Group 6 Flashcards by TheKake Unknown

In the Software Development Life Cycle (SDLC), maintaining accurate hardware and software inventories is a critical part of

A. systems integration.
B. risk management.
C. quality assurance.
D. change management.

Answer: D

How well did you know this?

Not at all

Perfectly

As a best practice, the Security Assessment Report (SAR) should include which of the following sections?

A. Data classification policy
B. Software and hardware inventory
C. Remediation recommendations
D. Names of participants

Answer: B

How well did you know this?

Not at all

Perfectly

The application of a security patch to a product previously validate at Common Criteria (CC) Evaluation Assurance Level (EAL) 4 would

A. require an update of the Protection Profile (PP).
B. require recertification.
C. retain its current EAL rating.
D. reduce the product to EAL 3.

Answer: B

How well did you know this?

Not at all

Perfectly

Which of the following media sanitization techniques is MOST likely to be effective for an organization using public cloud services?

A. Low-level formatting
B. Secure-grade overwrite erasure
C. Cryptographic erasure
D. Drive degaussing

Answer: B

How well did you know this?

Not at all

Perfectly

What type of wireless network attack BEST describes an Electromagnetic Pulse (EMP) attack?

A. Radio Frequency (RF) attack
B. Denial of Service (DoS) attack
C. Data modification attack
D. Application-layer attack

Answer: B

How well did you know this?

Not at all

Perfectly

Which of the following is a remote access protocol that uses a static authentication?

A. Point-to-Point Tunneling Protocol (PPTP)
B. Routing Information Protocol (RIP)
C. Password Authentication Protocol (PAP)
D. Challenge Handshake Authentication Protocol (CHAP)

Answer: C

How well did you know this?

Not at all

Perfectly

Which of the following sets of controls should allow an investigation if an attack is not blocked by preventive controls or detected by monitoring?

A. Logging and audit trail controls to enable forensic analysis
B. Security incident response lessons learned procedures
C. Security event alert triage done by analysts using a Security Information and Event Management (SIEM) system
D. Transactional controls focused on fraud prevention

Answer: C

How well did you know this?

Not at all

Perfectly

Determining outage costs caused by a disaster can BEST be measured by the

A. cost of redundant systems and backups.
B. cost to recover from an outage.
C. overall long-term impact of the outage.
D. revenue lost during the outage.

Answer: C

How well did you know this?

Not at all

Perfectly

Which of the following is considered a secure coding practice?

A. Use concurrent access for shared variables and resources
B. Use checksums to verify the integrity of libraries
C. Use new code for common tasks
D. Use dynamic execution functions to pass user supplied data

Answer: B

How well did you know this?

Not at all

Perfectly

As part of the security assessment plan, the security professional has been asked to use a negative testing strategy on a new website. Which of the following actions would be performed?

A. Use a web scanner to scan for vulnerabilities within the website.
B. Perform a code review to ensure that the database references are properly addressed.
C. Establish a secure connection to the web server to validate that only the approved ports are open.
D. Enter only numbers in the web form and verify that the website prompts the user to enter a valid input.

Answer: D

How well did you know this?

Not at all

Perfectly

Who has the PRIMARY responsibility to ensure that security objectives are aligned with organization goals?

A. Senior management
B. Information security department
C. Audit committee
D. All users

Answer: C

How well did you know this?

Not at all

Perfectly

Which of the following alarm systems is recommended to detect intrusions through windows in a high-noise, occupied environment?

A. Acoustic sensor
B. Motion sensor
C. Shock sensor
D. Photoelectric sensor

Answer: C

How well did you know this?

Not at all

Perfectly

Which of the following is the MOST effective practice in managing user accounts when an employee is terminated?

A. Implement processes for automated removal of access for terminated employees.
B. Delete employee network and system IDs upon termination.
C. Manually remove terminated employee user-access to all systems and applications.
D. Disable terminated employee network ID to remove all access.

