IAS FINAL EXAM - Comprehensive
Mark is considering outsourcing security functions to a third-party service provider. What benefit is he most likely to achieve? A. Access to a higher level of expertise B. Higher degree of privacy C. Building internal knowledge D. Developing in-house talent
A. Access to a higher level of expertise
Under the Federal Information Security Management Act (FISMA) of 2002, which of the following broadens the scope of FISMA beyond a federal agency and is important because IT systems and functions are often outsourced? A. An agency must protect the IT systems that support its operations even if another agency or contractor owns the IT systems. B. The Office of Management and Budget (OMB) is responsible for FISMA compliance. C. FISMA requires each federal agency to create an agency-wide information security program. D. Agencies must test and evaluate the security program at least annually and test IT systems with greater risk more often.
A. An agency must protect the IT systems that support its operations even if another agency or contractor owns the IT systems.
What is not a privacy principle created by the Organisation for Economic Co-operation and Development (OECD)? A. An organization should share its information. B. An organization should collect only what it needs. C. An organization should keep its information up to date. D. An organization should properly destroy its information when it is no longer needed.
A. An organization should share its information.
Which action is the best step toward protecting Internet of Things (IoT) devices from becoming the entry point for security vulnerabilities into a network while still meeting business requirements? A. Applying security updates promptly B. Using encryption for communications C. Removing IoT devices from the network D. Turning IoT devices off when not in use
A. Applying security updates promptly
Ron is the IT director at a medium-sized company. He frequently gets requests from employees who want to select customized mobile devices. He decides to allow them to purchase their own devices. Which type of policy should Ron implement to include the requirements and security controls for this arrangement? A. Bring Your Own Device (BYOD) B. Privacy C. Acceptable use D. Data classification
A. Bring Your Own Device (BYOD)
Joe is the Chief Executive Officer (CEO) of a company that handles medical billing for several regional hospital systems. How would Joe's company be classified under the Health Insurance Portability and Accountability Act (HIPAA)? A. Business associate of a covered entity B. Covered entity as a health plan C. Covered entity as a health care clearinghouse D. Covered entity as a provider
A. Business associate of a covered entity
What compliance regulation is similar to the European Union (EU) General Data Protection Regulation (GDPR) of 2016 and focuses on individual privacy and rights of data owners? A. California Consumer Privacy Act (CCPA) of 2018 B. Gramm-Leach-Bliley Act (GLBA) C. California Security Breach Information Act (SB 1386) of 2003 D. Sarbanes-Oxley Act (SOX)
A. California Consumer Privacy Act (CCPA) of 2018
A company's IT manager has advised the business's executives to use a method of decentralized access control rather than centralized to avoid creating a single point of failure. She selects a common protocol that hashes passwords with a one-time challenge number to defeat eavesdropping-based replay attacks. What is this protocol? A. Challenge-Handshake Authentication Protocol (CHAP) B. Kerberos C. Password Authentication Protocol (PAP) D. Lightweight Directory Access Protocol (LDAP)
A. Challenge-Handshake Authentication Protocol (CHAP)
Alan withdraws cash from an ATM belonging to Bank X that is coming from his account with Bank Y. What is Alan's relationship with Bank X? A. Consumer B. Covered entity C. Customer D. Nonaffiliated third party
A. Consumer
Which of the following should you avoid during a disaster and recovery? A. Continue normal processes, such as separation of duties or spending limits B. If a number of systems are down, provide additional guidance or support to users C. Combine services that were on different hardware platforms onto common servers to speed up recovery D. While running at the alternate site, continue to make backups of data and systems
A. Continue normal processes, such as separation of duties or spending limits
In Mobile IP, what term describes a device that would like to communicate with a mobile node (MN)? A. Correspondent node (CN) B. Foreign agent (FA) C. Home agent (HA) D. Care of address (COA)
A. Correspondent node (CN)
Maya is creating a computing infrastructure compliant with the Payment Card Industry Data Security Standard (PCI DSS). What type of information is she most likely trying to protect? A. Credit card information B. Educational records C. Health records D. Trade secrets
A. Credit card information
Alan withdraws cash from an ATM belonging to Bank X that is coming from his account with Bank Y. What is Alan's relationship with Bank Y? A. Customer B. Covered entity C. Nonaffiliated third party D. Consumer
A. Customer
Which of the following provides IT and communications support to the White House, Secretary of Defense, and all military sectors that contribute to the defense of the United States of America? A. Defense Information Systems Agency (DISA) B. National Institute of Standards and Technology (NIST) C. SANS Institute D. ISACA
A. Defense Information Systems Agency (DISA)
Juan is an experienced information security professional. He has spent a lot of time evaluating computers for evidence of criminal or malicious activity as well as recovering data. Which Global Information Assurance Certification (GIAC) credential focus area is most likely to have certifications that are a good fit for Juan's skills and knowledge? A. Digital Forensics & Incident Response B. Cloud Security C. Industrial Control Systems D. Management, Legal, and Audit
A. Digital Forensics & Incident Response
Which type of evidence is stored in a computer's memory, as well as on storage devices as in files, and must be accompanied by documentation that validates the evidence's authenticity? A. Documentary B. Testimonial C. Demonstrative D. Real
A. Documentary
Which security control is most helpful in protecting against eavesdropping on wide area network (WAN) transmissions? A. Encrypting transmissions with virtual private networks (VPNs) B. Applying filters on exterior Internet Protocol (IP) stateful firewalls C. Blocking Transmission Control Protocol (TCP) synchronize (SYN) open connections D. Deploying an intrusion detection system/intrusion prevention system (IDS/IPS)
A. Encrypting transmissions with virtual private networks (VPNs)
Which technology category would not likely be the subject of a standard published by the International Electrotechnical Commission (IEC)? A. Encryption B. Semiconductors C. Consumer appliances D. Solar energy
A. Encryption
What is the first priority when responding to a disaster recovery effort? A. Ensuring that everyone is safe B. Determining the cause of the event C. Communicating with all affected parties D. Following the disaster recovery plan (DRP)
A. Ensuring that everyone is safe
Which organization creates information security standards that specifically apply within the European Union (EU)? A. European Telecommunications Standards Institute (ETSI) Cyber Security Technical Committee (TC CYBER) B. International Telecommunication Union (ITU) C. American National Standards Institute (ANSI) D. Institute of Electrical and Electronics Engineers (IEEE)
