Ij

Question 1

In the waterfall model which of the following evaluates a given product against the specifications written for the product

Answer 1

Verification

Verification evaluates the products performance to the acclaimed functionalities and production levels. It also compares the specifications of the product to the actual resulting product

Question 2

When containing an Incident what is the first step that should always be taken

Answer 2

Secure the area and protect potential evidence

Question 3

Based on the following asset information what is the organization single loss expectancy per hour?

Maintaining and updating their database cost $124,000 per year customer base revenue is $500,000 per year. For every hour of data compromise Or unavailability they could lose one percent of their customers

Answer 3

5,000

Question 4

Chosen ciphertext attacks are mainly use against what kind of ciphers?

Answer 4

Pubic key

Question 5

The risk of the following attack could be mitigated by software develop training

Answer 5

Buffer overflow

Question 6

Which of the following relies on UDP

Answer 6

DHCP

Question 7

Who is the primary user of an IDE

Answer 7

Software developer

Question 8

A company has decided they need to separate the development team from the support team. According to general security principles what job function should be done by the development team

Answer 8

Software design

Question 9

What protocol provides the user authentication authorization for remote client access?

802.1x
EAP-TLS
ChAP
RADIUS

Answer 9

RADIUS

Question 10

Which distributed computing architecture is used extensively by web applications?
Timesharing
Three tier
Peer to peer
Client server

Answer 10

Three tier

Question 11

An individual with secret level security clearance cannot read a document designed as top-secret. Which security model is is an example of?
Discretionary access control, Beba, Bell-lapadula or clark Wilson 

Answer 11

Bell la Padula

Question 12

What type of memories typically use as cash memory?

Cashing random access memory, read only memory, dynamic random access memory, static random access memory

Answer 12

Static random access memory

Question 13

During an evacuation who is responsible for checking that each individual that area has begun evacuation?

Door monitor, business unit manager, safety warden or meeting point leader

Answer 13

Safety warden

Question 14

Which of the following is not a responsibility of an information owner?
Approving any disclosure activities, ensuring that the necessary security controls are in place, defining security requirements per classification of back up requirements or ensuring that proper access rights are being used in configuring them properly

Answer 14

Ensuring that proper access rights are being used in configuring them properly

Question 15

Which of the following biometric access control measures the blood vessels in an eye?
I rescan, fingerprint, facial recognition or retina pattern

Answer 15

Retina pattern

Question 16

Which of the following devices are read in written into a sequential order?

USB stick, solid-state drive, floppy drive or magnetic tape

Answer 16

Magnetic tape

Question 17

Which of the following circumstances is computer application security most effective and economical?

When the system is optimized before the additional security, when the system as customers to meet specific security threat, when the system is Design from the beginning to provide the necessary security or when the system is purchase off-the-shelf

Answer 17

When the system is designed from beginning to provide the necessary security

Question 18

When planning to perform a vulnerability assessment, a large international companies CIO decided to scan their entire IP address space. How can this affect the value of the scan?

The scan will review more problems that can be resolved in a reasonable time, the scan will have a high chance of failing before it completes, the network network will be unavailable while the scan is running or the scan will admit computers are not running at the time

Answer 18

The skin will reveal more problems than can be resolved in a reasonable time

Question 19

What type of host discovery is used to find a live network systems that aren’t running responsive listing services?

Port scanning, Port monitoring, active or passive

Answer 19

Passive

Question 20

Which of the following attributes could be used to qualify access control measures?

Administrative defensive detective, administrative preventive detective, associative preventive deterrent, associative preventive detective

Answer 20

Administrative preventive and detective

Question 21

What is a driving factor in clearly stated data destruction policies?

Easy availability of archival info,

Pre-trial discovery during litigation,

historical records to advise policy makers,
or statistical analysis of past performance

Answer 21

Pretrial discovery during litigation

Question 22

With regard to access control terminology when are built in subjects for an operating system defined?

When an administrator has a business need,

at that time the operating system is designed,

at the time the operating system is compiled

or when a new policy dictates the need for one

Answer 22

At the time the operating system is designed

Question 23

Which of the following is example of a directive control?

Background check, encryption, Smart card or locks?

Answer 23

Background check

Question 24

What is the number of UDP port that could be open on a system?

131,070, 131,072, 65,535 or 65,536

Answer 24

65,536

Question 25

What step of incident response comes immediately after response?

Containment, mitigation remediation or reporting

Answer 25

Mitigation

Question 26

What security issue is related to Legacy SCADA protocols like modbus, DNP3, pro fibrous and RP – 570?

Answer 26

They’re clear text

Question 27

A computer is assigned a time to transmit by controller to void collisions. Which of the following uses a technique?

CSMA\CD, pulling, CSMA backslash CA or ATM? 

Answer 27

Polling

Pulling is commonly used in mainframe environments

Question 28

What type of token generates new unique codes at fix time intervals?
Asynchronous dynamic, static, challenge response or synchronous dynamic

Answer 28

Synchronous dynamic

Question 29

A mouse trap manufacturing company factory was flooded during a tsunami. Another division within the company manufacture rat traps in another plant that was not flooded. It could be used to make mouse traps after a day of retooling. What kind of site is this?

Cold, warm, hot or reciprocal

Answer 29

Warm

Question 30

The computer ethics Institute has published a code of ethics which six to govern behavior of computer users. Which statement accurately reflects one of the 10 Commandments??

Dial shall not use the computer as a witness tool, that should not interfere with other people’s computer work, they’ll shall not use a computer for recreation, or thou shall not waste government computer resources

Answer 30

Thou shall not interfere with other people’s computer work

Question 31

Against which risk is a perimeter firewall effective?

