Pg 17

Question 1

A systems administrator needs to ensure the secure communication of sensitive data within the organization’s private cloud. Which of the following is the best choice for the administrator to implement?

A. IPSec
B. SHA-1
C. RSA
D. TGT

Answer 1

IPSec

Question 2

Which of the following should an internal auditor check for first when conducting an audit of the organization’s risk management program?

A. Policies and procedures
B. Asset management
C. Vulnerability assessment
D. Business impact analysis

Answer 2

Policies and procedures

Question 3

Which of the following activities are associated with vulnerability management? (Choose two.)

A. Reporting
B. Prioritization
C. Exploiting
D. Correlation
E. Containment
F. Tabletop exercise

Answer 3

A. Reporting
B. Prioritization

Question 4

An administrator wants to perform a risk assessment without using proprietary company information. Which of the following methods should the administrator use to gather information?

A. Network scanning
B. Penetration testing
C. Open-source intelligence
D. Configuration auditing

Answer 4

Open-source intelligence

Question 5

A systems administrator is concerned about vulnerabilities within cloud computing instances. Which of the following is most important for the administrator to consider when architecting a cloud computing environment?

A. SQL injection
B. TOC/TOU
C. VM escape
D. Tokenization
E. Password spraying

Answer 5

VM escape

Question 6

A database administrator is updating the company’s SQL database, which stores credit card information for pending purchases. Which of the following is the best method to secure the data against a potential breach?

A. Hashing
B. Obfuscation
C. Tokenization
D. Masking

Answer 6

Tokenization

Question 7

Which of the following is a benefit of vendor diversity?

A. Patch availability
B. Zero-day resiliency
C. Secure configuration guide applicability
D. Load balancing

Answer 7

Zero-day resiliency

Question 8

An employee used a company’s billing system to issue fraudulent checks. The administrator is looking for evidence of other occurrences of this activity. Which of the following should the administrator examine?

A. Application logs
B. Vulnerability scanner logs
C. IDS/IPS logs
D. Firewall logs

Answer 8

Application logs

Question 9

An organization is looking to optimize its environment and reduce the number of patches necessary for operating systems. Which of the following will best help to achieve this objective?

A. Microservices
B. Virtualization
C. Real-time operating system
D. Containers

Answer 9

Containers

Question 10

Which of the following tasks is typically included in the BIA process?

A. Estimating the recovery time of systems
B. Identifying the communication strategy
C. Evaluating the risk management plan
D. Establishing the backup and recovery procedures
E. Developing the incident response plan

Answer 10

Estimating the recovery time of systems

Question 11

Which of the following is a risk of conducting a vulnerability assessment?

A. A disruption of business operations
B. Unauthorized access to the system
C. Reports of false positives
D. Finding security gaps in the system

Answer 11

A disruption of business operations

Question 12

Which of the following techniques would attract the attention of a malicious attacker in an insider threat scenario?

A. Creating a false text file in /docs/salaries
B. Setting weak passwords in /etc/shadow
C. Scheduling vulnerable jobs in /etc/crontab
D. Adding a fake account to /etc/passwd

Answer 12

Creating a false text file in /docs/salaries

Question 13

An organization maintains intellectual property that it wants to protect. Which of the following concepts would be most beneficial to add to the company’s security awareness training program?

A. Insider threat detection
B. Simulated threats
C. Phishing awareness
D. Business continuity planning

Answer 13

Insider threat detection

Question 14

An organization plans to expand its operations internationally and needs to keep data at the new location secure. The organization wants to use the most secure architecture model possible. Which of the following models offers the highest level of security?

A. Cloud-based
B. Peer-to-peer
C. On-premises
D. Hybrid

Answer 14

On-premises

Question 15

Which of the following is the most relevant reason a DPO would develop a data inventory?

A. To manage data storage requirements better
B. To determine the impact in the event of a breach
C. To extend the length of time data can be retained
D. To automate the reduction of duplicated data

Answer 15

To determine the impact in the event of a breach

Question 16

Which of the following cryptographic solutions protects data at rest?

A. Digital signatures
B. Full disk encryption
C. Private key
D. Steganography

Answer 16

Full disk encryption

Question 17

Which of the following should an organization use to protect its environment from external attacks conducted by an unauthorized hacker?

A. ACL
B. IDS
C. HIDS
D. NIPS

Answer 17

NIPS

Question 18

Which of the following would enable a data center to remain operational through a multiday power outage?

A. Generator
B. Uninterruptible power supply
C. Replication
D. Parallel processing

Answer 18

Generator