A. European Telecommunications Standards Institute (ETSI) Cyber Security Technical Committee (TC CYBER)
Biyu is a network administrator. She is developing the compliance aspect of her company's security policy. Currently, she is focused on the records of actions that the organization's operating system or application software creates. What aspect of compliance is Biyu focusing on? A. Event logs B. Professional ethics C. Certification D. Remediation
A. Event logs
Aditya recently assumed an information security role for a financial institution located in the United States. He is tasked with assessing the institution's risk profile and cybersecurity maturity level. What compliance regulation applies specifically to Aditya's institution? A. FFIEC B. FISMA C. PCI DSS D. HIPAA
A. FFIEC
Antonio is responsible for tuning his organization's intrusion detection system. He notices that the system reports an intrusion alert each time that an administrator connects to a server using Secure Shell (SSH). What type of error is occurring? A. False positive error B. Remote administration error C. Clipping error D. False negative error
A. False positive error
Some ciphers, regardless of type, rely on the difficulty of solving certain mathematical problems, which is the basis for asymmetric key cryptography. Which of the following is a branch of mathematics that involves multiplicative inverses that these ciphers use? A. Field theory B. Subset sum problems C. Quantum physics D. Factoring small numbers
A. Field theory
Bob is preparing to dispose of magnetic media and wishes to destroy the data stored on it. Which method is not a good approach for destroying data? A. Formatting B. Physical destruction C. Repeatedly overwriting data D. Degaussing
A. Formatting
What compliance regulation focuses on management and evaluation of the security of unclassified and national security systems? A. Government Information Security Reform Act (Security Reform Act) of 2000 B. The USA PATRIOT Act of 2001 C. Federal Information Security Management Act (FISMA) D. Gramm-Leach-Bliley Act (GLBA)
A. Government Information Security Reform Act (Security Reform Act) of 2000
Which of the following is a unit of measure that represents frequency and is expressed as the number of cycles per second? A. Hertz B. Weber C. Power D. Gauss
A. Hertz
Rachel is investigating an information security incident that took place at the high school where she works. She suspects that students may have broken into the student records system and altered their grades. If that is correct, which one of the tenets of information security did this attack violate? A. Integrity B. Nonrepudiation C. Confidentiality D. Availability
A. Integrity
Lin is a digital forensic specialist who works in a forensic lab. She is evaluating diagnostic forensic software to add to the lab's toolkit. She wants a tool that is open source that can also be used for penetration testing. Which tool should she choose? A. Kali Linux B. EnCase C. OSForensics D. The Forensic Toolkit (FTK)
A. Kali Linux
When should an organization's managers have an opportunity to respond to the findings in an audit? A. Managers have the opportunity to respond to a draft copy of the audit report. Auditors then put that response in the final report. B. Managers should write a letter to the Board following receipt of the audit report. C. Managers should write a report after receiving the final audit report. D. Managers should not have an opportunity to respond to audit findings.
A. Managers have the opportunity to respond to a draft copy of the audit report. Auditors then put that response in the final report.
Alison retrieved data from a company database containing personal information on customers. When she looks at the Social Security number (SSN) field, she sees values that look like this: "XXX-XX-9142." What has happened to these records? A. Masking B. Encryption C. Hashing D. Truncation
A. Masking
Maria is a freelance network consultant. She is setting up security for a small business client's wireless network. She is configuring a feature in the wireless access point (WAP) that will allow only computers with certain wireless network cards to connect to the network. This feature filters out the network cards of any wireless computer not on the list. What is this called? A. Media Access Control (MAC) address filtering B. Subnetting C. Service set identifier (SSID) broadcasting D. Uniform Resource Locator (URL) filtering
A. Media Access Control (MAC) address filtering
Which agreement type is typically less formal than other agreements and expresses areas of common interest? A. Memorandum of understanding (MOU) B. Service-level agreement (SLA) C. Blanket purchase agreement (BPA) D. Interconnection security agreement (ISA)
A. Memorandum of understanding (MOU)
Isabella is an IT security manager for a state agency. The agency can survive for nine hours without a functioning data center. The power goes out in her data center. It takes six hours to move data center operations to an alternate site. Which of the following describes the time it takes for the move? A. Recovery time objective (RTO) B. Critical business function (CBF) C. Mean time to failure (MTTF) D. Recovery point objective (RPO)
A. Recovery time objective (RTO)
Karen is a hacker. She wants to access a server and control it remotely. The tool she plans to use is a type of Trojan. What tool will Karen use for this purpose? A. Remote Access Tool (RAT) B. Ping C. Network mapper (Nmap) D. Simple Network Management Protocol (SNMP) agent
A. Remote Access Tool (RAT)
Which type of attack involves capturing data packets from a network and retransmitting them to produce an unauthorized effect? The receipt of duplicate, authenticated Internet Protocol (IP) packets may disrupt service or produce another undesired consequence. A. Replay B. Man-in-the-middle C. Hijacking D. IP spoofing
A. Replay
What firewall approach is shown in the figure, assuming the firewall has three network cards? A. Screened subnet B. Bastion host C. Unified threat management D. Border firewall
A. Screened subnet
There are a large number of protocols and programs that use port numbers to make computer connections. Of the following, which ones do not use port numbers? A. Secure Sockets Layer (SSL) or Transport Layer Security (TLS) B. Simple Mail Transfer Protocol (SMTP) or Post Office Protocol v3 (POP3) C. File Transfer Protocol (FTP) data transfer or FTP control D. Hypertext Transfer Protocol (HTTP) or Hypertext Transfer Protocol Secure (HTTPS)
A. Secure Sockets Layer (SSL) or Transport Layer Security (TLS)
Devaki is investigating an attack. An intruder managed to take over the identity of a user who was legitimately logged in to Devaki's company's website by manipulating Hypertext Transfer Protocol (HTTP) headers. Which type of attack likely took place? A. Session hijacking B. Cross-site scripting (XSS) C. Extensible Markup Language (XML) injection D. Structured Query Language (SQL) injection
A. Session hijacking
Which intrusion detection system strategy relies on pattern matching? A. Signature detection B. Behavior detection C. Traffic-based detection D. Statistical detection
A. Signature detection
Which of the following principles is not a component of the Biba integrity model? A. Subjects cannot change objects that have a lower integrity level. B. Subjects at a given integrity level can call up only subjects at the same integritylevel or lower. C. Subjects cannot read objects that have a lower level of integrity than the subject. D. A subject may not ask for service from subjects that have a higher integrity level.