External exploit of a file server with an unpatri access vulnerability,

An employee opening attachment in a fishing email

Attackers pivoting to a database from a user machine with compromised credentials

Infective files downloaded via SSL from a compromise external Web server

Answer 31

External export of a file server with the unpaired remote access vulnerability

Question 32

What resources consumed by a botnet during a DDOS

RAM
BANDWIDTH
CAM table space
Source ports

Answer 32

Bandwidth

Question 33

Which of the following is a primary protective mechanism for active X?

Sandbox, antivirus, integrity checking or digital signature? 

Answer 33

Digital signature

Question 34

What does CER, FAR AND FRR relate to IN A GRAPH?

Business impact analysis, biometric authentication, IDS/IPS tuning Or vulnerability assessment

Answer 34

Biometric authentication

Question 35

Which of the following tools we use to record and send a users password over the network?

Keylogger, father, Kerberos or a root kit

Answer 35

Keylogger

Question 36

What should take place to restore server and it’s data files after a system failure?

Take a forensic hard drive image, reformat the server and reinstall the OS, implement system recovery procedures or clone the server from a similar system

Answer 36

Implement system recovery procedures

Question 37

Which of the following is only likely to be identified through an assessment of core security processes

IP addresses of house probably in the network perimeter, the root cause of security failures, identification of zero de compromises or the number of listening services on a network

Answer 37

The root cause of security failures

Question 38

What activity can often uncover evidence of a data breach?

Vulnerability assessment, user acceptance testing, centralize log review, business impact analysis

Answer 38

Centralized log review

Question 39

While reviewing a file server security log a system administrator notices there are no events log for any type of file access. What type of issue is this?

Authentication, authorization, accountability or availability

Answer 39

Accountability

Question 40

Removing unnecessary applications and services is part of what process?

Creating security metrics, The provisioning systems, continuous monitoring, or applying security baselines

Answer 40

Applying security baselines

Key component to any baseline security configuration is establishing the minimum necessary services applications needed to perform the required functions this can also be referred to as principle of lease privilege

Question 41

Which part of a pen test are WHOIS and DNS often use

Exploitation, reconnaissance, vulnerability assessment or scanning

Answer 41

Reconnaissance

Question 42

Which of the following is so she was buffer overflows?

Cat, and map, a a a a or gets ()

Answer 42

gets()

Question 43

What is the meterpreter in the Metasploit framework?

payload, a threat, and exploit or vulnerability

Answer 43

A payload

Question 44

What is a mandatory component of a single sign-on system?

A non-discretionary access control, Federated Identity management, multifactoral syndication or centroids credential source

Answer 44

Centralize credential source

Question 45

What is the difference between an incremental backup and a differential back up?

And incremental back up is on site and a differential is remote,

a differential backup is on site incrementals remote,

an incremental back up creates files for each day and a differential back up file grows each day

or differential backup creates files for each day in incremental back up file girls each day

Answer 45

An incremental backup creates files for each day and a differential back up file grows each day

Question 46

Which of the following should be used to extinguish a fire and operating electrical transformer station?

Soda acid, dry powder, CO2 or water

Answer 46

CO2

Question 47

A $200,000 service firm has a single loss expectancy of 40,000. What is a server firms exposure factor?

20%, 40%, 200% of 500%

Answer 47

20%

Question 48

Which code review method is a characteristic of extreme programming?

Pair programming, fuzz testing, tool assisted or static analysis

Answer 48

Pair programming

Question 49

What is the defining characteristic of an 802. 11 ad hoc wireless network?

Clients connect to an access point, Allows access points to communicate with clients, operates without essential access point are used for sniffing wireless networks

Answer 49

Operates without a central access point

An ad hoc wireless network is a peer to peer network specifically designed to operate without is central access point

Question 50

What does an attacker do with the return pointer when it’s over written?

Set it to a program on the drive the Attacker wants to run

Sets it to another currently running applications and the machine

Set it to an incoming data stream from the network

Sets it to the location in the stack are the commands are

Answer 50

Sets it to location in the stack where the commands are

Question 51

And administrator working on a web server open some malicious link while downloading patches. What kind of attack is this?

Trojan horse, server-side, come in injection or client-side

Answer 51

Client-side

Question 52

Which of the following is used to identify how an ATM sell can reaches destination?

Point of point protocol, virtual path identifier, permanent virtual circuit or switch to virtual circuit

Answer 52

Virtual path identifier

Question 53

Which software development Methodology is not primary code centric?

SDLC

DEVOPS

LIBSAFE

CMMI

Answer 53

Devops

Question 54

What organization manages request for comments (RFCs)

National Institute of standards and technology, Internet engineering task force(IETF) , International organization for standardization ISO or Center for Internet security CIS

Answer 54

Internet engineering task force I ETF

Question 55

Which of the following types of business country plan testing is known as validity testing?

Full interpretation, simulation testing, structure walk-through testing or checklist


Answer 55

Structure walk through testing

Question 56

Which of the following topologies is most widely used today because of scalability and fault tolerance

Star biology, bus topology, ring topology or loop topology

Answer 56

Star

Question 57

What’s the following categories fits these terms: Client/server, three – tier and peer-to-peer

Software architecture, Computer architecture, software development Methodology, interprocess communication

Answer 57

Software architecture

Question 58

What element is part of the base metrics in the common vulnerabilities scoring system?

