Final Exam
True or False? During a simulation test of a contingency plan, you must shut down the original system at the primary site for the duration.
False
True or False? Hijacking refers to the use of social engineering to obtain access credentials, such as usernames and passwords.
False
True or False? Mandatory vacations minimize risk by rotating employees among various systems or duties.
False
True or False? Operating systems remove data when a file is deleted.
False
True or False? Privacy is the process used to keep data private.
False
True or False? Regulatory compliance means complying with an organization's own policies, audits, culture, and standards.
False
True or False? Symantec offers vendor-neutral certifications as well as certifications for its product lines.
False
True or False? System infectors are viruses that attack document files containing embedded macro programming capabilities.
False
True or False? Testimonial evidence is often the most important evidence in court because it provides relevance for other types of evidence.
False
True or False? The (ISC)2 Certified Secure Software Lifecycle Professional (CSSLP) credential measures the knowledge and skills necessary for professionals involved in the process of authorizing and maintaining information systems.
False
True or False? The Family Educational Rights and Privacy Act (FERPA) requires that specific information security controls be implemented to protect student records.
False
True or False? The Gramm-Leach-Bliley Act (GLBA) applies to the financial activities of both consumers and privately held companies.
False
True or False? The Health Insurance Portability and Accountability Act (HIPAA) applies only to current mental and physical health information and payments.
False
True or False? The Health Insurance Portability and Accountability Act (HIPAA) replaced the Health Information Technology for Economic and Clinical Health (HITECH) Act.
False
True or False? The ISACA Certified in Risk and Information Systems Control (CRISC) certification targets security professionals who ensure that their organization satisfies IT governance requirements.
False
True or False? The International Electrotechnical Commission (IEC) develops standards, which cover both wired and wireless communication technologies, that are commonly adopted by member countries in the European Union (EU).
False
True or False? The International Organization for Standardization (ISO) publishes the IEEE 802 local area network (LAN)/metropolitan area network (MAN) standards family.
False
True or False? The International Standard Book Number (ISBN) is an Institute of Electrical and Electronics Engineers (IEEE) standard.
False
True or False? The Internet Engineering Task Force (IETF) request for comments (RFC) development process is conducted solely by scientists on the Internet Architecture Board (IAB).
False
True or False? The National Institute of Standards and Technology (NIST) is a nongovernmental organization whose goal is to develop and publish international standards.
False
True or False? The federal agencies that oversee Gramm-Leach-Bliley Act (GLBA) compliance may not act against the financial institutions that they regulate when those institutions violate GLBA.
False
True or False? The main goal of the California Consumer Privacy Act (CCPA) is to prevent details of data breaches from being shared with the public.
False
True or False? The main goal of the Gramm-Leach-Bliley Act (GLBA) is to protect investors from financial fraud.
False
True or False? The process of remediation makes sure all personnel are aware of and comply with an organization's policies.
False
True or False? The term "data owner" refers to the person or group that manages an IT infrastructure.
False
True or False? The waterfall software development model works well in very dynamic environments where requirements change and are often revisited.
False
True or False? Under the Payment Card Industry Data Security Standard (PCI DSS), the rules with which an organization must comply depend on which types of payment cards they accept.
False
True or False? When outsourcing operations to a cloud service provider, the client is responsible for determining the best fault tolerance implementations to meet the service level-agreement (SLA) availability requirements.
False
True or False? Worms operate by encrypting important files or even the entire storage device and making them inaccessible.
False
Antonio is responsible for tuning his organization's intrusion detection system. He notices that the system reports an intrusion alert each time that an administrator connects to a server using Secure Shell (SSH). What type of error is occurring? Remote administration error False positive error Clipping error False negative error
False positive error
Which of the following agencies is not involved in the Gramm-Leach-Bliley Act (GLBA) oversight process? Securities and Exchange Commission (SEC) Federal Trade Commission (FTC) Federal Deposit Insurance Corporation (FDIC) Federal Communications Commission (FCC)
Federal Communications Commission (FCC)
Erin is a system administrator for a U.S. federal government agency. What law contains guidance on how she may operate a federal information system? Family Educational Rights and Privacy Act (FERPA) Federal Information Security Management Act (FISMA) Gramm-Leach-Bliley Act (GLBA) Sarbanes-Oxley Act (SOX)
Federal Information Security Management Act (FISMA)
True or False? Classification scope determines what data to classify; classification process determines how to handle classified data.
True
True or False? Spyware does not use cookies.
False
True or False? Committee of Sponsoring Organizations (COSO) is a set of best practices for IT management.
False
True or False? CompTIA Security+ is an expert-level security certification.
False
True or False? Cyberterrorism is the use of online media and assets to harass individuals.
False
True or False? Change control is the management of changes to the configuration of a system.
True
What is the purpose of a disaster recovery plan (DRP)? To set the value of each business process or resource as it relates to how the entire organization operates To identify the critical needs to develop a business recovery plan To set the order or priority for restoring an organization's functions after a disruption To enable an organization to make critical decisions ahead of time so personnel can manage and review decisions without the urgency of an actual disaster
(A DRP enables an organization to make critical decisions ahead of time. That way, personnel can manage and review decisions without the urgency of an actual disaster. If these plans are not ready in advance, security professionals and managers will have to make best-guess decisions under huge pressure.)
Which of the following is not true of requests for comments (RFCs)? Only some RFCs specify standards. RFCs may be modified. RFCs may originate with organizations other than the Internet Engineering Task Force (IETF). A Proposed Standard is the initial official stage of an RFC that defines a formal standard.
(RFCs never change. Any change to an RFC gets a new number and becomes a new RFC.)
What file type is least likely to be impacted by a file infector virus? .exe .docx .com .dll
.docx
Susan performs a full backup of her server every Sunday at 1:00 a.m. and differential backups on Mondays through Fridays at 1:00 a.m. Her server fails at 9:00 a.m. on Wednesday. How many backups does Susan need to restore? 1 2 3 4
2
How many domains of knowledge are covered by the Certified Information Systems Security Professional (CISSP) exam? 7 8 9 10
8
True or False? Configuration changes can be made at any time during a system life cycle, and no process is required.