A. Subjects cannot change objects that have a lower integrity level.
What type of security monitoring tool would be most likely to identify an unauthorized change to a computer system? A. System integrity monitoring B. Network intrusion detection system (IDS) C. Data loss prevention D. Closed-circuit TV
A. System integrity monitoring
What is the purpose of a disaster recovery plan (DRP)? A. To enable an organization to make critical decisions ahead of time so personnel can manage and review decisions without the urgency of an actual disaster B. To set the order or priority for restoring an organization's functions after a disruption C. To identify the critical needs to develop a business recovery plan D. To set the value of each business process or resource as it relates to how the entire organization operates
A. To enable an organization to make critical decisions ahead of time so personnel can manage and review decisions without the urgency of an actual disaster
Adam is evaluating the security of a web server before it goes live. He believes that an issue in the code allows a cross-site scripting attack against the server. What term describes the issue that Adam discovered? A. Vulnerability B. Impact C. Risk D. Threat
A. Vulnerability
What tool might be used by an attacker during the reconnaissance phase of an attack to glean information about domain registrations? A. Whois B. Ping C. Simple Network Management Protocol (SNMP) D. Domain Name System (DNS)
A. Whois
A(n) _________ is an event that prevents a critical business function (CBF) from operating for a period greater than the maximum tolerable downtime (MTD). A. disaster B. violation C. contingency D. incident
A. disaster
Cherilyn is a security consultant hired by a company to develop its system auditing protocols. She and the company's chief information officer (CIO) agree that audits are an important consideration. In her report to the CIO and other C-level officers of the corporation, she recommends that the security policy include audit categories and ______________ for conducting audits. A. frequency requirements B. appropriate security levels C. permissions protocols D. data security standards
A. frequency requirements
Remote access security controls help to ensure that the user connecting to an organization's network is who the user claims to be. A username is commonly used for _______, whereas a biometric scan could be used for _______. A. identification, authentication B. authorization, accountability C. identification, authorization D. authentication, authorization
A. identification, authentication
Because __________, auditing every part of an organization and extending into all outsourcing partners may not be possible. A. of resource constraints B. such an extensive audit is outside of best practices recommendations C. all users should be informed they are being audited D. all users should not be informed they are being audited
A. of resource constraints
Maria is the risk manager for a large organization and is evaluating whether the organization should purchase a fire suppression system. She consulted a variety of subject matter experts and determined that there is a 1 percent chance that a fire will occur in a given year. If a fire occurred, it would likely cause $2 million in damage to the facility, which has a $10 million value. Given this scenario, what is the annualized loss expectancy (ALE)? A. $2,000 B. $20,000 C. $200,000 D. $2,000,000
B. $20,000
What file type is least likely to be impacted by a file infector virus? A. .exe B. .docx C. .dll D. .com
B. .docx
Susan performs a full backup of her server every Sunday at 1:00 a.m. and differential backups on Mondays through Fridays at 1:00 a.m. Her server fails at 9:00 a.m. on Wednesday. How many backups does Susan need to restore? A. 3 B. 2 C. 4 D. 1
B. 2
Devaki is capturing traffic on her network. She notices connections using ports 20, 22, 23, and 80. Which port normally hosts a protocol that uses secure, encrypted connections? A. 20 B. 22 C. 80 D. 23
B. 22
Which of the following is an example of an authorization control? A. One-time password B. Access control list C. Digital certificate D. Biometric device
B. Access control list
Brian notices an attack taking place on his network. When he digs deeper, he realizes that the attacker has a physical presence on the local network and is forging Media Access Control (MAC) addresses. Which type of attack is most likely taking place? A. Uniform resource locator (URL) hijacking B. Address resolution protocol (ARP) poisoning C. Christmas attack D. Internet Protocol (IP) address spoofing
B. Address resolution protocol (ARP) poisoning
What is the determination that evidence is either acceptable or unacceptable to a court of law? A. Preservation B. Admissibility C. Legal hold D. Order of volatility
B. Admissibility
Bob received a message from Alice that contains a digital signature. What cryptographic key does Bob use to verify the digital signature? A. Bob's private key B. Alice's public key C. Alice's private key D. Bob's public key
B. Alice's public key
Hajar is responsible for keeping her banking institution's servers operating 24/7/365. Her recovery strategy is to have fully redundant or duplicate operations and synchronized data and to operate the site continuously. Which strategy has she selected? A. Warm site B. Alternate processing center or mirrored site C. Mobile site D. Hot site
B. Alternate processing center or mirrored site
In what area does the Internet Architecture Board (IAB) provide oversight on behalf of the Internet Engineering Task Force (IETF)? A. Developing alternate methods used to document operational specifications B. Architecture for Internet protocols and procedures C. Subject matter expertise on routing and switching D. Strengthening the U.S. marketplace within the global economy
B. Architecture for Internet protocols and procedures
Jiang is pursuing a career in information security. He wants to eventually achieve the (ISC)2 Certified Information Systems Security Professional (CISSP) certification but does not have the required experience. If he passes the CISSP exam now, which credential will Jiang get? A. CISSP-ISSAP B. Associate of (ISC)2 C. Certified Cloud Security Professional (CCSP) D. Systems Security Certified Practitioner (SSCP)
B. Associate of (ISC)2
Lin is creating a template for the configuration of Windows servers in her organization. The configuration includes the basic security settings that should apply to all systems. What type of document should she create? A. Procedure B. Baseline C. Guideline D. Policy
B. Baseline
Alice would like to send a message to Bob securely and wishes to use asymmetric encryption to encrypt the contents of the message. What key does she use to encrypt this message? A. Alice's public key B. Bob's public key C. Alice's private key D. Bob's private key
B. Bob's public key
Helen has no security experience. She would like to earn a certification that demonstrates that she has the basic knowledge necessary to work in the information security field. What certification would be an appropriate first step for her? A. Certified Information Systems Security Professional (CISSP) B. CompTIA Security+ C. GIAC Assessing Wireless Networks (GAWN) D. Certified Internet Web Professional (CIW)
B. CompTIA Security+
Which of the following is the point at which two error rates of a biometric system are equal and is the measure of the system's accuracy expressed as a percentage? A. False rejection rate (FRR) B. Crossover error rate (CER) C. Reaction time D. False acceptance rate (FAR)
B. Crossover error rate (CER)
Which type of evidence helps explain other evidence and includes visual aids such as charts and graphs? A. Documentary B. Demonstrative C. Testimonial D. Real
B. Demonstrative
Which term best describes the sale of goods and services on the Internet, whereby online customers buy those goods and services from a vendor's website and enter private data and checking account or credit card information to pay for them? A. Economic development B. E-commerce C. Internet of Things (IoT) D. Software as a Service (SaaS)
B. E-commerce
Lincoln is a network security specialist. He is updating the password policy for his company's computing infrastructure. His primary method of improving password policy involves lowering the chance that an attacker can compromise and use the password before it expires. What does he do? A. Requires all passwords to contain at least eight alphanumeric characters B. Enables a 30-day password change policy C. Forbids a password being changed to any of the previous 10 passwords listed in the password history D. Mandates that no password includes words common in an English dictionary
B. Enables a 30-day password change policy
Which of the following is not an objective of cryptanalysis, the process of breaking codes? A. Solve the general mathematical problem underlying the cryptography B. Encrypt the plaintext of a target message C. Determine the key used to encrypt a target message D. Derive the algorithm used by a particular cipher
B. Encrypt the plaintext of a target message
Barry discovers that an attacker is running an access point in a building adjacent to his company. The access point is broadcasting the security set identifier (SSID) of an open network owned by the coffee shop in his lobby. Which type of attack is likely taking place? A. Bluesnarfing B. Evil twin C. Near field communication D. Jamming/interference
B. Evil twin
Arturo would like to connect a fibre channel storage device to systems over a standard data network. What protocol should he use? A. Secure Shell (SSH) B. Fibre Channel over Ethernet (FCoE) C. Internet Small Computer System Interface (iSCSI) D. Fibre Channel (FC)
B. Fibre Channel over Ethernet (FCoE)
Which element of the security policy framework offers suggestions rather than mandatory actions? A. Standard B. Guideline C. Procedure D. Policy
B. Guideline
What type of system is intentionally exposed to attackers in an attempt to lure them out? A. Database server B. Honeypot C. Web server D. Bastion host
B. Honeypot
Dawn is selecting an alternative processing facility for her organization's primary data center. She needs a facility with the least switchover time, even if it's the most expensive option. What is the most appropriate option in this situation? A. Mobile site B. Hot site C. Warm site D. Cold site
B. Hot site
Carrie is a network technician developing the Internet Protocol (IP) addressing roadmap for her company. While IP version 4 (IPv4) has been the standard for decades, IP version 6 (IPv6) can provide a much greater number of unique IP addresses. Which addressing system should she designate for primary use on her roadmap and why? A. Few commercial businesses still use IPv4. She should feature IPv6 strongly in her roadmap rather than have her company fall behind technologically. B. IPv6 is only slowly being adopted. She should make IPv4 the primary addressing scheme in her roadmap until IPv6 is more widely adopted. C. There will be adequate IPv4 addresses available well into the future. She should make IPv4 the primary addressing scheme. D. IPv6 is rapidly replacing IPv4 worldwide. She should make IPv6 the primary addressing scheme in her roadmap.