Answer: B

How well did you know this?

Not at all

Perfectly

Which of the following is the MOST important part of an awareness and training plan to prepare employees for emergency situations?

A. Having emergency contacts established for the general employee population to get information
B. Conducting business continuity and disaster recovery training for those who have a direct role in the recovery
C. Designing business continuity and disaster recovery training programs for different audiences
D. Publishing a corporate business continuity and disaster recovery plan on the corporate website

Answer: C

How well did you know this?

Not at all

Perfectly

What is the process of removing sensitive data from a system or storage device with the intent that the data cannot be reconstructed by any known technique?

A. Purging
B. Encryption
C. Destruction
D. Clearing

Answer: A

How well did you know this?

Not at all

Perfectly

The security accreditation task of the System Development Life Cycle (SDLC) process is completed at the end of which phase?

A. System acquisition and development
B. System operations and maintenance
C. System initiation
D. System implementation

Answer: B

How well did you know this?

Not at all

Perfectly

Drag the following Security Engineering terms on the left to the BEST definition on the right.

Risk - A measure of the extent to which an entity is threatened by a potential circumstance of event, the adverse impacts that would arise if the circumstance or event occurs, and the likelihood of occurrence.
Protection Needs Assessment - The method used to identify the confidentiality, integrity, and availability requirements for organizational and system assets and to characterize the adverse impact or consequences should be asset be lost, modified, degraded, disrupted, compromised, or become unavailable.
Threat assessment - The method used to identify and characterize the dangers anticipated throughout the life cycle of the system.
Security Risk Treatment - The method used to identify feasible security risk mitigation options and plans.

How well did you know this?

Not at all

Perfectly

Which of the following is the BEST reason for the use of security metrics?

A. They ensure that the organization meets its security objectives.
B. They provide an appropriate framework for Information Technology (IT) governance.
C. They speed up the process of quantitative risk assessment.
D. They quantify the effectiveness of security processes.

Answer: B

How well did you know this?

Not at all

Perfectly

Which of the following is a benefit in implementing an enterprise Identity and Access Management (IAM) solution?

A. Password requirements are simplified.
B. Risk associated with orphan accounts is reduced.
C. Segregation of duties is automatically enforced.
D. Data confidentiality is increased.

Answer: A

How well did you know this?

Not at all

Perfectly

A control to protect from a Denial-of-Service (DoS) attach has been determined to stop 50% of attacks, and additionally reduces the impact of an attack by 50%. What is the residual risk?

A. 25%
B. 50%
C. 75%
D. 100%

Answer: B

How well did you know this?

Not at all

Perfectly

Which of the following entails identification of data and links to business processes, applications, and data
stores as well as assignment of ownership responsibilities?

A. Security governance
B. Risk management
C. Security portfolio management
D. Risk assessment

Answer: B

How well did you know this?

Not at all

Perfectly

Which of the following mandates the amount and complexity of security controls applied to a security risk?

A. Security vulnerabilities
B. Risk tolerance
C. Risk mitigation
D. Security staff

Answer: C

How well did you know this?

Not at all

Perfectly

When determining who can accept the risk associated with a vulnerability, which of the following is MOST
important?

A. Countermeasure effectiveness
B. Type of potential loss
C. Incident likelihood
D. Information ownership

Answer: C

How well did you know this?

Not at all

Perfectly

A security professional determines that a number of outsourcing contracts inherited from a previous merger do not adhere to the current security requirements. Which of the following BEST minimizes the risk of this
happening again?

A. Define additional security controls directly after the merger
B. Include a procurement officer in the merger team
C. Verify all contracts before a merger occurs
D. Assign a compliancy officer to review the merger conditions

Answer: D

How well did you know this?