False
Devaki is a network engineer. She is diagnosing an issue with a small business customer's wireless local area network (WLAN). She knows the Institute of Electrical and Electronics Engineers (IEEE) has created the standards involved in various network technologies. While WLAN standards cover a wide array of subsets, which general standard does she need to consult that addresses all WLANs? 802.3 802.11 802.16 802.18
802.11
Mark is considering outsourcing security functions to a third-party service provider. What benefit is he most likely to achieve? Higher degree of privacy Access to a higher level of expertise Developing in-house talent Building internal knowledge
Access to a higher level of expertise
Hajar is responsible for keeping her banking institution's servers operating 24/7/365. Her recovery strategy is to have fully redundant or duplicate operations and synchronized data and to operate the site continuously. Which strategy has she selected? Alternate processing center or mirrored site Hot site Mobile site Warm site
Alternate processing center or mirrored site
Under the Federal Information Security Management Act (FISMA) of 2002, which of the following broadens the scope of FISMA beyond a federal agency and is important because IT systems and functions are often outsourced? The Office of Management and Budget (OMB) is responsible for FISMA compliance. An agency must protect the IT systems that support its operations even if another agency or contractor owns the IT systems. FISMA requires each federal agency to create an agency-wide information security program. Agencies must test and evaluate the security program at least annually and test IT systems with greater risk more often.
An agency must protect the IT systems that support its operations even if another agency or contractor owns the IT systems.
What is not a privacy principle created by the Organisation for Economic Co-operation and Development (OECD)? An organization should collect only what it needs. An organization should share its information. An organization should keep its information up to date. An organization should properly destroy its information when it is no longer needed.
An organization should share its information.
In the Open Systems Interconnection (OSI) Reference Model, which layer has the user interface that displays information to the user? Application Presentation Session Transport
Application
Mary is designing a software component that will function at the Presentation Layer of the Open Systems Interconnection (OSI) Reference Model. What other two layers of the model will her component need to interact with? Network and Session Session and Transport Application and Session Application and Transport
Application and Session
In what area does the Internet Architecture Board (IAB) provide oversight on behalf of the Internet Engineering Task Force (IETF)? Architecture for Internet protocols and procedures Strengthening the U.S. marketplace within the global economy Developing alternate methods used to document operational specifications Subject matter expertise on routing and switching
Architecture for Internet protocols and procedures
Jiang is pursuing a career in information security. He wants to eventually achieve the (ISC)2 Certified Information Systems Security Professional (CISSP) certification but does not have the required experience. If he passes the CISSP exam now, which credential will Jiang get? CISSP-ISSAP Systems Security Certified Practitioner (SSCP) Certified Cloud Security Professional (CCSP) Associate of (ISC)2
Associate of (ISC)2
In an accreditation process, who has the authority to approve a system for implementation? Certifier Authorizing official (AO) System owner System administrator
Authorizing official (AO)
Lin is creating a template for the configuration of Windows servers in her organization. The configuration includes the basic security settings that should apply to all systems. What type of document should she create? Baseline Policy Guideline Procedure
Baseline
Takako is a security engineer for her company's IT department. She has been tasked with developing a security monitoring system for the company's infrastructure to determine when any network activity occurs outside the norm. What essential technique does she start with? Alarms Baselines Covert acts Intrusion detection system (IDS)
Baselines
Tonya would like to protect her users and the network when users browse to known dangerous sites. She plans to maintain a list of those sites and drop messages from those websites. What type of approach is Tonya advocating? Blacklisting Change detection Integrity checking Whitelisting
Blacklisting
Joe is the Chief Executive Officer (CEO) of a company that handles medical billing for several regional hospital systems. How would Joe's company be classified under the Health Insurance Portability and Accountability Act (HIPAA)? Covered entity as a health plan Covered entity as a health care clearinghouse Covered entity as a provider Business associate of a covered entity
Business associate of a covered entity
Hajar has been an (ISC)2 Certified Information Systems Security Professional (CISSP) for 10 years. She would like to earn an advanced certification that demonstrates her ability in systems security engineering. Which of the following CISSP concentrations would meet Hajar's needs? CISSP-ISASP CISSP-ISSEP CISSP-ISSMP CISSP-ISSAP
CISSP-ISSEP
Arturo is leading a project to commission a new information system that will be used by a U.S. federal government agency. The agency uses the risk management framework (RMF) approach for Federal Information Security Management Act (FISMA) compliance. He is working with his team to assess and document agency IT systems based on risk. What step of the risk management framework is Arturo completing? Implement security controls in IT systems Assess security controls for effectiveness Categorize information systems Continuously monitor security controls
Categorize information systems
Richard would like to earn a certification that demonstrates his ability to manage enterprise security programs. What certification would be most appropriate for Richard? Certified Information Security Manager (CISM) Certified Information Systems Auditor (CISA) Certified in the Governance of Enterprise IT (CGEIT) Certified in Risk and Information Systems Control (CRISC)
Certified Information Security Manager (CISM)
Jim is an experienced security professional who recently accepted a position in an organization that uses Check Point firewalls. What certification can Jim earn to demonstrate his ability to administer these devices? Certified Information Systems Security Professional (CISSP) Cisco Certified Internetwork Expert (CCIE) Security+ Check Point Certified Security Administrator (CCSA)
Check Point Certified Security Administrator (CCSA)
Betty visits a local library with her young children. She notices that someone using a computer terminal in the library is visiting pornographic websites. What law requires that the library filter offensive web content for minors? Children's Online Privacy Protection Act (COPPA) Sarbanes-Oxley Act (SOX) Family Educational Rights and Privacy Act (FERPA) Children's Internet Protection Act (CIPA)
Children's Internet Protection Act (CIPA)
Oscar is a network engineer. He is responsible for the networks and security protections, such as firewalls, in his local government agency. He is beginning a professional development journey and trying to determine an entry-level or associate-level security certification that is a good match with his current knowledge and skills. Which certification should he pursue? Cisco Certified Network Associate (CCNA) Juniper Networks Certified Internet Professional (JNCIP)-Enterprise Administration of Symantec Security Analytics Check Point Certified Security Administrator (CCSA)
Cisco Certified Network Associate (CCNA)
Which method of fault tolerance connects two or more computers to act like a single computer in a highly coordinated manner? Redundant Array of Inexpensive Disks (RAID) Clustering Load balancing Outsourcing to the cloud
Clustering
Rylie is a newly hired cybersecurity expert for a government agency. Rylie used to work in the private sector. She has discovered that, whereas private sector companies often had confusing hierarchies for data classification, the government's classifications are well known and standardized. As part of her training, she is researching data that requires special authorization beyond normal classification. What is this type of data called? Compartmentalized Assured Public Exclusive
Compartmentalized
Which principle of effective digital forensic investigations helps to ensure data in memory is not lost? Minimize original data handling Enforce the rules of evidence Do not exceed your knowledge Consider data volatility
Consider data volatility
Which of the following should you avoid during a disaster and recovery? Continue normal processes, such as separation of duties or spending limits If a number of systems are down, provide additional guidance or support to users Combine services that were on different hardware platforms onto common servers to speed up recovery While running at the alternate site, continue to make backups of data and systems
Continue normal processes, such as separation of duties or spending limits (It is better to suspend normal processes, such as separation of duties or spending limits. Compensate with additional controls or by additional auditing. The disaster recovery plan (DRP) should give added privileges or spending authority to certain people or for certain tasks.)