Temporal,

access vector

environmental or

emanations 

Answer 58

Access vector

Question 59

The defense on a computer fraud case United States wishes to offer a third-party personal email records into evidence that could help prove her client had no malicious intent. What is the prosecuting same most likely to do?

Object based on the hearsay rule 

I’ve just based the emails containing PII in the main headers

Object base in the exclusionary rule

Object based on data retention policies


Answer 59

Object base and the hearsay rule

Question 60

Which software development methodology uses and enter iterative approach to develop it working model with typically includes frequent interaction between the customer and developer

Spiral, address, scram or prototyping

Answer 60

Prototyping

Question 61

What type of evidence obtained from an outside source and is admissible in court?

Hearsay, circumstantial, inculpatory kr corroborating 

Answer 61

Hearsay

Question 62

I do bass administrators alerted to a spike in activity that has caused a space shortages over the last week. Where should the administrator look to turn whether the increase in activities due to valid or abnormal request?

The database is Aralog, the operating system‘s application law, the database is transaction log or the app ring system security log

Answer 62

The database transaction log

Question 63

How can organization share a single document repository were each company retains control over its own authentication credentials

Access control matrix, two factor authentication, coveralls key distribution center or Federated identity management

Answer 63

Federated Identity management

Question 64

Fuzzing a running applications part of what process?

Code review, stress testing, dynamic application security testing or static analysis

Answer 64

Dynamic application Security testing

Question 65

There are many types of testing methods involve a exercising and maintaining a business continuity plan. Which of the following types of testing is known as consistency testing

The literally testing, structured walk-through testing, simulated testing, or checklist testing

Answer 65

Checklist testing

Question 66

What functionality do open ID and Saml provide?

Openid uses centralized Storage for credentials, while SAML uses distributed storage 

true or false?

Answer 66

False

Open ID performs authentication while SMAL and codes authentication related information

Question 67

What causes the chrome browser to have many process instances when there are multiple tabs

Standard libraries
Buffer overflow
Sandboxing
Memory leaks

Answer 67

Sandboxing

Question 68

Which of following is not one of the private IP address ranges designated by the internet assigned numbers authority

128. 12.0.0:16-128.92.0.0/16
129. 0.0.0/8
130. 168.0.0/16
131. 16.0.0/16-172.31.0.0/16

Answer 68

128.12.0.0/16-128.920.0/16

Question 69

What is the act of hiding data within another medium?

Permutation
Substitution
Steganography
Transposition

Answer 69

Straganography

Question 70

If a company does not inform employees that they may be monitored and does not have a policy stating how monitoring should take place, what should a company do?

Answer 70

Don’t monitor individual employees in any fashion

Question 71

What is the goal of synthetic transactions

Answer 71

Ensure an application is performing as intended

Question 72

What is one way of avoiding excessive damage to equipment while maximizing personal safety and using recommendations of fire protection and insurance industries for data centers

Answer 72

Dry pipe

Question 73

Which of the following characteristics of secondary memory?

Answer 73

Has slower data retrieval speeds

Question 74

Which of the following Algorithms is used to secure the exchange of key when implementing public Key cryptography

DES
AES
IDEA
DIFFIE-hellman

Answer 74

Diffie hellman

Question 75

What computer resources make up the TCB?

Answer 75

The kernel and processes designed to meet a formal security policy

Question 76

What is the first step to be accomplished in a preliminary legal investigation

Gather evidence, determine if Crime has occurred, interview witnesses or inspect damage

Answer 76

Determine if a crime had occurred

Question 77

Even Joy streaming videos from the wild while on her work computer. Sometimes access to videos are cut off for hours or even the rest of the workday period it seems random to eve the day of the week the websites hosting the videos, and how long she can access sight do not follow a pattern. Which control is blocking the website?

Context base access control, web application firewall, whole space in certain section or time base access control

Answer 77

Context based access control

Question 78

Which of the following does every user in organization not need to be aware of regarding their organizations information security policy?



Answer 78

The actions required to recover systems in case of a disaster

Question 79

What writing protocol is used to communicate between autonomous systems and large networks such as the Internet?

ARP
RIP
DNA
ESP
BGP

Answer 79

BGP

Question 80

Which of the following terms describes determining an individual is who they claim to be?

Authorization, identification, authentication

Answer 80

Authentication

Question 81

Which of the following land transmission protocols is use on ethernet networks??

CSMA/CD
TOLEN PASSING
CSMA/ca
Polling 

Answer 81

Csma/cd

Question 82

The pen testing team is getting access to orientation by sending a PDF file from a spoon human resources email address. Which the following controls would help medicate this attack?

security audits, code review, user training or transport layer security? 

Answer 82

User training

Question 83

What is the security weakness of the password authentication protocol? PAP

Answer 83

Sends passwords in plaintext

Question 84

When a cookie is marked secure which of the following controls are in place?

It may be sent over SSL/TLS, it cannot be accessed by JavaScript, is encrypted with the private key or it is encrypted with a symmetrical key? 

Answer 84

It may be sent over SSL/TLS

Question 85

The most complete picture of the security of network results from which of the following?

