A manufacturing organization wants to establish a Federated Identity Management (FIM) system with its 20 different supplier companies. Which of the following is the BEST solution for the manufacturing organization?
Which of the following BEST describes an access control method utilizing cryptographic keys derived from a smart card private key that is embedded within mobile devices?
What is the BEST approach for controlling access to highly sensitive information when employees have the same level of security clearance?
Users require access rights that allow them to view the average salary of groups of employees. Which control would prevent the users from obtaining an individual employee’s salary?
Which of the following are effective countermeasures against passive network-layer attacks?
Backup information that is critical to the organization is identified through a
A database administrator is asked by a high-ranking member of management to perform specific changes to the accounting system database. The administrator is specifically instructed to not track or evidence the change in a ticket. Which of the following is the BEST course of action?
Which of the following is MOST important when deploying digital certificates?
Which of the following restricts the ability of an individual to carry out all the steps of a particular process?
What is the MOST important element when considering the effectiveness of a training program for Business Continuity (BC) and Disaster Recovery (DR)?
From a cryptographic perspective, the service of non-repudiation includes which of the following features?
Which of the following BEST represents the concept of least privilege?
When evaluating third-party applications, which of the following is the GREATEST responsibility of Information Security?
In the Software Development Life Cycle (SDLC), maintaining accurate hardware and software inventories is a critical part of
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
In which of the following programs is it MOST important to include the collection of security process data?
Which of the following is a PRIMARY benefit of using a formalized security testing report format and structure?
Which of the following could cause a Denial of Service (DoS) against an authentication system?
Which of the following is of GREATEST assistance to auditors when reviewing system configurations?
A Virtual Machine (VM) environment has five guest Operating Systems (OS) and provides strong isolation. What MUST an administrator review to audit a user’s access to data files?
Which of the following is an effective control in preventing electronic cloning of Radio Frequency Identification (RFID) based access cards?
In a data classification scheme, the data is owned by the
Which of the following is an initial consideration when developing an information security management system?
Which of the following is MOST important when assigning ownership of an asset to a department?
Which of the following BEST describes the responsibilities of a data owner?
Which one of the following affects the classification of data?
An organization has doubled in size due to a rapid market share increase. The size of the Information Technology (IT) staff has maintained pace with this growth. The organization hires several contractors whose onsite time is limited. The IT department has pushed its limits building servers and rolling out workstations and has a backlog of account management requests.
Which contract is BEST in offloading the task from the IT staff?
When implementing a data classification program, why is it important to avoid too much granularity?
Which of the following is a web application control that should be put into place to prevent exploitation of Operating System (OS) bugs?
Which of the following is the BEST method to prevent malware from being introduced into a production environment?
An important principle of defense in depth is that achieving information security requires a balanced focus on which PRIMARY elements?
A company whose Information Technology (IT) services are being delivered from a Tier 4 data center, is preparing a companywide Business Continuity Planning (BCP). Which of the following failures should the IT manager be concerned with?
Intellectual property rights are PRIMARY concerned with which of the following?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following represents the GREATEST risk to data confidentiality?
What is the MOST important consideration from a data security perspective when an organization plans to relocate?
Which of the following types of technologies would be the MOST cost-effective method to provide a reactive control for protecting personnel in public areas?
When assessing an organization’s security policy according to standards established by the International Organization for Standardization (ISO) 27001 and 27002, when can management responsibilities be defined?
Which of the following actions will reduce risk to a laptop before traveling to a high risk area?
Recovery strategies of a Disaster Recovery planning (DRIP) MUST be aligned with which of the following?
What is the PRIMARY reason for implementing change management?
Which of the following is the FIRST step in the incident response process?
What should be the FIRST action to protect the chain of evidence when a desktop computer is involved?
An organization is found lacking the ability to properly establish performance indicators for its Web hosting solution during an audit. What would be the MOST probable cause?
Which of the following types of business continuity tests includes assessment of resilience to internal and external risks without endangering live operations?
Host-Based Intrusion Protection (HIPS) systems are often deployed in monitoring or learning mode during their initial implementation. What is the objective of starting in this mode?
Which of the following is the PRIMARY benefit of a formalized information classification program?
When dealing with compliance with the Payment Card Industry-Data Security Standard (PCI-DSS), an organization that shares card holder information with a service provider MUST do which of the following?
Which of the following is the BEST countermeasure to brute force login attacks?
The amount of data that will be collected during an audit is PRIMARILY determined by the.
Which of the following is the MOST crucial for a successful audit plan?
Refer to the information below to answer the question.
In a Multilevel Security (MLS) system, the following sensitivity labels are used in increasing levels of sensitivity: restricted, confidential, secret, top secret. Table A lists the clearance levels for four users, while Table B lists the security classes of four different files.
In a Bell-LaPadula system, which user cannot write to File 3?
What is the MOST important reason to configure unique user IDs?
Multi-Factor Authentication (MFA) is necessary in many systems given common types of password attacks. Which of the following is a correct list of password attacks?
When implementing a secure wireless network, which of the following supports authentication and authorization for individual client endpoints?
Refer to the information below to answer the question.