Not at all

Perfectly

Which of the following is a direct monetary cost of a security incident? A. Morale B. Reputation C. Equipment D. Information

Answer: C

Which of the following would MINIMIZE the ability of an attacker to exploit a buffer overflow? A. Memory review B. Code review C. Message division D. Buffer division

Answer: B

Which of the following mechanisms will BEST prevent a Cross-Site Request Forgery (CSRF) attack? A. parameterized database queries B. whitelist input values C. synchronized session tokens D. use strong ciphers

Answer: C

Which factors MUST be considered when classifying information and supporting assets for risk management, legal discovery, and compliance? A. System owner roles and responsibilities, data handling standards, storage and secure development lifecycle requirements B. Data stewardship roles, data handling and storage standards, data lifecycle requirements C. Compliance office roles and responsibilities, classified material handling standards, storage system lifecycle requirements D. System authorization roles and responsibilities, cloud computing standards, lifecycle requirements

Answer: B

When network management is outsourced to third parties, which of the following is the MOST effective method of protecting critical data assets? A. Log all activities associated with sensitive systems B. Provide links to security policies C. Confirm that confidentially agreements are signed D. Employ strong access controls

Answer: D

Which of the following is the MOST appropriate action when reusing media that contains sensitive data? A. Erase B. Sanitize C. Encrypt D. Degauss

Answer: B

An organization recently conducted a review of the security of its network applications. One of the vulnerabilities found was that the session key used in encrypting sensitive information to a third party server had been hard-coded in the client and server applications. Which of the following would be MOST effective in mitigating this vulnerability? A. Diffle-Hellman (DH) algorithm B. Elliptic Curve Cryptography (ECC) algorithm C. Digital Signature algorithm (DSA) D. Rivest-Shamir-Adleman (RSA) algorithm

Answer: D

Which of the following methods of suppressing a fire is environmentally friendly and the MOST appropriate for a data center? A. Inert gas fire suppression system B. Halon gas fire suppression system C. Dry-pipe sprinklers D. Wet-pipe sprinklers

Answer: A

Unused space in a disk cluster is important in media analysis because it may contain which of the following? A. Residual data that has not been overwritten B. Hidden viruses and Trojan horses C. Information about the File Allocation table (FAT) D. Information about patches and upgrades to the system

Answer: A

A company seizes a mobile device suspected of being used in committing fraud. What would be the BEST method used by a forensic examiner to isolate the powered-on device from the network and preserve the evidence? A. Put the device in airplane mode B. Suspend the account with the telecommunication provider C. Remove the SIM card D. Turn the device off

Answer: A

Which of the following is MOST appropriate for protecting confidentially of data stored on a hard drive? A. Triple Data Encryption Standard (3DES) B. Advanced Encryption Standard (AES) C. Message Digest 5 (MD5) D. Secure Hash Algorithm 2(SHA-2)

Answer: B

Which of the following is the MOST effective method to mitigate Cross-Site Scripting (XSS) attacks? A. Use Software as a Service (SaaS) B. Whitelist input validation C. Require client certificates D. Validate data output

Answer: B

What is the MOST significant benefit of an application upgrade that replaces randomly generated session keys with certificate based encryption for communications with backend servers? A. Non-repudiation B. Efficiency C. Confidentially D. Privacy

Answer: A

A user has infected a computer with malware by connecting a Universal Serial Bus (USB) storage device. Which of the following is MOST effective to mitigate future infections? A. Develop a written organizational policy prohibiting unauthorized USB devices B. Train users on the dangers of transferring data in USB devices C. Implement centralized technical control of USB port connections D. Encrypt removable USB devices containing data at rest

Answer: C

Which of the following MUST be in place to recognize a system attack? A. Stateful firewall B. Distributed antivirus C. Log analysis D. Passive honeypot

Answer: C

Which of the following is the GREATEST benefit of implementing a Role Based Access Control (RBAC) system? A. Integration using Lightweight Directory Access Protocol (LDAP) B. Form-based user registration process C. Integration with the organizations Human Resources (HR) system D. A considerably simpler provisioning process

