C845 practice test C
Which best describes a multiple-person technique for use to recover a corrupted key? A Separation of duties B Multiple-man rule C Staged multiple interaction D M of N
M of N
Which choice best describes Bluetooth? A A method of converting data from one type of media to another B A secure transmission methodology C A transmission tool used to back up hard disks D A method of data synchronization between devices
A method of data synchronization between devices
What is the default port for TLS encrypted SMTP? A 465 B 80 C 25 D 443
465
A hot backup site is described by which of the following options? A A computer facility with power and HVAC and all servers and communications. All applications are ready to be installed and configured, and recent data is available to be restored to the site. B A computer facility with electrical power and HVAC but with no applications or installed data on the workstations or servers prior to the event C A computer facility with available electrical power and HVAC and some print/file servers. No equipment has been installed at the site. D An alternate computing location with little power and air-conditioning but no telecommunications capability
A computer facility with power and HVAC and all servers and communications. All applications are ready to be installed and configured, and recent data is available to be restored to the site.
Which option most accurately defines a threat? A Possibility for a source to exploit a specific vulnerability B Any vulnerability in an information technology system C Protective controls D Multilayered controls
Possibility for a source to exploit a specific vulnerability
The address space for IPv6 is how many bits? A 132 bits B 32 bits C 128 bits D 144 bits
128 bits
What is the correct description of a certificate? A A certificate always contains a user's key. B A certificate contains the owner's private key. C A certificate contains the owner's public key. D A certificate contains the owner's symmetric key.
A certificate contains the owner's public key.
Which of the following is an example of compensating control? A An insurance policy B A red bucket of sand with the word, "Fire" C A chain on the hotel room door D A padlock on a gate
A chain on the hotel room door
Which of the following best describes a one-way function? A An asymmetric function B A message authentication code C A hash function D A symmetric function
A hash function
Which of the following most accurately describes eDiscovery? A Any information put on legal hold B A legal tool used to request suspected evidentiary information that may be used in litigation C All information obtained through proper service of the search warrant D Any information owned by an organization with the exception of trade secrets.
A legal tool used to request suspected evidentiary information that may be used in litigation
Which choice best describes a zombie? A A type of root kit B A tool used to achieve privilege escalation C A member of a botnet D Malware that logs keystrokes
A member of a botnet
Which of the following is true about biometric scan technology? A Scan data is always stored in the cloud for rapid retrieval. B A number of points extracted from the item scanned are stored. C The full palm print is stored in memory. D It is always used with a second method of authentication.
A number of points extracted from the item scanned are stored.
Which of the following most closely depicts the difference between qualitative and quantitative risk analysis? A A quantitative risk analysis makes use of real numbers. B A quantitative risk analysis results in subjective high, medium, or low results. C A quantitative risk analysis cannot be automated. D A quantitative risk analysis does not use the hard cost of losses; a qualitative risk analysis does.
A quantitative risk analysis makes use of real numbers.
What is the main benefit or distinction of symmetric encryption? A A single shared key can perform both encryption and decryption operations. B It is a fully scalable encryption scheme. C It can provide secure key exchange over an insecure medium. D A key pair set is used to provide confidentiality.
A single shared key can perform both encryption and decryption operations.
Which choice describes the path of an attack? A A threat source location B A threat vector C A threat vehicle D The threat action effect
A threat vector
Which choice is the most accurate description of a retrovirus? A A virus that uses tried-and-true older techniques to achieve a purpose B A mobile virus that attacks older phones C A virus designed several years ago D A virus that attacks anti-malware software
A virus that attacks anti-malware software
Which of the following is a tenant of the (ISC)2 Code Of Ethics? A Act honorably, honestly, justly, responsibly, and legally. B Security is constrained by societal factors. C Do not waste resources. D Do not bear false witness.
Act honorably, honestly, justly, responsibly, and legally.
An initialization vector (IV) when used in a cipher block mode serves what purpose? A Ensures that the code is repetitive B Enhances the strength of an owner's public key C Adds to the encryption power of a password or key D Increases the speed of computations
Adds to the encryption power of a password or key
Which of the following statements is not accurate? A Risk is controlled through the application of safeguards and countermeasures. B Risk is managed by periodically reviewing the risk and taking responsible actions based on the risk. C All risks can be totally eliminated through risk management. D Risk is identified and measured by performing a risk analysis.
