired in approximately six months. During that time, which of the following should the organization do?
A. Gram temporary access to the former application owner’s account
B. Assign a temporary application owner to the system.
C. Restrict access to the system until a replacement application owner rs hired.
D. Prevent changes to the confidential data until a replacement application owner is hired.

Answer 46

Answer: B

Question 47

Which Redundant Array c/ Independent Disks (RAID) Level does the following diagram represent?
A. RAID 0
B. RAID 1
C. RAID 5
D. RAID 10

Answer 47

Answer: D

Question 48

Which of the following is used to ensure that data mining activities Will NOT reveal sensitive data?
A. Implement two-factor authentication on the underlying infrastructure.
B. Encrypt data at the field level and tightly control encryption keys.
C. Preprocess the databases to see if inn …… can be disclosed from the learned patterns.
D. Implement the principle of least privilege on data elements so a reduced number of users can

Answer 48

Answer: D

Question 49

Why are packet filtering routers used in low-risk environments?
A. They are high-resolution source discrimination and identification tools.
B. They are fast and flexible, and protect against Internet Protocol (IP) spoofing.
C. They are fast, flexible, and transparent.
D. They enforce strong user authentication and audit tog generation.

Answer 49

Answer: B

Question 50

Which of the following protocols will allow the encrypted transfer of content on the Internet?
A. Server Message Block (SMB)
B. Secure copy
C. Hypertext Transfer Protocol (HTTP)
D. Remote copy

Answer 50

Answer: B

Question 51

What requirement MUST be met during internal security audits to ensure that all information provided is expressed as an objective assessment without risk of retaliation?
A. The auditor must be independent and report directly to the management.
B. The auditor must utilize automated tools to back their findings.
C. The auditor must work closely with both the information Technology (IT) and security sections of an organization.
D. The auditor must perform manual reviews of systems and processes.

Answer 51

Answer: A

Question 52

In order to support the least privilege security principle when a resource is transferring within the organization from a production support system administration role to a developer role, what changes should be made to the resource’s access to the production operating system (OS) directory structure?
A. From Read Only privileges to No Access Privileges
B. From Author privileges to Administrator privileges
C. From Administrator privileges to No Access privileges
D. From No Access Privileges to Author privileges

Answer 52

Answer: C

Question 53

What is the FINAL step in the waterfall method for contingency planning?
A. Maintenance
B. Testing
C. Implementation
D. Training

Answer 53

Answer: A

Question 54

Which of the following is a security weakness in the evaluation of common criteria (CC) products?
A. The manufacturer can state what configuration of the product is to be evaluated.
B. The product can be evaluated by labs m other countries.
C. The Target of Evaluation’s (TOE) testing environment is identical to the operating environment
D. The evaluations are expensive and time-consuming to perform.

Answer 54

Answer: A

Question 55

What is the second phase of public key infrastructure (PKI) key/certificate life-cycle management?
A. Implementation Phase
B. Cancellation Phase
C. Initialization Phase
D. Issued Phase

Answer 55

Answer: A

Question 56

Which of the following BEST describes the standard used to exchange authorization information between different identity management systems?
A. Security Assertion Markup Language (SAML)
B. Service Oriented Architecture (SOA)
C. Extensible Markup Language (XML)
D. Wireless Authentication Protocol (WAP)

Answer 56

Answer: A

Question 57

A. Obtain information security management approval.
B. Maintain the integrity of the application.
C. Obtain feedback before implementation.
D. Identify vulnerabilities.

