LearnZapp Practice 7 Flashcards
The term RPO is best described by which of the following?
A. A term used in BC and DR describing an acceptable amount of data that might be lost due to an outage before severe consequences are experienced
B. A term used in BC and DR describing a point in time after which an outage has occurred, beyond which recovery becomes extremely difficult or impossible
C. A term used in BC and DR describing the minimum allowable amount of data that might be lost due to an outage before severe consequences are experienced
D. A term used in BC and DR describing the maximum allowable amount of value that might be lost due to an outage before consequences are experienced
A. A term used in BC and DR describing an acceptable amount of data that might be lost due to an outage before severe consequences are experienced
Explanation:
Which of the following practices can enhance both operational capabilities and configuration management efforts?
A. Regular backups
B. Constant uptime
C. MFA
D. File hashes
D. File hashes
Explanation:
File hashes can serve as integrity checks for both configuration management and audit purposees
This approach to public key cryptography uses much smaller keys than traditional cryptography to provide the same level of security
A. AES
B. SSL
C. Elliptical curve
D. MD5
C. Elliptical curve
Explanation:
ECC uses algebraic elliptical curves that resulpt in much smaller keys that can provide the same level of safety as much large ones used in traditional key environments
Which security principle dictates that encryption key management and storage should be isolated from the data encrypted with those keys?
A. Least privilege
B. Two person integrity
C. Compartmentalization
D. Separation of duties
D. Separation of duties
Explanation:
Separation of duties dictates that one person/entity cannot complete an entire transaction alone. In this case, encryption, a single entity should not be able to adminster the issuing is keys, encrypt the data and store the keys because this could lead to a situation where that entity has the ability to access or take encrypted data
How often should cable management efforts take place?
A. Annually
B. Continually
C. Quarterly
D. Weekly
B. Continually
Explanation:
Cable management is an ongoing processd
Which of the following is not an example of a highly regulated enivironment?
A. Healthcare
B. Financial services
C. Wholesale or distribution
D. Public companies
C. Wholesale or distribution
Explanation:
One of the security challnges of operating in the cloud is that additional controls must be placed on file storage systems because ____________
A. File stores are always kept in plain text in the cloud
B. There is no way to sanitize file storage space in the cloud
C. Virtualization necessarily prevents the use of application based security controls
D. Virtual machines are stored as snapshotted files when not in use
D. Virtual machines are stored as snapshotted files when not in use
Explanation:
VMs are snapshotted and simply stored as files when they are not being used
What is a cloud storage architecture that manages the data in a hierarchy of files?
A. Object based storage
B. File based storage
C. Database
D. CDN
B. File based storage
Explanation:
Object based storage stores data as objects in volume, with labels and metadata. Databases store data in fields, in a relational motif. A CDN stores data in caches of copies content near locations of high demand
For US government agencies, what level of data sensitivitty/classification may be processed by cryptographic modules certified according to the FIPS 140-2 critieria?
A. Sensitive but unclassified
B. Secret
C. Top Secret
D. Sensitive Copartmentalized Information (SCI)
A. Sensitive but unclassified
Explanation:
FIPS 140-2 is only used for SBU data
Which of the following standards helps organizations to establish and maintain an ISMS?
A. ISO 27001
B. ISO 27009
C. ITIL
D. PCI
A. ISO 27001
Explanation:
ISO 27001 describes an information security management system as a set of interrelated elements that organizations use to manage and control information security risks to protect and preserve the confidentiality, integrity and availability of information
Whicih of the following is probably the most important activity of those listed?
A. Regularly update the BCDR plan/process
B. Have contact infomation for all personnel in the organization
C. Have contact information for essential BC/DR personnel
D. Have contact info for local law enforcement
A. Regularly update the BCDR plan/process
Explanation:
All of these are important but without regular updates, the info will soon become outdated and a los less useful
Full isolation of user activity, processes and virtual network segments in a cloud environment is incredibly important because of risks due to:
A. DDoS
B. Unencrypted packets
C. Multitenancy
D. Insider threat
C. Multitenancy
Explanation:
The fact that many various customers will be utilizing the cloud environment concurrently means that isolating each is of the utmost importance in the cloud enviroment
WHat is the aspect of the DMCA that has been abused and places the burden of proof on the accused?
A. Toil exemption
B. Decryption program prohibition
C. Takedown notice
D. Puppet platicity
C. Takedown notice
Explation:
The DMCA provision for takedown notices allows copyright holders to demand removal of suspect content from the web, and puts the burden of proof on whoeevr posted the material; this function has been abused by griefers and trolls and overzealous content producers
A typical DLP tool can enhance the organizations efforts at accomplishing what legal task?
