March Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

CISSP Exam Dumps - Certified Information Systems Security Professional (CISSP)

Question # 4

To protect auditable information, which of the following MUST be configured to only allow read access?

A.

Logging configurations

B.

Transaction log files

C.

User account configurations

D.

Access control lists (ACL)

Full Access
Question # 5

Sensitive customer data is going to be added to a database. What is the MOST effective implementation for ensuring data privacy?

A.

Discretionary Access Control (DAC) procedures

B.

Mandatory Access Control (MAC) procedures

C.

Data link encryption

D.

Segregation of duties

Full Access
Question # 6

What type of encryption is used to protect sensitive data in transit over a network?

A.

Payload encryption and transport encryption

B.

Authentication Headers (AH)

C.

Keyed-Hashing for Message Authentication

D.

Point-to-Point Encryption (P2PE)

Full Access
Question # 7

Which of the following entities is ultimately accountable for data remanence vulnerabilities with data replicated by a cloud service provider?

A.

Data owner

B.

Data steward

C.

Data custodian

D.

Data processor

Full Access
Question # 8

An organization has developed a major application that has undergone accreditation testing. After receiving the results of the evaluation, what is the final step before the application can be accredited?

A.

Acceptance of risk by the authorizing official

B.

Remediation of vulnerabilities

C.

Adoption of standardized policies and procedures

D.

Approval of the System Security Plan (SSP)

Full Access
Question # 9

Which Web Services Security (WS-Security) specification negotiates how security tokens will be issued, renewed and validated? Click on the correct specification in the image below.

Full Access
Question # 10

What is the MOST efficient way to secure a production program and its data?

A.

Disable default accounts and implement access control lists (ACL)

B.

Harden the application and encrypt the data

C.

Disable unused services and implement tunneling

D.

Harden the servers and backup the data

Full Access
Question # 11

Which of the following is the FIRST step an organization's security professional performs when defining a cyber-security program based upon industry standards?

A.

Map the organization's current security practices to industry standards and frameworks.

B.

Define the organization's objectives regarding security and risk mitigation.

C.

Select from a choice of security best practices.

D.

Review the past security assessments.

Full Access
Question # 12

The application of which of the following standards would BEST reduce the potential for data breaches?

A.

ISO 9000

B.

ISO 20121

C.

ISO 26000

D.

ISO 27001

Full Access
Question # 13

Which of the following is the MOST effective method of mitigating data theft from an active user workstation?

A.

Implement full-disk encryption

B.

Enable multifactor authentication

C.

Deploy file integrity checkers

D.

Disable use of portable devices

Full Access
Question # 14

In software development, developers should use which type of queries to prevent a Structured Query Language (SQL) injection?

A.

Parameterised

B.

Dynamic

C.

Static

D.

Controlled

Full Access
Question # 15

Which of the following secures web transactions at the Transport Layer?

A.

Secure HyperText Transfer Protocol (S-HTTP)

B.

Secure Sockets Layer (SSL)

C.

Socket Security (SOCKS)

D.

Secure Shell (SSH)

Full Access
Question # 16

Data remanence refers to which of the following?

A.

The remaining photons left in a fiber optic cable after a secure transmission.

B.

The retention period required by law or regulation.

C.

The magnetic flux created when removing the network connection from a server or personal computer.

D.

The residual information left on magnetic storage media after a deletion or erasure.

Full Access
Question # 17

What is the MOST effective method of testing custom application code?

A.

Negative testing

B.

White box testing

C.

Penetration testing

D.

Black box testing

Full Access
Question # 18

In order to provide dual assurance in a digital signature system, the design MUST include which of the following?

A.

The public key must be unique for the signed document.

B.

signature process must generate adequate authentication credentials.

C.

The hash of the signed document must be present.

D.

The encrypted private key must be provided in the signing certificate.

Full Access
Question # 19

Which of the following statements is TRUE regarding value boundary analysis as a functional software testing technique?

A.

It is useful for testing communications protocols and graphical user interfaces.

B.

It is characterized by the stateless behavior of a process implemented in a function.

C.

Test inputs are obtained from the derived threshold of the given functional specifications.

D.

An entire partition can be covered by considering only one representative value from that partition.

Full Access
Question # 20

What is the PRIMARY goal for using Domain Name System Security Extensions (DNSSEC) to sign records?

A.

Integrity

B.

Confidentiality

C.

Accountability

D.

Availability

Full Access
Question # 21

Refer to the information below to answer the question.

Desktop computers in an organization were sanitized for re-use in an equivalent security environment. The data was destroyed in accordance with organizational policy and all marking and other external indications of the sensitivity of the data that was formerly stored on the magnetic drives were removed.

After magnetic drives were degaussed twice according to the product manufacturer's directions, what is the MOST LIKELY security issue with degaussing?

