Group 7

Question 1

An international medical organization with headquarters in the United States (US) and branches in France
wants to test a drug in both countries. What is the organization allowed to do with the test subject’s data?
A. Aggregate it into one database in the US
B. Process it in the US, but store the information in France
C. Share it with a third party
D. Anonymize it and process it in the US

Answer 1

Answer: B

Question 2

As part of an application penetration testing process, session hijacking can BEST be achieved by which of the following?
A. Known-plaintext attack
B. Denial of Service (DoS)
C. Cookie manipulation
D. Structured Query Language (SQL) injection

Answer 2

Answer: C

Question 3

Assessing a third party’s risk by counting bugs in the code may not be the best measure of an attack surface
within the supply chain.
Which of the following is LEAST associated with the attack surface?
A. Input protocols
B. Target processes
C. Error messages
D. Access rights

Answer 3

Answer: D

Question 4

What are the steps of a risk assessment?
A. identification, analysis, evaluation
B. analysis, evaluation, mitigation
C. classification, identification, risk management
D. identification, evaluation, mitigation

Answer 4

Answer: A

Question 5

After following the processes defined within the change management plan, a super user has upgraded a
device within an Information system.
What step would be taken to ensure that the upgrade did NOT affect the network security posture?
A. Conduct an Assessment and Authorization (A&A)
B. Conduct a security impact analysis
C. Review the results of the most recent vulnerability scan
D. Conduct a gap analysis with the baseline configuration

Answer 5

Answer: B

Question 6

What is the correct order of steps in an information security assessment?
Place the information security assessment steps on the left next to the numbered boxes on the right in the
correct order.

Answer 6

Question 7

What MUST each information owner do when a system contains data from multiple information owners?
A. Provide input to the Information System (IS) owner regarding the security requirements of the data
B. Review the Security Assessment report (SAR) for the Information System (IS) and authorize the IS to
operate.
C. Develop and maintain the System Security Plan (SSP) for the Information System (IS) containing the data
D. Move the data to an Information System (IS) that does not contain data owned by other information
owners

Answer 7

Answer: C

Question 8

A vulnerability assessment report has been submitted to a client. The client indicates that one third of the hosts
that were in scope are missing from the report. In which phase of the assessment was this error MOST likely made?
A. Enumeration
B. Reporting
C. Detection
D. Discovery

Answer 8

Answer: A

Question 9

Which of the following is a responsibility of the information owner?
A. Ensure that users and personnel complete the required security training to access the Information System
(IS)
B. Defining proper access to the Information System (IS), including privileges or access rights
C. Managing identification, implementation, and assessment of common security controls
D. Ensuring the Information System (IS) is operated according to agreed upon security requirements

Answer 9

Answer: C

Question 10

Who is accountable for the information within an Information System (IS)?
A. Security manager
B. System owner
C. Data owner
D. Data processor

Answer 10

Answer: C

Question 11

It is MOST important to perform which of the following to minimize potential impact when implementing a new vulnerability scanning tool in a production environment?
A. Negotiate schedule with the Information Technology (IT) operation’s team
B. Log vulnerability summary reports to a secured server
C. Enable scanning during off-peak hours
D. Establish access for Information Technology (IT) management

Answer 11

Answer: C

Question 12

A Security Operations Center (SOC) receives an incident response notification on a server with an active
intruder who has planted a backdoor. Initial notifications are sent and communications are established.
What MUST be considered or evaluated before performing the next step?
A. Notifying law enforcement is crucial before hashing the contents of the server hard drive
B. Identifying who executed the incident is more important than how the incident happened
C. Removing the server from the network may prevent catching the intruder
D. Copying the contents of the hard drive to another storage device may damage the evidence

Answer 12

Answer: D

Question 13

Due to system constraints, a group of system administrators must share a high-level access set of credentials.
Which of the following would be MOST appropriate to implement?
A. Increased console lockout times for failed logon attempts
B. Reduce the group in size
C. A credential check-out process for a per-use basis
D. Full logging on affected systems