I Pinterest, vulnerability assessment, firewall rule based audit or security assessment

Answer 85

Security assessment

Question 86

Once you understand a risk, you can decide not to become evolved in this risk situation. What should the choices below describes this decision

Risk avoidance, risk acceptance, risk reduction or risk transfer

Answer 86

Risk avoidance

Question 87

What mechanism can be used to ensure that it failed database transaction or system for the return the subject to a meaningful point in some process

Answer 87

Checkpoint

Question 88

The following statement can be best described as what type of security documentation? I’ll end-user systems on the network must be protected at the host level again smell weird unauthorized access

Procedure, policy, standard, baseline, guideline

Answer 88

Policy

Question 89

Which of the following best describes operation security

Answer 89

Taking steps to make sure environment and information access within it stay at a certain level of protection

Question 90

What is the unit of transmission in an ethernet network called

Answer 90

Frame

Question 91

Which of the following forms of communication should be used and reporting an incident to management

Answer 91

Out of band

Question 92

What component of a VoIP system exchanges traffic between a packet switch in circuit-switched network

Answer 92

Media gateway

Question 93

What solution aims to solve latency issues caused by differences between client in public servers

Answer 93

Content distribution networks

Provides faster delivery of content to the user distributed world wide

It is a group of servers that are placed all over the globe and increase the delivery of web content

Question 94

What type of control can automatically initiate corrective control

Answer 94

Detective

Question 95

Dedicated

Answer 95

Dedicate a motive operation means at the system contains objects of one classification label

Question 96

Which search engine poses a problem for SCADA system is connected to the Internet

Answer 96

Shodon

Question 97

What is the Best definition for equal error rate EER

Answer 97

The rate at which the FAR equals a FRR

Question 98

In tunnels mode IPSEC The outer packet is address to which of the following

Answer 98

The receiving Gateway

Question 99

Which of the following sulfur controls is an output control

Answer 99

Reconciliation

Question 100

What type of control as a security policy

Answer 100

Directive

Question 101

What Mac motive operation place a reference monitor to mediate between subjects and objects

Answer 101

Multi level

Question 102

Which of the following destroys patterns that connect plane textures associate ciphertext

Answer 102

Diffusion

Question 103

Compressing IPv6

Answer 103

Leading zeros are all suppressed

Question 104

Which of the following access control measures is directive

Answer 104

Background check

Question 105

What type of memory must be refreshed by reading and rereading each but every Few milliseconds

Answer 105

DRAM

Question 106

Which Class of fire suppress by dry powder

Answer 106

Electrical

Question 107

Which of the following pen testing activities with the effective invalidating Tempus effectiveness

Answer 107

Radiation monitoring

Question 108

Which distributed computing Thank you architectures fully decentralized

Answer 108

Peer to peer

Question 109

The account management process should ensure adherence to a security principal

Answer 109

Least priv

Question 110

Which of the following Theresas the Internet activities board consider violation of the ethics in the Internet

Answer 110

Compromising the privacy of users

Question 111

Antivirus Blocked an executable and sent a notice to security event information management system. What type of control does antivirus represent

Answer 111

Preventative

Question 112

During a preliminary investigation of potential security incident which step should occur in what order

Answer 112

Review the complaint, inspect the damage, exam in logs and work with management and if necessary is this management in notifying law enforcement

Question 113

With respect to do classification rolls in which of the following is a responsibility the system owner

Answer 113

To assist in identification of the common security controls

Question 114

Metasploit

Answer 114

Validate if the vulnerability is exploitable

Question 115

Where would attackers focus our efforts to disable Kerberos

Answer 115

Key distribution center

Question 116

Which of the following concepts requires having a central authority maintain a copy of everybody’s private keys are there any users encrypted data can be decrypted by the central authority

Answer 116

Escrowed encryption

Question 117

What should be considered in the purchase of a preventative control

Answer 117

Total cost of ownership

Question 118

A no NIDS is alerted by a database connection

Answer 118

False negative

False negative occurs when the IDS is not set off an alert and the traffic is malicious

Question 119

What is an application Output control

Answer 119

Reconciliation

Question 120

What technology allows a single switch to host multiple networks 

Answer 120

Vlan 

Question 121

What memory addressing technique always refers to a temporary storage location of the rather than the main memory

Answer 121

Registered direct addressing

Question 122

Which of the following provides the set of statements used to design a database Sxhema

Answer 122

Data definition language

Question 123

What layer of the OSI model does 802.1X provide authentication

Answer 123

Data link

Question 124

Why would someone use frame-relay instead of x.25

Answer 124

Lower overhead

Question 125

What are the four tasks in the access provisioning life cycle

Answer 125

Account Administration
Maintenance
Monitoring
And revocation

Question 126

Identity is what

Answer 126

Making a claim to the system as to who you are

Question 127

Providing user name and password is what

Answer 127

Authentication

Question 128

After authentication then authorization is next, what does it do

Answer 128

Looks what what access the user has

Question 129

After authorization is accountability

Answer 129

This deals with who does what in the system

Question 130

What is AAA

Answer 130

Authentication
Authorization
Accountability

Question 131

Auhtorizarion determines what

Answer 131

What access to what group of information a user or group of users has

Question 132

Accountability is what

Answer 132

Makes the user responsible for their actions

Question 133

Four

Question 134

Four categories of authentication are

Answer 134

Something you know (password, phrase)
something you have
Something you are
Someplace you are

Question 135

True or false using two authentication factors is known as two factor authentication

Answer 135

True

Question 136

What is CER

Answer 136

Crossover error rate

Percentage of false rejection rate compared to false acceptance rate

Question 137

PoLP is what

Answer 137

Principle of least privilege and it makes sure individuals are granted access necessary to perform their required business functions

Question 138

True or false, the PoLP applies to users and system configuration, firewall rulesets, and many other items in security

Answer 138

True

Question 139

What is a key policy for fraud deterrence/detection

Answer 139

Rotation of duties

Question 140

What is the base level of protection that a reasonable person takes to check a piece of code

Answer 140

Due care

Question 141

What is the process followed to ensure that an org is exercising their duty of care