A.

Commercial products often have serious weaknesses of the magnetic force available in the degausser product.

B.

Degausser products may not be properly maintained and operated.

C.

The inability to turn the drive around in the chamber for the second pass due to human error.

D.

Inadequate record keeping when sanitizing mediA.

Full Access
Question # 22

What is the FIRST step in reducing the exposure of a network to Internet Control Message Protocol (ICMP) based attacks?

A.

Implement egress filtering at the organization's network boundary.

B.

Implement network access control lists (ACL).

C.

Implement a web application firewall (WAF).

D.

Implement an intrusion prevention system (IPS).

Full Access
Question # 23

The Chief Information Security Officer (CISO) is concerned about business application availability. The organization was recently subject to a ransomware attack that resulted in the unavailability of applications and services for 10 working days that required paper-based running of all main business processes. There are now aggressive plans to enhance the Recovery Time Objective (RTO) and cater for more frequent data captures. Which of the following solutions should be implemented to fully comply to the new business requirements?

A.

Virtualization

B.

Antivirus

C.

Process isolation

D.

Host-based intrusion prevention system (HIPS)

Full Access
Question # 24

The security organization is looking for a solution that could help them determine with a strong level of confidence that attackers have breached their network. Which solution is MOST effective at discovering a successful network breach?

A.

Deploying a honeypot

B.

Developing a sandbox

C.

Installing an intrusion prevention system (IPS)

D.

Installing an intrusion detection system (IDS)

Full Access
Question # 25

What component of a web application that stores the session state in a cookie can be bypassed by an attacker?

A.

An initialization check

B.

An identification check

C.

An authentication check

D.

An authorization check

Full Access
Question # 26

Refer to the information below to answer the question.

In a Multilevel Security (MLS) system, the following sensitivity labels are used in increasing levels of sensitivity: restricted, confidential, secret, top secret. Table A lists the clearance levels for four users, while Table B lists the security classes of four different files.

Which of the following is true according to the star property (*property)?

A.

User D can write to File 1

B.

User B can write to File 1

C.

User A can write to File 1

D.

User C can write to File 1

Full Access
Question # 27

In a Transmission Control Protocol/Internet Protocol (TCP/IP) stack, which layer is responsible for negotiating and establishing a connection with another node?

A.

Transport layer

B.

Application layer

C.

Network layer

D.

Session layer

Full Access
Question # 28

An input validation and exception handling vulnerability has been discovered on a critical web-based system. Which of the following is MOST suited to quickly implement a control?

A.

Add a new rule to the application layer firewall

B.

Block access to the service

C.

Install an Intrusion Detection System (IDS)

D.

Patch the application source code

Full Access
Question # 29

Which of the following is used by the Point-to-Point Protocol (PPP) to determine packet formats?

A.

Layer 2 Tunneling Protocol (L2TP)

B.

Link Control Protocol (LCP)

C.

Challenge Handshake Authentication Protocol (CHAP)

D.

Packet Transfer Protocol (PTP)

Full Access
Question # 30

An external attacker has compromised an organization’s network security perimeter and installed a sniffer onto an inside computer. Which of the following is the MOST effective layer of security the organization could have implemented to mitigate the attacker’s ability to gain further information?

A.

Implement packet filtering on the network firewalls

B.

Install Host Based Intrusion Detection Systems (HIDS)

C.

Require strong authentication for administrators

D.

Implement logical network segmentation at the switches

Full Access
Question # 31

Which of the following is the BEST network defense against unknown types of attacks or stealth attacks in progress?

A.

Intrusion Prevention Systems (IPS)

B.

Intrusion Detection Systems (IDS)

C.

Stateful firewalls

D.

Network Behavior Analysis (NBA) tools

Full Access
Question # 32

When implementing a data classification program, why is it important to avoid too much granularity?

A.

The process will require too many resources

B.

It will be difficult to apply to both hardware and software

C.

It will be difficult to assign ownership to the data

D.

The process will be perceived as having value

Full Access
Question # 33

Which of the following assures that rules are followed in an identity management architecture?

A.

Policy database

B.

Digital signature

C.

Policy decision point

D.

Policy enforcement point

Full Access
Question # 34

Which of the following is an effective control in preventing electronic cloning of Radio Frequency Identification (RFID) based access cards?

A.

Personal Identity Verification (PIV)

B.

Cardholder Unique Identifier (CHUID) authentication

C.

Physical Access Control System (PACS) repeated attempt detection

D.

Asymmetric Card Authentication Key (CAK) challenge-response

Full Access
Question # 35

Which of the following BEST describes the responsibilities of a data owner?

A.

Ensuring quality and validation through periodic audits for ongoing data integrity

B.