All risks can be totally eliminated through risk management.
Which of the following provides the best description of risk reduction? A Pays all costs associated with risks with internal budgets B Alters elements of the enterprise in response to a risk analysis C Mitigates risk to the enterprise at any cost D Allows a third party to assume all risk for the enterprise
Alters elements of the enterprise in response to a risk analysis
Which of the following options best describes a cold site? A An alternate processing facility with established electrical wiring and HVAC but no data processing hardware B A mobile trailer with portable generators and air-conditioning C An alternate processing facility that has all hardware and software installed and is mirrored with the original site and can be operational within a very short period of time D An alternate processing facility with most data processing hardware and software installed, which can be operational within a matter of hours to a few days
An alternate processing facility with established electrical wiring and HVAC but no data processing hardware
Which of the following statements best describes Kerberos? A An authentication, single sign-on protocol B A federation of third-party suppliers that use a single sign-on C A method of sharing information between network resources D A method of maintaining network usage integrity
An authentication, single sign-on protocol
When considering a disaster which of the following is not a commonly accepted definition? A An occurrence that is outside the normal functional baselines B An occurrence or imminent threat to the enterprise of widespread or severe damage, injury, loss of life, or loss of property C An emergency that is beyond the normal response resources of the enterprise D A suddenly occurring event that has a long-term negative impact on major IT infrastructure
An occurrence that is outside the normal functional baselines
Which of the following is not a part of a business continuity plan? A The maximum tolerable downtime B The recovery time objective C The recovery point objective D Annualized Loss Expectancy
Annualized Loss Expectancy
Which term is used to indicate the function of access control or define which subjects can perform various tasks on specific objects? A Accessibility B Availability C Authorization D Authentication
Authorization
Evidence should be tracked utilizing which of the following methods? A Record of evidence B Chain of custody C Evidence recovery tag D Investigators evidence notebook
Chain of custody
Jack works as an investigating officer in Private Corporate Investigation Agency Services. He found a piece of evidence while searching in the location where an incident happened. He wants to save it for future use so that he can have that information whenever needed. Which of these is the most volatile memory where he should avoid saving the collected evidence? A Hard disk B CPU cache C RAM D USB drive
CPU cache
An organization operating in a private environment, wants to save its generated keys. Which of the following is the most secure way of key management? A Distributed key management B Individual key management C Centralized key management D Decentralized key management
Centralized key management
How can integrity be enforced or assessed across an entire computer system? A Take a hash calculation of all system files. B Check that the latest version of software updates has been applied. C Compare a baseline of hardware settings and software configuration against a live system. D View the available free space.
Compare a baseline of hardware settings and software configuration against a live system.
A business asset is best described by which of the following? A Controls put in place that reduce the effects of threats B An asset loss that could cause a financial or operational impact to the organization C Personnel, compensation, and retirement programs D Competitive advantage, capability, credibility, or goodwill
Competitive advantage, capability, credibility, or goodwill
Which of the following best describes an endpoint device? A Bridge B Router C Computer printer D Switch
Computer printer
How is confidentiality different from privacy? A Privacy is not legally protected. B Confidentiality relates to people being in control of access to information about thenselves. C Confidentiality relates to the control of information in order to prevent disclosure to unauthorized entities. D Privacy is only provided when inside your own home or using your own devices.
Confidentiality relates to the control of information in order to prevent disclosure to unauthorized entities.
When a storage device is taken in as evidence, what is the first step performed by the forensic personnel after starting the chain of custody form and writing out the evidence collection form? A Write an evidence header file to the storage device. B Make a hash calculation of the contents. C Connect the device to a write blocker. D Create a bit-stream image copy.
Connect the device to a write blocker.