Answer 13

Answer: C

Question 14

Which of the following is the MOST efficient mechanism to account for all staff during a speedy nonemergency evacuation from a large security facility?
A. Large mantrap where groups of individuals leaving are identified using facial recognition technology
B. Radio Frequency Identification (RFID) sensors worn by each employee scanned by sensors at each exitdoor
C. Emergency exits with push bars with coordinates at each exit checking off the individual against a predefined list
D. Card-activated turnstile where individuals are validated upon exit

Answer 14

Answer: B

Question 15

What does electronic vaulting accomplish?
A. It protects critical files.
B. It ensures the fault tolerance of Redundant Array of Independent Disks (RAID) systems
C. It stripes all database records
D. It automates the Disaster Recovery Process (DRP)

Answer 15

Answer: A

Question 16

Who would be the BEST person to approve an organizations information security policy?
A. Chief Information Officer (CIO)
B. Chief Information Security Officer (CISO)
C. Chief internal auditor
D. Chief Executive Officer (CEO)

Answer 16

Answer: B

Question 17

A security analyst for a large financial institution is reviewing network traffic related to an incident. The analyst determines the traffic is irrelevant to the investigation but in the process of the review, the analyst also finds that an applications data, which included full credit card cardholder data, is transferred in clear text between the server and user’s desktop. The analyst knows this violates the Payment Card Industry Data Security Standard (PCI-DSS). Which of the following is the analyst’s next step?
A. Send the log file co-workers for peer review
B. Include the full network traffic logs in the incident report
C. Follow organizational processes to alert the proper teams to address the issue.
D. Ignore data as it is outside the scope of the investigation and the analyst’s role.

Answer 17

Answer: C

Question 18

An Information Technology (IT) professional attends a cybersecurity seminar on current incident response methodologies.
What code of ethics canon is being observed?
A. Provide diligent and competent service to principals
B. Protect society, the commonwealth, and the infrastructure
C. Advance and protect the profession
D. Act honorable, honesty, justly, responsibly, and legally

Answer 18

Answer: A

Question 19

An organization adopts a new firewall hardening standard. How can the security professional verify that the technical staff correct implemented the new standard?
A. Perform a compliance review
B. Perform a penetration test
C. Train the technical staff
D. Survey the technical staff

Answer 19

Answer: A

Question 20

What is the MAIN purpose of a change management policy?
A. To assure management that changes to the Information Technology (IT) infrastructure are necessary
B. To identify the changes that may be made to the Information Technology (IT) infrastructure
C. To verify that changes to the Information Technology (IT) infrastructure are approved
D. To determine the necessary for implementing modifications to the Information Technology (IT) infrastructure

Answer 20

Answer: C

Question 21

Match the functional roles in an external audit to their responsibilities. Drag each role on the left to its corresponding responsibility on the right.

Answer 21

Question 22

Who is responsible for the protection of information when it is shared with or provided to other organizations?
A. Systems owner
B. Authorizing Official (AO)
C. Information owner
D. Security officer

Answer 22

Answer: C

Question 23

Which of the following is the MOST challenging issue in apprehending cyber criminals?
A. They often use sophisticated method to commit a crime.
B. It is often hard to collect and maintain integrity of digital evidence.
C. The crime is often committed from a different jurisdiction.
D. There is often no physical evidence involved.

Answer 23

Answer: C

Question 24

Match the name of access control model with its associated restriction.
Drag each access control model to its appropriate restriction access on the right.

Answer 24

kk

Question 25

Which of the following are important criteria when designing procedures and acceptance criteria for acquired software?
A. Code quality, security, and origin
B. Architecture, hardware, and firmware
C. Data quality, provenance, and scaling
D. Distributed, agile, and bench testing

Answer 25

Answer: A

Question 26

Which of the following steps should be performed FIRST when purchasing Commercial Off-The-Shelf (COTS) software?
A. undergo a security assessment as part of authorization process
B. establish a risk management strategy
C. harden the hosting server, and perform hosting and application vulnerability scans
D. establish policies and procedures on system and services acquisition

Answer 26

Answer: D

Question 27

An organization has outsourced its financial transaction processing to a Cloud Service Provider (CSP) who will provide them with Software as a Service (SaaS). If there was a data breach who is responsible for monetary losses?
A. The Data Protection Authority (DPA)
B. The Cloud Service Provider (CSP)
C. The application developers
D. The data owner

