Group 9 Flashcards by TheKake Unknown

Which of the following is applicable to a publicly held company concerned about information handling and storage requirement specific to the financial reporting?
A. Privacy Act of 1974
B. Clinger-Cohan Act of 1996
C. Sarbanes-Oxley (SOX) Act of 2002
D. International Organization for Standardization (ISO) 27001

Answer: C

How well did you know this?

Not at all

Perfectly

Which of the following is used to detect steganography?
A. Audio analysis
B. Statistical analysis
C. Reverse engineering
D. Cryptanalysis

Answer: C

How well did you know this?

Not at all

Perfectly

Which is the MOST critical aspect of computer-generated evidence?
A. Objectivity
B. Integrity
C. Timeliness
D. Relevancy

Answer: B

How well did you know this?

Not at all

Perfectly

Which of the following media is LEAST problematic with data remanence?
A. Dynamic Random Access Memory (DRAM)
B. Electrically Erasable Programming Read-Only Memory (BPRCM)
C. Flash memory
D. Magnetic disk

Answer: A

How well did you know this?

Not at all

Perfectly

Which open standard could l large corporation deploy for authorization services for single sign-on (SSO) use across multiple internal and external application?
A. Terminal Access Controller Access Control System (TACACS)
B. Security Assertion Markup Language (SAML)
C. Lightweight Directory Access Protocol (LDAP)
D. Active Directory Federation Services (ADFS)

Answer: B

How well did you know this?

Not at all

Perfectly

Which of the following statements is TRUE regarding equivalence class testing?
A. Test inputs are obtained from the derived boundaries of the given functional specifications.
B. It is characterized by the stateless behavior of a process implemented in a function.
C. An entire partition can be covered by considering only one representative value from that partition.
D. It is useful for testing communications protocols and graphical user interfaces.

Answer: C

How well did you know this?

Not at all

Perfectly

A large corporation is looking for a solution to automate access based on where the request is coming from, who the user is, what device they are connecting with, and what and time of day they are attempting this access. What type of solution would suit their needs?
A. Mandatory Access Control (MAC)
B. Network Access Control (NAC)
C. Role Based Access Control (RBAC)
D. Discretionary Access Control (DAC)

Answer: B

How well did you know this?

Not at all

Perfectly

Which of the following techniques is MOST useful when dealing with Advanced persistent Threat (APT) intrusions on live virtualized environments?
A. Antivirus operations
B. Reverse engineering
C. Memory forensics
D. Logfile analysis

Answer: B

How well did you know this?

Not at all

Perfectly

Which of the following MUST an organization do to effectively communicate is security strategy to all affected parties?
A. Involve representatives from each key organizational area.
B. Provide regular updates to the board of directors.
C. Notify staff of changes to the strategy.
D. Remove potential communication barriers.

Answer: C

How well did you know this?

Not at all

Perfectly

When using Security Assertion markup language (SAML), it is assumed that the principal subject
A. accepts persistent cookies from the system.
B. allows Secure Sockets Layer (SSL) for data exchanges.
C. is on a system that supports remote authorization.
D. enrolls with at least one identity provider.

Answer: D

How well did you know this?

Not at all

Perfectly

A client has reviewed a vulnerability assessment report and has stated it is inaccurate. The client states that the vulnerabilities listed are not valid because the host’s Operating system (OS) was not properly detected.
Where in the vulnerability assessment process did the error MOST likely occur?
A. Enumeration
B. Detection
C. Reporting
D. Discovery

Answer: A

How well did you know this?

Not at all

Perfectly

Which of the below strategies would MOST comprehensively address the risk of malicious insiders leaking sensitive information?
A. Data Loss Protection (DIP), firewalls, data classification
B. Least privilege access, Data Loss Protection (DLP), physical access controls
C. Staff vetting, least privilege access, Data Loss Protection (DLP)
D. Background checks, data encryption, web proxies

Answer: B

How well did you know this?