Which most accurately describes a safeguard? A A control designed to warn of an attack B Potential for a source to exploit a categorized vulnerability C Controls put in place to provide some amount of protection for an asset D Weakness in internal controls that could be exploited by a threat or a threat agent
Controls put in place to provide some amount of protection for an asset
What is a simple example of device authentication that is comprised of a text file used by Web sites? A Cookies B Javascript C CGI D CRC
Cookies
Which group represents the most likely source of an asset being lost through inappropriate computer use? A Flood B Hackers C Employees D Crackers
Employees
Which choice is not a description of a control? A Corrective controls always reduce the likelihood of a premeditated attack. B Controls reduce the effect of an attack. C Controls perform as the countermeasures for threats. D Detective controls uncover attacks and prompt the action of preventative or corrective controls.
Corrective controls always reduce the likelihood of a premeditated attack.
Which of the following best describes a password that changes on each logon? A Variable password B Dynamic password C Self assigned password D Session level password
Dynamic password
Which of the following is a goal of integrity? A All data should be encrypted in transit B Any changes to applications for equipment must be approved C All systems and data should be available D Data should not change between sender and receiver
Data should not change between sender and receiver
A clipping level does which of the following? A Provides real-time monitoring B Reduces noise signals on the IT infrastructure C Removes unwanted packets D Defines a threshold of activity that, after crossed, sets off an operator alarm or alert
Defines a threshold of activity that, after crossed, sets off an operator alarm or alert
Which security plan is used to restore normal operations in the event of the full interruption of mission critical business functions? A Preventative policy B Incident response plan C Disaster recovery plan D Acceptable use policy
Disaster recovery plan
Which of the following best describes the time that it takes to register with a biometric system, by providing samples of a personal characteristic? A Setup time B Login time C Enrollment time D Throughput time
Enrollment time
A type of wireless network attack monitors wireless signals for clients making requests to connect to wireless base stations. It then takes the details from those requests to spoof the identity of the requested base station in order to fool the client devices into connecting to the false version of their trusted network. Which attack is this describing? A MAC spoofing B Evil twin C Shared key guessing D War driving
Evil twin
Which of the following is a term used for a rogue Wi-Fi access point that appears to be legitimate but actually has been set up to intercept wireless communications? A Captive access point B Hidden access point C Deception twin D Evil twin
Evil twin
Crossover error rate (CER) refers to which of the following graphical intersections? A Database usage rate B False rejection rate and false acceptance rate C Symmetric and asymmetric rate D Employee opt-out rate
False rejection rate and false acceptance rate
How should notification of a detected incident occur? A Contact law enforcement immediately. B Communicate with a journalist to provide the organization's perspective on the violation. C Always contact legal, HR, and sales. D Follow the notification escalation path as defined in the incident response policy.
Follow the notification escalation path as defined in the incident response policy.
Which option provides the best description of the first action to take during incident response? A Determine the source and vector of the threat. B Follow the procedures in the incident response plan. C Disconnect the affected computers. D Alert the third-party incident response team.
Follow the procedures in the incident response plan.
Which disaster recovery testing type creates the most risk for an enterprise? A Full interruption B Simulation C Parallel D Structured walk-through
Full interruption
Which team is made up of members from across the enterprise? A Expert incident response team B Dedicated full-time incident response team C Functional incident response team D Third-party incident response team
Functional incident response team
What is the definition of the principle of least privilege? A Granting users only the minimum privileges needed to accomplish assigned work tasks B Designing applications that do not have high levels of privilege C Allowing all users full control over a network to keep administrative responsibilities to a minimum D Keeping the number of system users with access to a minimum
Granting users only the minimum privileges needed to accomplish assigned work tasks
Which of the following options best describes a hacker with an agenda? A Hacktivist B Cracker C Nation state D Anarchist
Hacktivist
Which of the following options is not a standard cloud service model? A Help Desk as a Service B Infrastructure as a service C Platform as a service D Software as a Service
Help Desk as a Service
Which best describes actions in asymmetric cryptography? A The public key is used to encrypt and decrypt, but only the private key can decrypt. B If the public key encrypts, only the private key can decrypt. C Only the private key can encrypt, and only the public key can decrypt. D Only the public key can encrypt, and only the private key can decrypt.
If the public key encrypts, only the private key can decrypt.
How can a risk be mitigated? A Implement safeguards. B Accept a risk as is. C Purchase insurance. D Alter business processes to avoid them.
Implement safeguards.
How can an IT environment be configured in order to limit user access to use resources exclusively on a server, prevent local processing and storage, but still offer mouse-based control of applications? A Use a VPN. B Use Remote Desktop. C Employ a Telnet system. D Implement thin clients.