Answer 27

Answer: B

Question 28

What is the PRIMARY role of a scrum master in agile development?
A. To choose the primary development language
B. To choose the integrated development environment
C. To match the software requirements to the delivery plan
D. To project manage the software delivery

Answer 28

Answer: D

Question 29

What capability would typically be included in a commercially available software package designed for access control?
A. Password encryption
B. File encryption
C. Source library control
D. File authentication

Answer 29

Answer: A

Question 30

An organization plan on purchasing a custom software product developed by a small vendor to support its
business model. Which unique consideration should be made part of the contractual agreement potential long-term risks associated with creating this dependency?
A. A source code escrow clause
B. Right to request an independent review of the software source code
C. Due diligence form requesting statements of compliance with security requirements
D. Access to the technical documentation

Answer 30

Answer: B

Question 31

When developing solutions for mobile devices, in which phase of the Software Development Life Cycle (SDLC) should technical limitations related to devices be specified?
A. Implementation
B. Initiation
C. Review
D. Development

Answer 31

Answer: A

Question 32

Which of the following is the MOST important security goal when performing application interface testing?
A. Confirm that all platforms are supported and function properly
B. Evaluate whether systems or components pass data and control correctly to one another
C. Verify compatibility of software, hardware, and network connections
D. Examine error conditions related to external interfaces to prevent application details leakage

Answer 32

Answer: B

Question 33

Which of the following is the MOST common method of memory protection?
A. Compartmentalization
B. Segmentation
C. Error correction
D. Virtual Local Area Network (VLAN) tagging

Answer 33

Answer: B

Question 34

Attack trees are MOST useful for which of the following?
A. Determining system security scopes
B. Generating attack libraries
C. Enumerating threats
D. Evaluating Denial of Service (DoS) attacks

Answer 34

Answer: C

Question 35

Which of the following techniques is known to be effective in spotting resource exhaustion problems, especially with resources such as processes, memory, and connections?
A. Automated dynamic analysis
B. Automated static analysis
C. Manual code review
D. Fuzzing

Answer 35

Answer: A

Question 36

Which one of the following is an advantage of an effective release control strategy form a configuration control standpoint?
A. Ensures that a trace for all deliverables is maintained and auditable
B. Enforces backward compatibility between releases
C. Ensures that there is no loss of functionality between releases
D. Allows for future enhancements to existing features

Answer 36

Answer: A

Question 37

The design review for an application has been completed and is ready for release. What technique should an organization use to assure application integrity?
A. Application authentication
B. Input validation
C. Digital signing
D. Device encryption

Answer 37

Answer: B

Question 38

What is the BEST location in a network to place Virtual Private Network (VPN) devices when an internal review reveals network design flaws in remote access?
A. In a dedicated Demilitarized Zone (DMZ)
B. In its own separate Virtual Local Area Network (VLAN)
C. At the Internet Service Provider (ISP)
D. Outside the external firewall

Answer 38

Answer: B

Question 39

Which of the following access management procedures would minimize the possibility of an organization’s employees retaining access to secure werk areas after they change roles?
A. User access modification
B. user access recertification
C. User access termination
D. User access provisioning

Answer 39

Answer: B

Question 40

What Is the FIRST step in establishing an information security program?
A. Establish an information security policy.
B. Identify factors affecting information security.
C. Establish baseline security controls.
D. Identify critical security infrastructure.

Answer 40

Answer: A

Question 41

Which of the following is MOST effective in detecting information hiding in Transmission Control Protocol/internet Protocol (TCP/IP) traffic?
A. Stateful inspection firewall
B. Application-level firewall
C. Content-filtering proxy
D. Packet-filter firewall

Answer 41

Answer: A

Question 42

Which of the following is the BEST way to reduce the impact of an externally sourced flood attack?
A. Have the service provider block the soiree address.
B. Have the soiree service provider block the address.
C. Block the source address at the firewall.
D. Block all inbound traffic until the flood ends.