Answer 141

Due diligence

Question 142

What do detective controls do

Answer 142

Makes us aware of a condition that might warrant further inspection or response

Any device that has an alarm feature is this

Question 143

Prevention controls do what

Answer 143

Deprive unauthorized access to resources

Question 144

What includes organizational policies and procedures

Answer 144

Administrative or directives

Question 145

Type of controls

Answer 145

Preventative
Detective 
Corrective 
Deterrent
Recovery 
Compensating

Question 146

Administrative controls are

Answer 146

Background checks and policies and procedures

Question 147

Physical controls are

Answer 147

Locks
Security laptops
Security magnetic media
The protection of cable

Question 148

Technical controls are

Answer 148

Encryption

Smart cards

Question 149

Preventative controls do what

Answer 149

Prevent an attack from being successful

Question 150

Detective controls do what

Answer 150

Assuming an attack has begun, it tried to detect that there is a problem after an attack occurs

Timing in critical

Question 151

Deterrent controls do what

Answer 151

Discourages security violations, such as a beware of dog sign

Question 152

Compensating controls do what

Answer 152

Provide alternatives to other controls. If there is a weakness in a control, add another layer of security to reduce the risk

Question 153

Corrective controls do what

Answer 153

Reacts to an attack and takes corrective action

Question 154

Recovery controls do what

Answer 154

Restores the operating state to normal after an attack or system failure

Question 155

First step to managing risk is what

Answer 155

Asset evaluation

What is the impact of unavailability

What is the impact of a data breach

What is the impact of the data was altered

Question 156

Risk =

Answer 156

Threat x vulnerability

Question 157

What is something that can bring harm to a system

Answer 157

Threat

Question 158

What is a threat source , aka threat source

Answer 158

It is the cause of a threat

Question 159

What is the means a threat exercises a vulnerability?

Answer 159

Exploit

Question 160

What is the source or binary code that eases the ability for an attackers to exploit a vulnerability

Answer 160

Exploit code

Question 161

What is the action that the attacker wants to carry out as a result of the exploitation.

What is part of the post exploitation portion of an attack

Answer 161

Payload

Question 162

What is the worlds most used pen testing framework

Answer 162

Metasploit

Question 163

What are the two primary approaches to risk assessment

Answer 163

Quantitative and qualitative

Question 164

What type of risk assessment is perfected by the business and usually uses numbers

Answer 164

Quantitative

Question 165

Quantitative formulas

Answer 165

SLE = EF xAV

ARO

ALE =SLE X ARO

TCO
ROI

Question 166

Which risk assessment focuses on what

Answer 166

Uses risk matrix and does not use numbers

Question 167

What must an effective risk management prioritize

Answer 167

A risk reduction strategy

Question 168

What are the three fundamental elements of security

Answer 168

Confidentiality integrity and availability

Question 169

What defines the CIA triad in terms of loss?

Answer 169

Disclosure alteration and denial (DAD)

Question 170

What is the request for information to be made to initially gather information about the available providers of the item or service being procured.

Answer 170

RFI

Request for information

Question 171

What is the stage of procurement to determine which providers will bid for the project

Answer 171

Request for proposal

Question 172

Rfq

Answer 172

Request for quote

Question 173

What is used when a business operates legally as a partnership
It addresses ownership, profits/losses and contributions

Answer 173

BPA

Business partner agreement

Question 174

What is used when two org interconnect information systems/networks

Answer 174

MOU/A

It defines basic roles, responsibilities and requirements. It also refers to the ISA got details concerning the security requirements

Question 175

Woah dictates the technical security requirements associated with two orgs connecting information system/networks

Answer 175

ISA

Question 176

What is used to force service providers to agree to provide and acceptable level of security or else potentially be found in a breach of contract

Answer 176

SLA

Question 177

What is an internal

Agreement that supports the SLA?

Answer 177

OLA

operating level agreement

Question 178

What governs how about org that license a large volume of software is allowed to use that software?

Answer 178

ELA

enterprise license agreement

Question 179

COTS

Answer 179

commercial off the shelf

Question 180

What does SOC stand for

Answer 180

Service organization controls

Question 181

What is the name for a SOC 1

Answer 181

Service organizations: internal

Control over financial reporting (ICFR)

Question 182

What is the name for a SOC II

Answer 182

Service organizations:trust services criteria

Question 183

Name for a SOC III

Answer 183

Service organizations: trust services criteria for general use report

Question 184

What needs does a SOC I meet

Answer 184

Entities that use service organizations and the CPAs that audit the user entities financial statements and controls on the financial statements

Question 185

What does a SOC II do

Answer 185

Gives a detailed information action and assurance about the controls at a service org relevant to security, availability and processing integrity of the systems the service org uses to process users data and the confidentiality and privacy of the information processed by these systems

Question 186

What is a SOC III used for

Answer 186

Giving assurance about the controls at a service organization relevant to security availability, processing integrity confidentiality or privacy

Question 187

The concept of threat modeling is closely associated with what?