Implement thin clients.
What is the most important foundational security concept upon which most other security ideas and solutions are based? A Availability B Revocation C Non-repudiation D Implicit deny
Implicit deny
Which of the following provides a catchall and prevents an action from being taken after everything else has allowed through on a network? A Global deny B Implicit deny C Deny any D Explicit deny
Implicit deny
Which of the following best describes an environment to test a patch or a service pack? A As they are received from the manufacturer B In a simulator C In a production environment D In a sandbox
In a sandbox
Which choice least describes a cloud implementation? A Inexpensive B On-demand self-service C Rapid elasticity D Broadly assessable by numerous networking platforms
Inexpensive
When hashing a message, which of the following security goals is being provided? A Encryption B Availability C Integrity D Confidentiality
Integrity
What is the component of IPSec that handles key generation and distribution? A Encapsulating Security Payload B IP Compression C Authentication Header D Internet Key Exchange
Internet Key Exchange
Which of the following is a typical method of communicating a policy or policy change? A Intranet announcement B Phone e-mailed blast C Instagram announcement D Handouts
Intranet announcement
A company is concerned about unauthorized entities attacking their wireless network. The company has chosen to disable SSID broadcast in order to hide their base station and prevent unauthorized connections. Which of the following statements are correct of this scenario? A It does not resolve the issue because the SSID is still present in most other management frames. B It resolves the issue because it prevents the SSID from being discovered by unauthorized entities. C It resolves the issue because without the SSID, connections to the base station are not possible. D It does not resolve the issue because the wireless signal is still present and detectable.
It does not resolve the issue because the SSID is still present in most other management frames.
Which type of client-side program always runs in a sandbox? A Java applet B Active X control C HTML4 control D Visual Basic script
Java applet
To prevent any one person from having too much control or power, or performing fraudulent acts, which of the following solutions should not be implemented? A M of N control B Job rotation C Multiple key pairs D Separation of duties
Job rotation
What is one of the more complicated legal concerns related to cloud computing when a legal investigation needs to obtain evidence, but the evidence may be stored on systems in a borderless cloud solution spread across multiple countries? A Ownership B Privacy C Jurisdiction D eDiscovery
Jurisdiction
Which choice is not a proper method of managing keys? A Memory locations of keys should be overwritten seven times. B Key expiration dates should be carefully monitored. C Keys frequently in use should be replaced frequently. D Keys may be sent to and reused by a different department.
Keys may be sent to and reused by a different department.
Which of the following is an inaccurate statement about an organization's encryption policy? A Important keys should be kept in a storage location or key escrow. B The longer the storage, the longer the key. C Local data should always be encrypted with the user's public key. D Private keys should be protected at all times.
Local data should always be encrypted with the user's public key.
Which of the following best describes session level controls? A Identification and integrity control B Mandatory access controls C Log-off due to the user inactivity D Role-based logon controls
Log-off due to the user inactivity
Which of the following is a security program used in many banks to verify the ethics and job performance of a bank manager? A Ethical investigation B M of N C Mandatory cruise D Mandatory vacation
Mandatory vacation
Which of the following is the best security mechanism to minimize risk when browsing the Internet? A Block access to known phishing URLs. B Keep Java and Flash updated. C Enable the Do-Not-Track feature, and use private-browsing mode. D Minimize support of mobile code.
Minimize support of mobile code.
An organizational security policy defines the requirements of implementing and managing security. Many of the elements of a security policy are dictated to the organization by many entities, while others are adopted based on other factors. The document type known as a standard clarifies and prioritizes these elements. Which of the following is UNLIKELY to be used as a source for a company's standards? This task contains the radio buttons and checkboxes for options. The shortcut keys to perform this task are A to H and alt+1 to alt+9. A Industry best practices B Government regulations C Contractual obligations D Monetary expediency evaluations
Monetary expediency evaluations
Why is multifactor authentication considered more secure than single-factor authentication? A Multifactor authentication requires multiple distinct attacks to perform impersonation. B Multifactor authentication solutions cost more. C Single-factor authentication is less compatible with operating systems. D Multifactor authentication is available on the Internet.