Donnelly is an IT specialist. He is in charge of the server and network appliances inventory. The infrastructure roadmap calls for a network systems reconfiguration in the next six months. Adina, the security expert, asks Donnelly to prepare a standardized list of all current and proposed equipment and then to present it to her in a hardware configuration chart. What does Adina tell Donnelly that the chart should include? Change control management Copies of all software configurations for routers and switches Impact assessment System life cycle
Copies of all software configurations for routers and switches
Maya is creating a computing infrastructure compliant with the Payment Card Industry Data Security Standard (PCI DSS). What type of information is she most likely trying to protect? Health records Credit card information Educational records Trade secrets
Credit card information
Applications represent the most common avenue for users, customers, and attackers to access data, which means you must build the software to enforce the security policy and to ensure compliance with regulations, including the privacy and integrity of both data and system processes. Regardless of the development model, the application must validate all input. Certain attacks can take advantage of weak validation. One such attack provides script code that causes a trusted user who views the input script to send malicious commands to a web server. What is this called? Cross-site scripting (XSS) Cross-site request forgery (XSRF) Distributed denial of service (DDoS) Structured Query Language (SQL) injection
Cross-site request forgery (XSRF)
Larry recently viewed an auction listing on a website. As a result, his computer executed code that popped up a window that asked for his password. What type of attack has Larry likely encountered? Structured Query Language (SQL) injection Command injection Extensible Markup Language (XML) injection Cross-site scripting (XSS)
Cross-site scripting (XSS)
What program, released in 2013, is an example of ransomware? BitLocker CryptoLocker FileVault CryptoVault
CryptoLocker
Which element is not a core component of the ISO 27002 standard? Risk assessment Cryptography Asset management Access control
Cryptography
Alan withdraws cash from an ATM belonging to Bank X that is coming from his account with Bank Y. What is Alan's relationship with Bank X? Customer Covered entity Nonaffiliated third party Consumer
Customer
Alan withdraws cash from an ATM belonging to Bank X that is coming from his account with Bank Y. What is Alan's relationship with Bank Y? Customer Covered entity Nonaffiliated third party Consumer
Customer
Which type of computer crime often involves nation-state attacks by well-funded cybercriminals? Cyberstalking Cyberterrorism Online fraud Identity theft
Cyberterrorism
Juan is an experienced information security professional. He has spent a lot of time evaluating computers for evidence of criminal or malicious activity as well as recovering data. Which Global Information Assurance Certification (GIAC) credential focus area is most likely to have certifications that are a good fit for Juan's skills and knowledge? Management, Legal, and Audit Industrial Control Systems Digital Forensics & Incident Response Cloud Security
Digital Forensics & Incident Response
Which of the following is not true of U.S. Department of Defense/military Directive (DoDD) 8140? DoDD 8140 includes training and certification in cybersecurity to prepare Department of Defense (DoD) personnel to meet the demands of cyberwarfare. DoDD 8140 is more role based than the 8570.01 directive. DoDD 8140 is an operationally focused cybersecurity training framework. DoDD 8140 certifications are unique and will not include commercial certifications.
DoDD 8140 certifications are unique and will not include commercial certifications.
Which type of evidence is stored in a computer's memory, as well as on storage devices as in files, and must be accompanied by documentation that validates the evidence's authenticity? Real Documentary Testimonial Demonstrative
Documentary
Lin is conducting an audit of an identity management system. Which question is not likely to be in the scope of her audit? Does the organization have an effective password policy? Does the firewall properly block unsolicited network connection attempts? Who grants approval for access requests? Is the password policy uniformly enforced?
Does the firewall properly block unsolicited network connection attempts?
Which document is the Internet Engineering Task Force (IETF) request for comments (RFC) second stage, after participants have demonstrated that the standard has been deployed in working environments? Proposed Standard (PS) Draft Standard (DS) Standard (STD) Best Current Practice (BCP)
Draft Standard (DS)
Omar is an infrastructure security professional. After reviewing a set of professional ethics issued by his company, he is learning and adopting ethical boundaries in an attempt to demonstrate them to others. What is this called? Encouraging the adoption of ethical guidelines and standards Informing users through security awareness training Communicating the freedom to access all system resources Understanding common assumptions that lead computer users to unethical behavior
Encouraging the adoption of ethical guidelines and standards
Which technology category would not likely be the subject of a standard published by the International Electrotechnical Commission (IEC)? Semiconductors Solar energy Encryption Consumer appliances
Encryption
Tonya is working with a team of subject matter experts to diagnose a problem with her system. The experts determine that the problem likely resides at the Transport Layer of the Open Systems Interconnection (OSI) model. Which functionality is the most likely suspect? Process-to-process communication End-to-end communication maintenance Routing Signaling
End-to-end communication maintenance (The Transport Layer (Layer 4) provides error-free communications across a network as well as the connections needed by software functions in the Session Layer (Layer 5). In addition, it calls functions in the Network Layer (Layer 3), the next layer down, to send and receive packets that comprise the contents of the network communication.)
