D P7-9

Question 1

Identity and Authentication
A. Adaptive identity
B. Non-repudiation
C. Authentication
D. Access logs

Answer 1

Adaptive Identity: A dynamic authentication method that adjusts security levels based on user behavior or context.

Non-repudiation: Assurance that an entity cannot deny the authenticity of their actions, such as sending a message or signing a document.

Authentication: The process of verifying a user’s identity to grant access.

Access Logs: Records of user access events, providing a trail for monitoring and auditing.

Question 2

Auditing and Compliance
A. Automation
B. Compliance checklist
C. Attestation
D. Manual audit

Answer 2

Automation: Using scripts or tools to perform tasks automatically, reducing human intervention.

Compliance Checklist: A predefined list of requirements to ensure adherence to regulations or standards.

Attestation: A formal declaration or certification that a process or system complies with requirements.

Manual Audit: A human-led review of systems or processes to ensure compliance or identify issues.

Question 3

Security Tools
A. SCAP
B. NetFlow
C. Antivirus
D. DLP

Answer 3

SCAP (Security Content Automation Protocol): A framework for automating vulnerability management and policy compliance.

NetFlow: A network protocol for collecting and analyzing IP traffic data.

Antivirus: Software that detects, prevents, and removes malicious software.

DLP (Data Loss Prevention): Solutions that protect sensitive data from being shared or accessed without authorization.

Question 4

Data and System Management
A. Tuning
B. Aggregating
C. Quarantining
D. Archiving

Answer 4

Tuning: Adjusting system settings to improve performance or security.

Aggregating: Combining data from multiple sources for centralized analysis.

Quarantining: Isolating a file, device, or user to prevent the spread of potential threats.

Archiving: Storing data for long-term retention, often for compliance or historical purposes.

Question 5

Emerging Technologies
A. Serverless framework
B. Type 1 hypervisor
C. SD-WAN
D. SDN

Answer 5

Emerging Technologies

Serverless Framework: A cloud computing model where applications run without managing underlying infrastructure.

Type 1 Hypervisor: Virtualization software running directly on hardware to host virtual machines.

SD-WAN (Software-Defined Wide Area Network): A network management approach that uses software to control WAN connections.

SDN (Software-Defined Networking): Network architecture that uses software for centralized control of network resources.

Question 6

Security Controls
A. Corrective
B. Preventive
C. Detective
D. Deterrent

Answer 6

Corrective: Actions taken to restore systems or mitigate damage after an incident.

Preventive: Measures implemented to stop security threats before they occur.

Detective: Tools or methods that identify and alert on suspicious activities.

Deterrent: Mechanisms designed to discourage malicious activity through visible warnings or obstacles.

Question 7

IT Processes
A. Guard rail script
B. Ticketing workflow
C. Escalation script
D. User provisioning script

Answer 7

Guard Rail Script: Automated scripts to enforce predefined limits or configurations.

Ticketing Workflow: Systems for tracking and managing support or change requests.

Escalation Script: Procedures for escalating issues to higher authority or expertise levels.

User Provisioning Script: Automated scripts for creating or managing user accounts and access rights.

Question 8

Risk and Network Management
A. Compensating control
B. Network segmentation
C. Transfer of risk
D. SNMP traps

Answer 8

Compensating Control: Security measures implemented to satisfy compliance when primary controls are not feasible.

Network Segmentation: Dividing a network into smaller segments to improve security and control traffic.

Transfer of Risk: Shifting risk to another entity, often through insurance or outsourcing.

SNMP Traps: Alerts sent by network devices to notify administrators of specific events or issues.

Question 9

Secure Development Practices
A. Identify embedded keys
B. Code debugging
C. Input validation
D. Static code analysis

Answer 9

Identify Embedded Keys: Detecting hard-coded keys within software for security analysis.

Code Debugging: Identifying and fixing errors or vulnerabilities in code.

Input Validation: Ensuring user inputs meet specific criteria to prevent attacks like SQL injection.

Static Code Analysis: Reviewing source code for vulnerabilities without executing the program.

Question 10

High Availability and Resilience
A. Clustering servers
B. Geographic dispersion
C. Load balancers
D. Off-site backups

Answer 10

Clustering Servers: Grouping servers to improve availability and balance workloads.

Geographic Dispersion: Distributing systems or resources across multiple locations to reduce risk.

Load Balancers: Distributing network or application traffic across multiple servers.