Multifactor authentication requires multiple distinct attacks to perform impersonation.
Why is mutual authentication preferred over single-sided authentication? A Impersonation is impossible when using mutual authentication. B Single-sided authentication does not support multifactor authentication. C Mutual authentication does not use open source solutions. D Mutual authentication requires both entities to prove themselves to each other simultaneously.
Mutual authentication requires both entities to prove themselves to each other simultaneously.
Once an attacker gains remote control access over a system, they want to retain this illicit access. Some attackers will block the system update service to prevent new updates from fixing vulnerabilities that are needed to maintain remote control over the compromised system. To prevent such a compromised system from allowing the attacker to access resources on the network, what security mechanism should be implemented? A A Web security gateway B Network access control C Intrusion detection system D Complex password authentication
Network access control
Why is it important to evaluate intangible assets while performing a risk assessment? A Not all assets are tangible. B Only tangible assets have value. C Intangible assets cannot be harmed by threats. D They can be sold for operating funds.
Not all assets are tangible.
What is a significant difference between the secure protocols of TLS-encrypted SMTP and the use of S/MIME for the protection of e-mail communications? A One uses symmetric encryption, while the other uses asymmetric encryption. B One provides end-to-end protection of messages, while the other only secures a local link. C One uses digital certificates, while the other only uses password authentications. D One is used to create digital signatures, while the other creates digital envelopes.
One provides end-to-end protection of messages, while the other only secures a local link.
During an access system audit, a number of active accounts were discovered from employees who had left the company over the past two years. What are these accounts called? A Pseudo-active accounts B Ghost accounts C Long-term accounts D Orphan accounts
Orphan accounts
If a security assessment determines that a specific employee has been performing numerous and repeated security violations, what action should be taken? A Increase monitoring of this user's activity. B Perform an exit interview. C Ask the employee to sign the NDA. D Have the employee repeat the security awareness training.
Perform an exit interview.
What are the three categories of controls? This task contains the radio buttons and checkboxes for options. The shortcut keys to perform this task are A to H and alt+1 to alt+9. A Physical, detective, and logical (technical) B Physical, logical (technical), and administrative C Administrative, logical (technical), and digital D Administrative, physical, and preventative
Physical, logical (technical), and administrative
Encapsulation provides what type of action? A Provides encryption and VPNs B Ensures perfect forward secrecy with IPsec C Places one type of packet inside another D Provides for data integrity
Places one type of packet inside another
Which of the following is not a control category? A Technical B Preventative C Physical D Administrative
Preventative
Other than implementing preventative measures and planning out response and recovery strategies, what is another important element that will help minimize data loss in the event of a harmful event that would trigger a disaster recovery policy (DRP)? A Performing full interruption testing B End user training C Prior warning of impending harm D Significant expenditure on avoiding single points of failure
Prior warning of impending harm
What is a risk of creating a big data collection of information sets from a wide range of online services which can be easily data minded by outsiders? A Privacy violations B Improved throughput of Internet services C Reduction in authentication complexity D Implementation of monolithic operating systems
Privacy violations
Which answer is most accurate regarding IEEE 802.11i? A Provides security enhancements using WEP B Provides both 5 GHz and 2.4 GHz compatibility C Provides 54 Mbit/s using the 2.4 GHz frequency spectrum D Provides security enhancements using WPA2
Provides security enhancements using WPA2
What is a typical commercial or business information classification scheme? A Public, sensitive but unclassified, confidential, secret, and top secret B Public, confidential, sensitive C Unclassified, business casual, confidential D Unclassified, sensitive but unclassified, secret, and top secret
Public, confidential, sensitive
Which of the following is not a symmetric encryption algorithm? A AES B Twofish C DES D RSA
RSA
What type of information or data is the basis of most forms of modern cryptography, making modern cryptography possible and encryption cracking significantly more difficult? A Static keys B Randomness C 128-bit block sizes D Key triplet usage
Randomness
Which of the following is not a security category? A Detection B Recovery C Prevention D Remuneration
Remuneration
Which of the following best describes a threat exploiting a vulnerability? A A hurricane B Risk C Brute force D Power supply brownout
Risk
How does a typical SIEM or systems management console retrieve event details from a source system? A SMTP B SNMP C OVAL D IPSec
SNMP
What form of VPN is based on a Transport-layer standard for encryption that is commonly used for Application-layer protocol protection? A PPTP VPN B L2TP VPN C SSL VPN D IPSec VPN
SSL VPN
Which term refers to an in-house or third-party provided location where ongoing monitoring of the logical and physical security mechanisms of an organization is performed to provide a real-time situational awareness of the state of security? A Registration authority (RA) B Security operations center (SOC) C Intrusion prevention system (IPS) D Continuity of operations plan (COOP)
Security operations center (SOC)
How is separation of duties typically implemented? A Assign each user a unique user account and require multifactor authentication. B Segment administrative tasks into compartments, and then assign one or more distinct administrators into each compartment. C Assign users the minimal privileges necessary to complete work tasks. D Verify that a sender sent a message and prevent that sender from denying having sent the message.