Answer: D

Which Identity and Access Management (IAM) process can be used to maintain the principle of least privilege? A. identity provisioning B. access recovery C. multi-factor authentication (MFA) D. user access review

Answer: A

A minimal implementation of endpoint security includes which of the following? A. Trusted platforms B. Host-based firewalls C. Token-based authentication D. Wireless Access Points (AP)

Answer: B

What is the expected outcome of security awareness in support of a security awareness program? A. Awareness activities should be used to focus on security concerns and respond to those concerns accordingly B. Awareness is not an activity or part of the training but rather a state of persistence to support the program C. Awareness is training. The purpose of awareness presentations is to broaden attention of security. D. Awareness is not training. The purpose of awareness presentation is simply to focus attention on security.

Answer: C

Which security modes is MOST commonly used in a commercial environment because it protects the integrity of financial and accounting data? A. Biba B. Graham-Denning C. Clark-Wilson D. Beil-LaPadula

Answer: C

Why is planning in Disaster Recovery (DR) an interactive process? A. It details off-site storage plans B. It identifies omissions in the plan C. It defines the objectives of the plan D. It forms part of the awareness process

Answer: C

Mandatory Access Controls (MAC) are based on: A. security classification and security clearance B. data segmentation and data classification C. data labels and user access permissions D. user roles and data encryption

Answer: A

What is the foundation of cryptographic functions? A. Encryption B. Cipher C. Hash D. Entropy

Answer: D

The organization would like to deploy an authorization mechanism for an Information Technology (IT) infrastructure project with high employee turnover. Which access control mechanism would be preferred? A. Attribute Based Access Control (ABAC) B. Discretionary Access Control (DAC) C. Mandatory Access Control (MAC) D. Role-Based Access Control (RBAC)

Answer: D

Which of the following management process allows ONLY those services required for users to accomplish their tasks, change default user passwords, and set servers to retrieve antivirus updates? A. Configuration B. Identity C. Compliance D. Patch

Answer: A

Which security access policy contains fixed security attributes that are used by the system to determine a user’s access to a file or object? A. Mandatory Access Control (MAC) B. Access Control List (ACL) C. Discretionary Access Control (DAC) D. Authorized user control

Answer: A

Which of the following is a common characteristic of privacy? A. Provision for maintaining an audit trail of access to the private data B. Notice to the subject of the existence of a database containing relevant credit card data C. Process for the subject to inspect and correct personal data on-site D. Database requirements for integration of privacy data

Answer: C

At a MINIMUM, audits of permissions to individual or group accounts should be scheduled A. annually B. to correspond with staff promotions C. to correspond with terminations D. continually

Answer: A

Which of the following is part of a Trusted Platform Module (TPM)? A. A non-volatile tamper-resistant storage for storing both data and signing keys in a secure fashion B. A protected Pre-Basic Input/Output System (BIOS) which specifies a method or a metric for “measuring” the state of a computing platform C. A secure processor targeted at managing digital keys and accelerating digital signing D. A platform-independent software interface for accessing computer functions

Answer: A

In a change-controlled environment, which of the following is MOST likely to lead to unauthorized changes to production programs? A. Modifying source code without approval B. Promoting programs to production without approval C. Developers checking out source code without approval D. Developers using Rapid Application Development (RAD) methodologies without approval

Answer: A

Which of the following combinations would MOST negatively affect availability? A. Denial of Service (DoS) attacks and outdated hardware B. Unauthorized transactions and outdated hardware C. Fire and accidental changes to data D. Unauthorized transactions and denial of service attacks

Answer: A

Which of the following could be considered the MOST significant security challenge when adopting DevOps practices compared to a more traditional control framework? A. Achieving Service Level Agreements (SLA) on how quickly patches will be released when a security flaw is found. B. Maintaining segregation of duties. C. Standardized configurations for logging, alerting, and security metrics. D. Availability of security teams at the end of design process to perform last-minute manual audits and reviews.