Off-Site Backups: Storing backups in a separate physical location to ensure recovery after disasters.

Question 11

Security Threats
A. End of life
B. Buffer overflow
C. VM escape
D. Jailbreaking

Answer 11

End of Life (EOL): When a product is no longer supported, making it vulnerable to new threats.

Buffer Overflow: Exploiting a software flaw by overloading memory to execute malicious code.

VM Escape: A vulnerability where an attacker accesses the host system from a virtual machine.

Jailbreaking: Removing manufacturer-imposed restrictions on devices, potentially exposing them to risks.

Question 12

Metrics and Performance
A. MTTR
B. RTO
C. ARO
D. MTBF

Answer 12

MTTR (Mean Time to Recovery): The average time required to restore functionality after a failure.

RTO (Recovery Time Objective): The targeted duration to recover systems after an outage.

ARO (Annualized Rate of Occurrence): The expected frequency of a risk occurring within a year.

MTBF (Mean Time Between Failures): The average time between system failures.

Question 13

Network Administration
A. Console access
B. Routing protocols
C. VLANs
D. Web-based administration

Answer 13

Console Access: Direct connection to a device for management and configuration.

Routing Protocols: Standards for exchanging routing information between devices.

VLANs (Virtual Local Area Networks): Segments within a network to isolate traffic and enhance security.

Web-Based Administration: Managing systems or devices through a web interface.

Question 14

Incident Response Phases
A. Preparation
B. Recovery
C. Lessons learned
D. Analysis

Answer 14

Preparation: Developing and implementing plans to handle incidents effectively.

Recovery: Restoring systems and operations after an incident.

Lessons Learned: Reviewing the incident to identify improvements for future responses.

Analysis: Investigating the cause and impact of an incident to prevent recurrence.

Question 15

Security Technologies
A. SPF
B. GPO
C. NAC
D. FIM

Answer 15

SPF (Sender Policy Framework): Email authentication to prevent spoofing.

GPO (Group Policy Object): A Windows feature for managing security and configurations across systems.

NAC (Network Access Control): Controlling access to a network based on compliance and policies.

FIM (File Integrity Monitoring): Detecting changes to files for security and compliance.

Question 16

Roles and Responsibilities
A. Processor
B. Custodian
C. Subject
D. Owner

Answer 16

Processor: An entity processing data on behalf of a controller.

Custodian: Responsible for managing and protecting data assets.

Subject: The individual or system that data pertains to.

Owner: The person or entity responsible for the data and its security.

Question 17

IT Standards and Practices
A. Off-the-shelf software
B. Orchestration
C. Baseline
D. Policy enforcement

Answer 17

Off-the-Shelf Software: Prebuilt software available for general use.

Orchestration: Coordinating automated tasks and workflows across systems.

Baseline: A minimum set of security standards to be met.

Policy Enforcement: Ensuring compliance with defined organizational policies.

Question 18

Specialized Systems
A. RTOS
B. Containers
C. Embedded systems
D. SCADA

Answer 18

RTOS (Real-Time Operating System): An OS designed for real-time applications requiring quick response times.

Containers: Lightweight environments for running applications with isolated dependencies.

Embedded Systems: Specialized systems designed for dedicated functions within devices.

SCADA (Supervisory Control and Data Acquisition): Systems managing industrial processes and infrastructure.

Question 19

Network Security
A. ACL
B. DLP
C. IDS
D. IPS

Answer 19

ACL (Access Control List): Rules defining permissions for accessing resources.

DLP (Data Loss Prevention): Solutions that protect sensitive data from being shared or accessed without authorization.

IDS (Intrusion Detection System): Monitors network traffic to detect potential threats.

IPS (Intrusion Prevention System): Actively blocks identified threats in network traffic.

Question 20

Cryptographic Solutions
A. Key escrow
B. TPM presence
C. Digital signatures
D. Data tokenization
E. Public key management
F. Certificate authority linking

Answer 20

Key Escrow: A mechanism to securely store and recover encryption keys.

TPM Presence (Trusted Platform Module): A hardware-based security module for storing cryptographic keys.

Digital Signatures: Cryptographic proofs verifying the origin and integrity of data.

Data Tokenization: Replacing sensitive data with non-sensitive substitutes.

Public Key Management: Managing public and private keys for encryption and authentication.

Certificate Authority Linking: Establishing trust between entities using a shared certificate authority.