An organization experiencing a negative financial impact is forced to reduce budgets and the number of Information Technology (IT) operations staff performing basic logical access security administration functions. Security processes have been tightly integrated into normal IT operations and are not separate and distinct roles.
Which of the following will indicate where the IT budget is BEST allocated during this time?
An organization publishes and periodically updates its employee policies in a file on their intranet. Which of the following is a PRIMARY security concern?
Refer to the information below to answer the question.
A large organization uses unique identifiers and requires them at the start of every system session. Application access is based on job classification. The organization is subject to periodic independent reviews of access controls and violations. The organization uses wired and wireless networks and remote access. The organization also uses secure connections to branch offices and secure backup and recovery strategies for selected information and processes.
Which of the following BEST describes the access control methodology used?
An online retail company has formulated a record retention schedule for customer transactions. Which of the following is a valid reason a customer transaction is kept beyond the retention schedule?
Which of the following secure startup mechanisms are PRIMARILY designed to thwart attacks?
Match the name of access control model with its associated restriction.
Drag each access control model to its appropriate restriction access on the right.
What is the MAIN purpose of a change management policy?
The organization would like to deploy an authorization mechanism for an Information Technology (IT)
infrastructure project with high employee turnover.
Which access control mechanism would be preferred?
What is the MOST significant benefit of an application upgrade that replaces randomly generated session keys with certificate based encryption for communications with backend servers?
Which of the following is the BEST reason for writing an information security policy?
Which of the following is the BEST metric to obtain when gaining support for an Identify and Access
Management (IAM) solution?
What is the second step in the identity and access provisioning lifecycle?
A chemical plan wants to upgrade the Industrial Control System (ICS) to transmit data using Ethernet instead
of RS422. The project manager wants to simplify administration and maintenance by utilizing the office
network infrastructure and staff to implement this upgrade.
Which of the following is the GREATEST impact on security for the network?
What are the steps of a risk assessment?
A company seizes a mobile device suspected of being used in committing fraud. What would be the BEST method used by a forensic examiner to isolate the powered-on device from the network and preserve the evidence?
A post-implementation review has identified that the Voice Over Internet Protocol (VoIP) system was designed
to have gratuitous Address Resolution Protocol (ARP) disabled.
Why did the network architect likely design the VoIP system with gratuitous ARP disabled?
The MAIN use of Layer 2 Tunneling Protocol (L2TP) is to tunnel data
Which of the following is a benefit in implementing an enterprise Identity and Access Management (IAM) solution?
Which of the following is the MOST common method of memory protection?
Which of the following is a characteristic of an internal audit?
Which of the following is the FIRST step of a penetration test plan?
An organization is selecting a service provider to assist in the consolidation of multiple computing sites including development, implementation and ongoing support of various computer systems. Which of the following MUST be verified by the Information Security Department?
What is the MOST effective countermeasure to a malicious code attack against a mobile system?
Which of the following methods protects Personally Identifiable Information (PII) by use of a full replacement of the data element?
Which one of the following considerations has the LEAST impact when considering transmission security?
Which of the following is the MOST important consideration when storing and processing Personally Identifiable Information (PII)?
Which of the following can BEST prevent security flaws occurring in outsourced software development?
Which of the following is TRUE about Disaster Recovery Plan (DRP) testing?
What security management control is MOST often broken by collusion?
The type of authorized interactions a subject can have with an object is
Which of the following does the Encapsulating Security Payload (ESP) provide?
Which one of the following is the MOST important in designing a biometric access system if it is essential that no one other than authorized individuals are admitted?
A security consultant has been asked to research an organization's legal obligations to protect privacy-related information. What kind of reading material is MOST relevant to this project?
The Structured Query Language (SQL) implements Discretionary Access Controls (DAC) using
The birthday attack is MOST effective against which one of the following cipher technologies?
Which of the following is applicable to a publicly held company concerned about information handling and storage requirement specific to the financial reporting?
Which of the following needs to be included in order for High Availability (HA) to continue operations during planned system outages?
Which of the following objects should be removed FIRST prior to uploading code to public code repositories?
Which of the following is the key requirement for test results when implementing forensic procedures?
If a content management system (CMC) is implemented, which one of the following would occur?
In the common criteria (CC) for information technology (IT) security evaluation, increasing Evaluation Assurance Levels (EAL) results in which of the following?
Which of the following would an internal technical security audit BEST validate?
For a federated identity solution, a third-party Identity Provider (IdP) is PRIMARILY responsible for which of the following?
Which of the following practices provides the development of security and identification of threats in designing software?
Which of the following is an accurate statement when an assessment results in the discovery of vulnerabilities in a critical network component?
Digital certificates used transport Layer security (TLS) support which of the following?
Which of the following is MOST important when determining appropriate countermeasures for an identified risk?
Which of the following steps should be conducted during the FIRST phase of software assurance in a generic acquisition process?
Which of the following is critical if an empolyee is dismissed due to violation of an organization’s acceptable use policy (Aup) ?
A large corporation is looking for a solution to automate access based on where the request is coming from, who the user is, what device they are connecting with, and what and time of day they are attempting this access. What type of solution would suit their needs?