Maintaining fundamental data availability, including data storage and archiving

C.

Ensuring accessibility to appropriate users, maintaining appropriate levels of data security

D.

Determining the impact the information has on the mission of the organization

Full Access
Question # 36

At what level of the Open System Interconnection (OSI) model is data at rest on a Storage Area Network (SAN) located?

A.

Link layer

B.

Physical layer

C.

Session layer

D.

Application layer

Full Access
Question # 37

Which of the following is an initial consideration when developing an information security management system?

A.

Identify the contractual security obligations that apply to the organizations

B.

Understand the value of the information assets

C.

Identify the level of residual risk that is tolerable to management

D.

Identify relevant legislative and regulatory compliance requirements

Full Access
Question # 38

In a data classification scheme, the data is owned by the

A.

system security managers

B.

business managers

C.

Information Technology (IT) managers

D.

end users

Full Access
Question # 39

Which of the following is MOST important when assigning ownership of an asset to a department?

A.

The department should report to the business owner

B.

Ownership of the asset should be periodically reviewed

C.

Individual accountability should be ensured

D.

All members should be trained on their responsibilities

Full Access
Question # 40

An organization has doubled in size due to a rapid market share increase. The size of the Information Technology (IT) staff has maintained pace with this growth. The organization hires several contractors whose onsite time is limited. The IT department has pushed its limits building servers and rolling out workstations and has a backlog of account management requests.

Which contract is BEST in offloading the task from the IT staff?

A.

Platform as a Service (PaaS)

B.

Identity as a Service (IDaaS)

C.

Desktop as a Service (DaaS)

D.

Software as a Service (SaaS)

Full Access
Question # 41

Which of the following is used to support the of defense in depth during development phase of a software product?

A.

Security auditing

B.

Polyinstantiation

C.

Maintenance

D.

Known vulnerability list

Full Access
Question # 42

Which one of the following affects the classification of data?

A.

Assigned security label

B.

Multilevel Security (MLS) architecture

C.

Minimum query size

D.

Passage of time

Full Access
Question # 43

What is the BEST approach for maintaining ethics when a security professional is

unfamiliar with the culture of a country and is asked to perform a questionable task?

A.

Exercise due diligence when deciding to circumvent host government requests.

B.

Become familiar with the means in which the code of ethics is applied and considered.

C.

Complete the assignment based on the customer's wishes.

D.

Execute according to the professional's comfort level with the code of ethics.

Full Access
Question # 44

Which of the following is the FIRST step of a penetration test plan?

A.

Analyzing a network diagram of the target network

B.

Notifying the company's customers

C.

Obtaining the approval of the company's management

D.

Scheduling the penetration test during a period of least impact

Full Access
Question # 45

A system has been scanned for vulnerabilities and has been found to contain a number of communication ports that have been opened without authority. To which of the following might this system have been subjected?

A.

Trojan horse

B.

Denial of Service (DoS)

C.

Spoofing

D.

Man-in-the-Middle (MITM)

Full Access
Question # 46

When designing a networked Information System (IS) where there will be several different types of individual access, what is the FIRST step that should be taken to ensure all access control requirements are addressed?

A.

Create a user profile.

B.

Create a user access matrix.

C.

Develop an Access Control List (ACL).

D.

Develop a Role Based Access Control (RBAC) list.

Full Access
Question # 47

What is one way to mitigate the risk of security flaws in custom software?

A.

Include security language in the Earned Value Management (EVM) contract

B.

Include security assurance clauses in the Service Level Agreement (SLA)

C.

Purchase only Commercial Off-The-Shelf (COTS) products

D.

Purchase only software with no open source Application Programming Interfaces (APIs)

Full Access
Question # 48

Which of the following could cause a Denial of Service (DoS) against an authentication system?

A.

Encryption of audit logs

B.

No archiving of audit logs

C.

Hashing of audit logs

D.

Remote access audit logs

Full Access
Question # 49

Recovery strategies of a Disaster Recovery planning (DRIP) MUST be aligned with which of the following?

A.

Hardware and software compatibility issues

B.

Applications’ critically and downtime tolerance

C.

Budget constraints and requirements

D.

Cost/benefit analysis and business objectives

Full Access
Question # 50

Which of the following is a BEST practice when traveling internationally with laptops containing Personally Identifiable Information (PII)?

A.

Use a thumb drive to transfer information from a foreign computer.

B.

Do not take unnecessary information, including sensitive information.

C.

Connect the laptop only to well-known networks like the hotel or public Internet cafes.

D.

Request international points of contact help scan the laptop on arrival to ensure it is protected.

Full Access
Question # 51

Which of the following initiates the systems recovery phase of a disaster recovery plan?

A.

Issuing a formal disaster declaration

B.

Activating the organization's hot site

C.

