Independence Day Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: netdisc

ISC CISSP Certified Information Systems Security Professional (CISSP) Exam Practice Test

Demo: 135 questions
Total 1487 questions

Certified Information Systems Security Professional (CISSP) Questions and Answers

Question 1

Sensitive customer data is going to be added to a database. What is the MOST effective implementation for ensuring data privacy?

Options:

A.

Discretionary Access Control (DAC) procedures

B.

Mandatory Access Control (MAC) procedures

C.

Data link encryption

D.

Segregation of duties

Question 2

Data leakage of sensitive information is MOST often concealed by which of the following?

Options:

A.

Secure Sockets Layer (SSL)

B.

Secure Hash Algorithm (SHA)

C.

Wired Equivalent Privacy (WEP)

D.

Secure Post Office Protocol (POP)

Question 3

What type of test assesses a Disaster Recovery (DR) plan using realistic disaster scenarios while maintaining minimal impact to business operations?

Options:

A.

Parallel

B.

Walkthrough

C.

Simulation

D.

Tabletop

Question 4

Which Web Services Security (WS-Security) specification handles the management of security tokens and the underlying policies for granting access? Click on the correct specification in the image below.

Options:

Question 5

Which of the following is the BEST example of weak management commitment to the protection of security assets and resources?

Options:

A.

poor governance over security processes and procedures

B.

immature security controls and procedures

C.

variances against regulatory requirements

D.

unanticipated increases in security incidents and threats

Question 6

Regarding asset security and appropriate retention, which of the following INITIAL top three areas are important to focus on?

Options:

A.

Security control baselines, access controls, employee awareness and training

B.

Human resources, asset management, production management

C.

Supply chain lead time, inventory control, encryption

D.

Polygraphs, crime statistics, forensics

Question 7

Which of the following questions can be answered using user and group entitlement reporting?

Options:

A.

When a particular file was last accessed by a user

B.

Change control activities for a particular group of users

C.

The number of failed login attempts for a particular user

D.

Where does a particular user have access within the network

Question 8

Which of the following statements is TRUE regarding value boundary analysis as a functional software testing technique?

Options:

A.

It is useful for testing communications protocols and graphical user interfaces.

B.

It is characterized by the stateless behavior of a process implemented in a function.

C.

Test inputs are obtained from the derived threshold of the given functional specifications.

D.

An entire partition can be covered by considering only one representative value from that partition.

Question 9

Which one of the following operates at the session, transport, or network layer of the Open System Interconnection (OSI) model?

Options:

A.

Data at rest encryption

B.

Configuration Management

C.

Integrity checking software

D.

Cyclic redundancy check (CRC)

Question 10

Which one of the following is a common risk with network configuration management?

Options:

A.

Patches on the network are difficult to keep current.

B.

It is the responsibility of the systems administrator.

C.

User ID and passwords are never set to expire.

D.

Network diagrams are not up to date.

Question 11

Which of the following is a recommended alternative to an integrated email encryption system?

Options:

A.

Sign emails containing sensitive data

B.

Send sensitive data in separate emails

C.

Encrypt sensitive data separately in attachments

D.

Store sensitive information to be sent in encrypted drives

Question 12

What does an organization FIRST review to assure compliance with privacy requirements?

Options:

A.

Best practices

B.

Business objectives

C.

Legal and regulatory mandates

D.

Employee's compliance to policies and standards

Question 13

Who is ultimately responsible to ensure that information assets are categorized and adequate measures are taken to protect them?

Options:

A.

Data Custodian

B.

Executive Management

C.

Chief Information Security Officer

D.

Data/Information/Business Owners

Question 14

Which of the following disaster recovery test plans will be MOST effective while providing minimal risk?

Options:

A.

Read-through

B.

Parallel

C.

Full interruption

D.

Simulation

Question 15

Which of the following is generally indicative of a replay attack when dealing with biometric authentication?

Options:

A.

False Acceptance Rate (FAR) is greater than 1 in 100,000

B.

False Rejection Rate (FRR) is greater than 5 in 100

C.

Inadequately specified templates

D.

Exact match

Question 16

An organization decides to implement a partial Public Key Infrastructure (PKI) with only the servers having digital certificates. What is the security benefit of this implementation?

Options:

A.

Clients can authenticate themselves to the servers.

B.

Mutual authentication is available between the clients and servers.

C.

Servers are able to issue digital certificates to the client.

D.

Servers can authenticate themselves to the client.

Question 17

A large bank deploys hardware tokens to all customers that use their online banking system. The token generates and displays a six digit numeric password every 60 seconds. The customers must log into their bank accounts using this numeric password. This is an example of

Options:

A.

asynchronous token.

B.

Single Sign-On (SSO) token.

C.

single factor authentication token.

D.

synchronous token.

Question 18

What is the MOST effective method for gaining unauthorized access to a file protected with a long complex password?