Answer: B

A security compliance manager of a large enterprise wants to reduce the time it takes to perform network, system, and application security compliance audits while increasing quality and effectiveness of the results. What should be implemented to BEST achieve the desired results? A. Configuration Management Database (CMDB) B. Source code repository C. Configuration Management Plan (CMP) D. System performance monitoring application

Answer: A

Which of the following is a characteristic of an internal audit? A. An internal audit is typically shorter in duration than an external audit. B. The internal audit schedule is published to the organization well in advance. C. The internal auditor reports to the Information Technology (IT) department D. Management is responsible for reading and acting upon the internal audit results

Answer: D

Which of the following is a responsibility of a data steward? A. Ensure alignment of the data governance effort to the organization. B. Conduct data governance interviews with the organization. C. Document data governance requirements. D. Ensure that data decisions and impacts are communicated to the organization.

Answer: A

What is the MAIN goal of information security awareness and training? A. To inform users of the latest malware threats B. To inform users of information assurance responsibilities C. To comply with the organization information security policy D. To prepare students for certification

Answer: B

Proven application security principles include which of the following? A. Minimizing attack surface area B. Hardening the network perimeter C. Accepting infrastructure security controls D. Developing independent modules

Answer: A

When developing a business case for updating a security program, the security program owner MUST do which of the following? A. Identify relevant metrics B. Prepare performance test reports C. Obtain resources for the security program D. Interview executive management

Answer: A

From a security perspective, which of the following assumptions MUST be made about input to an application? A. It is tested B. It is logged C. It is verified D. It is untrusted

Answer: D

Which of the following is the BEST reason for writing an information security policy? A. To support information security governance B. To reduce the number of audit findings C. To deter attackers D. To implement effective information security controls

Answer: A

What is the PRIMARY goal of fault tolerance? A. Elimination of single point of failure B. Isolation using a sandbox C. Single point of repair D. Containment to prevent propagation

Answer: A

Which of the BEST internationally recognized standard for evaluating security products and systems? A. Payment Card Industry Data Security Standards (PCI-DSS) B. Common Criteria (CC) C. Health Insurance Portability and Accountability Act (HIPAA) D. Sarbanes-Oxley (SOX)

Answer: B

Which one of the following data integrity models assumes a lattice of integrity levels? A. Take-Grant B. Biba C. Harrison-Ruzzo D. Bell-LaPadula

Answer: B

Even though a particular digital watermark is difficult to detect, which of the following represents a way it might still be inadvertently removed? A. Truncating parts of the data B. Applying Access Control Lists (ACL) to the data C. Appending non-watermarked data to watermarked data D. Storing the data in a database

Answer: A

Which of the following is BEST achieved through the use of eXtensible Access Markup Language (XACML)? A. Minimize malicious attacks from third parties B. Manage resource privileges C. Share digital identities in hybrid cloud D. Defined a standard protocol

Answer: B

An organization has discovered that users are visiting unauthorized websites using anonymous proxies. Which of the following is the BEST way to prevent future occurrences? A. Remove the anonymity from the proxy B. Analyze Internet Protocol (IP) traffic for proxy requests C. Disable the proxy server on the firewall D. Block the Internet Protocol (IP) address of known anonymous proxies

Answer: D

A post-implementation review has identified that the Voice Over Internet Protocol (VoIP) system was designed to have gratuitous Address Resolution Protocol (ARP) disabled. Why did the network architect likely design the VoIP system with gratuitous ARP disabled? A. Gratuitous ARP requires the use of Virtual Local Area Network (VLAN) 1. B. Gratuitous ARP requires the use of insecure layer 3 protocols. C. Gratuitous ARP requires the likelihood of a successful brute-force attack on the phone. D. Gratuitous ARP requires the risk of a Man-in-the-Middle (MITM) attack.

