An organization is considering outsourcing applications and data to a Cloud Service
Provider (CSP). Which of the following is the MOST important concern regarding
privacy?
Which of the following is an accurate statement when an assessment results in the discovery of vulnerabilities in a critical network component?
An organization wants to enable uses to authenticate across multiple security domains. To accomplish this they have decided to use Federated Identity Management (F1M). Which of the following is used behind the scenes in a FIM deployment?
What should be the FIRST action for a security administrator who detects an intrusion on the network based on precursors and other indicators?
Which of the following is the BEST statement for a professional to include as port of business continuity (BC) procedure?
Which would result in the GREATEST import following a breach to a cloud environment?
Which of the following types of technologies would be the MOST cost-effective method to provide a reactive control for protecting personnel in public areas?
Which of the following actions will reduce risk to a laptop before traveling to a high risk area?
A company whose Information Technology (IT) services are being delivered from a Tier 4 data center, is preparing a companywide Business Continuity Planning (BCP). Which of the following failures should the IT manager be concerned with?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
What is the MOST important consideration from a data security perspective when an organization plans to relocate?
An important principle of defense in depth is that achieving information security requires a balanced focus on which PRIMARY elements?
When assessing an organization’s security policy according to standards established by the International Organization for Standardization (ISO) 27001 and 27002, when can management responsibilities be defined?
Intellectual property rights are PRIMARY concerned with which of the following?
Which of the following would BEST describe the role directly responsible for data within an organization?
Which of the following is a PRIMARY benefit of using a formalized security testing report format and structure?
In which of the following programs is it MOST important to include the collection of security process data?
A Virtual Machine (VM) environment has five guest Operating Systems (OS) and provides strong isolation. What MUST an administrator review to audit a user’s access to data files?
Which of the following is of GREATEST assistance to auditors when reviewing system configurations?
Which of the following could cause a Denial of Service (DoS) against an authentication system?
Which of the following operates at the Network Layer of the Open System Interconnection (OSI) model?
An external attacker has compromised an organization’s network security perimeter and installed a sniffer onto an inside computer. Which of the following is the MOST effective layer of security the organization could have implemented to mitigate the attacker’s ability to gain further information?
Which of the following is the BEST network defense against unknown types of attacks or stealth attacks in progress?
Which of the following factors contributes to the weakness of Wired Equivalent Privacy (WEP) protocol?
An input validation and exception handling vulnerability has been discovered on a critical web-based system. Which of the following is MOST suited to quickly implement a control?
At what level of the Open System Interconnection (OSI) model is data at rest on a Storage Area Network (SAN) located?
In a Transmission Control Protocol/Internet Protocol (TCP/IP) stack, which layer is responsible for negotiating and establishing a connection with another node?
Which of the following is used by the Point-to-Point Protocol (PPP) to determine packet formats?
Which of the following problems is not addressed by using OAuth (Open Standard to Authorization) 2.0 to integrate a third-party identity provider for a service?
The use of proximity card to gain access to a building is an example of what type of security control?
What do Capability Maturity Models (CMM) serve as a benchmark for in an organization?
Refer to the information below to answer the question.
An organization has hired an information security officer to lead their security department. The officer has adequate people resources but is lacking the other necessary components to have an effective security program. There are numerous initiatives requiring security involvement.
Which of the following is considered the MOST important priority for the information security officer?
An organization decides to implement a partial Public Key Infrastructure (PKI) with only the servers having digital certificates. What is the security benefit of this implementation?
Identify the component that MOST likely lacks digital accountability related to information access.
Click on the correct device in the image below.
Which of the following provides effective management assurance for a Wireless Local Area Network (WLAN)?
Refer to the information below to answer the question.
A large organization uses unique identifiers and requires them at the start of every system session. Application access is based on job classification. The organization is subject to periodic independent reviews of access controls and violations. The organization uses wired and wireless networks and remote access. The organization also uses secure connections to branch offices and secure backup and recovery strategies for selected information and processes.
In addition to authentication at the start of the user session, best practice would require re-authentication
An organization's data policy MUST include a data retention period which is based on
Given the various means to protect physical and logical assets, match the access management area to the technology.