Not at all

Perfectly

What is the FIRST step required in establishing a records retention program?
A. Identify and inventory all records storage locations.
B. Classify records based on sensitivity.
C. Identify and inventory all records.
D. Draft a records retention policy.

Answer: D

How well did you know this?

Not at all

Perfectly

Functional security testing is MOST critical during which phase of the system development life cycle (SDLC)?
A. Operations / Maintenance
B. Implementation
C. Acquisition / Development
D. Initiation

Answer: B

How well did you know this?

Not at all

Perfectly

What is the threat modeling order using process for Attack simu-lation and threat analysis (PASTA)?
A. Application decomposition, threat analysis, vulnerability detection, attack enumeration, risk/impact analysis
B. Threat analysis, vulnerability detection, application decomposition, attack enumeration, risk/Impact analysis
C. Risk/impact analysis, application decomposition, threat analysis, vulnerability detection, attack enumeration
D. Application decomposition, threat analysis, risk/impact analysis, vulnerability detection, attack enumeration

Answer: A

How well did you know this?

Not at all

Perfectly

Which is the RECOMMENDED configuration mode for sensors for an intrusion prevention system (IPS) if the prevention capabilities will be used?
A. Active
B. Passive
C. Inline
D. Span

Answer: C

How well did you know this?

Not at all

Perfectly

An organization implements a remote access server (RAS), Once users connect to the server, digital certificates are used to authenticate their identity. What type of extensible Authentication protocol (EAP) would the organization use during this authentication?
A. Message Digest 5 (MD5)
B. Subscriber Identity Module (SIM)
C. Lightweight Extensible Authentication Protocol (EAP)
D. Transport layer security (TLS)

Answer: D

How well did you know this?

Not at all

Perfectly

An analysis finds unusual activity coming from a computer that was thrown away several months prior, which of the following steps ensure the proper removal of the system?
A. Deactivation
B. Decommission
C. Deploy
D. Procure

Answer: B

How well did you know this?

Not at all

Perfectly

As a security manger which of the following is the MOST effective practice for providing value to an organization?
A. Assess business risk and apply security resources accordingly
B. Coordinate security implementations with internal audit
C. Achieve compliance regardless of related technical issues
D. Identify confidential information and protect it

Answer: D

How well did you know this?

Not at all

Perfectly

Rank the Hypertext Transfer protocol (HTTP) authentication types shows below in order of relative strength.
Drag the authentication type on the correct positions on the right according to strength from weakest to strongest.

How well did you know this?

Not at all

Perfectly

Which of the following BEST provides for non-repudiation od user account actions?
A. Centralized authentication system
B. File auditing system
C. Managed Intrusion Detection System (IDS)
D. Centralized logging system

Answer: D

How well did you know this?

Not at all

Perfectly

What type of access control determines the authorization to resource based on pre-defined job titles within an organization?
A. Role-Based Access Control (RBAC)
B. Role-based access control
C. Non-discretionary access control
D. Discretionary Access Control (DAC)

Answer: A

How well did you know this?

Not at all

Perfectly

As users switch roles within an organization, their accounts are given additional permissions to perform the duties of their new position. After a recent audit, it was discovered that many of these accounts maintained their old permissions as well. The obsolete permissions identified by the audit have been remediated and accounts have only the appropriate permissions to complete their jobs.
Which of the following is the BEST way to prevent access privilege creep?
A. Implementing Identity and Access Management (IAM) solution
B. Time-based review and certification
C. Internet audit
D. Trigger-based review and certification

Answer: A

How well did you know this?

Not at all

Perfectly

Continuity of operations is BEST supported by which of the following?
A. Confidentiality, availability, and reliability
B. Connectivity, reliability, and redundancy
C. Connectivity, reliability, and recovery
D. Confidentiality, integrity, and availability

Answer: B

How well did you know this?