Segment administrative tasks into compartments, and then assign one or more distinct administrators into each compartment.
What must every policy possess in order to be successfully implemented? A An enforcement provision B Controls and procedures statement C Senior executive endorsement D Scope and statements from stakeholders
Senior executive endorsement
Your company is about to launch a new Web site offering services and features that are commonly requested but rarely offered by other existing sites. The market research shows that the new site will be very popular and will have significant user growth for years. You have been given the responsibility to set up user authentication. Your requirements are the following:Each user must be uniquely identified.Multifactor authentication should be supported.Authentication should provide protection of a user's identity even if your Web site's servers are compromised by hackers. How would you implement the authentication for this Web site? A Set up a one-way federated access with an existing major social network site. B Ask your boss to alter the requirements as it is not possible to use multifactor authentication and unique identification at the same time. C Create shared group accounts requiring two, 10-character minimum passwords. D Deploy a solution using code taken directly from an open source programming community repository site.
Set up a one-way federated access with an existing major social network site.
Authorization for multiple applications using one set of credentials is best described by which of the following? A Enrollment B Multi-factor C Single Sign-on D Authorization
Single Sign-on
What type of attack cannot be blocked or resolved with a software fix or a hardware upgrade? A Data theft B Spoofing C Social engineering D Botnet
Social engineering
An owner of an online service needs to shut down his Internet operation for about three months in order to focus on family issues. He has recently purchased a three-year extended validation certificate from a certificate authority. He is concerned that during his absence from the Internet, an attack may attempt to impersonate his site using his certificate. How can this owner temporarily prevent use of his certificates while maintaining his ability to use it again once he brings his Web site back online? A Revocation B Obfuscation C Termination D Suspension
Suspension
Which of the following protocols is referred to as connection oriented? A TCP B NAT C SYN D UDP
TCP
Nonrepudiation ensures which of the following? A The confidentiality of the database B That strong passwords are always used C The accounting of the user actions D That the sender cannot deny their actions
That the sender cannot deny their actions
What does an acceptable use policy AUP state? A That the organization assets may not be used on weekends B That USB drives may not be used C The acceptable and unacceptable uses for organizational resources D That users may not visit shopping sites during work
The acceptable and unacceptable uses for organizational resources
Which of the following best describes maximum tolerable downtime? A The amount of time a business process may be off-line before the viability of the organization is in severe jeopardy B The point at which data recovery should begin C The amount of time between RPO and RTO D The time required to restore data from a backup
The amount of time a business process may be off-line before the viability of the organization is in severe jeopardy
Which statement is not correct about safeguard selection in the risk analysis process? A Several criteria should be considered when determining the total cost of the safeguard. B Total cost of ownership (TCO) needs to be included in determining the total cost of the safeguard. C It is most common to consider the cost effectiveness of the safeguard. D The most effective safeguard should always be implemented regardless of cost.
The most effective safeguard should always be implemented regardless of cost.
Which option is most accurate regarding a recovery point objective? A The time after which the viability of the enterprise is in question B The target time full operations should be restored after disaster C The point at which the least accurate data is available for restoration D The point at which the most accurate data is available for restoration
The point at which the most accurate data is available for restoration
What is the foundational premise of risk management? A There is always some level of risk. B Security and performance are cooperative measurements. C As security increases, costs decrease. D Computers can be completely secured.