What is the FINAL step in the waterfall method for contingency planning?
How does Radio-Frequency Identification (RFID) assist with asset management?
What action should be taken by a business line that is unwilling to accept the residual risk in a system after implementing compensating controls?
Which of the following is a covert channel type?
What is the PRIMARY benefit of incident reporting and computer crime investigations?
An organization plans to acquire @ commercial off-the-shelf (COTS) system to replace their aging home-built reporting system. When should the organization's security team FIRST get involved in this acquisition’s life cycle?
Which of the following is the PRIMARY reason for selecting the appropriate level of detail for audit record generation?
A company needs to provide employee access to travel services, which are hosted by a third-party service provider, Employee experience is important, and when users are
already authenticated, access to the travel portal is seamless. Which of the following methods is used to share information and grant user access to the travel portal?
What industry-recognized document could be used as a baseline reference that is related to data security and business operations for conducting a security assessment?
Which of the following is the MOST effective corrective control to minimize the effects of a physical intrusion?
The development team has been tasked with collecting data from biometric devices. The application will support a variety of collection data streams. During the testing phase, the team utilizes data from an old production database in a secure testing environment. What principle has the team taken into consideration?
Why is data classification control important to an organization?
Which of the following is the BEST method to gather evidence from a computer's hard drive?
Wi-Fi Protected Access 2 (WPA2) provides users with a higher level of assurance that their data will remain protected by using which protocol?
A company hired an external vendor to perform a penetration test ofa new payroll system. The company’s internal test team had already performed an in-depth application
and security test of the system and determined that it met security requirements. However, the external vendor uncovered significant security weaknesses where sensitive
personal data was being sent unencrypted to the tax processing systems. What is the MOST likely cause of the security issues?
An organization lacks a data retention policy. Of the following, who is the BEST person to consult for such requirement?
Which one of the following operates at the session, transport, or network layer of the Open System Interconnection (OSI) model?
Which of the following statements is TRUE regarding value boundary analysis as a functional software testing technique?
Application of which of the following Institute of Electrical and Electronics Engineers (IEEE) standards will prevent an unauthorized wireless device from being attached to a network?
During the risk assessment phase of the project the CISO discovered that a college within the University is collecting Protected Health Information (PHI) data via an application that was developed in-house. The college collecting this data is fully aware of the regulations for Health Insurance Portability and Accountability Act (HIPAA) and is fully compliant.
What is the best approach for the CISO?
During the risk assessment phase of the project the CISO discovered that a college within the University is collecting Protected Health Information (PHI) data via an application that was developed in-house. The college collecting this data is fully aware of the regulations for Health Insurance Portability and Accountability Act (HIPAA) and is fully compliant.
What is the best approach for the CISO?
Place in order, from BEST (1) to WORST (4), the following methods to reduce the risk of data remanence on magnetic media.
Match the objectives to the assessment questions in the governance domain of Software Assurance Maturity Model (SAMM).
For privacy protected data, which of the following roles has the highest authority for establishing dissemination rules for the data?
In which order, from MOST to LEAST impacted, does user awareness training reduce the occurrence of the events below?
A mobile device application that restricts the storage of user information to just that which is needed to accomplish lawful business goals adheres to what privacy principle?
While investigating a malicious event, only six days of audit logs from the last month were available. What policy should be updated to address this problem?
What is the PRIMARY difference between security policies and security procedures?
Which of the following types of security testing is the MOST effective in providing a better indication of the everyday security challenges of an organization when performing a security risk assessment?
Which of the following PRIMARILY contributes to security incidents in web-based applications?
The PRIMARY outcome of a certification process is that it provides documented
Which security service is served by the process of encryption plaintext with the sender’s private key and decrypting cipher text with the sender’s public key?
Which technique can be used to make an encryption scheme more resistant to a known plaintext attack?
What is the second phase of Public Key Infrastructure (PKI) key/certificate life-cycle management?
Who in the organization is accountable for classification of data information assets?
Which component of the Security Content Automation Protocol (SCAP) specification contains the data required to estimate the severity of vulnerabilities identified automated vulnerability assessments?
The use of private and public encryption keys is fundamental in the implementation of which of the following?
Which of the following mobile code security models relies only on trust?
An external attacker has compromised an organization’s network security perimeter and installed a sniffer onto an inside computer. Which of the following is the MOST effective layer of security the organization could have implemented to mitigate the attacker’s ability to gain further information?
Which of the following is the BEST network defense against unknown types of attacks or stealth attacks in progress?
Which of the following factors contributes to the weakness of Wired Equivalent Privacy (WEP) protocol?
Which of the following is used by the Point-to-Point Protocol (PPP) to determine packet formats?
An input validation and exception handling vulnerability has been discovered on a critical web-based system. Which of the following is MOST suited to quickly implement a control?
Which of the following operates at the Network Layer of the Open System Interconnection (OSI) model?
What is the purpose of an Internet Protocol (IP) spoofing attack?
In a Transmission Control Protocol/Internet Protocol (TCP/IP) stack, which layer is responsible for negotiating and establishing a connection with another node?