Refer to the information below to answer the question.
An organization experiencing a negative financial impact is forced to reduce budgets and the number of Information Technology (IT) operations staff performing basic logical access security administration functions. Security processes have been tightly integrated into normal IT operations and are not separate and distinct roles.
Which of the following will indicate where the IT budget is BEST allocated during this time?
Refer to the information below to answer the question.
An organization experiencing a negative financial impact is forced to reduce budgets and the number of Information Technology (IT) operations staff performing basic logical access security administration functions. Security processes have been tightly integrated into normal IT operations and are not separate and distinct roles.
Which of the following will MOST likely allow the organization to keep risk at an acceptable level?
Refer to the information below to answer the question.
A new employee is given a laptop computer with full administrator access. This employee does not have a personal computer at home and has a child that uses the computer to send and receive e-mail, search the web, and use instant messaging. The organization’s Information Technology (IT) department discovers that a peer-to-peer program has been installed on the computer using the employee's access.
Which of the following solutions would have MOST likely detected the use of peer-to-peer programs when the computer was connected to the office network?
After the INITIAL input o f a user identification (ID) and password, what is an authentication system that prompts the user for a different response each time the user logs on?
Which of the following examples is BEST to minimize the attack surface for a customer's private information?
If an employee transfers from one role to another, which of the following actions should this trigger within the identity and access management (IAM) lifecycle?
A cloud service accepts Security Assertion Markup Language (SAML) assertions from users to on and security However, an attacker was able to spoof a registered account on the network and query the SAML provider.
What is the MOST common attack leverage against this flaw?
Which of the following vulnerabilities can be BEST detected using automated analysis?
How does security in a distributed file system using mutual authentication differ from file security in a multi-user host?
The existence of physical barriers, card and personal identification number (PIN) access systems, cameras, alarms, and security guards BEST describes this security
approach?
The acquisition of personal data being obtained by a lawful and fair means is an example of what principle?
Which of the following activities should a forensic examiner perform FIRST when determining the priority of digital evidence collection at a crime scene?
In software development, which of the following entities normally signs the code to protect the code integrity?
A company is enrolled in a hard drive reuse program where decommissioned equipment is sold back to the vendor when it is no longer needed. The vendor pays more money for functioning drives than equipment that is no longer operational. Which method of data sanitization would provide the most secure means of preventing unauthorized data loss, while
also receiving the most money from the vendor?
Which security audit standard provides the BEST way for an organization to understand a vendor's Information Systems (IS) in relation to confidentiality, integrity, and availability?
An organization has determined that its previous waterfall approach to software development is not keeping pace with business demands. To adapt to the rapid changes required for product delivery, the organization has decided to move towards an Agile software development and release cycle. In order to ensure the success of the Agile methodology, who is MOST critical in creating acceptance tests or acceptance criteria for each release?
Which of the following is the MOST important output from a mobile application threat modeling exercise according to Open Web Application Security Project (OWASP)?
How can lessons learned from business continuity training and actual recovery incidents BEST be used?
Which of the following is the MOST likely cause of a non-malicious data breach when the source of the data breach was an un-marked file cabinet containing sensitive documents?
Users require access rights that allow them to view the average salary of groups of employees. Which control would prevent the users from obtaining an individual employee’s salary?
What is the BEST approach for controlling access to highly sensitive information when employees have the same level of security clearance?
Which of the following BEST describes an access control method utilizing cryptographic keys derived from a smart card private key that is embedded within mobile devices?
A manufacturing organization wants to establish a Federated Identity Management (FIM) system with its 20 different supplier companies. Which of the following is the BEST solution for the manufacturing organization?
When implementing a data classification program, why is it important to avoid too much granularity?
Which of the following is MOST important when assigning ownership of an asset to a department?
Which of the following is an effective control in preventing electronic cloning of Radio Frequency Identification (RFID) based access cards?
An organization has doubled in size due to a rapid market share increase. The size of the Information Technology (IT) staff has maintained pace with this growth. The organization hires several contractors whose onsite time is limited. The IT department has pushed its limits building servers and rolling out workstations and has a backlog of account management requests.