B. IPv6 is only slowly being adopted. She should make IPv4 the primary addressing scheme in her roadmap until IPv6 is more widely adopted.
What organization offers a variety of security certifications that are focused on the requirements of auditors? A. CompTIA B. ISACA C. International Information Systems Security Certification Consortium (ISC)2 D. Global Information Assurance Certification (GIAC)
B. ISACA
Which type of attack involves eavesdropping on transmissions and redirecting them for unauthorized use? A. Fabrication B. Interception C. Interruption D. Modification
B. Interception
Fran is interested in learning more about the popular Certified Ethical Hacker (CEH) credential. What organization should she contact? A. High Tech Crime Network B. International Council of E-Commerce Consultants (EC-Council) C. The International Society of Forensic Computer Examiners D. Software Engineering Institute—Carnegie Mellon University
B. International Council of E-Commerce Consultants (EC-Council)
Which network device is designed to block network connections that are identified as potentially malicious? A. Intrusion detection system (IDS) B. Intrusion prevention system (IPS) C. Router D. Web server
B. Intrusion prevention system (IPS)
Which of the following is not true of data backup options? A. A differential backup starts with making a full backup; successive backups back up changes made since the last full backup. B. It is faster to create differential weekday backups than incremental backups. C. A full backup copies everything to backup media. D. An incremental backup starts with a full backup; successive backups back up only that day's changes.
B. It is faster to create differential weekday backups than incremental backups.
What is a single sign-on (SSO) approach that relies upon the use of key distribution centers (KDCs) and ticket-granting servers (TGSs)? A. Lightweight Directory Access Protocol (LDAP) B. Kerberos C. Secure European System for Applications in a Multi-vendor Environment (SESAME) D. Security Assertion Markup Language (SAML)
B. Kerberos
Alison is a security professional. A user reports that, after opening an email attachment, every document he saves is in a template format and other Microsoft Word documents will not open. After investigating the issue, Alison determines that the user's Microsoft Office normal.dot template has been damaged, as well as many Word files. What type of virus is the most likely cause? A. Retro virus B. Macro virus C. Polymorphic virus D. Cross-platform virus
B. Macro virus
Which of the following is a U.S. federal agency within the Department of Commerce that provides standards for measurement and technology on which nearly all computing devices rely? A. American National Standards Institute (ANSI) B. National Institute of Standards and Technology (NIST) C. Institute of Electrical and Electronics Engineers (IEEE) D. World Wide Web Consortium (W3C)
B. National Institute of Standards and Technology (NIST)
What is not a commonly used endpoint security technique? A. Full device encryption B. Network firewall C. Application control D. Remote wiping
B. Network firewall
What is an example of a logical access control? A. Fence B. Password C. Key for a lock D. Access card
B. Password
A hospital is planning to introduce a new point-of-sale system in the cafeteria that will handle credit card transactions. Which one of the following governs the privacy of information handled by those point-of-sale terminals? A. Health Insurance Portability and Accountability Act (HIPAA) B. Payment Card Industry Data Security Standard (PCI DSS) C. Federal Information Security Management Act (FISMA) D. Federal Financial Institutions Examination Council (FFIEC)
B. Payment Card Industry Data Security Standard (PCI DSS)
Which regulatory standard would not require audits of companies in the United States? A. Sarbanes-Oxley Act (SOX) B. Personal Information Protection and Electronic Documents Act (PIPEDA) C. Health Insurance Portability and Accountability Act (HIPAA) D. Payment Card Industry Data Security Standard (PCI DSS)
B. Personal Information Protection and Electronic Documents Act (PIPEDA)
Which approach to cryptography uses highly parallel algorithms that could solve problems in a fraction of the time needed by conventional computers? A. Asymmetric cryptography B. Quantum cryptography C. Elliptic curve cryptography D. Classic cryptography
B. Quantum cryptography
Hajar is developing a business impact assessment for her organization. She is working with business units to determine the target state of recovered data that allows the organization to continue normal processing after a major interruption. Which of the following is Hajar determining? A. Technical recovery requirements B. Recovery point objective (RPO) C. Business recovery requirements D. Recovery time objective (RTO)
B. Recovery point objective (RPO)
Aditya is the security manager for a mid-sized business. The company has suffered several serious data losses when laptops were stolen. Aditya decides to implement full disk encryption on all laptops. What risk response did Aditya take? A. Accept B. Reduce C. Avoid D. Transfer
B. Reduce
What is the correct order of change control procedures regarding changes to systems and networks? A. Request, impact assessment, approval, build/test, monitor, implement B. Request, impact assessment, approval, build/test, implement, monitor C. Request, approval, impact assessment, build/test, implement, monitor D. Request, approval, impact assessment, build/test, monitor, implement
B. Request, impact assessment, approval, build/test, implement, monitor
Which is the typical risk equation? A. Risk = Vulnerability x Cost B. Risk = Threat x Vulnerability C. Risk = Threat x Likelihood D. Risk = Likelihood x Vulnerability
B. Risk = Threat x Vulnerability
Which of the following does not need to comply with the Family Educational Rights and Privacy Act (FERPA)? A. Public colleges and universities B. Schools that do not receive federal funds C. State and local educational agencies D. Primary and secondary schools
B. Schools that do not receive federal funds
10 out of 10 points What are bash and zsh? A. Graphical user interfaces (GUIs) B. Shells C. Operating systems D. File systems
B. Shells
What is an example of two-factor authentication (2FA)? A. Password and security questions B. Smart card and personal identification number (PIN) C. Token and smart card D. PIN and password
B. Smart card and personal identification number (PIN)
Hajar is investigating a denial of service attack against her network. She notices that the Internet Control Message Protocol (ICMP) echo replies coming into her network far exceed the ICMP echo requests leaving her network. What type of attack is likely taking place? A. Land B. Smurf C. Teardrop D. Cross-site scripting (XSS)
B. Smurf
Kaira's company recently switched to a new calendaring system provided by a vendor. Kaira and other users connect to the system, hosted at the vendor's site, using a web browser. Which service delivery model is Kaira's company using? A. Communications as a Service (CaaS) B. Software as a Service (SaaS) C. Infrastructure as a Service (IaaS) D. Platform as a Service (PaaS)
B. Software as a Service (SaaS)
The chief executive officer (CEO) of a company recently fell victim to an attack. The attackers sent the CEO an email that appeared to come from the company's attorney. The email informed the CEO that his company was being sued and he needed to view a subpoena at a court website. When visiting the website, malicious code was downloaded onto the CEO's computer. What type of attack took place? A. Command injection B. Spear phishing C. Ransomware D. Pharming
B. Spear phishing
Which set of characteristics describes the Caesar cipher accurately? A. Asymmetric, stream, transposition B. Symmetric, stream, substitution C. Symmetric, block, transposition D. Asymmetric, block, substitution
B. Symmetric, stream, substitution
Which of the following is a type of denial of service (DoS) attack? A. Cross-site scripting (XSS) B. Synchronize (SYN) flood C. Logic bomb D. Structured Query Language (SQL) injection
B. Synchronize (SYN) flood