Answer 42

Answer: C

Question 43

Which of the following is the BEST Identity-as-a-Service (IDaaS) solution for validating users?
A. Single Sign-On (SSO)
B. Security Assertion Markup Language (SAML)
C. Lightweight Directory Access Protocol (LDAP)
D. Open Authentication (OAuth)

Answer 43

Answer: B

Question 44

When conducting a security assessment of access controls, which activity is part of the data analysis phase?
A. Present solutions to address audit exceptions.
B. Conduct statistical sampling of data transactions.
C. Categorize and identify evidence gathered during the audit.
D. Collect logs and reports.

Answer 44

Answer: C

Question 45

Which of the following is used to support the of defense in depth during development phase of a software product?
A. Security auditing
B. Polyinstantiation
C. Maintenance
D. Known vulnerability list

Answer 45

Answer: B

Question 46

When a system changes significantly, who is PRIMARILY responsible for assessing the security impact?
A. Chief Information Security Officer (CISO)
B. Information System Owner
C. Information System Security Officer (ISSO)
D. Authorizing Official

Answer 46

Answer: B

Question 47

When selecting a disk encryption technology, which of the following MUST also be assured to be encrypted?
A. Master Boot Record (MBR)
B. Pre-boot environment
C. Basic Input Output System (BIOS)
D. Hibernation file

Answer 47

Answer: A

Question 48

Which of the following attacks is dependent upon the compromise of a secondary target in order to reach the primary target?
A. Watering hole
B. Brute force
C. Spear phishing
D. Address Resolution Protocol (ARP) poisoning

Answer 48

Answer: D

Question 49

Additional padding may be added to toe Encapsulating Security Protocol (ESP) b trailer to provide which of the following?
A. Access control
B. Partial traffic flow confidentiality
C. Protection against replay attack
D. Data origin authentication

Answer 49

Answer: C

Question 50

Company A is evaluating new software to replace an in-house developed application. During the acquisition process. Company A specified the security retirement, as well as the functional requirements. Company B responded to the acquisition request with their flagship product that runs on an Operating System (OS) that Company A has never used nor evaluated. The flagship product meets all security -and functional requirements as defined by Company A.
Based upon Company B’s response, what step should Company A take?
A. Move ahead with the acpjisition process, and purchase the flagship software
B. Conduct a security review of the OS
C. Perform functionality testing
D. Enter into contract negotiations ensuring Service Level Agreements (SLA) are established to include security patching

Answer 50

Answer: B

Question 51

What is maintained by using write blocking devices whan forensic evidence is examined?
A. Inventory
B. lntegrity
C. Confidentiality
D. Availability

Answer 51

Answer: B

Question 52

Which of the following is a characteristic of a challenge/response authentication process?
A. Using a password history blacklist
B. Transmitting a hash based on the user’s password
C. Presenting distorted gravies of text for authentication
D. Requiring the use of non-consecutive numeric characters

Answer 52

Answer: C

Question 53

Which of the following is the PRIMARY risk associated with Extensible Markup Language (XML) applications?
A. Users can manipulate the code.
B. The stack data structure cannot be replicated.
C. The stack data structure is repetitive.
D. Potential sensitive data leakage.

Answer 53

Answer: A

Question 54

Activity to baseline, tailor, and scope security controls tikes place dring which National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) step?
A. Authorize IS.
B. Assess security controls.
C. Categorize Information system (IS).
D. Select security controls.

Answer 54

Answer: D

Question 55

A large corporation is locking for a solution to automate access based on where on request is coming from, who the user is, what device they are connecting with, and what time of day they are attempting this access. What type of solution would suit their needs?
A. Discretionary Access Control (DAC)
B. Role Based Access Control (RBAC)
C. Mandater Access Control (MAC)
D. Network Access Control (NAC)

Answer 55

Answer: D

Question 56

Which one of the following is an advantage of an effective release control strategy from a configuration control standpoint?
A. Ensures that there is no loss of functionality between releases
B. Allows for future enhancements to existing features
C. Enforces backward compatibility between releases
D. Ensures that a trace for all deliverables is maintained and auditable

Answer 56

Answer: C

Question 57

When adopting software as a service (Saas), which security responsibility will remain with remain with the adopting organization?
A. Physical security
B. Data classification
C. Network control
D. Application layer control

Answer 57

Answer: B

Question 58

Secure real-time transport protocol (SRTP) provides security for which of the following?
A. time sensitive e-communication
B. Voice communication
C. Satellite communication
D. Network Communication for real-time operating systems

