Pretest Flashcards
Which of the following is an indicator of effective governance?
A. A defined information security architecture
B. Compliance with international security standards
C. Periodic external audits
D. An established risk management program
D
Which of the following is the PRIMARY prerequisite to implementation data classification within and organization? A. Defining job roles B. Performing a risk assessment C. Identifying data owners D. Establishing data retention policies
C
What is the PRIMARY factor that should be taken into consideration when designing the technical solution for a disaster recovery site? A. Service deliver objective B. Recovery time objective C. Allowable interruption window D. Maximum tolerable outage
C
Which of the following is the MOST effective way to treat a risk such as a natural disaster that has a low probability and a high impact level? A. Implement countermeasures B. Eliminate the risk C. Transfer the risk D. Accept the risk
C
Due to limited storage media, an IT operations employee has requested permission to overwrite data stored on a magnetic tape. The decision of the authorizing manager will MOST likely be influenced by the data: A. classification policy B. Retention policy C. creation policy D. leakage protection
B
Which of the following is MOST effective in protecting against the attack technique known as phishing? A. Firewall blocking rules Up-to-date signature files C. Security awareness training D. Intrusion detection system monitoring
C
Which of the following is the MOST cost-effective approach to achieve strategic alignment? A. Periodically survey management B. Implement a governance framework C. Ensure that controls meet objectives D. Develop an enterprise architecture
A
An internal review of a web-based application system reveals that it is possible to gain access to all employees' accounts by changing the employee's ID used for accessing the account on the uniform resource locator. The vulnerability identified is: A. broken authentication B. unvalidated input C. cross-site scripting D. structured query language injection
A
Which of the following the is the MOST effective at preventing an unauthorized individual from following an authorized person through a secured entrance (tailgating or piggybacking)? A. Card key door locks B. Photo identification C. Biometric scanners D. Awareness training
D
Which of the following is the MOST important factor to be considered in the loss of mobile equipment with unencrypted data?
A. Disclosure of personal information
B. Sufficient coverage of the insurance policy for accidental losses
C. Potential impact of the data loss
D. Replacement cost of the equipment
C
Recovery point objectives can be used to determine which of the following? A. Maximum tolerable period of data loss B. Maximum tolerable downtime C. Baseline for operational resiliency D. Time to restore backups
A
An information security manager has implemented procedures for monitoring specific activities on the network. The system administrator has been trained to analyze the network events, take appropriate action and provide reports to the InfoSec manager. What additional monitoring should be implemented to give a more accurate, risk-based view of network activity?
A. The sys admin should be monitored by a separate reviewer
B. All activity on the network should be monitored
C. No additional monitoring is needed in this situation
D. Monitoring should be done only the they InfoSec manager
A
Which of the following is MOST likely to be discretionary A. Policies B. Procedures C. Guidelines D. Standards
C
Which of the following is the MOST important in developing a security strategy?
A. Creating a positive security environment
B. Understanding key business objectives
C. Having a reporting line to senior management
D. Allocating sufficient resources to InfoSec
B
Which of the following roles is responsible for legal and regulatory liability>
A. Chief security officer
B. Chief legal counsel
C. Board of directors and senior management
D. InfoSec steering group
C
What is the PRIMARY basis for a detailed business continuity plan?
A. Consideration of different alternatives
B. The solution that is least expensive
C. Strategies that cover all applications
D. Strategies validated by senior management
D
Which of the following is the MOST appropriate frequency for updating antivirus signature files for antivirus software on production servers?
A. Daily
B. Weekly
C. Concurrently with operating system patch updates
D. During scheduled change control updates
A
Why is public key infrastructure the preferred model when providing encryption keys to a large number of individuals?
A. It is computationally more efficient
B. It is more scalable than a symmetric key
C. It is less costly to maintain than a symmetric key approach
D. It provides greater encryption strength than a secret key model
B
Which of the following BEST ensures that modifications made to in-house developed business applications do not introduce new security exposures? A. Stress testing B. Patch management C. Change management D. Security baselines
C
What is the MOST important item to be included in an InfoSec policy?
A. The definition of toles and responsibilities
B. The scope of the security program
C. the key objectives of the security program
D. Reference to procedures and standards of the security program
C
What is the PRIMARY objective of a postincident review in incident response?
A. To adjust budget provisioning
B. To preserve forensic data
C. To improve the response process
d. To ensure the incident is fully documented
C
Which of the following actions is the MOST important when a server is infected with a virus?
A. Isolate the infected servers(s) from the network
B. Identify all potential damage cause by the infection
C. Ensure that the virus database files are current
D. Establish security weaknesses in the firewall
A
Who should determine the appropriate classification of accounting ledger data located on a database server and maintained by a database admin in the IT dept? A. DB Admin B. Finance dept mgmt C. InfoSec mgr D. IT dept mgmt
B
When a major vulnerability in the security of a critical web server is discovered, immediate notification should be made to the:
A. system owner to take corrective action
B. incident response team to investigate
C. data owners to mitigate damage
D. development team to remediate
A