Options:

A.

Brute force attack

B.

Frequency analysis

C.

Social engineering

D.

Dictionary attack

Question 19

From a security perspective, which of the following is a best practice to configure a Domain Name Service (DNS) system?

Options:

A.

Configure secondary servers to use the primary server as a zone forwarder.

B.

Block all Transmission Control Protocol (TCP) connections.

C.

Disable all recursive queries on the name servers.

D.

Limit zone transfers to authorized devices.

Question 20

Which of the following provides effective management assurance for a Wireless Local Area Network (WLAN)?

Options:

A.

Maintaining an inventory of authorized Access Points (AP) and connecting devices

B.

Setting the radio frequency to the minimum range required

C.

Establishing a Virtual Private Network (VPN) tunnel between the WLAN client device and a VPN concentrator

D.

Verifying that all default passwords have been changed

Question 21

What does secure authentication with logging provide?

Options:

A.

Data integrity

B.

Access accountability

C.

Encryption logging format

D.

Segregation of duties

Question 22

Refer to the information below to answer the question.

Desktop computers in an organization were sanitized for re-use in an equivalent security environment. The data was destroyed in accordance with organizational policy and all marking and other external indications of the sensitivity of the data that was formerly stored on the magnetic drives were removed.

After magnetic drives were degaussed twice according to the product manufacturer's directions, what is the MOST LIKELY security issue with degaussing?

Options:

A.

Commercial products often have serious weaknesses of the magnetic force available in the degausser product.

B.

Degausser products may not be properly maintained and operated.

C.

The inability to turn the drive around in the chamber for the second pass due to human error.

D.

Inadequate record keeping when sanitizing mediA.

Question 23

Identify the component that MOST likely lacks digital accountability related to information access.

Click on the correct device in the image below.

Options:

Question 24

Which of the following is a MAJOR consideration in implementing a Voice over IP (VoIP) network?

Options:

A.

Use of a unified messaging.

B.

Use of separation for the voice network.

C.

Use of Network Access Control (NAC) on switches.

D.

Use of Request for Comments (RFC) 1918 addressing.

Question 25

During the procurement of a new information system, it was determined that some of the security requirements were not addressed in the system specification. Which of the following is the MOST likely reason for this?

Options:

A.

The procurement officer lacks technical knowledge.

B.

The security requirements have changed during the procurement process.

C.

There were no security professionals in the vendor's bidding team.

D.

The description of the security requirements was insufficient.

Question 26

Which of the following is a critical factor for implementing a successful data classification program?

Options:

A.

Executive sponsorship

B.

Information security sponsorship

C.

End-user acceptance

D.

Internal audit acceptance

Question 27

Refer to the information below to answer the question.

In a Multilevel Security (MLS) system, the following sensitivity labels are used in increasing levels of sensitivity: restricted, confidential, secret, top secret. Table A lists the clearance levels for four users, while Table B lists the security classes of four different files.

In a Bell-LaPadula system, which user cannot write to File 3?

Options:

A.

User A

B.

User B

C.

User C

D.

User D

Question 28

Which of the following problems is not addressed by using OAuth (Open Standard to Authorization) 2.0 to integrate a third-party identity provider for a service?

Options:

A.

Resource Servers are required to use passwords to authenticate end users.

B.

Revocation of access of some users of the third party instead of all the users from the third party.

C.

Compromise of the third party means compromise of all the users in the service.

D.

Guest users need to authenticate with the third party identity provider.

Question 29

Which of the following actions MUST be taken if a vulnerability is discovered during the maintenance stage in a System Development Life Cycle (SDLC)?

Options:

A.

Make changes following principle and design guidelines.

B.

Stop the application until the vulnerability is fixed.

C.

Report the vulnerability to product owner.

D.

Monitor the application and review code.

Question 30

Which of the following BEST mitigates a replay attack against a system using identity federation and Security Assertion Markup Language (SAML) implementation?

Options:

A.

Two-factor authentication

B.

Digital certificates and hardware tokens

C.

Timed sessions and Secure Socket Layer (SSL)

D.

Passwords with alpha-numeric and special characters

Question 31

At a MINIMUM, a formal review of any Disaster Recovery Plan (DRP) should be conducted

Options:

A.

monthly.

B.

quarterly.

C.

annually.

D.

bi-annually.

Question 32

Which of the following statements is TRUE for point-to-point microwave transmissions?

Options:

A.

They are not subject to interception due to encryption.

B.

Interception only depends on signal strength.

C.

They are too highly multiplexed for meaningful interception.

D.

They are subject to interception by an antenna within proximity.

Question 33

Contingency plan exercises are intended to do which of the following?

Options:

A.

Train personnel in roles and responsibilities

B.

Validate service level agreements

C.

Train maintenance personnel

D.