A. Evidence collection
B. Delivering testimony
C. Criminal prosecution
D. Enforcement of intellectual property rights
A. Evidence collection
Explanation:
The data discovery facet of DLP solutions can aid an organization in gathering applicable evidence, especially in response to a legal request such a subpoena
Although cloud migration might offer significant cost savings for an organization, which of the following factors might reduce the actual benefit the organization realizes in a cloud environment?
A. Altitude of the cloud data center
B. Security controls and countermeasures
C. Loss of ownership of IT assets
D. Costs of Internet connectivity for remote users
B. Security controls and countermeasures
Explanation:
Every security process, tool and behavior entails a related cost, both financially and operationally.
In software defined networking, the northbound interface usually handles traffic between ________ and the _________
A. Cloud customer; ISO
B. SDN Controllers; SDN Applications
C. Cloud provider; ISP
D. Router; host
B. SDN Controllers; SDN Applications
Explanation:
The NBI handles traffic between the SDN controllers and the SDN applications
in regard to most privacy guidance, the data processor is _________
A. The individual described by the privacy data
B. The entity that collects or crates the privacy data
C. The entity that uses privacy data on behalf of the controller
D. The entity that regulates privacy data
C. The entity that uses privacy data on behalf of the controller
Explanation:
Option C is the definition of the data processor
Risk mitigation must also always entail which other method of addressing risk?
A, Risk acceptance
B. Risk avoidance
C. Risk transfer
D. Risk attenuation
A, Risk acceptance
Explanation:
Because risk can never be mitigated to zero, there will always be some residual risk after mitigation; the residual must be accepted
Which of the following is not a way in which an eitity located outside the EU can be allowed to gather and process privacy data belong to EU citizen?
A. Be located in a country with nationwide law that complies with the EU laws
B. Appeal to the EU High Court for Permission
C. Create binding contractual language that complies with the EU laws
D. Join the Privacy Shield program in its own country
B. Appeal to the EU High Court for Permission
Explanation:
The General Data Protection Regulation prohibits entities within a country that has no nationwide privacy law
Which of the following identifies vulnerabilities in applications, operating systems or network devices?
A. Vulnerability assessment
B. Nmap scan
C. Packet analysis
D. WAF
A. Vulnerability assessment
Explanation:
A vulnerability assessment or scan is designed to identify known vulnerabilities in applications, operating systems or network devices. An Nmap scan may discover vulnerabilities but is designed primarily as a network services discovery tool and is not generally used with applications
Why might an organization choose to comply with NIST SP 800 series standards?
A. Price
B. Ease of implementation
C. International acceptance
D. Speed
A. Price
Explanation:
The NIST standards are not particularly easy or fast to implement and they are not widely recognized or mandated outside of the US government federal sector
In order for communications from inside a VLAN to reach endpoints outside VLAN
A. The communications must go through a gateway
B. The traffic must be encrypted
C. A repeated must be used
D. The external endpoint must be in receive mode
A. The communications must go through a gateway
Explanation:
Gateway devices enforce the VLAN rules and can allow or deny outbound traffic
Which of the following is a frame that allows a diverse group of individuals to communicate securely?
A. Digital certificates
B. PKI
C. SSL
D. ECC
B. PKI
Explanation:
Public key infrastructure is a framework of programs, procedures, communication protocols and public key cryptography that enables a diverse group of individuals to communicate securely
Egress monitoring solutions usually include a function that ________
A. Arbitrates contract breaches
B. Performs personnel evaluation reviews
C. Discovers data assets according classification/categorization
D. Applies another level of access control
C. Discovers data assets according classification/categorization
Explanation:
Egress monitoring solutions will often include a discovery function which will locate data assets according to criteria defined by the organization
A company is considering a cloud migration to PaaS environment. Which of the following factors might make the company less likely to choose the cloud environment?
A. The company wants to reduce overhead costs
B. The company operates proprietary software
C. The company hopes to reduce energy costs related to operation of a data center
D. The company is seeking to enhance its BCDR capabilities
B. The company operates proprietary software
Explanation:
A customer using proprietary software in a PaaS environment faces the risks that updates to the underlying OS and/or hardware infrastructure will not be compatible with the customers sof tware and will affect productivity.
According to the CSA’s Notorious Nine list, data breaches can be:
A. Overt or Covert
B. International of subterranean
C. From internal or external sources
D. Volumiunous or specific
C. From internal or external sources
Explanation:
The CSA points out that data breaches come from a varieety of sources, including both internal personnel and external actors. Although breaches might be overt or covert, or large or small
You are a consultant, performing an external security review on a large manufacturing firm. You determine that its newest assemply plant, which cost 24 million, could be completely destroyed by a fire that a fire suppression system could effectively protect the plan. The fire suppression system costs 15 million. An insurance policy that would cover the full replacement cost of the plant costs 1 million per month. What is the annual rate of occurrence?