Which of the following is least likely to be needed when rebuilding systems that were damaged during a disaster? Updating operating systems and applications with the most current patches Restoring data to the recovery point objective (RPO) Ensuring there are adequate operating system licenses Activating access control rules, directories, and remote access systems to permit users to get on the new systems
Ensuring there are adequate operating system licenses
Which organization creates information security standards that specifically apply within the European Union (EU)? International Telecommunication Union (ITU) American National Standards Institute (ANSI) European Telecommunications Standards Institute (ETSI) Cyber Security Technical Committee (TC CYBER) Institute of Electrical and Electronics Engineers (IEEE)
European Telecommunications Standards Institute (ETSI) Cyber Security Technical Committee (TC CYBER)
Biyu is a network administrator. She is developing the compliance aspect of her company's security policy. Currently, she is focused on the records of actions that the organization's operating system or application software creates. What aspect of compliance is Biyu focusing on? Certification Event logs Professional ethics Remediation
Event logs
True or False? A business impact analysis (BIA) details the steps to recover from a disruption and restore the infrastructure necessary for normal business operations.
False
True or False? A port-scanning tool enables an attacker to escalate privileges on a network server.
False
True or False? A smurf attack tricks users into providing logon information on what appears to be a legitimate website but is in fact a website set up by an attacker to obtain this information.
False
True or False? A website designer seeking guidance on how to incorporate Simple Object Access Protocol (SOAP) and Extensible Markup Language (XML) would most likely consult Internet Engineering Task Force (IETF) requests for comments (RFCs).
False
True or False? All types of disaster recovery sites are available in the cloud.
False
True or False? Change does not create risk for a business.
False
True or False? Clustering comprises multiple disk drives that appear as a single disk drive but actually store multiple copies of data in case a disk drive in the array fails.
False
Bob is preparing to dispose of magnetic media and wishes to destroy the data stored on it. Which method is not a good approach for destroying data? Formatting Degaussing Physical destruction Repeatedly overwriting data
Formatting
Antivirus, firewall, and email use policies belong to what part of a security policy hierarchy? Environment Functional policies in support of organization policy Organizational security policy Supporting mechanisms
Functional policies in support of organization policy
Lin works for a large financial institution. She has been asked to create a written information security program, which must state how the institution collects and uses customer data and must describe the controls used to protect that data. She is also in charge of running the program, conducting a risk assessment to identify risks to customer information, and assessing current safeguards to make sure they are effective, among other tasks. Which of the following is she trying to comply with? Gramm-Leach-Bliley Act (GLBA) Privacy Rule GLBA Safeguards Rule Sarbanes-Oxley Act (SOX) certification requirements Payment Card Industry Data Security Standard (PCI DSS)
GLBA Safeguards Rule (The Safeguards Rule requires a financial institution to create a written information security program, assign someone to run the program, conduct a risk assessment, assess safeguards, and design and implement safeguards to control risks. The rule requires financial institutions to have programs that are a good fit for their size and complexity and are suitable for the sensitivity of the customer data that the institution uses.)
Devaki is a new compliance manager. She is reading about various regulations to determine which ones apply to her industry. What law applies specifically to consumer data that originates in Europe? Health Insurance Portability and Accountability Act (HIPAA) Sarbanes-Oxley Act (SOX) Payment Card Industry Data Security Standard (PCI DSS) General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)
Which of the following is a unit of measure that represents frequency and is expressed as the number of cycles per second? Power Weber Gauss Hertz
Hertz
What type of system is intentionally exposed to attackers in an attempt to lure them out? Honeypot Bastion host Web server Database server
Honeypot
Gary is troubleshooting a security issue on an Ethernet network. He would like to look at the relevant Ethernet standard. What publication should he seek out? NIST 800-53 IEEE 802.3 ANSI X.1199 ISO 17799
IEEE 802.3
Juan comes across documentation from his organization related to several information security initiatives using different standards as their reference. Which International Organization for Standardization (ISO) standard provides current guidance on information security management? ISO 17799 ISO 9000 ISO 27002 ISO 14001
ISO 27002
What is a set of concepts and policies for managing IT infrastructure, development, and operations? The information is published in a series of books, each covering a separate IT management topic. ISO 27002 Control Objectives for Information and Related Technology (COBIT) IT Infrastructure Library (ITIL) National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF)
IT Infrastructure Library (ITIL)
During which step of the incident-handling process does triage take place? Identification Notification Response Recovery and follow-up
Identification
Tim is implementing a set of controls designed to ensure that financial reports, records, and data are accurately maintained. What information security goal(s) is Tim attempting to achieve? Integrity Integrity and availability Availability Confidentiality
Integrity
Fran is interested in learning more about the popular Certified Ethical Hacker (CEH) credential. What organization should she contact? High Tech Crime Network International Council of E-Commerce Consultants (EC-Council) Software Engineering Institute—Carnegie Mellon University The International Society of Forensic Computer Examiners
International Council of E-Commerce Consultants (EC-Council)
Maria is working on the definition and application of the terms gauss, hertz, and weber. Which standards source should she consult? International Electrotechnical Commission (IEC) International Telecommunication Union Telecommunication Sector (ITU-T) World Wide Web Consortium (W3C) Internet Engineering Task Force (IETF)
International Electrotechnical Commission (IEC)
Bill is conducting an analysis of a new IT service. He would like to assess it using the Open Systems Interconnection (OSI) Reference Model and would like to learn more about this framework. What organization should he turn to for the official definition of OSI? Ocean Surveillance Information System (OSIS) International Organization for Standardization (ISO) National Institute of Standards and Technology (NIST) Information Systems Audit and Control Association (ISACA)
International Organization for Standardization (ISO)
Which organization promotes technology issues as an agency of the United Nations? International Telecommunication Union (ITU) Institute of Electrical and Electronics Engineers (IEEE) American National Standards Institute (ANSI) Internet Assigned Numbers Authority (IANA)
International Telecommunication Union (ITU)
Yolanda would like to prevent attackers from using her network as a relay point for a smurf attack. What protocol should she filter? Hypertext Transfer Protocol (HTTP) Transmission Control Protocol (TCP) Internet Control Message Protocol (ICMP) User Datagram Protocol (UDP)
Internet Control Message Protocol (ICMP)
Rodrigo has just received an email at work from an unknown person. The sender claims to have incriminating evidence against Rodrigo and threatens to release it to his employer and his family unless he discloses certain confidential information about his employer's company. Rodrigo does not know that several other people in the organization received the same email. What form of social engineering has occurred? Intimidation Name dropping Appeal for help Phishing
Intimidation
Which of the following is not true of data backup options? A full backup copies everything to backup media. A differential backup starts with making a full backup; successive backups back up changes made since the last full backup. An incremental backup starts with a full backup; successive backups back up only that day's changes. It is faster to create differential weekday backups than incremental backups.