Validate operation metrics

Question 34

An external attacker has compromised an organization's network security perimeter and installed a sniffer onto an inside computer. Which of the following is the MOST effective layer of security the organization could have implemented to mitigate the attacker's ability to gain further information?

Options:

A.

Implement packet filtering on the network firewalls

B.

Require strong authentication for administrators

C.

Install Host Based Intrusion Detection Systems (HIDS)

D.

Implement logical network segmentation at the switches

Question 35

An organization is designing a large enterprise-wide document repository system. They plan to have several different classification level areas with increasing levels of controls. The BEST way to ensure document confidentiality in the repository is to

Options:

A.

encrypt the contents of the repository and document any exceptions to that requirement.

B.

utilize Intrusion Detection System (IDS) set drop connections if too many requests for documents are detected.

C.

keep individuals with access to high security areas from saving those documents into lower security areas.

D.

require individuals with access to the system to sign Non-Disclosure Agreements (NDA).

Question 36

A disadvantage of an application filtering firewall is that it can lead to

Options:

A.

a crash of the network as a result of user activities.

B.

performance degradation due to the rules applied.

C.

loss of packets on the network due to insufficient bandwidth.

D.

Internet Protocol (IP) spoofing by hackers.

Question 37

As one component of a physical security system, an Electronic Access Control (EAC) token is BEST known for its ability to

Options:

A.

overcome the problems of key assignments.

B.

monitor the opening of windows and doors.

C.

trigger alarms when intruders are detected.

D.

lock down a facility during an emergency.

Question 38

Which of the following does the Encapsulating Security Payload (ESP) provide?

Options:

A.

Authorization and integrity

B.

Availability and integrity

C.

Integrity and confidentiality

D.

Authorization and confidentiality

Question 39

The stringency of an Information Technology (IT) security assessment will be determined by the

Options:

A.

system's past security record.

B.

size of the system's database.

C.

sensitivity of the system's datA.

D.

age of the system.

Question 40

Which of the following is considered best practice for preventing e-mail spoofing?

Options:

A.

Spam filtering

B.

Cryptographic signature

C.

Uniform Resource Locator (URL) filtering

D.

Reverse Domain Name Service (DNS) lookup

Question 41

Which of the following assessment metrics is BEST used to understand a system's vulnerability to potential exploits?

Options:

A.

Determining the probability that the system functions safely during any time period

B.

Quantifying the system's available services

C.

Identifying the number of security flaws within the system

D.

Measuring the system's integrity in the presence of failure

Question 42

Which of the following is a security feature of Global Systems for Mobile Communications (GSM)?

Options:

A.

It uses a Subscriber Identity Module (SIM) for authentication.

B.

It uses encrypting techniques for all communications.

C.

The radio spectrum is divided with multiple frequency carriers.

D.

The signal is difficult to read as it provides end-to-end encryption.

Question 43

What maintenance activity is responsible for defining, implementing, and testing updates to application systems?

Options:

A.

Program change control

B.

Regression testing

C.

Export exception control

D.

User acceptance testing

Question 44

Which one of the following is the MOST important in designing a biometric access system if it is essential that no one other than authorized individuals are admitted?

Options:

A.

False Acceptance Rate (FAR)

B.

False Rejection Rate (FRR)

C.

Crossover Error Rate (CER)

D.

Rejection Error Rate

Question 45

Which of the following is the BEST mitigation from phishing attacks?

Options:

A.

Network activity monitoring

B.

Security awareness training

C.

Corporate policy and procedures

D.

Strong file and directory permissions

Question 46

Which of the following in the BEST way to reduce the impact of an externally sourced flood attack?

Options:

A.

Stock the source address at the firewall.

B.

Have this service provide block the source address.

C.

Block all inbound traffic until the flood ends.

D.

Have the source service provider block the address

Question 47

Which of the following is true of Service Organization Control (SOC) reports?

Options:

A.

SOC 1 Type 2 reports assess the security, confidentiality, integrity, and availability of an organization’s controls

B.

SOC 2 Type 2 reports include information of interest to the service organization’s management

C.

SOC 2 Type 2 reports assess internal controls for financial reporting

D.

SOC 3 Type 2 reports assess internal controls for financial reporting

Question 48

Which of the following needs to be included in order for High Availability (HA) to continue operations during planned system outages?

Options:

A.

Redundant hardware, disk spanning, and patching

B.

Load balancing, power reserves, and disk spanning

C.

Backups, clustering, and power reserves

D.

Clustering, load balancing, and fault-tolerant options

Question 49

What is the FIRST step required in establishing a records retention program?

Options:

A.

Identify and inventory all records storage locations.

B.

Classify records based on sensitivity.

C.

Identify and inventory all records.

D.

Draft a records retention policy.

Question 50

Which of the following BEST describes how access to a system is granted to federated user accounts?

Options:

A.

With the federation assurance level

B.

Based on defined criteria by the Relying Party (RP)

C.