Answer: D

Within the company, desktop clients receive Internet Protocol (IP) address over Dynamic Host Configuration Protocol (DHCP). Which of the following represents a valid measure to help protect the network against unauthorized access? A. Implement path management B. Implement port based security through 802.1x C. Implement DHCP to assign IP address to server systems D. Implement change management

Answer: B

Transport Layer Security (TLS) provides which of the following capabilities for a remote access server? A. Transport layer handshake compression B. Application layer negotiation C. Peer identity authentication D. Digital certificate revocation

Answer: C

A chemical plan wants to upgrade the Industrial Control System (ICS) to transmit data using Ethernet instead of RS422. The project manager wants to simplify administration and maintenance by utilizing the office network infrastructure and staff to implement this upgrade. Which of the following is the GREATEST impact on security for the network? A. The network administrators have no knowledge of ICS B. The ICS is now accessible from the office network C. The ICS does not support the office password policy D. RS422 is more reliable than Ethernet

Answer: B

What does a Synchronous (SYN) flood attack do? A. Forces Transmission Control Protocol /Internet Protocol (TCP/IP) connections into a reset state B. Establishes many new Transmission Control Protocol / Internet Protocol (TCP/IP) connections C. Empties the queue of pending Transmission Control Protocol /Internet Protocol (TCP/IP) requests D. Exceeds the limits for new Transmission Control Protocol /Internet Protocol (TCP/IP) connections

Answer: B

A Denial of Service (DoS) attack on a syslog server exploits weakness in which of the following protocols? A. Point-to-Point Protocol (PPP) and Internet Control Message Protocol (ICMP) B. Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) C. Address Resolution Protocol (ARP) and Reverse Address Resolution Protocol (RARP) D. Transport Layer Security (TLS) and Secure Sockets Layer (SSL)

Answer: B

In a High Availability (HA) environment, what is the PRIMARY goal of working with a virtual router address as the gateway to a network? A. The second of two routers can periodically check in to make sure that the first router is operational. B. The second of two routers can better absorb a Denial of Service (DoS) attack knowing the first router is present. C. The first of two routers fails and is reinstalled, while the second handles the traffic flawlessly. D. The first of two routers can better handle specific traffic, while the second handles the rest of the traffic

Answer: C

A company receives an email threat informing of an Imminent Distributed Denial of Service (DDoS) attack targeting its web application, unless ransom is paid. Which of the following techniques BEST addresses that threat? A. Deploying load balancers to distribute inbound traffic across multiple data centers B. Set Up Web Application Firewalls (WAFs) to filter out malicious traffic C. Implementing reverse web-proxies to validate each new inbound connection D. Coordinate with and utilize capabilities within Internet Service Provider (ISP)

Answer: D

The MAIN use of Layer 2 Tunneling Protocol (L2TP) is to tunnel data A. through a firewall at the Session layer B. through a firewall at the Transport layer C. in the Point-to-Point Protocol (PPP) D. in the Payload Compression Protocol (PCP)

Answer: C

What protocol is often used between gateway hosts on the Internet? A. Exterior Gateway Protocol (EGP) B. Border Gateway Protocol (BGP) C. Open Shortest Path First (OSPF) D. Internet Control Message Protocol (ICMP)

Answer: B

“Stateful” differs from “Static” packet filtering firewalls by being aware of which of the following? A. Difference between a new and an established connection B. Originating network location C. Difference between a malicious and a benign packet payload D. Originating application session

Answer: A

Which of the following provides the MOST comprehensive filtering of Peer-to-Peer (P2P) traffic? A. Application proxy B. Port filter C. Network boundary router D. Access layer switch

Answer: D

What can happen when an Intrusion Detection System (IDS) is installed inside a firewall-protected internal network? A. The IDS can detect failed administrator logon attempts from servers. B. The IDS can increase the number of packets to analyze. C. The firewall can increase the number of packets to analyze. D. The firewall can detect failed administrator login attempts from servers