Not at all

Perfectly

Which of the following is true of Service Organization Control (SOC) reports? A. SOC 1 Type 2 reports assess the security, confidentiality, integrity, and availability of an organization’s controls B. SOC 2 Type 2 reports include information of interest to the service organization’s management C. SOC 2 Type 2 reports assess internal controls for financial reporting D. SOC 3 Type 2 reports assess internal controls for financial reporting

Answer: B

What testing technique enables the designer to develop mitigation strategies for potential vulnerabilities? A. Manual inspections and reviews B. Penetration testing C. Threat modeling D. Source code review

Answer: C

Asymmetric algorithms are used for which of the following when using Secure Sockets Layer/Transport Layer Security (SSL/TLS) for implementing network security? A. Peer authentication B. Payload data encryption C. Session encryption D. Hashing digest

Answer: C

What is the MOST common component of a vulnerability management framework? A. Risk analysis B. Patch management C. Threat analysis D. Backup management

Answer: B

A new Chief Information Officer (CIO) created a group to write a data retention policy based on applicable laws. Which of the following is the PRIMARY motivation for the policy? A. To back up data that is used on a daily basis B. To dispose of data in order to limit liability C. To reduce costs by reducing the amount of retained data D. To classify data according to what it contains

Answer: B

What determines the level of security of a combination lock? A. Complexity of combination required to open the lock B. Amount of time it takes to brute force the combination C. The number of barrels associated with the internal mechanism D. The hardness score of the metal lock material

Answer: A

A user downloads a file from the Internet, then applies the Secure Hash Algorithm 3 (SHA-3c? A. It verifies the integrity of the file. B. It checks the file for malware. C. It ensures the entire file downloaded. D. It encrypts the entire file.

Answer: A

Which of the following is held accountable for the risk to organizational systems and data that result from outsourcing Information Technology (IT) systems and services? A. The acquiring organization B. The service provider C. The risk executive (function) D. The IT manager

Answer: C

Which of the following is the BEST definition of Cross-Site Request Forgery (CSRF)? A. An attack which forces an end user to execute unwanted actions on a web application in which they are currently authenticated B. An attack that injects a script into a web page to execute a privileged command C. An attack that makes an illegal request across security zones and thereby forges itself into the security database of the system D. An attack that forges a false Structure Query Language (SQL) command across systems

Answer: A

Which of the following is a process in the access provisioning lifecycle that will MOST likely identify access aggregation issues? A. Test B. Assessment C. Review D. Peer review

Answer: C

Which of the following is the PRIMARY reason a sniffer operating on a network is collecting packets only from its own host? A. An Intrusion Detection System (IDS) has dropped the packets. B. The network is connected using switches. C. The network is connected using hubs. D. The network’s firewall does not allow sniffing.

Answer: A

Which of the following is the final phase of the identity and access provisioning lifecycle? A. Recertification B. Revocation C. Removal D. Validation

Answer: B

Which of the following is mobile device remote fingerprinting? A. Installing an application to retrieve common characteristics of the device B. Storing information about a remote device in a cookie file C. Identifying a device based on common characteristics shared by all devices of a certain type D. Retrieving the serial number of the mobile device

Answer: C

Which of the following trust services principles refers to the accessibility of information used by the systems, products, or services offered to a third-party provider’s customers? A. Security B. Privacy C. Access D. Availability

Answer: C

Which of the following open source software issues pose the MOST risk to an application? A. The software is beyond end of life and the vendor is out of business. B. The software is not used or popular in the development community. C. The software has multiple Common Vulnerabilities and Exposures (CVE) and only some are remediated. D. The software has multiple Common Vulnerabilities and Exposures (CVE) but the CVEs are classified as low risks.