Answer 187

Software or application development

Question 188

Approach for threat misruling is STRIDE . What does STRIDE. Stand for

Answer 188

Spoofing ID 
TAMPERING With data 
repudiation 
Information disclosure 
DoS
Elevation priv

Question 189

What is the goal of threat identification

Answer 189

Appreciate the threat sources, understand their motivation and determine their capabilities

Question 190

What is the method attackers use to touch or exercise vulnerabilities

Answer 190

Threat vectors or vector

Question 191

What represents all the ways in which an attacker could attempt to introduce data to exploit a vulnerability

Answer 191

Attack surface

Question 192

How do you reduce the attack surface of an application

Answer 192

Security configuration management or hardening . This ensures only necessary features are enables on systems

Question 193

What governs individual conduct as it pertains to laws both federal and state

Answer 193

Criminal law

Question 194

What refers to an action against a coma y that causes damage or financial losss

Answer 194

Civil law

Question 195

What protects inventions for 20 years

Answer 195

Patent

Question 196

What is a recorded thought, a form of expression copyright

Question 197

Lifi uses what

Answer 197

Uses LED lights bulbs to send data

Question 198

What includes 4g and 5g

Answer 198

Lifi zig bee and satellite and cellular networking

Question 199

Tools used to recover shared WEP keys

Answer 199

WEPcrack
Airsnort
dwepcrack

Question 200

What uses existing LES bulbs to send data to receivers

Answer 200

LIFI

Question 201

What are the benefits of LIFI

Answer 201

Speed

Down side is it cannot pass through light

Question 202

What leverages battery powered radios to form a mesh person area network

Answer 202

Zigbee

Question 203

What network let’s the computers in a network communicate directly with each other without an intermediary

Answer 203

Peer to peer

Question 204

What are characteristics of the waterfall methodology

Answer 204

The project is divided into sequential stages, each with specific milestones

This is knows your be the most direct toward the objectives with the shortest dev time and cost possible

Question 205

What maturity level of software assurance modem (SAMM) as described as initial understanding and ad hoc provision of security practice?

Answer 205

Level 1

Level 0: implicit starting point representing the activities in the practice being unfulfilled

Level 1: same as question

Level 2: increase efficiency and or effectiveness of sec. Practice

Level 3: comprehensive mastery of the sec practice at scale

Question 206

Ensuring only min required access is given to developers at any time is an example of what?

Answer 206

Least priv

Question 207

What approach would be best suited to help identify flaws by examining source code?

Answer 207

Static application security testing

Question 208

What applies an agile methodology to threat and vulnerability management, incident handling/response and overall security operations?

Answer 208

Security orchestration automation and response (SOAR)

SOAR is the automatic handling of security operations-related tasks. Process of executing these tasks, like scanning for vulnerabilities or searching logs

Question 209

One of the oldest Programming vulnerabilities allows that allows code to be inserted into memory locations potentially allow code execution?

Answer 209

A buffer overflow

This is when the programmer fails to perform bounds checking

For example
The ()gets functions goes not enforce a character length limit when data is input

Question 210

Which level in the CMMI is defined by the phrase
The software process for both management and engineering activities is documented, standardized and integrated into a standard software process for the organization?

Answer 210

Level 3

Question 211

Which type of testing would be most appropriate to ensure that all expected functionality of the app is present and working properly?

Answer 211

Quality assurance

Question 212

What development methodologies uses paired programmers who work from a detailed specification, has a high level of customer involvement and uses detailed test procedures?

Answer 212

Extreme programming (XP)

Question 213

What principle is violated when developers reviews code in production

Answer 213

Separation of duties

Question 214

What maturity level of software assurance model is described as comprehensive mastery of the security practice scale?

Answer 214

Level 3

Question 215

What file methodology co twins small teams of developers, senior member of the org who acts like a coach and the product owner?

Answer 215

Scrum

Question 216

What can be used to develop applications faster and increase programmers analysts productivity

Answer 216

IDE

Integrated development environment
Musically has a code editors, debugger and build/compiler

Question 217

What is the best way to reduce risk in software

Answer 217

Code review

Question 218

Management is concerned about apps having successfully passed through QA and user acceptance testing but later having unforeseen issues when deployed into the prod. What term would be most applicable to address this?

Answer 218

Devops

Question 219

Which software developmental model has unique discrete sequential phases

Answer 219

Waterfall

Question 220

What enables rapid deployment of virtual security applicable and devices like virtual firewalls, virtual IPS

Answer 220

Software defined security

Question 221

What term describes a structured approach to documenting and approving changes to systems

Answer 221

Change control

Question 222

What level of the CMMI model is defined by detailed measures of the software process in product quality are collected

Answer 222

Level 4

Question 223

What type of coding far is exploited would allow a normal user account to gain increased or even admin access

Answer 223

Priv escalation

This type of attack increases a users or process privilege typically to superuser level. Most of these tax require nonprivileged local access. SETU ID root programs are frequent targets of priv escalation attacks

Question 224

What is the main factor that drives a spiral model of application development

Answer 224

Risk

Question 225

What is being implemented if development staff does not manage security functions

Answer 225

Separation of duties

Development team should have clearly defined borders between developers, the QA department in the coder applications used on prod environments 

Question 226

One of the primary approach is to ensure that Java applet do not negatively impact the underlying operating system involves running the code with any more isolate environment with limited access

Answer 226

Sandbox

Question 227

Some numeric values are often stored in fixed length memory locations. What type of a taxi to explode this characteristic to achieve memory corruption

Answer 227

Integer overflow

Question 228

What should be done in order to be able to correlate the mini logs produced by different systems

Answer 228

Use a reliable and accurate time source

Maintaining a centralized Backup copy of all your logs as quickly important to your monitoring. If they are accurate this what is the log correlation. It’s a timestamps her off it will not be helpful

Question 229

What type of minoring would be best suited for discovering a compromise internal system being used to scan public hosted cloud assets

Answer 229

Egress monitoring

It monitors traffic leaving an organization, system for interface like the traffic from internal system that scans public hosted cloud assets. Ingressed monitoring examine the behavior of assets of an organization or system seem whether they are in compliance with standards or not