Evacuating the disaster site

D.

Assessing the extent of damage following the disaster

Full Access
Question # 52

Which of the following is the primary advantage of segmenting Virtual Machines (VM) using physical networks?

A.

Simplicity of network configuration and network monitoring

B.

Removes the need for decentralized management solutions

C.

Removes the need for dedicated virtual security controls

D.

Simplicity of network configuration and network redundancy

Full Access
Question # 53

A Java program is being developed to read a file from computer A and write it to computer B, using a third computer C. The program is not working as expected. What is the MOST probable security feature of Java preventing the program from operating as intended?

A.

Least privilege

B.

Privilege escalation

C.

Defense in depth

D.

Privilege bracketing

Full Access
Question # 54

The configuration management and control task of the certification and accreditation process is incorporated in which phase of the System Development Life Cycle (SDLC)?

A.

System acquisition and development

B.

System operations and maintenance

C.

System initiation

D.

System implementation

Full Access
Question # 55

Which of the following is a PRIMARY advantage of using a third-party identity service?

A.

Consolidation of multiple providers

B.

Directory synchronization

C.

Web based logon

D.

Automated account management

Full Access
Question # 56

What principle requires that changes to the plaintext affect many parts of the ciphertext?

A.

Diffusion

B.

Encapsulation

C.

Obfuscation

D.

Permutation

Full Access
Question # 57

Which of the following is an appropriate source for test data?

A.

Production data that is secured and maintained only in the production environment.

B.

Test data that has no similarities to production datA.

C.

Test data that is mirrored and kept up-to-date with production datA.

D.

Production data that has been sanitized before loading into a test environment.

Full Access
Question # 58

Which of the following types of business continuity tests includes assessment of resilience to internal and external risks without endangering live operations?

A.

Walkthrough

B.

Simulation

C.

Parallel

D.

White box

Full Access
Question # 59

When is a Business Continuity Plan (BCP) considered to be valid?

A.

When it has been validated by the Business Continuity (BC) manager

B.

When it has been validated by the board of directors

C.

When it has been validated by all threat scenarios

D.

When it has been validated by realistic exercises

Full Access
Question # 60

A Business Continuity Plan/Disaster Recovery Plan (BCP/DRP) will provide which of the following?

A.

Guaranteed recovery of all business functions

B.

Minimization of the need decision making during a crisis

C.

Insurance against litigation following a disaster

D.

Protection from loss of organization resources

Full Access
Question # 61

A continuous information security monitoring program can BEST reduce risk through which of the following?

A.

Collecting security events and correlating them to identify anomalies

B.

Facilitating system-wide visibility into the activities of critical user accounts

C.

Encompassing people, process, and technology

D.

Logging both scheduled and unscheduled system changes

Full Access
Question # 62

What is the PRIMARY reason for implementing change management?

A.

Certify and approve releases to the environment

B.

Provide version rollbacks for system changes

C.

Ensure that all applications are approved

D.

Ensure accountability for changes to the environment

Full Access
Question # 63

Place the following information classification steps in sequential order.

Full Access
Question # 64

An important principle of defense in depth is that achieving information security requires a balanced focus on which PRIMARY elements?

A.

Development, testing, and deployment

B.

Prevention, detection, and remediation

C.

People, technology, and operations

D.

Certification, accreditation, and monitoring

Full Access
Question # 65

Which of the following represents the GREATEST risk to data confidentiality?

A.

Network redundancies are not implemented

B.

Security awareness training is not completed

C.

Backup tapes are generated unencrypted

D.

Users have administrative privileges

Full Access
Question # 66

When assessing an organization’s security policy according to standards established by the International Organization for Standardization (ISO) 27001 and 27002, when can management responsibilities be defined?

A.

Only when assets are clearly defined

B.

Only when standards are defined

C.

Only when controls are put in place

D.

Only procedures are defined

Full Access
Question # 67

All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that

A.

determine the risk of a business interruption occurring

B.

determine the technological dependence of the business processes

C.

Identify the operational impacts of a business interruption

D.

Identify the financial impacts of a business interruption

Full Access
Question # 68

A company whose Information Technology (IT) services are being delivered from a Tier 4 data center, is preparing a companywide Business Continuity Planning (BCP). Which of the following failures should the IT manager be concerned with?

A.

Application

B.

Storage

C.

Power

D.

Network

Full Access
Question # 69

Which of the following is a web application control that should be put into place to prevent exploitation of Operating System (OS) bugs?

A.

Check arguments in function calls

B.

Test for the security patch level of the environment

C.

Include logging functions

D.

Digitally sign each application module

Full Access
Question # 70

What is the BEST approach to addressing security issues in legacy web applications?

A.

Debug the security issues

B.