A. 12
B. 24 million
C. 1
D. 10 million
C. 1
Explanation:
Absent any other information about a total physical loss, we can consider the rate of occurrence as 1; we would not expect the plant
You are the IT security manager for a video game software development company. For your company, minimizing security flaws in the delivered product is probably a:
A. Functional requirement
B. Nonfunctional requirement
C. Regulatory issue
D. Third party function
B. Nonfunctional requirement
Explanation:
It is preferable that your games do not have security flaws in them, but this is not a core aspect of the product you are delivering; you are delivering entertainment, which is the primary goal; security is therefore a nonfunctional requirement
You are the IT security subject matter expert for a hobbyist collective that researches and archives old music. If you create a federated identity management structure for all the partrricipants in the collective using a third party certification model, who would be the federated service providers in that structure?
A. The third party
B. A CASB
C. The various members of the collective
D. The cloud provider
C. The various members of the collective
Explanation:
In federations where the participating entities are sharing data and resources, all of those entities are usually the service providers. In a third party cert model, the third party is known as the identity porovider
Which of the following reports is no longer used?
A. SAS 70
B. SSAE 16
C. SOC 1
D. SOC 3
A. SAS 70
Explanation:
The SAS 70 was a report used in the past primarily for financial reporting and was oftewntimes misused in the service provider context. The SSAE 16 standard and subsequent SOC reports are its successor
Maintenance mode requires all of the following actions except:
A. Remove all active production instances
B. Initiate enhanced security controls
C. Prevent new logins
D. Ensure logging continues
B. Initiate enhanced security controls
Explanation:
While the other answers are all steps in moving from normal operations to maintenance mode, we do nnot necessarily initiate any enhanched security controls
Cloud customers performing data discovery efforts will have to ensure that the cloud provider attends to all of the following requirements except:
A. Allowing sufficient access to largee volumes of data
B. Preserving metadata tags
C. Assigning Labels
D. Preserving and maintaining the data
C. Assigning Labels
Explanation:
Label assignment is a task of the data owner -the cloud customer, not the provider. All of the other answers are requirments for the cloud provider to meet the data discovery needs of the customer and should be negotiated before migraiton
The Agile Manifesto for software development focuses largely on:
A. Secure build
B. Thorough documentation
C. Working prototypes
D. Proper planning
C. Working prototypes
Explanation:
The Agile Manifesto specifically advocates for getting sample systems into the hands of the users as soon as possible in order to ensure that development is meeting customer needs.
ISO 27001 favors which type of technology?
A. Open Source
B. PC
C. Cloud based
D. None
D. None
Explanation:
The ISO 27001 standard is designed to be product agnostic
CSA CCM addresses all the following security architecture elements except:
A. Physical security
B. IaaS
C. Application Security
D. Business Drivers
D. Business Drivers
Explanation:
The CSA CCM does not deal with whether security controls are feasible or correct from a buiness perspective, only whether they are applicable to an organization under certain regulations.
Which of the following represents the Security and Privacy Controls for US Federal Information Systems and Organizations?
A. NIST 800-146
B. NIST 800-14
C. NIST 800-52 r4
D. NIST 800-123
C. NIST 800-52 r4
Explanation:
NIST 800-53 r4 describes ways to ensure the proper application of appropraite security requirements and security controls to all US fed governemtn, information and informationn management. The others are legit NIST documents with different purposes
Privileged user account access should be:
A. Temporary
B. Pervasive
C. Thorough
D. Granular
A. Temporary
Explanation:
Privileged users should have privileged access to specific systems/data only for the duration necessary to perform their administrative function; any longer incurs more risk than value`
The OWASP Top Ten list often includes insecure direct object references. Which of trhese is a method to counter the risks of insecure direct object references?
A. Perform user seecurity training
B. Check access each time a direct object reference is called by an untrusted source
C. Install high luminosity interior lighting throughout the facility
D. Append each object with sufficient metadata to properly categorize and classify based on
B. Check access each time a direct object reference is called by an untrusted source
Explanation:
Untrusted sources calling a direct reference should be authenticated to ensure that the source has authorization to access that object
Which of the following is a messaging protocol that uses specifications designed for exchanging structured information in web servies and operates independently of the client?
A. Java
B. REST
C. DAST
D. SOAP
D. SOAP
Explanation:
SOAP is a messaging specification designed for exchnaging structured information in web services and operates independently of the client OS
Which of the following characteristics is associated with DRM?
A. Mapping to existing access control lists
B. Delineating biometric catalogs
C. Preventing MFA
D. Prohibiting unauthorized transposition
A. Mapping to existing access control lists
Explanation:
Mapping to existing ACls is the trait that allows DRM tools to provide additional access control protections for the organizations assets
Which entity can best aid the organization in avoiding vendor lock in?
A. Senior management
B. The IT Security Office
C. General Counsel
D. The cloud security representative
C. General Counsel
Explanation:
The best method for avoiding vendor lock in is to have strong contract language favorable to the customer; the entity best equipped to craft contracts is the office of the general counsel