Based on defined criteria by the Identity Provider (IdP)

D.

With the identity assurance level

Question 51

Which of the following is the weakest form of protection for an application that handles Personally Identifiable Information (PII)?

Options:

A.

Transport Layer Security (TLS)

B.

Ron Rivest Cipher 4 (RC4) encryption

C.

Security Assertion Markup Language (SAML)

D.

Multifactor authentication

Question 52

Which of the following is a characteristic of convert security testing?

Options:

A.

Induces less risk than over testing

B.

Tests staff knowledge and Implementation of the organization's security policy

C.

Focuses an Identifying vulnerabilities

D.

Tests and validates all security controls in the organization

Question 53

Which of the following is critical if an empolyee is dismissed due to violation of an organization’s acceptable use policy (Aup) ?

Options:

A.

Appropriate documentation

B.

privilege suspension

C.

proxy records

D.

Internet access logs

Question 54

When can a security program be considered effective?

Options:

A.

Audits are rec/party performed and reviewed.

B.

Vulnerabilities are proactively identified.

C.

Risk is lowered to an acceptable level.

D.

Badges are regulatory performed and validated

Question 55

Which of the following objects should be removed FIRST prior to uploading code to public code repositories?

Options:

A.

Security credentials

B.

Known vulnerabilities

C.

Inefficient algorithms

D.

Coding mistakes

Question 56

Change management policies and procedures belong to which of the following types of controls?

Options:

A.

Directive

B.

Detective

C.

Corrective

D.

Preventative

Question 57

Which of the following types of data would be MOST difficult to detect by a forensic examiner?

Options:

A.

Slack space data

B.

Steganographic data

C.

File system deleted data

D.

Data stored with a different file type extension

Question 58

Which of the following authorization standards is built to handle Application programming Interface (API) access for federated Identity management (FIM)?

Options:

A.

Remote Authentication Dial-In User Service (RADIUS)

B.

Terminal Access Controller Access Control System Plus (TACACS+)

C.

Open Authentication (OAuth)

D.

Security Assertion Markup Language (SAML)

Question 59

When selecting a disk encryption technology, which of the following MUST also be assured to be encrypted?

Options:

A.

Master Boot Record (MBR)

B.

Pre-boot environment

C.

Basic Input Output System (BIOS)

D.

Hibernation file

Question 60

What is the MAIN reason to ensure the appropriate retention periods are enforced for data stored on electronic media?

Options:

A.

To reduce the carbon footprint by eliminating paper

B.

To create an inventory of data assets stored on disk for backup and recovery

C.

To declassify information that has been improperly classified

D.

To reduce the risk of loss, unauthorized access, use, modification, and disclosure

Question 61

With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Options:

A.

Continuously without exception for all security controls

B.

Before and after each change of the control

C.

At a rate concurrent with the volatility of the security control

D.

Only during system implementation and decommissioning

Question 62

Which of the following is the FIRST step in the incident response process?

Options:

A.

Determine the cause of the incident

B.

Disconnect the system involved from the network

C.

Isolate and contain the system involved

D.

Investigate all symptoms to confirm the incident

Question 63

Which of the following types of business continuity tests includes assessment of resilience to internal and external risks without endangering live operations?

Options:

A.

Walkthrough

B.

Simulation

C.

Parallel

D.

White box

Question 64

When is a Business Continuity Plan (BCP) considered to be valid?

Options:

A.

When it has been validated by the Business Continuity (BC) manager

B.

When it has been validated by the board of directors

C.

When it has been validated by all threat scenarios

D.

When it has been validated by realistic exercises

Question 65

Which of the following is a PRIMARY advantage of using a third-party identity service?

Options:

A.

Consolidation of multiple providers

B.

Directory synchronization

C.

Web based logon

D.

Automated account management

Question 66

What would be the MOST cost effective solution for a Disaster Recovery (DR) site given that the organization’s systems cannot be unavailable for more than 24 hours?

Options:

A.

Warm site

B.

Hot site

C.

Mirror site

D.

Cold site

Question 67

Recovery strategies of a Disaster Recovery planning (DRIP) MUST be aligned with which of the following?

Options:

A.

Hardware and software compatibility issues

B.

Applications’ critically and downtime tolerance

C.

Budget constraints and requirements

D.

Cost/benefit analysis and business objectives

Question 68

What is the MOST important step during forensic analysis when trying to learn the purpose of an unknown application?

Options:

A.

Disable all unnecessary services

B.

Ensure chain of custody

C.

Prepare another backup of the system

D.

Isolate the system from the network

Question 69

What should be the FIRST action to protect the chain of evidence when a desktop computer is involved?

Options:

A.

Take the computer to a forensic lab

B.

Make a copy of the hard drive

C.

Start documenting

D.

Turn off the computer

Question 70

What is the PRIMARY reason for implementing change management?

Options:

A.