It is faster to create differential weekday backups than incremental backups.
Which term describes a process that requires an organization to preserve and not alter evidence that may be used in court? This process can help ensure that normal data-handling procedures do not contaminate or even delete data that may be needed for a case. Legal hold E-discovery Admissibility Hash function
Legal hold
What is the average time a device will function before it fails? Recovery time objective (RTO) Recovery point objective (RPO) Mean time to failure (MTTF) Mean time between failures (MTBF)
Mean time to failure (MTTF)
Alison is a security professional. A user reports that, after opening an email attachment, every document he saves is in a template format and other Microsoft Word documents will not open. After investigating the issue, Alison determines that the user's Microsoft Office normal.dot template has been damaged, as well as many Word files. What type of virus is the most likely cause? Polymorphic virus Retro virus Cross-platform virus Macro virus
Macro virus
Taylor is a security professional working for a retail company. She is revising the company's policies and procedures to meet Payment Card Industry Data Security Standard (PCI DSS) objectives. One change she has made is to require the use of antivirus software on all systems commonly affected by malware and to keep them regularly updated. Which PCI DSS control objective is she attempting to meet? Build and maintain a secure network Protect cardholder data Maintain a vulnerability management program Implement strong access control measures
Maintain a vulnerability management program
Isabella is a digital forensic specialist. She wants to recover deleted data from a computer disk. The computer is currently running. Which process should she take to do so without accidentally overwriting any deleted data? Copy the contents of the disk drive to an external drive without shutting down the computer Shut down the computer, reboot, and then copy the contents of the disk drive to an external drive Make an image of memory, shut down the computer, attach the disk drive to a forensic lab device, and read the data from the disk Because processes constantly run on computers and request new sectors to store data, it is not possible to recover deleted data without some data being overwritten
Make an image of memory, shut down the computer, attach the disk drive to a forensic lab device, and read the data from the disk`
When should an organization's managers have an opportunity to respond to the findings in an audit? Managers should write a report after receiving the final audit report. Managers have the opportunity to respond to a draft copy of the audit report. Auditors then put that response in the final report. Managers should not have an opportunity to respond to audit findings. Managers should write a letter to the Board following receipt of the audit report.
Managers have the opportunity to respond to a draft copy of the audit report. Auditors then put that response in the final report.
Alison retrieved data from a company database containing personal information on customers. When she looks at the Social Security number (SSN) field, she sees values that look like this: "XXX-XX-9142." What has happened to these records? Encryption Truncation Hashing Masking
Masking (Organizations typically implement role-based access control mechanisms in their applications to ensure the confidentiality of sensitive data. Masking is used to "X out" pertinent characters of sensitive data.)
Isabella is an IT security manager for a state agency. The agency can survive for nine hours without a functioning data center. If the power goes out in her data center, Isabella estimates it will take six hours to move data center operations to an alternate site. Which of the following describes how long the agency can survive without a functioning data center? Critical business function (CBF) Maximum tolerable downtime (MTD) Recovery time objective (RTO) Recovery point objective (RPO)
Maximum tolerable downtime (MTD)
Which agreement type is typically less formal than other agreements and expresses areas of common interest? Service-level agreement (SLA) Blanket purchase agreement (BPA) Memorandum of understanding (MOU) Interconnection security agreement (ISA)
Memorandum of understanding (MOU)
Which of the following is not true of mobile devices and forensics? Mobile devices can be volatile and remotely managed. Mobile devices do not need to follow ordinary chain of custody techniques. Although options are available for breaking mobile device access controls, there is no guarantee that you will be able to access the device's data without the owner's cooperation. The process of accessing evidence on a mobile device is similar to that on a normal computer.
Mobile devices do not need to follow ordinary chain of custody techniques.
Arturo discovers a virus on his system that resides only in the computer's memory and not in a file. What type of virus has he discovered? Slow virus Retro virus Cross-platform virus Multipartite virus
Multipartite virus
What U.S. federal government agency is charged with the responsibility of creating information security standards and guidelines for use within the federal government and more broadly across industries? Office of Management and Budget (OMB) Department of Defense (DoD) National Institute of Standards and Technology (NIST) Department of Homeland Security (DHS)
National Institute of Standards and Technology (NIST)
Which of the following is a U.S. federal agency within the Department of Commerce that provides standards for measurement and technology on which nearly all computing devices rely? Institute of Electrical and Electronics Engineers (IEEE) American National Standards Institute (ANSI) World Wide Web Consortium (W3C) National Institute of Standards and Technology (NIST)
National Institute of Standards and Technology (NIST)
Hajar is a network engineer. She is creating a system of access involving clearance and classification based on users and the objects they need in a secure network. She is restricting access to secure objects by users based on least privilege and which of the following? Job rotation Security awareness Need to know Separation of duties
Need to know
In which type of computer crime do cybercriminals engage in activities to either impersonate victims or to convince victims to carry out transactions that benefit the criminals, with a focus on extracting revenue from victims? Cyberstalking Exfiltrating data Online fraud Nonaccess computer crime
Online fraud
Janette is the director of her company's network infrastructure group. She is explaining to the business owners the advantages and disadvantages of outsourcing network security. One consideration she presents is the question of who would be responsible for the data, media, and infrastructure. What consideration is she describing? Adherence to policy Ownership Privacy Risk
Ownership
A computing device does not play which role in a crime? Perpetrator Target Instrument Repository
Perpetrator
During which step of the incident-handling process do you develop a formal communication plan and identify all key stakeholders? Preparation Identification Notification Documentation
Preparation
Marguerite is creating a budget for a software development project. What phase of the system life cycle is she undertaking? Project initiation and planning Functional requirements and definition System design specification Operations and maintenance
Project initiation and planning
Christopher is designing a security policy for his mid-size company. He would like to use an approach that allows a reasonable list of activities but prohibits all other activities. Which level of permission is he planning to use? Promiscuous Permissive Prudent Paranoid
Prudent
What type of organizations are required to comply with the Sarbanes-Oxley Act (SOX)? Nonprofit organizations Publicly traded companies Government agencies Privately held companies
Publicly traded companies
What is the least likely goal of an information security awareness program? Teach users about security objectives Inform users about trends and threats in security Motivate users to comply with security policy Punish users who violate policy
Punish users who violate policy
Which data source comes first in the order of volatility when conducting a forensic investigation? Logs Files on disk Swap and paging files Random access memory (RAM)
Random access memory (RAM)
Which type of evidence is any physical object that you can touch or otherwise directly observe, such as a hard drive? Real Documentary Testimonial Demonstrative
Real