Answer: A

A security practitioner is tasked with securing the organization’s Wireless Access Points (WAP). Which of these is the MOST effective way of restricting this environment to authorized users? A. Enable Wi-Fi Protected Access 2 (WPA2) encryption on the wireless access point B. Disable the broadcast of the Service Set Identifier (SSID) name C. Change the name of the Service Set Identifier (SSID) to a random value not associated with the organization D. Create Access Control Lists (ACL) based on Media Access Control (MAC) addresses

Answer: D

Access to which of the following is required to validate web session management? A. Log timestamp B. Live session traffic C. Session state variables D. Test scripts

Answer: B

Which of the following would an attacker BEST be able to accomplish through the use of Remote Access Tools (RAT)? A. Reduce the probability of identification B. Detect further compromise of the target C. Destabilize the operation of the host D. Maintain and expand control

Answer: D

Digital certificates used in Transport Layer Security (TLS) support which of the following? A. Information input validation B. Non-repudiation controls and data encryption C. Multi-Factor Authentication (MFA) D. Server identity and data confidentially

Answer: D

During examination of Internet history records, the following string occurs within a Unique Resource Locator (URL): http://www.companysite.com/products/products.asp?productid=123 or 1=1 What type of attack does this indicate? A. Directory traversal B. Structured Query Language (SQL) injection C. Cross-Site Scripting (XSS) D. Shellcode injection

Answer: C

The core component of Role Based Access Control (RBAC) must be constructed of defined data elements. Which elements are required? A. Users, permissions, operations, and protected objects B. Roles, accounts, permissions, and protected objects C. Users, roles, operations, and protected objects D. Roles, operations, accounts, and protected objects

Answer: C

Which of the following is the BEST metric to obtain when gaining support for an Identify and Access Management (IAM) solution? A. Application connection successes resulting in data leakage B. Administrative costs for restoring systems after connection failure C. Employee system timeouts from implementing wrong limits D. Help desk costs required to support password reset requests

Answer: D

In an organization where Network Access Control (NAC) has been deployed, a device trying to connect to the network is being placed into an isolated domain. What could be done on this device in order to obtain proper connectivity? A. Connect the device to another network jack B. Apply remediation’s according to security requirements C. Apply Operating System (OS) patches D. Change the Message Authentication Code (MAC) address of the network interface

Answer: B

What is the second step in the identity and access provisioning lifecycle? A. Provisioning B. Review C. Approval D. Revocation

Answer: B

Which of the following MUST be scalable to address security concerns raised by the integration of third-party identity services? A. Mandatory Access Controls (MAC) B. Enterprise security architecture C. Enterprise security procedures D. Role Based Access Controls (RBAC)

Answer: C

Which of the following is a common feature of an Identity as a Service (IDaaS) solution? A. Single Sign-On (SSO) authentication support B. Privileged user authentication support C. Password reset service support D. Terminal Access Controller Access Control System (TACACS) authentication support

Answer: A

An organization’s security policy delegates to the data owner the ability to assign which user roles have access to a particular resource. What type of authorization mechanism is being used? A. Discretionary Access Control (DAC) B. Role Based Access Control (RBAC) C. Media Access Control (MAC) D. Mandatory Access Control (MAC)

Answer: A

Extensible Authentication Protocol-Message Digest 5 (EAP-MD5) only provides which of the following? A. Mutual authentication B. Server authentication C. User authentication D. Streaming ciphertext data

Answer: C

Which type of test would an organization perform in order to locate and target exploitable defects? A. Penetration B. System C. Performance D. Vulnerability

Answer: A

What is the MAIN reason for testing a Disaster Recovery Plan (DRP)? A. To ensure Information Technology (IT) staff knows and performs roles assigned to each of them B. To validate backup sites’ effectiveness C. To find out what does not work and fix it D. To create a high level DRP awareness among Information Technology (IT) staff

Answer: B

Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization’s systems? A. Standardized configurations for devices B. Standardized patch testing equipment C. Automated system patching D. Management support for patching

Answer: C