Certify and approve releases to the environment

B.

Provide version rollbacks for system changes

C.

Ensure that all applications are approved

D.

Ensure accountability for changes to the environment

Question 71

A continuous information security monitoring program can BEST reduce risk through which of the following?

Options:

A.

Collecting security events and correlating them to identify anomalies

B.

Facilitating system-wide visibility into the activities of critical user accounts

C.

Encompassing people, process, and technology

D.

Logging both scheduled and unscheduled system changes

Question 72

A Business Continuity Plan/Disaster Recovery Plan (BCP/DRP) will provide which of the following?

Options:

A.

Guaranteed recovery of all business functions

B.

Minimization of the need decision making during a crisis

C.

Insurance against litigation following a disaster

D.

Protection from loss of organization resources

Question 73

An organization is found lacking the ability to properly establish performance indicators for its Web hosting solution during an audit. What would be the MOST probable cause?

Options:

A.

Absence of a Business Intelligence (BI) solution

B.

Inadequate cost modeling

C.

Improper deployment of the Service-Oriented Architecture (SOA)

D.

Insufficient Service Level Agreement (SLA)

Question 74

Which Redundant Array c/ Independent Disks (RAID) Level does the following diagram represent?

Options:

A.

RAID 0

B.

RAID 1

C.

RAID 5

D.

RAID 10

Question 75

What is the benefit of using Network Admission Control (NAC)?

Options:

A.

Operating system (OS) versions can be validated prior to allowing network access.

B.

NAC supports validation of the endpoint's security posture prior to allowing the session to go into an authorized state.

C.

NAC can require the use of certificates, passwords, or a combination of both before allowing network admission.

D.

NAC only supports Windows operating systems (OS).

Question 76

An organization has doubled in size due to a rapid market share increase. The size of the Information Technology (IT) staff has maintained pace with this growth. The organization hires several contractors whose onsite time is limited. The IT department has pushed its limits building servers and rolling out workstations and has a backlog of account management requests.

Which contract is BEST in offloading the task from the IT staff?

Options:

A.

Platform as a Service (PaaS)

B.

Identity as a Service (IDaaS)

C.

Desktop as a Service (DaaS)

D.

Software as a Service (SaaS)

Question 77

When implementing a data classification program, why is it important to avoid too much granularity?

Options:

A.

The process will require too many resources

B.

It will be difficult to apply to both hardware and software

C.

It will be difficult to assign ownership to the data

D.

The process will be perceived as having value

Question 78

Which of the following is MOST important when assigning ownership of an asset to a department?

Options:

A.

The department should report to the business owner

B.

Ownership of the asset should be periodically reviewed

C.

Individual accountability should be ensured

D.

All members should be trained on their responsibilities

Question 79

Which of the following is an initial consideration when developing an information security management system?

Options:

A.

Identify the contractual security obligations that apply to the organizations

B.

Understand the value of the information assets

C.

Identify the level of residual risk that is tolerable to management

D.

Identify relevant legislative and regulatory compliance requirements

Question 80

Which of the following is an effective control in preventing electronic cloning of Radio Frequency Identification (RFID) based access cards?

Options:

A.

Personal Identity Verification (PIV)

B.

Cardholder Unique Identifier (CHUID) authentication

C.

Physical Access Control System (PACS) repeated attempt detection

D.

Asymmetric Card Authentication Key (CAK) challenge-response

Question 81

In a data classification scheme, the data is owned by the

Options:

A.

system security managers

B.

business managers

C.

Information Technology (IT) managers

D.

end users

Question 82

Which one of the following affects the classification of data?

Options:

A.

Assigned security label

B.

Multilevel Security (MLS) architecture

C.

Minimum query size

D.

Passage of time

Question 83

Which of the following BEST describes the responsibilities of a data owner?

Options:

A.

Ensuring quality and validation through periodic audits for ongoing data integrity

B.

Maintaining fundamental data availability, including data storage and archiving

C.

Ensuring accessibility to appropriate users, maintaining appropriate levels of data security

D.

Determining the impact the information has on the mission of the organization

Question 84

A chemical plan wants to upgrade the Industrial Control System (ICS) to transmit data using Ethernet instead

of RS422. The project manager wants to simplify administration and maintenance by utilizing the office

network infrastructure and staff to implement this upgrade.

Which of the following is the GREATEST impact on security for the network?

Options:

A.

The network administrators have no knowledge of ICS

B.

The ICS is now accessible from the office network

C.

The ICS does not support the office password policy

D.

RS422 is more reliable than Ethernet

Question 85

Which of the following are important criteria when designing procedures and acceptance criteria for acquired software?

Options:

A.

Code quality, security, and origin

B.

Architecture, hardware, and firmware

C.

Data quality, provenance, and scaling

D.

Distributed, agile, and bench testing

Question 86

What are the steps of a risk assessment?