Which contract is BEST in offloading the task from the IT staff?
Who would be the BEST person to approve an organizations information security policy?
Which of the following is the MOST important part of an awareness and training plan to prepare employees for emergency situations?
The configuration management and control task of the certification and accreditation process is incorporated in which phase of the System Development Life Cycle (SDLC)?
Which of the following is the PRIMARY risk with using open source software in a commercial software construction?
Which of the following is a web application control that should be put into place to prevent exploitation of Operating System (OS) bugs?
Which of the following is the BEST method to prevent malware from being introduced into a production environment?
What is the BEST approach to addressing security issues in legacy web applications?
A Java program is being developed to read a file from computer A and write it to computer B, using a third computer C. The program is not working as expected. What is the MOST probable security feature of Java preventing the program from operating as intended?
When in the Software Development Life Cycle (SDLC) MUST software security functional requirements be defined?
Which of the following is a PRIMARY advantage of using a third-party identity service?
What should be the FIRST action to protect the chain of evidence when a desktop computer is involved?
Recovery strategies of a Disaster Recovery planning (DRIP) MUST be aligned with which of the following?
Which of the following is an initial consideration when developing an information security management system?
Due to system constraints, a group of system administrators must share a high-level access set of credentials.
Which of the following would be MOST appropriate to implement?
A continuous information security monitoring program can BEST reduce risk through which of the following?
At a MINIMUM, audits of permissions to individual or group accounts should be scheduled
An organization is found lacking the ability to properly establish performance indicators for its Web hosting solution during an audit. What would be the MOST probable cause?
The use of private and public encryption keys is fundamental in the implementation of which of the following?
What is the MOST important step during forensic analysis when trying to learn the purpose of an unknown application?
A Business Continuity Plan/Disaster Recovery Plan (BCP/DRP) will provide which of the following?
Who in the organization is accountable for classification of data information assets?
Which component of the Security Content Automation Protocol (SCAP) specification contains the data required to estimate the severity of vulnerabilities identified automated vulnerability assessments?
The core component of Role Based Access Control (RBAC) must be constructed of defined data elements.
Which elements are required?
Which of the following is the BEST reason for writing an information security policy?
Retaining system logs for six months or longer can be valuable for what activities?
The World Trade Organization's (WTO) agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPS) requires authors of computer software to be given the
How does Encapsulating Security Payload (ESP) in transport mode affect the Internet Protocol (IP)?
An organization has developed a major application that has undergone accreditation testing. After receiving the results of the evaluation, what is the final step before the application can be accredited?
An organization lacks a data retention policy. Of the following, who is the BEST person to consult for such requirement?
When planning a penetration test, the tester will be MOST interested in which information?
Which of the following is the BEST example of weak management commitment to the protection of security assets and resources?
What is the process called when impact values are assigned to the security objectives for information types?
In which order, from MOST to LEAST impacted, does user awareness training reduce the occurrence of the events below?
For privacy protected data, which of the following roles has the highest authority for establishing dissemination rules for the data?
Which of the following BEST avoids data remanence disclosure for cloud hosted resources?
Which of the following statements is TRUE for point-to-point microwave transmissions?
Which of the following is ensured when hashing files during chain of custody handling?
Which of the following MUST be part of a contract to support electronic discovery of data stored in a cloud environment?
The birthday attack is MOST effective against which one of the following cipher technologies?
Which type of control recognizes that a transaction amount is excessive in accordance with corporate policy?
Which one of the following is a fundamental objective in handling an incident?
The process of mutual authentication involves a computer system authenticating a user and authenticating the
What principle requires that changes to the plaintext affect many parts of the ciphertext?
The BEST way to check for good security programming practices, as well as auditing for possible backdoors, is to conduct
Which of the following actions should be performed when implementing a change to a database schema in a production system?
When building a data center, site location and construction factors that increase the level of vulnerability to physical threats include
An organization is designing a large enterprise-wide document repository system. They plan to have several different classification level areas with increasing levels of controls. The BEST way to ensure document confidentiality in the repository is to