Migrate to newer, supported applications where possible

C.

Conduct a security assessment

D.

Protect the legacy application with a web application firewall

Full Access
Question # 71

Which of the following is TRUE regarding equivalence class testing?

A.

It is characterized by the stateless behavior of a process implemented In a function.

B.

An entire partition can be covered by considering only one representative value from that partition.

C.

Test inputs are obtained from the derived boundaries of the given functional specifications.

D.

It is useful for testing communications protocols and graphical user interfaces.

Full Access
Question # 72

Which of the following is used to ensure that data mining activities Will NOT reveal sensitive data?

A.

Implement two-factor authentication on the underlying infrastructure.

B.

Encrypt data at the field level and tightly control encryption keys.

C.

Preprocess the databases to see if inn …… can be disclosed from the learned patterns.

D.

Implement the principle of least privilege on data elements so a reduced number of users can access the database.

Full Access
Question # 73

Which of the following is of GREATEST assistance to auditors when reviewing system configurations?

A.

Change management processes

B.

User administration procedures

C.

Operating System (OS) baselines

D.

System backup documentation

Full Access
Question # 74

Which of the following is an essential element of a privileged identity lifecycle management?

A.

Regularly perform account re-validation and approval

B.

Account provisioning based on multi-factor authentication

C.

Frequently review performed activities and request justification

D.

Account information to be provided by supervisor or line manager

Full Access
Question # 75

A software scanner identifies a region within a binary image having high entropy. What does this MOST likely indicate?

A.

Encryption routines

B.

Random number generator

C.

Obfuscated code

D.

Botnet command and control

Full Access
Question # 76

Which of the following is the MAIN reason that system re-certification and re-accreditation are needed?

A.

To assist data owners in making future sensitivity and criticality determinations

B.

To assure the software development team that all security issues have been addressed

C.

To verify that security protection remains acceptable to the organizational security policy

D.

To help the security team accept or reject new systems for implementation and production

Full Access
Question # 77

What are the three key benefits that application developers should derive from the northbound application programming interface (API) of software defined networking

(SDN)?

A.

Familiar syntax, abstraction of network topology, and definition of network protocols

B.

Network syntax, abstraction of network flow, and abstraction of network protocols

C.

Network syntax, abstraction of network commands, and abstraction of network protocols

D.

Familiar syntax, abstraction of network topology, and abstraction of network protocols

Full Access
Question # 78

The BEST method of demonstrating a company's security level to potential customers is

A.

a report from an external auditor.

B.

responding to a customer's security questionnaire.

C.

a formal report from an internal auditor.

D.

a site visit by a customer's security team.

Full Access
Question # 79

When building a data center, site location and construction factors that increase the level of vulnerability to physical threats include

A.

hardened building construction with consideration of seismic factors.

B.

adequate distance from and lack of access to adjacent buildings.

C.

curved roads approaching the data center.

D.

proximity to high crime areas of the city.

Full Access
Question # 80

Which one of the following is a threat related to the use of web-based client side input validation?

A.

Users would be able to alter the input after validation has occurred

B.

The web server would not be able to validate the input after transmission

C.

The client system could receive invalid input from the web server

D.

The web server would not be able to receive invalid input from the client

Full Access
Question # 81

Which of the following is an attacker MOST likely to target to gain privileged access to a system?

A.

Programs that write to system resources

B.

Programs that write to user directories

C.

Log files containing sensitive information

D.

Log files containing system calls

Full Access
Question # 82

Following the completion of a network security assessment, which of the following can BEST be demonstrated?

A.

The effectiveness of controls can be accurately measured

B.

A penetration test of the network will fail

C.

The network is compliant to industry standards

D.

All unpatched vulnerabilities have been identified

Full Access
Question # 83

Which one of the following is a fundamental objective in handling an incident?

A.

To restore control of the affected systems

B.

To confiscate the suspect's computers

C.

To prosecute the attacker

D.

To perform full backups of the system

Full Access
Question # 84

Who is accountable for the information within an Information System (IS)?

A.

Security manager

B.

System owner

C.

Data owner

D.

Data processor

Full Access
Question # 85

The MAIN use of Layer 2 Tunneling Protocol (L2TP) is to tunnel data

A.

through a firewall at the Session layer

B.

through a firewall at the Transport layer

C.

in the Point-to-Point Protocol (PPP)

D.

in the Payload Compression Protocol (PCP)

Full Access
Question # 86

An organization is found lacking the ability to properly establish performance indicators for its Web hosting solution during an audit. What would be the MOST probable cause?

A.

Absence of a Business Intelligence (BI) solution

B.

Inadequate cost modeling

C.

Improper deployment of the Service-Oriented Architecture (SOA)

D.