Options:

A.

identification, analysis, evaluation

B.

analysis, evaluation, mitigation

C.

classification, identification, risk management

D.

identification, evaluation, mitigation

Question 87

What is the MOST significant benefit of an application upgrade that replaces randomly generated session keys with certificate based encryption for communications with backend servers?

Options:

A.

Non-repudiation

B.

Efficiency

C.

Confidentially

D.

Privacy

Question 88

Which of the following is the MOST efficient mechanism to account for all staff during a speedy nonemergency evacuation from a large security facility?

Options:

A.

Large mantrap where groups of individuals leaving are identified using facial recognition technology

B.

Radio Frequency Identification (RFID) sensors worn by each employee scanned by sensors at each exitdoor

C.

Emergency exits with push bars with coordinates at each exit checking off the individual against a

predefined list

D.

Card-activated turnstile where individuals are validated upon exit

Question 89

Digital certificates used in Transport Layer Security (TLS) support which of the following?

Options:

A.

Information input validation

B.

Non-repudiation controls and data encryption

C.

Multi-Factor Authentication (MFA)

D.

Server identity and data confidentially

Question 90

Which of the following techniques is known to be effective in spotting resource exhaustion problems, especially with resources such as processes, memory, and connections?

Options:

A.

Automated dynamic analysis

B.

Automated static analysis

C.

Manual code review

D.

Fuzzing

Question 91

What is the purpose of an Internet Protocol (IP) spoofing attack?

Options:

A.

To send excessive amounts of data to a process, making it unpredictable

B.

To intercept network traffic without authorization

C.

To disguise the destination address from a target’s IP filtering devices

D.

To convince a system that it is communicating with a known entity

Question 92

An external attacker has compromised an organization’s network security perimeter and installed a sniffer onto an inside computer. Which of the following is the MOST effective layer of security the organization could have implemented to mitigate the attacker’s ability to gain further information?

Options:

A.

Implement packet filtering on the network firewalls

B.

Install Host Based Intrusion Detection Systems (HIDS)

C.

Require strong authentication for administrators

D.

Implement logical network segmentation at the switches

Question 93

Which of the following is used by the Point-to-Point Protocol (PPP) to determine packet formats?

Options:

A.

Layer 2 Tunneling Protocol (L2TP)

B.

Link Control Protocol (LCP)

C.

Challenge Handshake Authentication Protocol (CHAP)

D.

Packet Transfer Protocol (PTP)

Question 94

Which of the following factors contributes to the weakness of Wired Equivalent Privacy (WEP) protocol?

Options:

A.

WEP uses a small range Initialization Vector (IV)

B.

WEP uses Message Digest 5 (MD5)

C.

WEP uses Diffie-Hellman

D.

WEP does not use any Initialization Vector (IV)

Question 95

In a Transmission Control Protocol/Internet Protocol (TCP/IP) stack, which layer is responsible for negotiating and establishing a connection with another node?

Options:

A.

Transport layer

B.

Application layer

C.

Network layer

D.

Session layer

Question 96

Which of the following is the BEST network defense against unknown types of attacks or stealth attacks in progress?

Options:

A.

Intrusion Prevention Systems (IPS)

B.

Intrusion Detection Systems (IDS)

C.

Stateful firewalls

D.

Network Behavior Analysis (NBA) tools

Question 97

An input validation and exception handling vulnerability has been discovered on a critical web-based system. Which of the following is MOST suited to quickly implement a control?

Options:

A.

Add a new rule to the application layer firewall

B.

Block access to the service

C.

Install an Intrusion Detection System (IDS)

D.

Patch the application source code

Question 98

Which of the following operates at the Network Layer of the Open System Interconnection (OSI) model?

Options:

A.

Packet filtering

B.

Port services filtering

C.

Content filtering

D.

Application access control

Question 99

At what level of the Open System Interconnection (OSI) model is data at rest on a Storage Area Network (SAN) located?

Options:

A.

Link layer

B.

Physical layer

C.

Session layer

D.

Application layer

Question 100

What is the BEST approach for controlling access to highly sensitive information when employees have the same level of security clearance?

Options:

A.

Audit logs

B.

Role-Based Access Control (RBAC)

C.

Two-factor authentication

D.

Application of least privilege

Question 101

Which of the following BEST describes an access control method utilizing cryptographic keys derived from a smart card private key that is embedded within mobile devices?

Options:

A.

Derived credential

B.

Temporary security credential

C.

Mobile device credentialing service

D.

Digest authentication

Question 102

Users require access rights that allow them to view the average salary of groups of employees. Which control would prevent the users from obtaining an individual employee’s salary?

Options:

A.

Limit access to predefined queries

B.

Segregate the database into a small number of partitions each with a separate security level

C.

Implement Role Based Access Control (RBAC)

D.