Answer: D

Which of the following is the PRIMARY mechanism used to limit the range of objects available to a given subject within different execution domains? A. Process isolation B. Data hiding and abstraction C. Use of discrete layering and Application Programming Interfaces (API) D. Virtual Private Network (VPN)

Answer: C

Once the types of information have been identified, who should an information security practitioner work with to ensure that the information is properly categorized? A. Information Owner (IO) B. System Administrator C. Business Continuity (BC) Manager D. Chief Information Officer (CIO)

Answer: A

What should be the FIRST action for a security administrator who detects an intrusion on the network based on precursors and other indicators? A. Isolate and contain the intrusion. B. Notify system and application owners. C. Apply patches to the Operating Systems (OS). D. Document and verify the intrusion.

Answer: C

Which of the following needs to be taken into account when assessing vulnerability? A. Risk identification and validation B. Threat mapping C. Risk acceptance criteria D. Safeguard selection

Answer: A

For the purpose of classification, which of the following is used to divide trust domain and trust boundaries? A. Network architecture B. Integrity C. Identity Management (IdM) D. Confidentiality management

Answer: A

Which of the following is the key requirement for test results when implementing forensic procedures? A. The test results must be cost-effective. B. The test result must be authorized. C. The test results must be quantifiable. D. The test results must be reproducible.

Answer: B

An application team is running tests to ensure that user entry fields will not accept invalid input of any length. What type of negative testing is this an example of? A. Reasonable data B. Population of required fields C. Allowed number of characters D. Session testing

Answer: C

An Internet software application requires authentication before a user is permitted to utilize the resource. Which testing scenario BEST validates the functionality of the application? A. Reasonable data testing B. Input validation testing C. Web session testing D. Allowed data bounds and limits testing

Answer: B

Which of the following techniques BEST prevents buffer overflows? A. Boundary and perimeter offset B. Character set encoding C. Code auditing D. Variant type and bit length

Answer: B

A security architect is responsible for the protection of a new home banking system. Which of the following solutions can BEST improve the confidentiality and integrity of this external system? A. Intrusion Prevention System (IPS) B. Denial of Service (DoS) protection solution C. One-time Password (OTP) token D. Web Application Firewall (WAF)

Answer: A

A security professional recommends that a company integrate threat modeling into its Agile development processes. Which of the following BEST describes the benefits of this approach? A. Reduce application development costs. B. Potential threats are addressed later in the Software Development Life Cycle (SDLC). C. Improve user acceptance of implemented security controls. D. Potential threats are addressed earlier in the Software Development Life Cycle (SDLC).

Answer: D

A security consultant has been hired by a company to establish its vulnerability management program. The consultant is now in the deployment phase. Which of the following tasks is part of this process? A. Select and procure supporting technologies. B. Determine a budget and cost analysis for the program. C. Measure effectiveness of the program’s stated goals. D. Educate and train key stakeholders.

Answer: C

Directive controls are a form of change management policy and procedures. Which of the following subsections are recommended as part of the change management process? A. Build and test B. Implement security controls C. Categorize Information System (IS) D. Select security controls

Answer: A

Which of the following BEST describes how access to a system is granted to federated user accounts? A. With the federation assurance level B. Based on defined criteria by the Relying Party (RP) C. Based on defined criteria by the Identity Provider (IdP) D. With the identity assurance level

Answer: C

Which of the following is the primary advantage of segmenting Virtual Machines (VM) using physical networks? A. Simplicity of network configuration and network monitoring B. Removes the need for decentralized management solutions C. Removes the need for dedicated virtual security controls D. Simplicity of network configuration and network redundancy

Answer: A

Which of the following would an internal technical security audit BEST validate? A. Whether managerial controls are in place B. Support for security programs by executive management C. Appropriate third-party system hardening D. Implementation of changes to a system

Answer: D

Which of the following processes has the PRIMARY purpose of identifying outdated software versions, missing patches, and lapsed system updates? A. Penetration testing B. Vulnerability management C. Software Development Life Cycle (SDLC) D. Life cycle management

Answer: B

A development operations team would like to start building new applications delegating the cybersecurity responsibility as much as possible to the service provider. Which of the following environments BEST fits their need? A. Cloud Virtual Machines (VM) B. Cloud application container within a Virtual Machine (VM) C. On premises Virtual Machine (VM) D. Self-hosted Virtual Machine (VM)