Answer 57

Answer: D

Question 58

The security team has been tasked with performing an interface test against a frontend external facing application and needs to verify that all input fields protect against
invalid input. Which of the following BEST assists this process?
A. Application fuzzing
B. Instruction set simulation
C. Regression testing
D. Sanity testing

Answer 58

Answer: A

Question 59

Which of the following is the FIRST step during digital identity provisioning?
A. Authorizing the entity for resource access
B. Synchronizing directories
C. Issuing an initial random password
D. Creating the entity record with the correct attributes

Answer 59

Answer: D

Question 60

Physical Access Control Systems (PACS) allow authorized security personnel to manage and monitor access control for subjects through which function?
A. Remote access administration
B. Personal Identity Verification (PIV)
C. Access Control List (ACL)
D. Privileged Identity Management (PIM)

Answer 60

Answer: B

Question 61

In a large company, a system administrator needs to assign users access to files using Role Based Access Control (RBAC). Which option Is an example of RBAC?
A. Mowing users access to files based on their group membership
B. Allowing users access to files based on username
C. Allowing users access to files based on the users location at time of access
D. Allowing users access to files based on the file type

Answer 61

Answer: A

Question 62

During a Disaster Recovery (DR) simulation, it is discovered that the shared recovery site lacks adequate data restoration capabilities to support the implementation of multiple plans simultaneously. What would be impacted by this fact if left unchanged?
A. Recovery Point Objective (RPO)
B. Recovery Time Objective (RTO)
C. Business Impact Analysis (BIA)
D. Return on Investment (ROI)

Answer 62

Answer: A

Question 63

What is the MAIN objective of risk analysis in Disaster Recovery (DR) planning?
A. Establish Maximum Tolerable Downtime (MTD) Information Systems (IS).
B. Define the variable cost for extended downtime scenarios.
C. Identify potential threats to business availability.
D. Establish personnel requirements for various downtime scenarios.

Answer 63

Answer: C

Question 64

The adoption of an enterprise-wide Business Continuity (BC) program requires which of the following?
A. Good communication throughout the organization
B. A completed Business Impact Analysis (BIA)
C. Formation of Disaster Recovery (DR) project team
D. Well-documented information asset classification

Answer 64

Answer: D

Question 65

A security professional is assessing the risk in an application and does not take into account any mitigating or compensating controls. This type of risk rating is an example of which of the following?
A. Transferred risk
B. Inherent risk
C. Residual risk
D. Avoided risk

Answer 65

Answer: B

Question 66

Which of the following is the BEST way to protect against Structured Query language (SQL) injection?
A. Enforce boundary checking.
B. Ratfrict um of SELECT command.
C. Restrict HyperText Markup Language (HTML) source code
D. Use stored procedures.

Answer 66

Answer: D

Question 67

When defining a set of security controls to mitigate a risk, which of the following actions MUST occur?
A. Each control’s effectiveness must be evaluated individually.
B. Each control must completely mitigate the risk.
C. The control set must adequately mitigate the risk.
D. The control set must evenly divided the risk.

Answer 67

Answer: A

Question 68

A company-wide penetration test result shows customers could access and read files through a web browser. Which of the following can be used to mitigate this vulnerability?
A. Enforce the chmod of files to 755.
B. Enforce the control of file directory listings.
C. Implement access control on the web server.
D. Implement Secure Sockets Layer (SSL) certificates throughout the web server.

Answer 68

Answer: B

Question 69

Which of the following provides the MOST secure method for Network Access Control (NAC)?
A. Media Access Control (MAC) filtering
B. 802.IX authentication
C. Application layer filtering
D. Network Address Translation (NAT)

Answer 69

Answer: B

Question 70

What does the result of Cost-Benefit Analysis (C8A) on new security initiatives provide?
A. Quantifiable justification
B. Baseline improvement
C. Risk evaluation
D. Formalized acceptance

Answer 70

Answer: A

Question 71

Which of the following is considered the PRIMARY security issue associated with encrypted e-mail messages?
A. Key distribution
B. Storing attachments in centralized repositories
C. Scanning for viruses and other malware
D. Greater costs associated for backups and restores

Answer 71

Answer: C

Question 72

Which media sanitization methods should be used for data with a high security categorization?
A. Clear or destroy
B. Clear or purge
C. Destroy or delete
D. Purge or destroy

Answer 72

Answer: D

Question 73

Which of the following is the MOST secure protocol for zremote command access to the firewall?
A. Secure Shell (SSH)
B. Trivial File Transfer Protocol (TFTP)
C. Hypertext Transfer Protocol Secure (HTTPS)
D. Simple Network Management Protocol (SNMP) v1