Question 230

Measuring the baseline of activity overtime in highlighting expectations is referred to as what

Answer 230

Anomaly detection

This type of tool notices unusual trends in traffic patterns. They use expected behavior patterns as their baseline then ignore sells patterns as a process data

Question 231

And Apache web service is considered to be what type of Kobe service

Answer 231

PaaS

Edmonds have control over the service configuration only, and not the general operating system. An admin could we start the web service but not reboot the entire system

Question 232

What detective technology would be best able to help discover adversary Compromise of a legitimate user account based on deviation from typical behavior

Answer 232

UEBA

user and entity behavior analytics provides baseline self profile how users behave. A SIEM may include you EBA data but that cannot be guaranteed

Question 233

What is the goal of a business impact analysis

Answer 233

It focuses on determining mission critical business processes and the impact associated with disruption of those services. Its purpose is to determine the tolerable level of impact and keep business functions. The primary focus is on the disruption of availability and determination of the effect of an outage over a period of time. The BIA informs the requirements regarding RTO

Question 234

What is a computer forensics image

Answer 234

A binary copy of the hard drive

Binary copy can capture files that have been deleted and hashing algorithms can be used during acquisition and After to be right assurance to the integrity of the image acquired

Question 235

During incident response, you find a dynamic internal IP address is Implicated as the attacker. What would be a key log needed for incident response in forensics

Answer 235

DHCP logs

It provides assets with the IP address is dynamically, so that the IP address of a house can vary. The DHCP logs could enable investigatory to determine which host the adversary used

Question 236

Marin Is the manager of the quality department and you just his RFID card to access the building and later uses the same car to access his office what type of control is this

Answer 236

Technical

Question 237

What are two types of identity management systems?

LDAP
AD
DC
DN

Answer 237

Ad and ldap
Active directory

Lightweight directory access protocol

Question 238

An SSO system is characterized by what

Answer 238

Provides a single user name and password to access entire network

Question 239

What is the best performing biometric authentication systems have

Answer 239

Low crossover error rate

Question 240

After a users thumb print has been enrolled for future authentication what does their print get stored as

Answer 240

Hash

Parametric images are converted to hashes so there’s a hacker exploits a password they will only obtain representations of the biometrics and not the real images

Question 241

Nadia As a security administrator tasked with finding users with week passwords. What type of attack but she attempts first as part of the security audit

Rainbow tables
Birthday
Dictionary
Brute force

Answer 241

Dictionary

Question 242

What is it called when an employee moves from department to department and the rights and priv are not removed

Answer 242

Authorization creep

Question 243

Which SSO system uses secret keys, principals and tickets

Answer 243

Kerberosis

Kerberosis uses a key distribution center to grant tickets to users for services to use such as email and file sharing

Question 244

Kerberosis uses what keys

Answer 244

Symmetric

This provides redundancy with the key distribution center to medicate it being a single point of failure. Make certain to use the longest to resist brute force attacks

Question 245

Diskless comouters with lots of memory and fast CPUs that obtain their operating system and data from a centralized server called what

Answer 245

Thin clients

Question 246

When implementing security containers on a system it will be divided into too secret, secret, confidential and unclassified. Which type of system is she implementing

Answer 246

MAC

mandatory access control

Question 247

What is not a SSO system

Answer 247

Circumference

Question 248

Which should be added to make tjeee factor authentication if the person uses a card to swipe into the server room?

Pin
Retina scan
Otp
Authenticator

Answer 248

Pin

Retina scan

Question 249

Which access control model prioritizes availability over Confidential Aliti and integrity so that owners of their files determine the authorizations of their objects

Answer 249

DAC

Discretionary access control

Question 250

Allow MAC address 35:35:43:an:ac:a1

Deny all

Answer 250

Rule based access control

Question 251

What are two difference between TACAS and RADIUS

Answer 251

TACAS encrypts all the data . RADIUS encrypts the password only and

TACAS transmits data via T P and RADIUS transmits data via UDP

Question 252

Which is not a physical access control type

8 foot fence
Data backup
Security awareness training
Network segmentation

Answer 252

Security awareness training

Question 253

Example of admin controls

Answer 253

Non disclosure agreement

Dress code policy

Question 254

What device would monitor network activities

Answer 254

IDS

Question 255

When tasked with lowers the threshold of monitoring activities as part of her seeking to discover an external threat, what is one thing that she will notice first

Answer 255

The system perform reduces

By lowering the threshold, increases alerts. So false positives increase and logging tables fill up faster. The increased monitoring will eventually find it

Question 256

When an admin is given priv to Ana he printers and hard drives but not the network, what is this an example of

Answer 256

Least priv

Question 257

Ok Unix and Linux systems what is the best rewrite to implement to mitigate brute force attacks

Answer 257

Name the root log in name to roto-root3r

Question 258

What is an example of data hiding

Answer 258

Steganography

Question 259

What is the act of intentionally positioning data so that it is not viewer or accessible to an unauthorized subject

Answer 259

Data hiding

Question 260

What is an important part of multilevel secure systems?

Answer 260

Data hiding

Question 261

What is the science of hiding the meaning of intent of a communication from unintended recipients

Answer 261

Encryption

Question 262

What is the line of intersection between any two areas, subnets or environment s that have different security requirements or needs

Answer 262

Security boundary

Question 263

What is it called when there is an established plan, policy and process to Protect the interests of an organization

Answer 263

Due diligence

Question 264

What is it called when it is practicing the individual activities that maintain the due diligence effort?