Reduce the number of people who have access to the system for statistical purposes

Question 103

A manufacturing organization wants to establish a Federated Identity Management (FIM) system with its 20 different supplier companies. Which of the following is the BEST solution for the manufacturing organization?

Options:

A.

Trusted third-party certification

B.

Lightweight Directory Access Protocol (LDAP)

C.

Security Assertion Markup language (SAML)

D.

Cross-certification

Question 104

A company whose Information Technology (IT) services are being delivered from a Tier 4 data center, is preparing a companywide Business Continuity Planning (BCP). Which of the following failures should the IT manager be concerned with?

Options:

A.

Application

B.

Storage

C.

Power

D.

Network

Question 105

Which of the following types of technologies would be the MOST cost-effective method to provide a reactive control for protecting personnel in public areas?

Options:

A.

Install mantraps at the building entrances

B.

Enclose the personnel entry area with polycarbonate plastic

C.

Supply a duress alarm for personnel exposed to the public

D.

Hire a guard to protect the public area

Question 106

Which of the following is the PRIMARY risk with using open source software in a commercial software construction?

Options:

A.

Lack of software documentation

B.

License agreements requiring release of modified code

C.

Expiration of the license agreement

D.

Costs associated with support of the software

Question 107

Which of the following is a web application control that should be put into place to prevent exploitation of Operating System (OS) bugs?

Options:

A.

Check arguments in function calls

B.

Test for the security patch level of the environment

C.

Include logging functions

D.

Digitally sign each application module

Question 108

When in the Software Development Life Cycle (SDLC) MUST software security functional requirements be defined?

Options:

A.

After the system preliminary design has been developed and the data security categorization has been performed

B.

After the vulnerability analysis has been performed and before the system detailed design begins

C.

After the system preliminary design has been developed and before the data security categorization begins

D.

After the business functional analysis and the data security categorization have been performed

Question 109

A Java program is being developed to read a file from computer A and write it to computer B, using a third computer C. The program is not working as expected. What is the MOST probable security feature of Java preventing the program from operating as intended?

Options:

A.

Least privilege

B.

Privilege escalation

C.

Defense in depth

D.

Privilege bracketing

Question 110

Which of the following is the BEST method to prevent malware from being introduced into a production environment?

Options:

A.

Purchase software from a limited list of retailers

B.

Verify the hash key or certificate key of all updates

C.

Do not permit programs, patches, or updates from the Internet

D.

Test all new software in a segregated environment

Question 111

The configuration management and control task of the certification and accreditation process is incorporated in which phase of the System Development Life Cycle (SDLC)?

Options:

A.

System acquisition and development

B.

System operations and maintenance

C.

System initiation

D.

System implementation

Question 112

What is the BEST approach to addressing security issues in legacy web applications?

Options:

A.

Debug the security issues

B.

Migrate to newer, supported applications where possible

C.

Conduct a security assessment

D.

Protect the legacy application with a web application firewall

Question 113

Who in the organization is accountable for classification of data information assets?

Options:

A.

Data owner

B.

Data architect

C.

Chief Information Security Officer (CISO)

D.

Chief Information Officer (CIO)

Question 114

Which security service is served by the process of encryption plaintext with the sender’s private key and decrypting cipher text with the sender’s public key?

Options:

A.

Confidentiality

B.

Integrity

C.

Identification

D.

Availability

Question 115

Which of the following mobile code security models relies only on trust?

Options:

A.

Code signing

B.

Class authentication

C.

Sandboxing

D.

Type safety

Question 116

Which technique can be used to make an encryption scheme more resistant to a known plaintext attack?

Options:

A.

Hashing the data before encryption

B.

Hashing the data after encryption

C.

Compressing the data after encryption

D.

Compressing the data before encryption

Question 117

What is the second phase of Public Key Infrastructure (PKI) key/certificate life-cycle management?

Options:

A.

Implementation Phase

B.

Initialization Phase

C.

Cancellation Phase

D.

Issued Phase

Question 118

The use of private and public encryption keys is fundamental in the implementation of which of the following?

Options:

A.

Diffie-Hellman algorithm

B.

Secure Sockets Layer (SSL)

C.

Advanced Encryption Standard (AES)

D.

Message Digest 5 (MD5)

Question 119

Which component of the Security Content Automation Protocol (SCAP) specification contains the data required to estimate the severity of vulnerabilities identified automated vulnerability assessments?

Options:

A.

Common Vulnerabilities and Exposures (CVE)

B.

Common Vulnerability Scoring System (CVSS)

C.

Asset Reporting Format (ARF)

D.

Open Vulnerability and Assessment Language (OVAL)

Question 120

In which of the following programs is it MOST important to include the collection of security process data?

Options:

A.

Quarterly access reviews

B.

Security continuous monitoring

C.

Business continuity testing

D.

Annual security training

Question 121

Which of the following is a strategy of grouping requirements in developing a Security Test and Evaluation (ST&E)?