Arturo is an IT manager for a school district. He is planning recovery options for a small data center that supports teacher and classroom activities for 5 of the 21 schools in his district. Many school districts in his state use similar classroom technology. Arturo is looking for a temporary alternate site that would be easy to cut over to and is affordable. Which option is most likely to fit Arturo's needs? Reciprocal agreement with another school district Reciprocal center Contingency carrie
Reciprocal agreement with another school district
During which step of the incident-handling process should a lessons-learned review of the incident be conducted? Notification Response Recovery and follow-up Documentation
Recovery and follow-up
Isabella is an IT security manager for a state agency. The agency can survive for nine hours without a functioning data center. The power goes out in her data center. It takes six hours to move data center operations to an alternate site. Which of the following describes the time it takes for the move? Critical business function (CBF) Mean time to failure (MTTF) Recovery time objective (RTO) Recovery point objective (RPO)
Recovery time objective (RTO)
Karen is a hacker. She wants to access a server and control it remotely. The tool she plans to use is a type of Trojan. What tool will Karen use for this purpose? Ping Simple Network Management Protocol (SNMP) agent Network mapper (Nmap) Remote Access Tool (RAT)
Remote Access Tool (RAT)
What is the correct order of change control procedures regarding changes to systems and networks? Request, approval, impact assessment, build/test, monitor, implement Request, impact assessment, approval, build/test, implement, monitor Request, approval, impact assessment, build/test, implement, monitor Request, impact assessment, approval, build/test, monitor, implement
Request, impact assessment, approval, build/test, implement, monitor
During which step of the incident-handling process is the goal to contain the incident? Identification Notification Response Recovery and follow-up
Response
Which of the following is not one of the rigRight to consent to data releasehts afforded to students (or the parents of a minor student) under the Family Educational Rights and Privacy Act (FERPA)? Right to inspect student records Right to request correction of errors Right to delete unwanted information from records Right to consent to data release
Right to delete unwanted information from records
Which of the following does not need to comply with the Family Educational Rights and Privacy Act (FERPA)? Schools that do not receive federal funds State and local educational agencies Public colleges and universities Primary and secondary schools
Schools that do not receive federal funds
Aditya is a network technician. He is collecting system data for an upcoming internal system audit. He is currently performing vulnerability testing to determine what weaknesses may exist in the network's security. What form of assessment is he conducting? Checklists Observation Security testing Configuration review
Security testing
Aditya is attempting to classify information regarding a new project that his organization will undertake in secret. Which characteristic is not normally used to make these types of classification decisions? Value Sensitivity Criticality Threat
Sensitivity or Criticality or Threat (The three criteria normally used to make classification decisions are value, sensitivity, and criticality.)
Mia is her company's network security professional. She is developing access policies based on personnel security principles. As part of this effort, she is devising a method of taking high-security tasks and splitting them among several different employees so that no one person is responsible for knowing and performing the entire task. What practice is she developing? Job rotation Limiting access Mandatory vacations Separation of duties
Separation of duties
Devaki is investigating an attack. An intruder managed to take over the identity of a user who was legitimately logged in to Devaki's company's website by manipulating Hypertext Transfer Protocol (HTTP) headers. Which type of attack likely took place? Session hijacking Extensible Markup Language (XML) injection Cross-site scripting (XSS) Structured Query Language (SQL) injection
Session hijacking
Which intrusion detection system strategy relies on pattern matching? Behavior detection Traffic-based detection Statistical detection Signature detection
Signature detection
Which of the following items would generally not be considered personally identifiable information (PII)? First and last name Driver's license number Biometric data Social media post
Social media post
The chief executive officer (CEO) of a company recently fell victim to an attack. The attackers sent the CEO an email that appeared to come from the company's attorney. The email informed the CEO that his company was being sued and he needed to view a subpoena at a court website. When visiting the website, malicious code was downloaded onto the CEO's computer. What type of attack took place? Spear phishing Pharming Ransomware Command injection
Spear phishing
What type of attack occurs in real time and is often conducted against a specific target? Unstructured Structured Direct Indirect
Structured
Bob is developing a web application that depends on a backend database. What type of attack could a malicious individual use to send commands through his web application to the database? Cross-site scripting (XSS) Extensible Markup Language (XML) injection Structured Query Language (SQL) injection Lightweight Directory Access Protocol (LDAP) injection
Structured Query Language (SQL) injection
Carl has assembled a team of representatives from each department to test a new business continuity plan (BCP). During the test, the representatives meet in a room and review many aspects of the plan, such as the goals, scope, assumptions, and the structure of the organization. They also conduct scenario-based exercises as though they are executing the plan for a certain type of incident to find errors, such as gaps or overlaps. What type of plan is being conducted? Checklist Structured walk-through
Structured walk-through
Joe is responsible for the security of the systems that control and monitor devices for a power plant. What type of system does Joe likely administer? Supervisory Control and Data Acquisition (SCADA) Embedded robotic systems Mobile fleet Mainframe
Supervisory Control and Data Acquisition (SCADA)
Which of the following is a type of denial of service (DoS) attack? Logic bomb Synchronize (SYN) flood Cross-site scripting (XSS) Structured Query Language (SQL) injection
Synchronize (SYN) flood
Which type of virus targets computer hardware and software startup functions? Hardware infector System infector File infector Data infector
System infector
What type of security monitoring tool would be most likely to identify an unauthorized change to a computer system? Network intrusion detection system (IDS) System integrity monitoring Closed-circuit TV Data loss prevention
System integrity monitoring
Ben is working toward a position as a senior security administrator. He would like to earn his first International Information Systems Security Certification Consortium (ISC)2 certification. Which certification is most appropriate for his needs? Systems Security Certified Practitioner (SSCP) Certified Information Systems Security Professional (CISSP) Certified Secure Software Lifecycle Professional (CSSLP) Certified Cloud Security Professional (CCSP)
Systems Security Certified Practitioner (SSCP)
Susan is a digital forensic examiner. She is investigating a case in which a driver has been accused of vehicular homicide. She has the driver's mobile device and cellular records. What type of mobile device evidence is most likely to reveal whether the driver was actively using a mobile device when the incident occurred? Global positioning system (GPS) information and history Network connection information and history Text messages Device information
Text messages
Which of the following is not true of contingency planning? The maximum tolerable downtime (MTD) is the maximum period of time that a business can survive a disabled critical function. The recovery time objective (RTO) is the amount of time needed to recover a business process. It is often made up of several interlinked RTOs. The recovery point objective (RPO) is the point to which data must be recovered. The mean time between failures (MTBF) is closely associated with the recovery time objecti
The mean time between failures (MTBF) is closely associated with the recovery time objectives (RTOs) of several integrated critical business functions (CBFs).