Answer 264

Due care

Question 265

What is the document that defines the scope of security needed by the org and discusses the assets that require protection

Answer 265

Security policies

Question 266

What defines requirements for the use of hardware, software, technology and security controls

Answer 266

Standards

Question 267

What is the minimum level of security that every system throughout the org must meet

Answer 267

A baseline

Question 268

What is the element of the formalized security policy structure

Answer 268

Guideline

Question 269

Do all users need to know the security standards, baselines, guidelines, and procedures for all security classification levels

Answer 269

No they do not

Question 270

What is the process where potential threats are identified, categorized and analyzed

Answer 270

Threat modeling

Question 271

What type of testing is specialized dynamic testing technique that too idea different types of input to software to dress its limits and find previously infected flaws

Answer 271

Fuzzing

Question 272

CIA

Answer 272

Confidentiality integrity and availability

Question 273

What is the principle that objects are not disclosed to unauthorized objects?

Answer 273

Confidentiality

Question 274

What is the principle that objects retain their veracity and are intentionally modified k my by authorized subjects

Answer 274

Integrity

Question 275

What is the principle that authorized subjects are granted timely and uninterrupted access to objects

Answer 275

Availability

Question 276

What is AAA

Answer 276

identification, authentication, authorization auditing and accountability

Question 277

What is the process of verifying or testing that a. Claim identity is valid

Answer 277

Authentication

Question 278

WhG ensures activity or object based access is possible given the rights and priv assigned to the authenticated identity

Answer 278

Authorization

Question 279

What is auditing

Answer 279

Programmatic means by which subject are held accountable for their actions while authenticated on a system through the documentation or recording of subject based activities

Question 280

What repudiation

Answer 280

Ensures that the subject of an activity cannot deny that the event occurred

Question 281

Abstraction is what

Answer 281

It is used to collect similar elements into groups classes are bowls that are assigned security controls, restrictions are permissions as a collective. It has efficiency to caring out a security plan

Question 282

What is defense ok depth

Answer 282

Is known as layering, it is simply they use multiple controls in a series. Using a multi layered solution allows for numerous different controls to guard against whatever threats come to pass

Question 283

What is it called when you are preventing the different been discovered her access by subject

Answer 283

Data Hiding

Question 284

What is it called when there’s a line of intersection between the two areas, subnets, or environments that have different security requirements or needs

Answer 284

Security boundaries

Question 285

What is security governance

Answer 285

It is a collection of practices related to supporting defining interesting to secure the efforts of an organization

Question 286

What is the process of reading the exchange materials And verifying them again standards and expectations. In many situations special related to government or military agencies are contractors failing to provide sufficient documentation to meet requirements of third-party governance can result in loss of or a voiding of authorization to operate

Answer 286

Documentation review

Question 287

What is security management planning

Answer 287

Ensures proper creation implementation and enforcement of a security policy.

Question 288

What needs to be in order in order to be able to create an comprehensive security plan you need what

Answer 288

Security policy 
Standards
Baselines
Guidelines 
And 
procedures

Question 289

Security management is based on theee rules of plans

Answer 289

Strategic tatical and operational

Question 290

Key security roles are

Answer 290

Senior manager, security professional, as an owner, custodian, user and auditor

Question 291

Confidentiality integrity and availability are typically viewed as the primary goals and objectives of a security infrastructure. Which Of the following is not considered a violation of confidentiality

Stealing passwords using a key struggling tool,

eavesdropping on wireless network communications,

hardware destruction caused by arson or

social engineering that tricks to use her and she providing personal information to a false website

Answer 291

Eavesdropping on the wireless network

Question 292

What is a primary goal and objective a security

Answer 292

The CIA Triad

Question 293

James recently discovered an attack taking place against his org that prevented employees from accessing critical records. What part of the CIA was violated

Answer 293

Availability

Question 294

What is security governance

Answer 294

Security governance seeks to compare the security processes and infrastructure used within the organization with knowledge and insight obtained from external sources

Question 295

You have been tasked with crafting a long-term security plan That is fairly stable. It needs to find the organization securities purpose. It also needs to find security function in a line it to the goals, Michigan, and objectives of the organization. Why are you being asked to create

Answer 295

Strategic plan

Question 296

What is a risk associated with a. Merger

Answer 296

Inappropriate info disclosure 
Increased worker compliance 
Data loss
Downtime 
Additional insight into the motivations of inside attackers

Question 297

What is a set recommended best practices for core IT security and operational processes and

Answer 297

ITIL

Question 298

What security role has the functional responsibility for security including writing the security policy and implementing it

Answer 298

Security professional

Question 299

When confidential Documents are exposed to an authorized entities, which element of straight is used to reference that violation

Answer 299

D

Denial of service

Question 300

A development team is working on a new project. During the early stages of systems development the team considers the vulnerabilities, threats, and risks of their solution and integrates protections Against Unwanted outcomes. What concept to start modeling is this

Answer 300

Proactive approach 

Question 301

Whenever an organization work for the third party it’s supply chain risk management process it should be applied. One of the common requirements is establishment of minimum security requirements of the third-party. What should these requirements me based on

Answer 301

Existing security policy

Question 302

What is a risk centric threat modeling approach that aims at selecting or developing countermeasures in relation To the value of the assets to be projected

Answer 302

PASTA

Process for attack simulation and threaten else’s. It is a seven states threat modeling methodology

Question 303

What term relates to defense in depth

Answer 303

Layering, classifications, zones, realms, compartments, sales, segmentations, lattice structure and protection rings