Answer 58

Answer: B

Question 59

Which of the following authorization standards is built to handle Application Programming Interface (API) access for Federated Identity Management (FIM)?
A. Security Assertion Markup Language (SAML)
B. Open Authentication (OAUTH)
C. Remote Authentication Dial-in User service (RADIUS)
D. Terminal Access Control Access Control System Plus (TACACS+)

Answer 59

Answer: B

Question 60

Which programming methodology allows a programmer to use pre-determined blocks of code end consequently reducing development time and programming costs?
A. Application security
B. Object oriented
C. Blocked algorithm
D. Assembly language

Answer 60

Answer: B

Question 61

Why do certificate Authorities (CA) add value to the security of electronic commerce transactions?
A. They maintain the certificate revocation list.
B. They maintain the private keys of transition parties.
C. They verify the transaction parties’ private keys.
D. They provide a secure communication enamel to the transaction parties.

Answer 61

Answer: D

Question 62

If a content management system (CSM) is implemented, which one of the following would occur?
A. The test and production systems would be riming the same software
B. The applications placed into production would be secure
C. Developers would no longer have access to production systems
D. Patching the systems would be completed mere quickly

Answer 62

Answer: A

Question 63

During a Disaster Recovery (DR) assessment, additional coverage for assurance is required. What should en assessor do?
A. Increase the number and type of relevant staff to interview.
B. Conduct a comprehensive examination of the Disaster Recovery Plan (DRP).
C. Increase the level of detail of the interview questions.
D. Conduct a detailed review of the organization’s DR policy.

Answer 63

Answer: A

Question 64

Which of the following is an accurate statement when an assessment results in the discovery of vulnerabilities in a critical network component?
A. The fact that every other host is sufficiently hardened does not change the fact frat the network is placed at risk of attack.
B. There is little likelihood that the entire network is being placed at a significant risk of attack.
C. A second assessment should immediately be performed after all vulnerabilities are corrected.
D. There is a low possibility that any adjacently connected components have been compromised by an attacker

Answer 64

Answer: C

Question 65

What technique used for spoofing the origin of an email can successfully conceal the sender s Internet Protocol (IP) address?
A. Change In-Reply-To data
B. Web crawling
C. Onion routing
D. Virtual Private Network (VPN)

Answer 65

Answer: C

Question 66

What is a warn site when conducting Business continuity planning (BCP)
A. A location, other than the normal facility, used to process data on a daily basis
B. An area partially equipped with equipment and resources to recover business functions
C. A place void of any resources or equipment except air conditioning and raised flooring
D. An alternate facility that allows for Immediate cutover to enable continuation of business functions

Answer 66

Answer: B

Question 67

Which of the following four iterative steps are conducted on third-party vendors in an on-going basis?
A. Investigate, Evaluate, Respond, Monitor
B. Frame, Assess, Respond, Monitor
C. Frame, Assess, Remediate, Monitor
D. Investigate, Assess, Remediate, Monitor

Answer 67

Answer: C

Question 68

Which of the following media is least problematic with data remanence?
A. Magnetic disk
B. Electrically Erasable Programming read-only Memory (EEPROM)
C. Dynamic Random Access Memory (DRAM)
D. Flash memory

Answer 68

Answer: C

Question 69

During a recent assessment an organization has discovered that the wireless signal can be detected outside the campus are
a. What logical control should be implemented in order to BFST protect One confidentiality of information traveling One wireless transmission media?
A. Configure a firewall to logically separate the data at the boundary.
B. Configure the Access Points (AP) to use Wi-Fi Protected Access 2 (WPA2) encryption.
C. Disable the Service Set Identifier (SSID) broadcast on the Access Points (AP).
D. Perform regular technical assessments on the Wireless Local Area Network (WLAN).