Insufficient Service Level Agreement (SLA)

Full Access
Question # 87

Who should perform the design review to uncover security design flaws as part of the Software Development Life Cycle (SDLC)?

A.

The business owner

B.

security subject matter expert (SME)

C.

The application owner

D.

A developer subject matter expert (SME)

Full Access
Question # 88

Which of the following is considered the FIRST step when designing an internal security control assessment?

A.

Create a plan based on recent vulnerability scans of the systems in question.

B.

Create a plan based on comprehensive knowledge of known breaches.

C.

Create a plan based on a recognized framework of known controls.

D.

Create a plan based on reconnaissance of the organization's infrastructure.

Full Access
Question # 89

Refer to the information below to answer the question.

During the investigation of a security incident, it is determined that an unauthorized individual accessed a system which hosts a database containing financial information.

If it is discovered that large quantities of information have been copied by the unauthorized individual, what attribute of the data has been compromised?

A.

Availability

B.

Integrity

C.

Accountability

D.

Confidentiality

Full Access
Question # 90

Which of the following is the FIRST step in the incident response process?

A.

Determine the cause of the incident

B.

Disconnect the system involved from the network

C.

Isolate and contain the system involved

D.

Investigate all symptoms to confirm the incident

Full Access
Question # 91

Refer to the information below to answer the question.

A security practitioner detects client-based attacks on the organization’s network. A plan will be necessary to address these concerns.

In the plan, what is the BEST approach to mitigate future internal client-based attacks?

A.

Block all client side web exploits at the perimeter.

B.

Remove all non-essential client-side web services from the network.

C.

Screen for harmful exploits of client-side services before implementation.

D.

Harden the client image before deployment.

Full Access
Question # 92

What is the PRIMARY reason for ethics awareness and related policy implementation?

A.

It affects the workflow of an organization.

B.

It affects the reputation of an organization.

C.

It affects the retention rate of employees.

D.

It affects the morale of the employees.

Full Access
Question # 93

Which of the following MUST system and database administrators be aware of and apply when configuring systems used for storing personal employee data?

A.

Secondary use of the data by business users

B.

The organization's security policies and standards

C.

The business purpose for which the data is to be used

D.

The overall protection of corporate resources and data

Full Access
Question # 94

Which of the following factors contributes to the weakness of Wired Equivalent Privacy (WEP) protocol?

A.

WEP uses a small range Initialization Vector (IV)

B.

WEP uses Message Digest 5 (MD5)

C.

WEP uses Diffie-Hellman

D.

WEP does not use any Initialization Vector (IV)

Full Access
Question # 95

Which of the following media sanitization techniques is MOST likely to be effective for an organization using public cloud services?

A.

Low-level formatting

B.

Secure-grade overwrite erasure

C.

Cryptographic erasure

D.

Drive degaussing

Full Access
Question # 96

Which of the following is the PRIMARY risk with using open source software in a commercial software construction?

A.

Lack of software documentation

B.

License agreements requiring release of modified code

C.

Expiration of the license agreement

D.

Costs associated with support of the software

Full Access
Question # 97

Which of the following is the BEST method to prevent malware from being introduced into a production environment?

A.

Purchase software from a limited list of retailers

B.

Verify the hash key or certificate key of all updates

C.

Do not permit programs, patches, or updates from the Internet

D.

Test all new software in a segregated environment

Full Access
Question # 98

What is an effective practice when returning electronic storage media to third parties for repair?

A.

Ensuring the media is not labeled in any way that indicates the organization's name.

B.

Disassembling the media and removing parts that may contain sensitive datA.

C.

Physically breaking parts of the media that may contain sensitive datA.

D.

Establishing a contract with the third party regarding the secure handling of the mediA.

Full Access
Question # 99

Intellectual property rights are PRIMARY concerned with which of the following?

A.

Owner’s ability to realize financial gain

B.

Owner’s ability to maintain copyright

C.

Right of the owner to enjoy their creation

D.

Right of the owner to control delivery method

Full Access
Question # 100

Which of the following types of technologies would be the MOST cost-effective method to provide a reactive control for protecting personnel in public areas?

A.

Install mantraps at the building entrances

B.

Enclose the personnel entry area with polycarbonate plastic

C.

Supply a duress alarm for personnel exposed to the public

D.

Hire a guard to protect the public area

Full Access
Question # 101

In which of the following programs is it MOST important to include the collection of security process data?

A.

Quarterly access reviews

B.

Security continuous monitoring

C.

Business continuity testing

D.

Annual security training

Full Access
Question # 102

Which of the following is a PRIMARY benefit of using a formalized security testing report format and structure?

A.

Executive audiences will understand the outcomes of testing and most appropriate next steps for corrective actions to be taken

B.

Technical teams will understand the testing objectives, testing strategies applied, and business risk associated with each vulnerability

C.