How are the Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry Data Security Standard (PCI DSS) alike? They both focus on the health care industry. They both have requirements that protect the confidentiality, integrity, and availability of data. The same federal agencies have oversight over both HIPAA and PCI DSS. They have similar scopes.
They both have requirements that protect the confidentiality, integrity, and availability of data.
Under the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule, covered entities may not use or disclose people's protected health information (PHI) without their written consent, although there are exceptions. Which of the following is generally not an allowed exception under the Privacy Rule? To provide medical treatment To process payment To discuss a patient's medical status at a conference To report victims of child abuse and neglect
To discuss a patient's medical status at a conference
The Internet Engineering Task Force (IETF) works closely with the World Wide Web Consortium (W3C) and the International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC) focusing on which of the following? Special Publications (SPs) Transmission Control Protocol/Internet Protocol (TCP/IP) ISO standard ISO/IEC 27002
Transmission Control Protocol/Internet Protocol (TCP/IP)
Lin installed a time-management utility that she downloaded from the Internet. Now several applications are not responding to normal commands. What type of malware did she likely encounter? Virus Worm Ransomware Trojan horse
Trojan horse
True or False? Regarding disaster recovery, an alternate processing center or mirrored site is always ready and under the organization's control.
True
True or False? A Faraday bag stops any electromagnetic emanations from passing into or out of the bag, preventing a mobile device from communicating with the outside world.
True
True or False? A backdoor is a hidden way to bypass access controls and allow access to a system or resource.
True
True or False? A blanket purchase agreement (BPA) creates preapproved accounts with qualified suppliers to fulfill recurring orders for products or services.
True
True or False? A certification is an official statement that validates that a person has satisfied specific job requirements.
True
True or False? A computer virus is an executable program that attaches to, or infects, other executable programs.
True
True or False? A functional policy declares an organization's management direction for security in such specific functional areas as email use, remote access, and Internet interaction (including social media).
True
True or False? A network engineer in the United States who needs guidance on information security systems could consult the National Institute of Standards and Technology (NIST) Special Publications 800 series.
True
True or False? A parallel test of a contingency plan is the same as a full-interruption test except that processing does not stop at the primary site.
True
True or False? A rootkit is a type of malware that modifies or replaces one or more existing programs to hide the fact that a computer has been compromised.
True
True or False? A security awareness program should address the requirements and expectations of an organization's security policy.
True
True or False? A successful business impact analysis (BIA) maps the context, the critical business functions (CBFs), and the processes on which they rely.
True
True or False? After audit activities are completed, auditors perform data analysis.
True
True or False? American Institute of Certified Public Accountants (AICPA) Service Organization Control (SOC) 2 reports are commonly implemented for service providers, hosted data centers, and managed cloud computing providers.
True
True or False? An American Institute of Certified Public Accountants (AICPA) Service Organization Control (SOC) 1 report is commonly implemented for organizations that must comply with Sarbanes-Oxley (SOX) or the Gramm-Leach-Bliley Act (GLBA).
True
True or False? An auditing benchmark is the standard by which a system is compared to determine whether it is securely configured.
True
True or False? An example of a nonaccess computer crime is crashing a target's critical functionality to prevent normal (revenue-creating) processes from occurring.
True
True or False? An organization can maintain a cloud-based disaster recovery site for a fraction of the cost of a physical site.
True
True or False? Any component that, if it fails, could interrupt business processing is called a single point of failure (SPOF).
True
True or False? Attackers have established thousands of botnets, which they use to distribute malware and spam and to launch denial of service (DoS) attacks against organizations or even countries.
True
True or False? Attacks against confidentiality and privacy, data integrity, and availability of services are all ways malicious code can threaten businesses.
True
True or False? Because people inside an organization generally have more detailed knowledge of the IT infrastructure than outsiders do, they can place logic bombs more easily.
True
True or False? Business continuity management includes business continuity planning, disaster recovery planning, crisis management, incident response management, and risk management.
True
True or False? Certified Internet Web Professional (CIW) offers several credentials that focus on both general and web-related security.
True
True or False? Company-related classifications are not standard; therefore, there may be some differences of meaning between the terms "private" and "confidential" in different companies.
True
True or False? Compliance includes the actual state of being compliant as well as the steps and processes taken to become compliant.
True
True or False? Data loss prevention (DLP) uses business rules to classify sensitive information to prevent unauthorized end users from sharing it.
True
True or False? Defense in depth is the practice of layering defenses to increase overall security and provide more reaction time to respond to incidents.
True
True or False? Digital forensics is the process of using well-defined analytical and investigative techniques to guide the processes of collecting and examining evidence related to a computer security incident.
True
True or False? During an IT audit, security controls are checked to ensure they are effective, reliable, and functioning as required and expected.
True
True or False? During the planning and execution phases of an audit, an auditor will most likely review risk analysis output.
True
True or False? E-discovery is an iterative process of examining storage media, searching for items of interest, identifying likely items that may have value as evidence, and then recovering those items.
True
True or False? Even if a mobile device is deemed not to be a direct part of a crime or incident, its ability to record the environment of an attacker during the incident could be material.
True
True or False? Examples of major disruptions include extreme weather, application failure, and criminal activity.
True
True or False? Fault-tolerance options are not replacements for data backups.
True
True or False? Generally, once evidence becomes inadmissible, it cannot be fixed.
True
True or False? ISO/IEC 27002 provides organizations with best-practice recommendations on information security management.
True
True or False? In an incremental backup, you start with a full backup when network traffic is light. Then, each night, you back up only that day's changes.
True
True or False? In remote journaling, a system writes a log of online transactions to an offsite location.