Answer 69

Answer: B

Question 70

Who is essential for developing effective test scenarios for disaster recovery (DR) test plans?
A. Business line management and IT staff members
B. Chief Information Officer (CIO) and DR manager
C. DR manager end IT staff members
D. IT staff members and project managers

Answer 70

Answer: B

Question 71

Which is the second phase of public key Infrastructure (pk1) key/certificate life-cycle management?
A. Issued Phase
B. Cancellation Phase
C. Implementation phase
D. Initialization Phase

Answer 71

Answer: C

Question 72

Which of the following is MOST important when determining appropriate countermeasures for an identified risk?
A. Interaction with existing controls
B. Cost
C. Organizational risk tolerance
D. Patch availability

Answer 72

Answer: C

Question 73

When a flaw in Industrial control (ICS) software is discovered, what is the GREATEST impediment to deploying a patch?
A. Many IG systems have software that is no longer being maintained by the venders.
B. Compensating controls may impact IG performance.
C. Testing a patch in an IG may require more resources than the organization can commit.
D. vendors are required to validate the operability patches.

Answer 73

Answer: D

Question 74

Which of the following is the BEST approach for a forensic examiner to obtain the greatest amount of relevant information form malicious software?
A. Analyze the behavior of the program.
B. Examine the file properties and permissions.
C. Review the code to identify its origin.
D. Analyze the logs generated by the software.

Answer 74

Answer: A

Question 75

In fault-tolerant systems, what do rollback capabilities permit?
A. Restoring the system to a previous functional state
B. Identifying the error that caused the problem
C. Allowing the system to an in a reduced manner
D. Isolating the error that caused the problem

Answer 75

Answer: A

Question 76

How does identity as a service (IDaaS) provide an easy mechanism for integrating identity service into individual applications with minimal development effort?
A. By allowing the identification logic and storage of an identity’s attributes to be maintained externally
B. By integrating internal provisioning procedures with external authentication processes
C. By allowing for internal provisioning of user accounts
D. By keeping all user information in easily accessible cloud repositories

Answer 76

Answer: D

Question 77

A security practitioner has been tasked with establishing organizational asset handling procedures. What should be considered that would have the GRFATEST impact to the development of these procedures?
A. Media handling procedures
B. User roles and responsibilities
C. Acceptable Use Policy (ALP)
D. Information classification scheme

Answer 77

Answer: D

Question 78

From an asset security perspective, what is the BEST countermeasure to prevent data theft due to data remanence when a sensitive data storage media is no longer needed?
A. Return the media to the system owner.
B. Delete the sensitive data from the media.
C. Physically destroy the retired media.
D. Encrypt data before it Is stored on the media.

Answer 78

Answer: C

Question 79

A project requires the use of en authentication mechanism where playback must be protected and plaintext secret must be used. Which of the following should be used?
A. Password Authentication Protocol (PAP)
B. Extensible Authentication Protocol (EAP)
C. Secure Hash Algorithm (SHA)
D. Challenge Handshake Authentication Protocol (CHAP)

Answer 79

Answer: A

Question 80

Which of the following threats exists with an implementation of digital signatures?
A. Spoofing
B. Substitution
C. Content tampering
D. Eavesdropping

Answer 80

Answer: A

Question 81

What should be used immediately after a Business Continuity Plan (BCP) has been invoked?
A. Resumption procedures describing the actions to be taken to return to normal business operations
B. Emergency procedures describing the necessary actions to be taken following an incident jeopardizes business operations
C. Fallback procedures describing what action are to be taken to more essential business activities to alternative temporary locations
D. Maintain schedule how and the plan will be tested and the process for maintaining the plan

Answer 81

Answer: B

Question 82

When deploying en Intrusion Detection System (IDS) on a high-volume network, the need to distribute the load across multiple sensors would create which technical problem?
A. Session continuity
B. Proxy authentication failure
C. Sensor overload
D. Synchronized sensor updates

Answer 82

Answer: A

Question 83

How can a security engineer maintain network separation from a secure environment while allowing remote users to work in the secure environment?
A. Use a Virtual Local Area Network (VLAN) to segment the network
B. Implement a bastion host
C. Install anti-virus on all enceinte
D. Enforce port security on access switches

Answer 83

Answer: A

Question 84

Which of the following is the MOST important consideration that must be taken into account when deploying an enterprise patching solution that includes mobile devices?
A. Service provider(s) utilized by the organization
B. Whether it will impact personal use
C. Number of mobile users in the organization
D. Feasibility of downloads due to available bandwidth