Answer: A

Change management policies and procedures belong to which of the following types of controls? A. Directive B. Detective C. Corrective D. Preventative

Answer: A

What access control scheme uses fine-grained rules to specify the conditions under which access to each data item or applications is granted? A. Mandatory Access Control (MAC) B. Discretionary Access Control (DAC) C. Role Based Access Control (RBAC) D. Attribute Based Access Control (ABAC)

Answer: D

Why is planning the MOST critical phase of a Role Based Access Control (RBAC) implementation? A. The criteria for measuring risk is defined. B. User populations to be assigned to each role is determined. C. Role mining to define common access patterns is performed. D. The foundational criteria are defined.

Answer: B

Vulnerability scanners may allow for the administrator to assign which of the following in order to assist in prioritizing remediation activities? A. Definitions for each exposure type B. Vulnerability attack vectors C. Asset values for networks D. Exploit code metrics

Answer: C

In order for application developers to detect potential vulnerabilities earlier during the Software Development Life Cycle (SDLC), which of the following safeguards should be implemented FIRST as part of a comprehensive testing framework? A. Source code review B. Acceptance testing C. Threat modeling D. Automated testing

Answer: A

Physical assets defined in an organization’s Business Impact Analysis (BIA) could include which of the following? A. Personal belongings of organizational staff members B. Supplies kept off-site at a remote facility C. Cloud-based applications D. Disaster Recovery (DR) line-item revenues

Answer: B

What is the best way for mutual authentication of devices belonging to the same organization? A. Token B. Certificates C. User ID and passwords D. Biometric

Answer: A

Which of the following encryption types is used in Hash Message Authentication Code (HMAC) for key distribution? A. Symmetric B. Asymmetric C. Ephemeral D. Permanent

Answer: A

Compared with hardware cryptography, software cryptography is generally A. less expensive and slower. B. more expensive and faster. C. more expensive and slower. D. less expensive and faster.

Answer: A

A financial company has decided to move its main business application to the Cloud. The legal department objects, arguing that the move of the platform should comply with several regulatory obligations such as the General Data Protection (GDPR) and ensure data confidentiality. The Chief Information Security Officer (CISO) says that the cloud provider has met all regulations requirements and even provides its own encryption solution with internally-managed encryption keys to address data confidentiality. Did the CISO address all the legal requirements in this situation? A. No, because the encryption solution is internal to the cloud provider. B. Yes, because the cloud provider meets all regulations requirements. C. Yes, because the cloud provider is GDPR compliant. D. No, because the cloud provider is not certified to host government data.

Answer: B

An employee receives a promotion that entities them to access higher-level functions on the company’s accounting system, as well as keeping their access to the previous system that is no longer needed or applicable. What is the name of the process that tries to remove this excess privilege? A. Access provisioning B. Segregation of Duties (SoD) C. Access certification D. Access aggregation

Answer: B

Which of the following is PRIMARILY adopted for ensuring the integrity of information is preserved? A. Data at rest protection B. Transport Layer Security (TLS) C. Role Based Access Control (RBAC) D. One-way encryption

Answer: A

Why might a network administrator choose distributed virtual switches instead of stand-alone switches for network segmentation? A. To standardize on a single vendor B. To ensure isolation of management traffic C. To maximize data plane efficiency D. To reduce the risk of configuration errors

Answer: C

An organization has implemented a new backup process which protects confidential data by encrypting the information stored on backup tapes. Which of the following is a MAJOR data confidentiality concern after the implementation of this new backup process? A. Tape backup rotation B. Pre-existing backup tapes C. Tape backup compression D. Backup tape storage location

Answer: D

Organization A is adding a large collection of confidential data records that it received when it acquired Organization B to its data store. Many of the users and staff from Organization B are no longer available. Which of the following MUST Organization A 0do to property classify and secure the acquired data? A. Assign data owners from Organization A to the acquired data. B. Create placeholder accounts that represent former users from Organization B. C. Archive audit records that refer to users from Organization A. D. Change the data classification for data acquired from Organization B.