Which type of virus targets computer hardware and software startup functions? A. File infector B. System infector C. Hardware infector D. Data infector
B. System infector
What is a primary risk to the Workstation Domain, the Local Area Network (LAN) Domain, and the System/Application Domain? A. Unauthorized network probing and port scanning B. Unauthorized access to systems C. Downtime of IT systems for an extended period after a disaster D. Mobile worker token or other authentication stolen
B. Unauthorized access to systems
Wen is a network security professional. He wants to strengthen the security of his agency's network infrastructure defenses. Which control can he use to protect the network? A. Require scanning of all removable media B. Use proxy services and bastion hosts to protect critical services C. Disable any unnecessary operating system services and processes that may pose a security vulnerability D. Ensure that all operating systems have been patched with the latest updates from vendors
B. Use proxy services and bastion hosts to protect critical services
Wen is a network engineer. For several months, he has been designing a system of controls to allow and restrict access to network assets based on various methods and information. He is currently configuring the authentication method. What does this method do? A. Answers the question "who is asking to access the asset?" B. Verifies that requestors are who they claim to be C. Grants or denies a requestor access and what they can do on a network D. Determines how actions can be traced to an individual
B. Verifies that requestors are who they claim to be
Which information security objective verifies the action to create an object or verifies an object's existence by an entity other than the creator? A. Certification B. Witnessing C. Authorization D. Validation
B. Witnessing
Forensics and incident response are examples of __________ controls. A. deterrent B. corrective C. detective D. preventive
B. corrective
Because network computers or devices may host several services, programs need a way to tell one service from another. To differentiate services running on a device, networking protocols use a(n) ________, which is a short number that tells a receiving device where to send messages it receives. A. ping B. network port C. Media Access Control (MAC) address D. Internet Protocol (IP) address
B. network port
Maria is the risk manager for a large organization and is evaluating whether the organization should purchase a fire suppression system. She consulted several subject matter experts and determined that there is a 1 percent chance that a fire will occur in a given year. If a fire occurred, it would likely cause $2 million in damage to the facility, which has a $10 million value. If the exposure factor (EF) for a $10 million facility is 20 percent, what is the single loss expectancy (SLE)? A. $20,000 B. $200,000 C. $2,000,000 D. $2,000
C. $2,000,000
What is the maximum value for any octet in an Internet Protocol version 4 (IPv4) address? A. 129 B. 65 C. 255 D. 513
C. 255
How many domains of knowledge are covered by the Certified Information Systems Security Professional (CISSP) exam? A. 9 B. 10 C. 8 D. 7
C. 8
What network port number is used for unencrypted web-based communication by default? A. 3389 B. 443 C. 80 D. 143
C. 80
Which of the following is not true of gap analysis? A. One important aspect of a gap analysis is determining the cause of the gap. B. The difference between the security controls that are in place and the controls that are necessary to address all vulnerabilities is called the security gap. C. A gap analysis can be performed only through a formal investigation. D. Threats that you do not address through at least one control indicate gaps in the security.
C. A gap analysis can be performed only through a formal investigation.
Takako is a security engineer for her company's IT department. She has been tasked with developing a security monitoring system for the company's infrastructure to determine when any network activity occurs outside the norm. What essential technique does she start with? A. Covert acts B. Alarms C. Baselines D. Intrusion detection system (IDS)
C. Baselines
Which attack is typically used specifically against password files that contain cryptographic hashes? A. Social engineering B. Hijack C. Birthday D. Replay
C. Birthday
Miriam is a network administrator. She would like to use a wireless authentication technology similar to that found in hotels where users are redirected to a webpage when they connect to the network. What technology should she deploy? A. Protected Extensible Authentication Protocol (PEAP) B. Lightweight Extensible Authentication Protocol (LEAP) C. Captive portal D. Remote Authentication Dial-In User Service (RADIUS)
C. Captive portal
Which of the following certifications cannot be used to satisfy the security credential requirements for the advanced Certified Internet Web Professional (CIW) certifications? A. Certified Information Systems Security Professional (CISSP) B. GIAC Security Expert (GSE) C. Certified Information Security Manager (CISM) D. Security+
C. Certified Information Security Manager (CISM)
Jim is an experienced security professional who recently accepted a position in an organization that uses Check Point firewalls. What certification can Jim earn to demonstrate his ability to administer these devices? A. Certified Information Systems Security Professional (CISSP) B. Security+ C. Check Point Certified Security Administrator (CCSA) D. Cisco Certified Internetwork Expert (CCIE)
C. Check Point Certified Security Administrator (CCSA)
Bob is sending a message to Alice. He wants to ensure that nobody can read the content of the message while it is in transit. What goal of cryptography is Bob attempting to achieve? A. Authentication B. Integrity C. Confidentiality D. Nonrepudiation
C. Confidentiality
Donnelly is an IT specialist. He is in charge of the server and network appliances inventory. The infrastructure roadmap calls for a network systems reconfiguration in the next six months. Adina, the security expert, asks Donnelly to prepare a standardized list of all current and proposed equipment and then to present it to her in a hardware configuration chart. What does Adina tell Donnelly that the chart should include? A. Impact assessment B. System life cycle C. Copies of all software configurations for routers and switches D. Change control management
C. Copies of all software configurations for routers and switches
Which element is not a core component of the ISO 27002 standard? A. Asset management B. Risk assessment C. Cryptography D. Access control
C. Cryptography
Which type of password attack is used on weak passwords and compares a hashed value of the passwords to the system password file to find a match? A. Social engineering attack B. Brute-force attack C. Dictionary attack D. Rainbow table attack
C. Dictionary attack
What is not a symmetric encryption algorithm? A. Carlisle Adams Stafford Tavares (CAST) B. International Data Encryption Algorithm (IDEA) C. Diffie-Hellman D. Data Encryption Standard (DES)
C. Diffie-Hellman
Security objectives add value to relationships between businesses or between businesses and their customers. Which objective binds a A. Receipt and confirmation B. Message authentication C. Digital signature D. Nonrepudiation
C. Digital signature
Arturo is a network engineer. He wants to implement an access control system in which the owner of the resource decides who can change permissions, and permission levels can be granted to specific users, groups of people in the same or similar job roles, or by project. Which of the following should Arturo choose? A. Nondiscretionary access control B. Access control lists C. Discretionary access control (DAC) D. Mandatory access control (MAC)
C. Discretionary access control (DAC)
Lin is conducting an audit of an identity management system. Which question is not likely to be in the scope of her audit? A. Is the password policy uniformly enforced? B. Does the organization have an effective password policy? C. Does the firewall properly block unsolicited network connection attempts? D. Who grants approval for access requests?
