Practice Questions 61-72

Question 1

After a recent attack causing a data breach , an executive is analyzing the financial losses. She determined that the attack is likely to cost at least $1 million. She wants to ensure that this information is documented for future planning purposes. In which is she MOST likely to document it?
A. DRP
B. BIA
C. HVAC
D. RTO

Answer 1

A business impact analyst includes information on potential looses and is the most likely document of those listed where this loss would be documented.

Question 2

An organization is considering an alternative location as part of it continuity of operations plan. It wants to identify a solution that provides the shortest recovery time. Which is the BEST choice?
A. Cold site
B. Warm site
C. Hot site
D. Off-site backups

Answer 2

A hot site offers the shortest recovery time, however it is the most expensive option.

Question 3

You will need to identify a method that can be used for data integrity. Which choice will meet your needs?
A. AES
B. DES
C. RC4
D. SHA

Answer 3

Secure Hash Algorithm (SHA) is one of many available tasing algorithm used to verify data integrity.

Question 4

Users in your organization sign their emails with digital signatures. Which provides integrity for these digital signatures? 
A. Hashing
B. Encryption 
C. Non-repudiation
D. Private key

Answer 4

Hashing provides integrity for digital signatures and other data. The encryption does NOT provide integrity.

Question 5

Network administrators in your organization need to administer firewalls, security appliances, and other network devices. These devices are protected with strong passwords are stored in a file listing these passwords. Which is the BEST choice to protect this password list?
A. File encryption 
B. Database field encryption
C. Full database encryption 
D. Whole disk encryption

Answer 5

File encryption protects the passwords on the list.

Question 6

An application developer needs to use an encryption protocol to encrypt credit card data within a database used by the application. Which is the FASTEST while also providing strong confidentiality?
A. AES-256
B. DES
C. Blowfish
D. SHA-2

Answer 6

Blowfish would be the fastest in this scenario, it provides strong encryption so it would provide strong confidentiality.

Question 7

A developer is creating an application that will encrypt and decrypt data on mobile devices. These devices don't have a lot of processing power. Which cryptographic methods have the LEAST overhead and will work with these mobile devices?
A. Elliptic curve 
B. 3DES
C. PBKDF2
D. Bcrypt

Answer 7

Elliptic curve cryptography has minimal overhead and is often used with mobile devices for encryption.

Question 8

Your organization hosts a web site used only by employees. The web sites uses a certificate issued by a private CA and the network downloads a CRL from the CA once a week. However, after recent compromises, the security administrators want to use a real time alternative to the CRL. Which will BEST meet this need?
A. DSA
B. HMAC
C. CSR
D.OCSP

Answer 8

The Online Certificate Status Protocol (OOCSP) provides real time responses to validate certificates issued by a Certificate Authority (CA)

Question 9

You need to request a certificate for a web server. Which would you MOST likely use?
A. CA
B. CRL
C. CSR
D. OCSP

Answer 9

A certificate signing request (CSR) yes a specific format to request a certificate.

Question 10

Your organization recently updated a security policy. It states that duties of network administrators and application developers must be separated. Which is the MOST likely result of implementing this policy?
A. One group develops program code and the other group deploys the code.
B. One group develops program code and other groups modifies the code.
C. One group deploys program code and the other group administers databases.
D. One group develops databases and the other group modifies databases

Answer 10

Seperation of duties policy where the application developers create and modify the code and the administrators deploy the code to live production system but neither group can perform both functions.

Question 11

Your organization want to prevent damage from malware. Which of the following phrases of common incident response procedures BEST address this?
A. Preparation
B. Identification 
C. Containment
D. Lesson learned

Answer 11

Preparation phase is the first phase of common incident response procedures and attempts to prevent security incidents.

Question 12

A forensic expert is preparing to analyze a hard drive. Which should the expert do FIRST?
A. Capture an image
B. Identify the order of volatility 
C. Create a chain of custody documents
D. Take a screen shot

Answer 12

A forensic expert should capture an image of the hard drive and then analyze the image.