Answer: A

An organization has a short-term agreement with a public Cloud Service Provider (CSP). Which of the following BEST protects sensitive data once the agreement expires and the assets are reused? A. Recommended that the business data owners use continuous monitoring and analysis of applications to prevent data loss. B. Recommend that the business data owners use internal encryption keys for data-at-rest and data- in-transit to the storage environment. C. Use a contractual agreement to ensure the CSP wipes the data from the storage environment. D. Use a National Institute of Standards and Technology (NIST) recommendation for wiping data on the storage environment.

Answer: C

Which of the following techniques is effective to detect taps in fiber optic cables? A. Taking baseline signal level of the cable B. Measuring signal through external oscillator solution devices C. Outlining electromagnetic field strength D. Performing network vulnerability scanning

Answer: B

When would an organization review a Business Continuity Management (BCM) system? A. When major changes occur on systems B. When personnel changes occur C. Before and after Disaster Recovery (DR) tests D. At planned intervals

Answer: D

Which of the following is a characteristic of the independent testing of a program? A. Independent testing increases the likelihood that a test will expose the effect of a hidden feature. B. Independent testing decreases the likelihood that a test will expose the effect of a hidden feature. C. Independent testing teams help decrease the cost of creating test data and system design specification. D. Independent testing teams help identify functional requirements and Service Level Agreements (SLA)

Answer: A

Which of the following MUST be considered when developing business rules for a data loss prevention (DLP) solution? A. Data availability B. Data sensitivity C. Data ownership D. Data integrity

Answer: B

What is the BEST approach for maintaining ethics when a security professional is unfamiliar with the culture of a country and is asked to perform a questionable task? A. Exercise due diligence when deciding to circumvent host government requests. B. Become familiar with the means in which the code of ethics is applied and considered. C. Complete the assignment based on the customer's wishes. D. Execute according to the professional's comfort level with the code of ethics.

Answer: B

Which of the following activities is MOST likely to be performed during a vulnerability assessment? A. Establish caller authentication procedures to verify the identities of users. B. Analyze the environment by conducting interview sessions with relevant parties. C. Document policy exceptions required to access systems in non-compliant areas. D. Review professorial credentials of the vulnerability assessment team or vendor.

Answer: D

Which of the following is the BEST defense against password guessing? A. Limit external connections to the network. B. Disable the account after a limited number of unsuccessful attempts. C. Force the password to be changed after an invalid password has been entered. D. Require a combination of letters, numbers, and special characters in the password.

Answer: D

Why would a security architect specify that a default route pointing to a sinkhole be injected into internal networks? A. To have firewalls route all network traffic B. To detect the traffic destined to non-existent network destinations C. To exercise authority over the network department D. To re-inject the route into external networks

Answer: B

Which one of the following documentation should be included in a Disaster Recovery (DR) package? A. Source code, compiled code, firmware updates, operational log book and manuals. B. Data encrypted in original format, auditable transaction data, and recovery instructions for future extraction on demand. C. Hardware configuration instructions, hardware configuration software, an operating system image, a data restoration option, media retrieval instructions,….. D. System configuration including hardware, software, hardware, interfaces, software Application Programming Interface (API) configuration, data structure, ….

Answer: C

How long should the records on a project be retained? A. For the duration of the project, or at the discretion of the record owner B. Until they are no longer useful or required by policy C. Until five years after the project ends, then move to archives D. For the duration of the organization fiscal year

Answer: B

Which of the following phases involves researching a target's configuration from public sources when performing a penetration test? A. Information gathering B. Social engineering C. Target selection D. Traffic enumeration

Answer: A

Which of the following provides the BEST method to verify that security baseline configurations are maintained? A. Perform regular system security testing. B. Design security early in the development cycle. C. Analyze logs to determine user activities. D. Perform quarterly risk assessments.