C. Does the firewall properly block unsolicited network connection attempts?
Maria is using accounting software to compile sensitive financial information. She receives a phone call and then momentarily leaves her desk. While she's gone, Bill walks past her cubicle and sees that she has not locked her desktop and left data exposed. Bill uses his smartphone to take several photos of this data with the intent of selling it to the company's competitor. What access control compromise is taking place? A. Exploiting hardware and software B. Gaining physical access C. Eavesdropping by observation D. Accessing networks
C. Eavesdropping by observation
Which security control is most helpful in protecting against eavesdropping on wide area network (WAN) transmissions? A. Deploying an intrusion detection system/intrusion prevention system (IDS/IPS) B. Applying filters on exterior Internet Protocol (IP) stateful firewalls C. Encrypting transmissions with virtual private networks (VPNs) D. Blocking Transmission Control Protocol (TCP) synchronize (SYN) open connections
C. Encrypting transmissions with virtual private networks (VPNs)
Which of the following was developed by researchers at the Center for Education and Research in Information Assurance and Security (CERIAS) at Purdue University? A. Digital Forensic Research Workshop (DFRWS) Framework B. U.S. Department of Defense Forensic Standards C. Event-Based Digital Forensic Investigation Framework D. Scientific Working Group on Digital Evidence (SWGDE) Framework
C. Event-Based Digital Forensic Investigation Framework
Which of the following is an example of a direct cost that might result from a business disruption? A. Lost market share B. Damaged reputation C. Facility repair D. Lost customers
C. Facility repair
Erin is a system administrator for a U.S. federal government agency. What law contains guidance on how she may operate a federal information system? A. Gramm-Leach-Bliley Act (GLBA) B. Family Educational Rights and Privacy Act (FERPA) C. Federal Information Security Management Act (FISMA) D. Sarbanes-Oxley Act (SOX)
C. Federal Information Security Management Act (FISMA)
Which compliance obligation includes security requirements that apply specifically to the European Union? A. Gramm-Leach-Bliley Act (GLBA) B. Health Insurance Portability and Accountability Act (HIPAA) C. General Data Protection Regulation (GDPR) D. Federal Information Security Management Act (FISMA)
C. General Data Protection Regulation (GDPR)
Which of the following is an example of a business-to-consumer (B2C) application of the Internet of Things (IoT)? A. Video conferencing B. Traffic monitoring C. Health monitoring D. Infrastructure monitoring
C. Health monitoring
What is key to implementing a consistent Internet of Things (IoT) device, connectivity, and communications environment? A. Broadband capacity B. Privacy laws C. Interoperability and standards D. Proprietary solutions
C. Interoperability and standards
Rodrigo has just received an email at work from an unknown person. The sender claims to have incriminating evidence against Rodrigo and threatens to release it to his employer and his family unless he discloses certain confidential information about his employer's company. Rodrigo does not know that several other people in the organization received the same email. What form of social engineering has occurred? A. Phishing B. Appeal for help C. Intimidation D. Name dropping
C. Intimidation
Which term describes a process that requires an organization to preserve and not alter evidence that may be used in court? This process can help ensure that normal data-handling procedures do not contaminate or even delete data that may be needed for a case. A. E-discovery B. Admissibility C. Legal hold D. Hash function
C. Legal hold
Taylor is a security professional working for a retail company. She is revising the company's policies and procedures to meet Payment Card Industry Data Security Standard (PCI DSS) objectives. One change she has made is to require the use of antivirus software on all systems commonly affected by malware and to keep them regularly updated. Which PCI DSS control objective is she attempting to meet? A. Build and maintain a secure network B. Protect cardholder data C. Maintain a vulnerability management program D. Implement strong access control measures
C. Maintain a vulnerability management program
What is the average time a device will function before it fails? A. Recovery point objective (RPO) B. Recovery time objective (RTO) C. Mean time to failure (MTTF) D. Mean time between failures (MTBF)
C. Mean time to failure (MTTF)
What measures the average amount of time between failures for a particular system? A. Uptime B. Recovery time objective (RTO) C. Mean time to failure (MTTF) D. Mean time to repair (MTTR)
C. Mean time to failure (MTTF)
Which of the following is an example of a reactive disaster recovery plan? A. Disk mirroring B. Surge suppression C. Moving to a warm site D. Antivirus software
C. Moving to a warm site
Susan is troubleshooting a problem with a computer's network cabling. At which layer of the Open Systems Interconnection (OSI) Reference Model is she working? A. Session B. Presentation C. Physical D. Application
C. Physical
Jermaine is a security administrator for his company. He is developing a defense against attacks based on network-mapping methods. He prevents the Internet Control Message Protocol (ICMP) from operating to stop attackers from using ping packets to discover the network layout, but he must also guard against operating system fingerprinting since many attacks are tailored to specific operating systems. What must Jermaine be concerned about? A. Unnecessary services B. Zone transfers C. Port mapping D. Snapshots
C. Port mapping
Chris is writing a document that provides step-by-step instructions for end users seeking to update the security software on their computers. Performing these updates is mandatory. Which type of document is Chris writing? A. Standard B. Guideline C. Procedure D. Policy
C. Procedure
Which data source comes first in the order of volatility when conducting a forensic investigation? A. Swap and paging files B. Files on disk C. Random access memory (RAM) D. Logs
C. Random access memory (RAM)
A brute-force password attack and the theft of a mobile worker's laptop are risks most likely found in which domain of a typical IT infrastructure? A. Local Area Network (LAN) Domain B. Workstation Domain C. Remote Access Domain D. User Domain
C. Remote Access Domain
Which term describes the level of exposure to some event that has an effect on an asset, usually the likelihood that something bad will happen to an asset? A. Threat B. Countermeasure C. Risk D. Vulnerability
C. Risk
What is a U.S. federal government classification level that applies to information that would cause serious damage to national security if it were disclosed? A. Top secret B. Confidential C. Secret D. Private
C. Secret
Tomahawk Industries develops weapons control systems for the military. The company designed a system that requires two different officers to enter their access codes before allowing the system to engage. Which principle of security is this following? A. Need to know B. Least privilege C. Separation of duties D. Security through obscurity
C. Separation of duties
Emily is the information security director for a large company that handles sensitive personal information. She is hiring an auditor to conduct an assessment demonstrating that her firm is satisfying requirements regarding customer private data. What type of assessment should she request? A. Statement on Auditing Standards (SAS) 70 B. Service Organization Control (SOC) 2 C. Service Organization Control (SOC) 3 D. Service Organization Control (SOC) 1
C. Service Organization Control (SOC) 3
Bob is developing a web application that depends on a backend database. What type of attack could a malicious individual use to send commands through his web application to the database? A. Extensible Markup Language (XML) injection B. Cross-site scripting (XSS) C. Structured Query Language (SQL) injection D. Lightweight Directory Access Protocol (LDAP) injection
C. Structured Query Language (SQL) injection
Unauthorized access to data centers and downtime of servers are risks to which domain of an IT infrastructure? A. Remote Access Domain B. Wide Area Network (WAN) Domain C. System/Application Domain D. Workstation Domain
C. System/Application Domain
Which of the following is not true of hash functions? A. The output from the message digest algorithm (MD5) or the Secure Hash Algorithm (SHA) hash provides input for an asymmetric key algorithm that uses a private key as input. B. Hash functions help detect forgeries by computing a checksum of a message and then combining it with a cryptographic function so that the result is tamperproof. C. The hashes produced by a specific hash function may vary in size. D. A hash is a checksum designed so that no one can forge a message in a way that will result in the same hash as a legitimate message.