Answer 73

Answer: A

Question 74

How should the retention period for an organization’s social media content be defined?
A. Wireless Access Points (AP)
B. Token-based authentication
C. Host-based firewalls
D. Trusted platforms

Answer 74

Answer: C

Question 75

How should the retention period for an organization’s social media content be defined?
A. By the retention policies of each social media service
B. By the records retention policy of the organization
C. By the Chief Information Officer (CIO)
D. By the amount of available storage space

Answer 75

Answer: B

Question 76

In Identity Management (IdM), when is the verification stage performed?
A. As part of system sign-on
B. Before creation of the identity
C. After revocation of the identity
D. During authorization of the identity

Answer 76

Answer: A

Question 77

What is the PRIMARY purpose of auditing, as it relates to the security review cycle?
A. To ensure the organization’s controls and pokies are working as intended
B. To ensure the organization can still be publicly traded
C. To ensure the organization’s executive team won’t be sued
D. To ensure the organization meets contractual requirements

Answer 77

Answer: A

Question 78

Which of the following access control models is MOST restrictive?
A. Discretionary Access Control (DAC)
B. Mandatory Access Control (MAC)
C. Role Based Access Control (RBAC)
D. Rule based access control

Answer 78

Answer: B

Question 79

Which of the following is a canon of the (ISC)2 Code of Ethics?
A. Integrity first, association before serf, and excellence in all we do
B. Perform all professional activities and duties in accordance with all applicable laws and the highest ethical standards.
C. Provide diligent and competent service to principals.
D. Cooperate with others in the interchange of knowledge and ideas for mutual security.

Answer 79

Answer: C

Question 80

Which of the following will an organization’s network vulnerability testing process BEST enhance?
A. Firewall log review processes
B. Asset management procedures
C. Server hardening processes
D. Code review procedures

Answer 80

Answer: C

Question 81

Which of the following is the MOST effective countermeasure against data remanence?
A. Destruction
B. Clearing
C. Purging
D. Encryption

Answer 81

Answer: A

Question 82

A security professional has been requested by the Board of Directors and Chief Information Security Officer (CISO) to perform an internal and external penetration
test. What is the BEST course of action?
A. Review data localization requirements and regulations.
B. Review corporate security policies and procedures,
C. With notice to the Configuring a Wireless Access Point (WAP) with the same Service Set Identifier external test.
D. With notice to the organization, perform an external penetration test first, then an internal test.

Answer 82

Answer: D

Question 83

The Rivest-Shamir-Adleman (RSA) algorithm is BEST suited for which of the following operations?
A. Bulk data encryption and decryption
B. One-way secure hashing for user and message authentication
C. Secure key exchange for symmetric cryptography
D. Creating digital checksums for message integrity

Answer 83

Answer: C

Question 84

Configuring a Wireless Access Point (WAP) with the same Service Set Identifier (SSID) as another WAP in order to have users unknowingly connect is referred to as which of the following?
A. Jamming
B. Man-irHht-Middk (MITM)
C. War driving
D. Internet Protocol (IP) spoofing

Answer 84

Answer: B

Question 85

Which of the following actions should be taken by a security professional when a mission critical computer network attack is suspected?
A. Isolate the network, log an independent report, fix the problem, and redeploy the computer.
B. Isolate the network, install patches, and report the occurrence.
C. Prioritize, report, and investigate the occurrence.
D. Turn the rooter off, perform forensic analysis, apply the appropriate fin, and log incidents.

Answer 85

Answer: C

Question 86

In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
A. Development/Acquisition
B. Initiation
C. Implementation/ Assessment
D. Disposal

Answer 86

Answer: A

Question 87

Of the following, which BEST provides non- repudiation with regards to access to a server room?
A. Fob and Personal Identification Number (PIN)
B. Locked and secured cages
C. Biometric readers
D. Proximity readers

Answer 87

Answer: C

Question 88

The personal laptop of an organization executive is stolen from the office, complete with personnel and project records. Which of the following should be done FIRST to mitigate future occurrences?
A. Encrypt disks on personal laptops.
B. Issue cable locks for use on personal laptops.
C. Create policies addressing critical information on personal laptops.
D. Monitor personal laptops for critical information.