There is always some level of risk.
Which of the following best describes privileged users? A By default have access to everything on the network B They are anonymous users C They are super-users or administrators D They all must work in the IT department
They are super-users or administrators
Which answer is most accurate regarding firewalls? A They filter traffic based upon inspecting packets. B They switch packets based upon inspecting packets. C They forward packets to the Internet based upon inspecting packets. D They route traffic based upon inspecting packets.
They filter traffic based upon inspecting packets.
Which of the following best describes a federated relationship? A Numerous franchises in a geographical area B The airline industry C HIPAA patient privacy requirements for healthcare providers D Third-party companies and their networks share customer data based upon a single sign-on to a primary organization
Third-party companies and their networks share customer data based upon a single sign-on to a primary organization
How does PGP provide e-mail confidentiality? A Through adopting e-mail standards B Through digital signatures C Through random symmetric keys and the use of public keys D By encrypting the body of a message and sending it as an attachment
Through random symmetric keys and the use of public keys
How does mandatory access control determine which objects a subject can access? A By referencing the physical location of the workstation B Through the use of classification labels C By checking ACLs D Based on the job role of the user
Through the use of classification labels
What is a restriction placed on users that denies them access to resources on the weekends? A Time of day restriction B Time of week restriction C Temporal differential D Time-based accounting
Time of day restriction
Why are locks used on doors in secured areas? A To prevent all intrusions B To keep people honest C To direct intruders to open areas D To detect access attempts
To keep people honest
Why is data declassification an essential element of data asset management? A To enable peer reviews and supervisory checks of the security solution B To disclose sensitive documentation to the public C To prevent the wasting of higher level security efforts D To allow subjects with lower classifications to access previously highly classified information
To prevent the wasting of higher level security efforts
Why do employees have to read and sign an Authorized Use Policy (AUP) before they are granted access to the IT network? A To show proof that the company has a business license and is authorized to use computer equipment in the furtherance of their business processes B To indicate which individuals can and cannot access specific network resources C To define the laws that can be broken within the network D To remind them of their responsibilities and that they will be held accountable for their activities
To remind them of their responsibilities and that they will be held accountable for their activities
In the realm of incident response, what is the purpose of the recovery phase? A To remove the offending element from the environment B To assemble an incident response team C To restore the environment back to normal operating conditions D To prevent the spread of an infection or harm caused by an intrusion
To restore the environment back to normal operating conditions
When using asymmetric cryptography, what is the purpose of using the recipient's public key to perform an encryption function on a data set before sending it to the recipient? A To support non-repudiation B To restrict delivery C To verify integrity D To prove the identity of the sender
To restrict delivery
Which of the following is NOT a method by which devices are assigned to VLAN network segments? A Mimicking IP subnet configuration B Transport-layer port assignment C MAC address D Switch port configuration
Transport-layer port assignment
How can a company ensure protection against eavesdropping and session hijacking for its workers connecting to a public cloud? A Implement multi-factor authentication. B Use a VPN. C Access resources with a Web browser. D Use standard PPTP.
Use a VPN.
Which of the following is a nontechnical means of enforcing security? A User training B Business continuity plan C Development of a disaster response plan D Disaster recovery plan
User training
Which option is not a part of the prevention primary security category? A Using guard dogs instead of security guards B Placing a padlock on a fence C Using an alternate site after a disaster D Using virus protection software on all users' machines
Using an alternate site after a disaster
What form of wireless configuration uses AES? A WEP B OSA C WPA D WPA-2
WPA-2
How is the chosen risk response strategy of risk acceptance proven and supported in a court of law? A By not applying countermeasures B Through the results of a qualitative analysis C With a document signed by senior management D Through storyboarding
With a document signed by senior management
Which of the following is valid regarding change management and the need for interoperability? A You should be able to exchange data based on common formats, day types, file formats, and/or protocols. B You should be able to run the same program on multiple systems simultaneously. C You should be able to run the same binary code on any platform. D You should be able to manage a system remotely from any Internet connection.
You should be able to exchange data based on common formats, day types, file formats, and/or protocols.
How long should event logs be retained? A as defined by company policy B 30-60 days C 1 year D indefinitely
as defined by company policy