C. The hashes produced by a specific hash function may vary in size.
Log files can help provide evidence of normal and abnormal system activity, as well as valuable information on how well security controls are doing their jobs. Regulation, policy, or log volume might dictate how much log information to keep. If a log file is subject to litigation, how long must a company keep it? A. Until litigation starts B. A minimum of seven years C. Until the case is over D. At least one year
C. Until the case is over
In which domain of a typical IT infrastructure is the first layer of defense for a layered security strategy? A. Workstation Domain B. Local Area Network (LAN) Domain C. User Domain D. System/Application Domain
C. User Domain
Wen is a network engineer. He would like to isolate several systems belonging to the product development group from other systems on the network, without adding new hardware. What technology is best to use? A. Virtual private network (VPN) B. Network access control (NAC) C. Virtual LAN (VLAN) D. Transport Layer Security (TLS)
C. Virtual LAN (VLAN)
On early Ethernet networks, all computers were connected to a single wire, forcing them to take turns on a local area network (LAN). Today, this situation is alleviated on larger networks because each computer has a dedicated wire connected to a ___________ that controls a portion of the LAN. Answers:A. firewall B. router C. switch D. server
C. switch
Which of the following is not a market driver for the Internet of Things (IoT)? A. Smaller and faster computing B. Global adoption of Internet Protocol (IP) networking C. Advancements in data analytics D. A decline in cloud computing
D. A decline in cloud computing
Alice would like to send a message to Bob using a digital signature. What cryptographic key does Alice use to create the digital signature? A. Alice's public key B. Bob's private key C. Bob's public key D. Alice's private key
D. Alice's private key
Bob received a message from Alice that contains a digital signature. What cryptographic key does Bob use to verify the digital signature? A. Bob's private key B. Alice's private key C. Bob's public key D. Alice's public key
D. Alice's public key
Which of the following enables businesses to transform themselves into an Internet of Things (IoT) service offering? A. Store-and-forward communications B. Remote sensoring C. Real-time tracking and monitoring D. Anything as a Service (AaaS) delivery model
D. Anything as a Service (AaaS) delivery model
Mary is designing a software component that will function at the Presentation Layer of the Open Systems Interconnection (OSI) Reference Model. What other two layers of the model will her component need to interact with? A. Network and Session B. Session and Transport C. Application and Transport D. Application and Session
D. Application and Session
In an accreditation process, who has the authority to approve a system for implementation? A. Certifier B. System owner C. System administrator D. Authorizing official (AO)
D. Authorizing official (AO)
Tonya would like to protect her users and the network when users browse to known dangerous sites. She plans to maintain a list of those sites and drop messages from those websites. What type of approach is Tonya advocating? A. Change detection B. Integrity checking C. Whitelisting D. Blacklisting
D. Blacklisting
What certification focuses on information systems audit, control, and security professionals? A. Certified in Risk and Information Systems Control (CRISC) B. Certified in the Governance of Enterprise IT (CGEIT) C. Certified Information Security Manager (CISM) D. Certified Information Systems Auditor (CISA)
D. Certified Information Systems Auditor (CISA)
Rodrigo is a security professional. He is creating a policy that gives his organization control over mobile devices used by employees while giving them some options as to the type of device they will use. Which approach to mobile devices is Rodrigo focusing on in the policy? A. Company-owned business-only (COBO) B. Bring Your Own Device (BYOD) C. Company-owned/personally enabled (COPE) D. Choose Your Own Device (CYOD)
D. Choose Your Own Device (CYOD)
Which cryptographic attack is relevant in only asymmetric key systems and hash functions? A. Chosen plaintext B. Known plaintext C. Cipher-text only D. Chosen ciphertext
D. Chosen ciphertext
Rylie is a newly hired cybersecurity expert for a government agency. Rylie used to work in the private sector. She has discovered that, whereas private sector companies often had confusing hierarchies for data classification, the government's classifications are well known and standardized. As part of her training, she is researching data that requires special authorization beyond normal classification. What is this type of data called? A. Exclusive B. Assured C. Public D. Compartmentalized
D. Compartmentalized
Which type of computer crime often involves nation-state attacks by well-funded cybercriminals? A. Cyberstalking B. Online fraud C. Identity theft D. Cyberterrorism
D. Cyberterrorism
Omar is an infrastructure security professional. After reviewing a set of professional ethics issued by his company, he is learning and adopting ethical boundaries in an attempt to demonstrate them to others. What is this called? A. Communicating the freedom to access all system resources B. Understanding common assumptions that lead computer users to unethical behavior C. Informing users through security awareness training D. Encouraging the adoption of ethical guidelines and standards
D. Encouraging the adoption of ethical guidelines and standards
Tonya is working with a team of subject matter experts to diagnose a problem with her system. The experts determine that the problem likely resides at the Transport Layer of the Open Systems Interconnection (OSI) model. Which functionality is the most likely suspect? A. Signaling B. Routing C. Process-to-process communication D. End-to-end communication maintenance
D. End-to-end communication maintenance
Which regulation requires schools to receive written permission from a parent or an eligible student before releasing any information contained in a student's education record? A. Children's Online Privacy Protection Act (COPPA) B. Government Information Security Reform Act (Security Reform Act) of 2000 C. California Security Breach Information Act (SB 1386) of 2003 D. Family Education Rights and Privacy Act (FERPA)
D. Family Education Rights and Privacy Act (FERPA)
With the use of Mobile IP, which device is responsible for assigning each mobile node (MN) a local address? A. Correspondent node (CN) B. Home agent (HA) C. Care of address (COA) D. Foreign agent (FA)
D. Foreign agent (FA)
Isabella is in charge of the disaster recovery plan (DRP) team. She needs to ensure that data center operations will transfer smoothly to an alternate site in the event of a major interruption. She plans to run a complete test that will interrupt the primary data center and transfer processing capability to a hot site. What option is described in this scenario? A. Parallel test B. Structured walk-through C. Simulation test D. Full-interruption test
D. Full-interruption test
Juan comes across documentation from his organization related to several information security initiatives using different standards as their reference. Which International Organization for Standardization (ISO) standard provides current guidance on information security management? A. ISO 9000 B. ISO 17799 C. ISO 14001 D. ISO 27002