Answer: A

Which attack defines a piece of code that is inserted into software to trigger a malicious function? A. Phishing B. Salami C. Back door D. Logic bomb

Answer: D

Which of the following is the MOST critical success factor in the security patch management process? A. Tracking and reporting on inventory B. Supporting documentation C. Management review of reports D. Risk and impact analysis

Answer: A

A security professional should consider the protection of which of the following elements FIRST when developing a defense-in-depth strategy for a mobile workforce? A. Network perimeters B. Demilitarized Zones (DM2) C. Databases and back-end servers D. End-user devices

Answer: D

Which of the following is the BEST technique to facilitate secure software development? A. Adhere to secure coding practices for the software application under development. B. Conduct penetrating testing for the software application under development. C. Develop a threat modeling review for the software application under development. D. Perform a code review process for the software application under development.

Answer: A

What is the MAIN reason to ensure the appropriate retention periods are enforced for data stored on electronic media? A. To reduce the carbon footprint by eliminating paper B. To create an inventory of data assets stored on disk for backup and recovery C. To declassify information that has been improperly classified D. To reduce the risk of loss, unauthorized access, use, modification, and disclosure

Answer: D

For a federated identity solution, a third-party Identity Provider (IdP) is PRIMARILY responsible for which of the following? A. Access Control B. Account Management C. Authentication D. Authorization

Answer: C

What is the BEST way to correlate large volumes of disparate data sources in a Security Operations Center (SOC) environment? A. Implement Intrusion Detection System (IDS). B. Implement a Security Information and Event Management (SIEM) system. C. Hire a team of analysts to consolidate data and generate reports. D. Outsource the management of the SOC.

Answer: B

Which of the following steps should be conducted during the FIRST phase of software assurance in a generic acquisition process? A. Establishing and consenting to the contract work schedule B. Issuing a Request for proposal (RFP) with a work statement C. Developing software requirements to be included in work statement D. Reviewing and accepting software deliverables

Answer: C

Assume that a computer was powered off when an information security professional arrived at a crime scene. Which of the following actions should be performed after the crime scene is isolated? A. Turn the computer on and collect volatile data. B. Turn the computer on and collect network information. C. Leave the computer off and prepare the computer for transportation to the laboratory D. Remove the hard drive, prepare it for transportation, and leave the hardware ta the scene.

Answer: C

Which of the following is used to support the concept of defense in depth during the development phase of a software product? A. Maintenance hooks B. Polyinstiation C. Known vulnerability list D. Security auditing

Answer: B

An organization is considering outsourcing applications and data to a Cloud Service Provider (CSP). Which of the following is the MOST important concern regarding privacy? A. The CSP determines data criticality. B. The CSP provides end-to-end encryption services. C. The CSP’s privacy policy may be developer by the organization. D. The CSP may not be subject to the organization’s country legation.

Answer: D

Individual access to a network is BEST determined based on A. risk matrix. B. value of the data. C. business need. D. data classification.

Answer: C

The MAIN task of promoting security for Personal Computers (PC) is A. understanding the technical controls and ensuring they are correctly installed. B. understanding the required systems and patching processes for different Operating Systems (OS). C. making sure that users are using only valid, authorized software, so that the chance of virus infection D. making users understand the risks to the machines and data, so they will take appropriate steps to project them.

Answer: C

The Secure Shell (SSH) version 2 protocol supports. A. availability, accountability, compression, and integrity, B. authentication, availability, confidentiality, and integrity. C. accountability, compression, confidentiality, and integrity. D. authentication, compression, confidentiality, and integrity.

Answer: D

What protocol is often used between gateway hosts on the Internet’ To control the scope of a Business Continuity Management (BCM) system, a security practitioner should identify which of the following? A. Size, nature, and complexity of the organization B. Business needs of the security organization C. All possible risks D. Adaptation model for future recovery planning

Answer: B