Management teams will understand the testing objectives and reputational risk to the organization

D.

Technical and management teams will better understand the testing objectives, results of each test phase, and potential impact levels

Full Access
Question # 103

What is the BEST approach for controlling access to highly sensitive information when employees have the same level of security clearance?

A.

Audit logs

B.

Role-Based Access Control (RBAC)

C.

Two-factor authentication

D.

Application of least privilege

Full Access
Question # 104

Users require access rights that allow them to view the average salary of groups of employees. Which control would prevent the users from obtaining an individual employee’s salary?

A.

Limit access to predefined queries

B.

Segregate the database into a small number of partitions each with a separate security level

C.

Implement Role Based Access Control (RBAC)

D.

Reduce the number of people who have access to the system for statistical purposes

Full Access
Question # 105

A manufacturing organization wants to establish a Federated Identity Management (FIM) system with its 20 different supplier companies. Which of the following is the BEST solution for the manufacturing organization?

A.

Trusted third-party certification

B.

Lightweight Directory Access Protocol (LDAP)

C.

Security Assertion Markup language (SAML)

D.

Cross-certification

Full Access
Question # 106

Which of the following mobile code security models relies only on trust?

A.

Code signing

B.

Class authentication

C.

Sandboxing

D.

Type safety

Full Access
Question # 107

Which of the following BEST describes an access control method utilizing cryptographic keys derived from a smart card private key that is embedded within mobile devices?

A.

Derived credential

B.

Temporary security credential

C.

Mobile device credentialing service

D.

Digest authentication

Full Access
Question # 108

Which technique can be used to make an encryption scheme more resistant to a known plaintext attack?

A.

Hashing the data before encryption

B.

Hashing the data after encryption

C.

Compressing the data after encryption

D.

Compressing the data before encryption

Full Access
Question # 109

Which security service is served by the process of encryption plaintext with the sender’s private key and decrypting cipher text with the sender’s public key?

A.

Confidentiality

B.

Integrity

C.

Identification

D.

Availability

Full Access
Question # 110

Who in the organization is accountable for classification of data information assets?

A.

Data owner

B.

Data architect

C.

Chief Information Security Officer (CISO)

D.

Chief Information Officer (CIO)

Full Access
Question # 111

What is the second phase of Public Key Infrastructure (PKI) key/certificate life-cycle management?

A.

Implementation Phase

B.

Initialization Phase

C.

Cancellation Phase

D.

Issued Phase

Full Access
Question # 112

Which component of the Security Content Automation Protocol (SCAP) specification contains the data required to estimate the severity of vulnerabilities identified automated vulnerability assessments?

A.

Common Vulnerabilities and Exposures (CVE)

B.

Common Vulnerability Scoring System (CVSS)

C.

Asset Reporting Format (ARF)

D.

Open Vulnerability and Assessment Language (OVAL)

Full Access
Question # 113

The use of private and public encryption keys is fundamental in the implementation of which of the following?

A.

Diffie-Hellman algorithm

B.

Secure Sockets Layer (SSL)

C.

Advanced Encryption Standard (AES)

D.

Message Digest 5 (MD5)

Full Access
Question # 114

A vulnerability in which of the following components would be MOST difficult to detect?

A.

Kernel

B.

Shared libraries

C.

Hardware

D.

System application

Full Access
Question # 115

Match the access control type to the example of the control type.

Drag each access control type net to its corresponding example.

Full Access
Question # 116

A user sends an e-mail request asking for read-only access to files that are not considered sensitive. A Discretionary Access Control (DAC) methodology is in place. Which is the MOST suitable approach that the administrator should take?

A.

Administrator should request data owner approval to the user access

B.

Administrator should request manager approval for the user access

C.

Administrator should directly grant the access to the non-sensitive files

D.

Administrator should assess the user access need and either grant or deny the access

Full Access
Question # 117

An organization regularly conducts its own penetration tests. Which of the following scenarios MUST be covered for the test to be effective?

A.

Third-party vendor with access to the system

B.

System administrator access compromised

C.

Internal attacker with access to the system

D.

Internal user accidentally accessing data

Full Access
Question # 118

What is a characteristic of Secure Socket Layer (SSL) and Transport Layer Security (TLS)?

A.

SSL and TLS provide a generic channel security mechanism on top of Transmission Control Protocol (TCP).

B.

SSL and TLS provide nonrepudiation by default.

C.

SSL and TLS do not provide security for most routed protocols.

D.

SSL and TLS provide header encapsulation over HyperText Transfer Protocol (HTTP).

Full Access
Question # 119

When building a data classification scheme, which of the following is the PRIMARY concern?

A.

Purpose

B.

Cost effectiveness

C.

Availability

D.