Answer 88

Answer: A

Question 89

Which of the following is a standard Access Control List (ACL) element that enables a router to filter Internet traffic?
A. Media Access Control (MAC) address
B. Internet Protocol (IP) address
C. Security roles
D. Device needs

Answer 89

Answer: B

Question 90

Which of the following will accomplish Multi-Factor Authentication (MFA)?
A. Issuing a smart card with a user-selected Personal Identification Number (PIN)
B. Requiring users to enter a Personal Identification Number (PIN) and a password
C. Performing a palm and retinal scan
D. Issuing a smart card and a One Time Password (OTP) token

Answer 90

Answer: A

Question 91

Which of the following is the PRIMARY issue when analyzing detailed log information?
A. Logs may be unavailable when required
B. Timely review of the data is potentially difficult
C. Most systems and applications do not support logging
D. Logs do not provide sufficient details of system and individual activities

Answer 91

Answer: D

Question 92

How does security in a distributed file system using mutual authentication differ from file security in a multi-user host?
A. Access control can rely on the Operating System (OS), but eavesdropping is
B. Access control cannot rely on the Operating System (OS), and eavesdropping
C. Access control can rely on the Operating System (OS), and eavesdropping is
D. Access control cannot rely on the Operating System (OS), and eavesdropping

Answer 92

Answer: C

Question 93

Which of the following explains why classifying data is an important step in performing a Risk assessment?
A. To provide a framework for developing good security metrics
B. To justify the selection of costly security controls
C. To classify the security controls sensitivity that helps scope the risk assessment
D. To help determine the appropriate level of data security controls

Answer 93

Answer: D

Question 94

How is Remote Authentication Dial-In User Service (RADIUS) authentication accomplished?
A. It uses clear text and firewall rules.
B. It relies on Virtual Private Networks (VPN).
C. It uses clear text and shared secret keys.
D. It relies on asymmetric encryption keys.

Answer 94

Answer: C

Question 95

A security professional should ensure that clients support which secondary algorithm for digital signatures when a Secure Multipurpose Internet Mail Extension (S/MIME) is used?
A. Triple Data Encryption Standard (3DES)
B. Advanced Encryption Standard (AES)
C. Digital Signature Algorithm (DSA)
D. Rivest-Shamir-Adieman (RSA)

Answer 95

Answer: C

Question 96

What documentation is produced FIRST when performing an effective physical loss control process?
A. Deterrent controls list
B. Security standards list
C. inventory list
D. Asset valuation list

Answer 96

Answer: C

Question 97

Who should formulate conclusions from a particular digital fore Ball, Submit a Toper Of Tags, and the results?
A. The information security professional’s supervisor
B. Legal counsel for the information security professional’s employer
C. The information security professional who conducted the analysis
D. A peer reviewer of the information security professional

Answer 97

Answer: B

Question 98

A manager identified two conflicting sensitive user functions that were assigned to a single user account that had the potential to result in financial and regulatory risk to the company. The manager MOST likely discovered this during which of the following?
A. Security control assessment.
B. Separation of duties analysis
C. Network Access Control (NAC) review
D. Federated identity management (FIM) evaluation

Answer 98

Answer: B

Question 99

When assessing the audit capability of an application, which of the following activities is MOST important?
A. Determine if audit records contain sufficient information.
B. Review security plan for actions to be taken in the event of audit failure.
C. Verify if sufficient storage is allocated for audit records.
D. Identify procedures to investigate suspicious activity.

Answer 99

Answer: C

Question 100

A web-based application known to be susceptible to attacks is now under review by a senior developer. The organization would like to ensure this application Is less susceptible to injection attacks specifically,
What strategy will work BEST for the organization’s situation?
A. Do not store sensitive unencrypted data on the back end.
B. Whitelist input and encode or escape output before it is processed for rendering.
C. Limit privileged access or hard-coding logon credentials,
D. Store sensitive data in a buffer that retains data in operating system (OS) cache or memory.

Answer 100

Answer: B