D. ISO 27002
Yolanda would like to prevent attackers from using her network as a relay point for a smurf attack. What protocol should she filter? A. User Datagram Protocol (UDP) B. Transmission Control Protocol (TCP) C. Hypertext Transfer Protocol (HTTP) D. Internet Control Message Protocol (ICMP)
D. Internet Control Message Protocol (ICMP)
Isabella is an IT security manager for a state agency. The agency can survive for nine hours without a functioning data center. If the power goes out in her data center, Isabella estimates it will take six hours to move data center operations to an alternate site. Which of the following describes how long the agency can survive without a functioning data center? A. Critical business function (CBF) B. Recovery time objective (RTO) C. Recovery point objective (RPO) D. Maximum tolerable downtime (MTD)
D. Maximum tolerable downtime (MTD)
Hajar is a network engineer. She is creating a system of access involving clearance and classification based on users and the objects they need in a secure network. She is restricting access to secure objects by users based on least privilege and which of the following? A. Job rotation B. Security awareness C. Separation of duties D. Need to know
D. Need to know
What level of technology infrastructure should you expect to find in a cold site alternative data center facility? A. Hardware that mirrors the primary site, but no data B. Hardware and data that mirror the primary site C. Basic computer hardware D. No technology infrastructure
D. No technology infrastructure
Janette is the director of her company's network infrastructure group. She is explaining to the business owners the advantages and disadvantages of outsourcing network security. One consideration she presents is the question of who would be responsible for the data, media, and infrastructure. What consideration is she describing? A. Risk B. Adherence to policy C. Privacy D. Ownership
D. Ownership
A computing device does not play which role in a crime? A. Repository B. Target C. Instrument D. Perpetrator
D. Perpetrator
An automatic teller machine (ATM) uses a form of constrained user interface to limit the user's ability to access resources in the system. Specifically for ATMs, which method is being used? A. Encryption B. Database views C. Menus D. Physically constrained user interfaces
D. Physically constrained user interfaces
Violet deploys an intrusion prevention system (IPS) on her network as a security control. What type of control has Violet deployed? A. Deterrent B. Detective C. Corrective D. Preventive
D. Preventive
Marguerite is creating a budget for a software development project. What phase of the system life cycle is she undertaking? A. Operations and maintenance B. System design specification C. Functional requirements and definition D. Project initiation and planning
D. Project initiation and planning
Christopher is designing a security policy for his mid-size company. He would like to use an approach that allows a reasonable list of activities but prohibits all other activities. Which level of permission is he planning to use? A. Promiscuous B. Permissive C. Paranoid D. Prudent
D. Prudent
What type of organizations are required to comply with the Sarbanes-Oxley Act (SOX)? A. Government agencies B. Nonprofit organizations C. Privately held companies D. Publicly traded companies
D. Publicly traded companies
From a security perspective, what should organizations expect will occur as they become more dependent on the Internet of Things (IoT)? A. Security risks will be eliminated. B. Security risks will decrease. C. Security risks will stay the same. D. Security risks will increase.
D. Security risks will increase.
As a follow-up to her annual testing, Isabella would like to conduct quarterly disaster recovery tests. These tests should include role-playing and introduce as much realism as possible without affecting live operations. What type of test should Isabella conduct? A. Parallel test B. Structured walk-through C. Checklist test D. Simulation test
D. Simulation test
What is an example of an alteration threat? A. Intentional information leak B. Espionage C. Denial of service D. System or data modification
D. System or data modification
Susan is a digital forensic examiner. She is investigating a case in which a driver has been accused of vehicular homicide. She has the driver's mobile device and cellular records. What type of mobile device evidence is most likely to reveal whether the driver was actively using a mobile device when the incident occurred? A. Global positioning system (GPS) information and history B. Network connection information and history C. Device information D. Text messages
D. Text messages
Which term describes an action that can damage or compromise an asset? A. Countermeasure B. Risk C. Vulnerability D. Threat
D. Threat
What is the main purpose of risk identification in an organization? A. To create a disaster recovery plan (DRP) B. To create a business continuity plan (BCP) C. To understand threats to critical resources D. To make the organization's personnel aware of existing risk
D. To make the organization's personnel aware of existing risk
What is not a typical sign of virus activity on a system? A. Unexpected error messages B. Sudden sluggishness of applications C. Unexplained decrease in available disk space D. Unexpected power failures
D. Unexpected power failures
An attacker attempting to break into a facility pulls the fire alarm to distract the security guard manning an entry point. Which type of social engineering attack is the attacker using? A. Whaling B. Authority C. Vishing D. Urgency
D. Urgency
Bob has a high-volume virtual private network (VPN). He would like to use a device that would best handle the required processing power. What type of device should he use? A. Firewall B. Unified threat management (UTM) C. Router D. VPN concentrator
D. VPN concentrator
What is the only unbreakable cipher when it is used properly? A. Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) B. Blowfish C. Rivest-Shamir-Adelman (RSA) D. Vernam
D. Vernam
What type of attack against a web application uses a newly discovered vulnerability that is not patchable? A. Cross-site scripting (XSS) B. Cross-site request forgery (CSRF) C. Structured Query Language (SQL) injection D. Zero-day attack
D. Zero-day attack
Leola is a cybersecurity consultant hired by a company to test the effectiveness of its network's defenses. She has something in common with the malicious people who would perform the same tasks involved in _________________, except that, unlike Leola, they would not have consent to perform this action against the system. A. stateful matching B. system hardening C. network access control D. penetration testing
D. penetration testing
The ___________ is the central part of a computing environment's hardware, software, and firmware that enforces access control. A. coprocessor B. memory C. CPU D. security kernel
D. security kernel
A ________ is used to identify the part of an Ethernet network where all hosts share the same host address. A. switch B. access point C. router D. subnet mask
D. subnet mask
Purchasing an insurance policy is an example of A. avoid B. accept C. reduce D. transfer
D. transfer