Authenticity

Full Access
Question # 120

When in the Software Development Life Cycle (SDLC) MUST software security functional requirements be defined?

A.

After the system preliminary design has been developed and the data security categorization has been performed

B.

After the vulnerability analysis has been performed and before the system detailed design begins

C.

After the system preliminary design has been developed and before the data security categorization begins

D.

After the business functional analysis and the data security categorization have been performed

Full Access
Question # 121

What is considered the BEST explanation when determining whether to provide remote network access to a third-party security service?

A.

Contract negotiation

B.

Vendor demonstration

C.

Supplier request

D.

Business need

Full Access
Question # 122

Which of the following MUST the administrator of a security information and event management (SIEM) system ensure?

A.

All sources are reporting in the exact same Extensible Markup Language (XML) format.

B.

Data sources do not contain information infringing upon privacy regulations.

C.

All sources are synchronized with a common time reference.

D.

Each source uses the same Internet Protocol (IP) address for reporting.

Full Access
Question # 123

Which of the following uses the destination IP address to forward packets?

A.

A bridge

B.

A Layer 2 switch

C.

A router

D.

A repeater

Full Access
Question # 124

Which of the following is the BEST way to protect against Structured Query language (SQL) injection?

A.

Enforce boundary checking.

B.

Ratfrict um of SELECT command.

C.

Restrict HyperText Markup Language (HTML) source code

D.

Use stored procedures.

Full Access
Question # 125

Which of the following actions will reduce risk to a laptop before traveling to a high risk area?

A.

Examine the device for physical tampering

B.

Implement more stringent baseline configurations

C.

Purge or re-image the hard disk drive

D.

Change access codes

Full Access
Question # 126

Which of the following authorization standards is built to handle Application programming Interface (API) access for federated Identity management (FIM)?

A.

Remote Authentication Dial-In User Service (RADIUS)

B.

Terminal Access Controller Access Control System Plus (TACACS+)

C.

Open Authentication (OAuth)

D.

Security Assertion Markup Language (SAML)

Full Access
Question # 127

With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

A.

Continuously without exception for all security controls

B.

Before and after each change of the control

C.

At a rate concurrent with the volatility of the security control

D.

Only during system implementation and decommissioning

Full Access
Question # 128

Refer to the information below to answer the question.

A security practitioner detects client-based attacks on the organization’s network. A plan will be necessary to address these concerns.

What is the BEST reason for the organization to pursue a plan to mitigate client-based attacks?

A.

Client privilege administration is inherently weaker than server privilege administration.

B.

Client hardening and management is easier on clients than on servers.

C.

Client-based attacks are more common and easier to exploit than server and network based attacks.

D.

Client-based attacks have higher financial impact.

Full Access
Question # 129

Refer to the information below to answer the question.

A large, multinational organization has decided to outsource a portion of their Information Technology (IT) organization to a third-party provider’s facility. This provider will be responsible for the design, development, testing, and support of several critical, customer-based applications used by the organization.

The third party needs to have

A.

processes that are identical to that of the organization doing the outsourcing.

B.

access to the original personnel that were on staff at the organization.

C.

the ability to maintain all of the applications in languages they are familiar with.

D.

access to the skill sets consistent with the programming languages used by the organization.

Full Access
Question # 130

What would be the MOST cost effective solution for a Disaster Recovery (DR) site given that the organization’s systems cannot be unavailable for more than 24 hours?

A.

Warm site

B.

Hot site

C.

Mirror site

D.

Cold site

Full Access
Question # 131

What is the MOST important step during forensic analysis when trying to learn the purpose of an unknown application?

A.

Disable all unnecessary services

B.

Ensure chain of custody

C.

Prepare another backup of the system

D.

Isolate the system from the network

Full Access
Question # 132

Refer to the information below to answer the question.

During the investigation of a security incident, it is determined that an unauthorized individual accessed a system which hosts a database containing financial information.

Aside from the potential records which may have been viewed, which of the following should be the PRIMARY concern regarding the database information?

A.

Unauthorized database changes

B.

Integrity of security logs

C.

Availability of the database

D.

Confidentiality of the incident

Full Access
Question # 133

Which of the following MOST influences the design of the organization's electronic monitoring policies?

A.

Workplace privacy laws

B.

Level of organizational trust

C.

Results of background checks

D.

Business ethical considerations

Full Access
Question # 134

What should be the FIRST action to protect the chain of evidence when a desktop computer is involved?

A.

Take the computer to a forensic lab

B.

Make a copy of the hard drive

C.

Start documenting

D.

Turn off the computer

Full Access
Question # 135

employee training, risk management, and data handling procedures and policies could be characterized as which type of security measure?

A.

Non-essential

B.

Management

C.

Preventative

D.

Administrative

Full Access