Options:

A.

Tactical, strategic, and financial

B.

Management, operational, and technical

C.

Documentation, observation, and manual

D.

Standards, policies, and procedures

Question 122

Which of the following BEST represents the concept of least privilege?

Options:

A.

Access to an object is denied unless access is specifically allowed.

B.

Access to an object is only available to the owner.

C.

Access to an object is allowed unless it is protected by the information security policy.

D.

Access to an object is only allowed to authenticated users via an Access Control List (ACL).

Question 123

A company has decided that they need to begin maintaining assets deployed in the enterprise. What approach should be followed to determine and maintain ownership information to bring the company into compliance?

Options:

A.

Enterprise asset management framework

B.

Asset baseline using commercial off the shelf software

C.

Asset ownership database using domain login records

D.

A script to report active user logins on assets

Question 124

A user sends an e-mail request asking for read-only access to files that are not considered sensitive. A Discretionary Access Control (DAC) methodology is in place. Which is the MOST suitable approach that the administrator should take?

Options:

A.

Administrator should request data owner approval to the user access

B.

Administrator should request manager approval for the user access

C.

Administrator should directly grant the access to the non-sensitive files

D.

Administrator should assess the user access need and either grant or deny the access

Question 125

A company was ranked as high in the following National Institute of Standards and Technology (NIST) functions: Protect, Detect, Respond and Recover. However, a low maturity grade was attributed to the Identify function. In which of the following the controls categories does this company need to improve when analyzing its processes individually?

Options:

A.

Asset Management, Business Environment, Governance and Risk Assessment

B.

Access Control, Awareness and Training, Data Security and Maintenance

C.

Anomalies and Events, Security Continuous Monitoring and Detection Processes

D.

Recovery Planning, Improvements and Communications

Question 126

The goal of a Business Impact Analysis (BIA) is to determine which of the following?

Options:

A.

Cost effectiveness of business recovery

B.

Cost effectiveness of installing software security patches

C.

Resource priorities for recovery and Maximum Tolerable Downtime (MTD)

D.

Which security measures should be implemented

Question 127

Which of the following is needed to securely distribute symmetric cryptographic keys?

Options:

A.

Officially approved Public-Key Infrastructure (PKI) Class 3 or Class 4 certificates

B.

Officially approved and compliant key management technology and processes

C.

An organizationally approved communication protection policy and key management plan

D.

Hardware tokens that protect the user’s private key.

Question 128

In order to assure authenticity, which of the following are required?

Options:

A.

Confidentiality and authentication

B.

Confidentiality and integrity

C.

Authentication and non-repudiation

D.

Integrity and non-repudiation

Question 129

Which technology is a prerequisite for populating the cloud-based directory in a federated identity solution?

Options:

A.

Notification tool

B.

Message queuing tool

C.

Security token tool

D.

Synchronization tool

Question 130

In general, servers that are facing the Internet should be placed in a demilitarized zone (DMZ). What is MAIN purpose of the DMZ?

Options:

A.

Reduced risk to internal systems.

B.

Prepare the server for potential attacks.

C.

Mitigate the risk associated with the exposed server.

D.

Bypass the need for a firewall.

Question 131

Which of the following is the PRIMARY reason to perform regular vulnerability scanning of an organization network?

Options:

A.

Provide vulnerability reports to management.

B.

Validate vulnerability remediation activities.

C.

Prevent attackers from discovering vulnerabilities.

D.

Remediate known vulnerabilities.

Question 132

An Intrusion Detection System (IDS) has recently been deployed in a Demilitarized Zone (DMZ). The IDS detects a flood of malformed packets. Which of the following BEST describes what has occurred?

Options:

A.

Denial of Service (DoS) attack

B.

Address Resolution Protocol (ARP) spoof

C.

Buffer overflow

D.

Ping flood attack

Question 133

An organization’s information security strategic plan MUST be reviewed

Options:

A.

whenever there are significant changes to a major application.

B.

quarterly, when the organization’s strategic plan is updated.

C.

whenever there are major changes to the business.

D.

every three years, when the organization’s strategic plan is updated.

Question 134

During the Security Assessment and Authorization process, what is the PRIMARY purpose for conducting a hardware and software inventory?

Options:

A.

Calculate the value of assets being accredited.

B.

Create a list to include in the Security Assessment and Authorization package.

C.

Identify obsolete hardware and software.

D.

Define the boundaries of the information system.

Question 135

What does the Maximum Tolerable Downtime (MTD) determine?

Options:

A.

The estimated period of time a business critical database can remain down before customers are affected.

B.

The fixed length of time a company can endure a disaster without any Disaster Recovery (DR) planning

C.

The estimated period of time a business can remain interrupted beyond which it risks never recovering

D.

The fixed length of time in a DR process before redundant systems are engaged

Demo: 135 questions
Total 1487 questions