Answer 84

Answer: C

Question 85

Which of the following is the weakest form of protection for an application that handles Personally Identifiable Information (PII)?
A. Transport Layer Security (TLS)
B. Ron Rivest Cipher 4 (RC4) encryption
C. Security Assertion Markup Language (SAML)
D. Multifactor authentication

Answer 85

Answer: B

Question 86

Which is the MOST effective countermeasure to prevent electromagnetic emanations on unshielded data cable?
A. Move cable are away from exterior facing windows
B. Encase exposed cable runs in metal conduit
C. Enable Power over Ethernet (PoE) to increase voltage
D. Bundle exposed cables together to disguise their signals

Answer 86

Answer: B

Question 87

Which of the following is the MOST significant benefit to implementing a third-party federated identity architecture?
A. Attribute assertions as agencies can request a larger set of attributes to fulfill service delivery
B. Data decrease related to storing personal information
C. Reduction in operational costs to the agency
D. Enable business objectives so departments can focus on mission rather than the business of identity management

Answer 87

Answer: C

Question 88

A criminal organization is planning an attack on a government network. Which of the following is the MOST severe attack to the network availability?
A. Network management communications is disrupted by attacker
B. Operator loses control of network devices to attacker
C. Sensitive information is gathered on the network topology by attacker
D. Network is flooded with communication traffic by attacker

Answer 88

Answer: B

Question 89

Limiting the processor, memory, and Input/output (I/O) capabilities of mobile code is known as
A. code restriction.
B. on-demand compile.
C. sandboxing.
D. compartmentalization.

Answer 89

Answer: C

Question 90

Which of the following security testing strategies is BEST suited for companies with low to moderate security maturity?
A. Load Testing
B. White-box testing
C. Black -box testing
D. Performance testing

Answer 90

Answer: B

Question 91

Which of the following are core categories of malicious attack against Internet of Things (IOT) devices?
A. Packet capture and false data injection
B. Packet capture and brute force attack
C. Node capture 3nd Structured Query Langue (SQL) injection
D. Node capture and false data injection

Answer 91

Answer: D

Question 92

Which of the following entails identification of data end links to business processes, applications, and data stores as well as assignment of ownership responsibilities?
A. Risk management
B. Security portfolio management
C. Security governance
D. Risk assessment

Answer 92

Answer: A

Question 93

Which of the following is critical if an employee is dismissed due to violation of an organization’s Acceptable Use Policy (ALP)?
A. Privilege suspension
B. Internet access logs
C. Proxy records
D. Appropriate documentation

Answer 93

Answer: B

Question 94

Which of the following is the PRIMARY security consideration for how an organization should handle Information Technology (IT) assets?
A. The monetary value of the asset
B. The controls implemented on the asset
C. The physical form factor of the asset
D. The classification of the data on the asset

Answer 94

Answer: D

Question 95

In a dispersed network that lacks central control, which of the following is die PRIMARY course of action to mitigate exposure?
A. Implement management policies, audit control, and data backups
B. Implement security policies and standards, access controls, and access limitations
C. Implement security policies and standards, data backups, and audit controls
D. Implement remote access policies, shared workstations, and log management

Answer 95

Answer: C

Question 96

What are the roles within a scrum methodology?
A. Scrum master, retirements manager, and development team
B. System owner, scrum master, and development team
C. Scrum master, quality assurance team, and scrum team
D. Product owner, scrum master, and scrum team

Answer 96

Answer: D

Question 97

When conducting a forensic criminal investigation on a computer had drive, what should be dene PRIOR to analysis?
A. Create a backup copy of all the important files on the drive.
B. Power off the computer and wait for assistance.
C. Create a forensic image of the hard drive.
D. Install forensic analysis software.

Answer 97

Answer: C

Question 98

Which of the following initiates the systems recovery phase of a disaster recovery plan?
A. Issuing a formal disaster declaration
B. Activating the organization’s hot site
C. Evacuating the disaster site
D. Assessing the extent of damage following the disaster

Answer 98

Answer: A

Question 99

Which type of fire alarm system sensor is intended to detect fire at its earliest stage?
A. Ionization
B. Infrared
C. Thermal
D. Photoelectric

Answer 99

Answer: A