True
True or False? Juniper Networks offers vendor-specific certifications for its networking product line.
True
True or False? One of the goals of the American National Standards Institute (ANSI) is to ensure the safety and health of consumers and the protection of the environment.
True
True or False? One requirement of the GIAC Security Expert (GSE) credential is that candidates must hold three GIAC credentials, with two of the credentials being Gold.
True
True or False? Patching computers and devices with the latest security fixes makes them more resistant to many types of attacks.
True
True or False? Policies that cover data management should cover transitions throughout the data's life cycle.
True
True or False? Procedures help enforce the intent of a policy.
True
True or False? Protected health information (PHI) is any individually identifiable information about a person's health.
True
True or False? RSA provides security, risk, and compliance solutions for enterprise environments.
True
True or False? Regarding an intrusion detection system (IDS), stateful matching looks for specific sequences appearing across several packets in a traffic stream, rather than just in individual packets.
True
True or False? Sarbanes-Oxley Act (SOX) Section 404 requires an organization's executive officers to establish, maintain, review, and report on the effectiveness of the company's internal controls over financial reporting (ICFR).
True
True or False? Schools and libraries that must comply with the Children's Internet Protection Act (CIPA) must also have some way to allow adults unfiltered Internet access.
True
True or False? Schools that violate the Family Educational Rights and Privacy Act (FERPA) can lose their federal funding.
True
True or False? Security breaches perpetrated by current and former employees often go undetected due to weak personnel and security policies or ineffective countermeasures.
True
True or False? Standards are mandated requirements for hardware and software solutions used to address security risk throughout an organization.
True
True or False? Standards provide guidelines to ensure that products in today's computing environments work together.
True
True or False? Stealth viruses attack countermeasures, such as antivirus signature files or integrity databases, by searching for these data files and deleting or altering them.
True
True or False? The (ISC)2 Certified Cloud Security Professional (CCSP) certification was created by both (ISC)2 and the Cloud Security Alliance (CSA).
True
True or False? The Common Criteria is a set of system procurement standards used by several countries.
True
True or False? The Federal Information Security Modernization Act (FISMA) of 2014 assigned the Department of Homeland Security (DHS) the responsibility for developing, implementing, and ensuring federal government-wide compliance as per FISMA information security policies, procedures, and security controls.
True
True or False? The Gramm-Leach-Bliley Act (GLBA) Privacy Rule requires that consumers have a chance to opt out of certain types of data sharing with nonaffiliated third parties.
True
True or False? The Institute of Electrical and Electronics Engineers (IEEE) develops and distributes standards that relate to electricity and electronics.
True
True or False? The International Electrotechnical Commission (IEC) is the preeminent organization for developing and publishing international standards for technologies related to electrical and electronic devices and processes.
True
True or False? The International Electrotechnical Commission (IEC) was instrumental in the development of standards for electrical measurements, including gauss, hertz, and weber.
True
True or False? The International Telecommunication Union (ITU) was formed in 1865 as the International Telegraph Union to develop international standards for the emerging telegraph communications industry.
True
True or False? The Internet Architecture Board (IAB) is a subcommittee of the Internet Engineering Task Force (IETF).
True
True or False? The Internet Architecture Board (IAB) serves as an advisory body to the Internet Society (ISOC).
True
True or False? The Internet Engineering Task Force (IETF) is a collection of working groups, and each working group addresses a specific topic.
True
True or False? The Sarbanes-Oxley Act (SOX) was passed after several large corporate scandals revealed fraud and shook investor confidence.
True
True or False? The United States does not have one comprehensive data protection law; instead, it has many laws that focus on different types of data found in different vertical industries.
True
True or False? The emergency operations center (EOC) is the place where an organization's recovery team will meet and work during a disruption.
True
True or False? The function of homepage hijacking is to change a browser's homepage to point to the attacker's site.
True
True or False? The goal of a command injection is to execute commands on a host operating system.
True
True or False? The idea that users should be granted only the levels of permissions they need to perform their duties is called the principle of least privilege.
True
True or False? The purpose of the Children's Online Privacy Protection Act of 1998 (COPPA) is to restrict the online collection of personal information of children under 13 years of age.
True
True or False? The recovery point objective (RPO) can come from the business impact analysis (BIA) or sometimes from a government mandate, such as banking laws.
True
True or False? The success of Trojans is due to their reliance on social engineering to spread and operate; they have to trick users into running them.
True
True or False? The term "web defacement" refers to someone gaining unauthorized access to a web server and altering the index page of a site on the server.
True
True or False? Time stamps correspond to computer log files to help coordinate a sequence of events and are accurate to at least the second.
True
True or False? Two common methods to protect evidence during imaging are to use forensic software that forces read-only mode or connect the evidence device using a hardware interface that blocks any write operations.
True
True or False? Under Securities and Exchange Commission (SEC) rules, internal controls over financial reporting (ICFR) are processes that provide reasonable assurance that an organization's financial reports are reliable.
True
True or False? Under the Federal Information Security Management Act (FISMA), all federal agencies must report security incidents to the U.S. Computer Emergency Readiness Team (US-CERT).
True
True or False? Unlike viruses, worms do not require a host program to survive and replicate.
True
True or False? Using the names of superiors to convince another person that a higher authority has allowed access to information is a form of social engineering.
True
True or False? Visa, MasterCard, and other payment card vendors helped to create the Payment Card Industry Data Security Standard (PCI DSS).
True
True or False? When planning an IT audit, one must ensure that the areas not reviewed in the current audit will be subject to another audit.
True
True or False? While running business operations at an alternate site, you must continue to make backups of data and systems.
True
True or False? World Wide Web Consortium (W3C) standards and specifications ensure that web applications interact with web components from other vendors.
True
What is not a typical sign of virus activity on a system? Unexplained decrease in available disk space Unexpected error messages Unexpected power failures Sudden sluggishness of applications
Unexpected power failures
Wen is a network security professional. He wants to strengthen the security of his agency's network infrastructure defenses. Which control can he use to protect the network? Require scanning of all removable media Use proxy services and bastion hosts to protect critical services Ensure that all operating systems have been patched with the latest updates from vendors Disable any unnecessary operating system services and processes that may pose a security vulnerability
Use proxy services and bastion hosts to protect critical services
What tool might be used by an attacker during the reconnaissance phase of an attack to glean information about domain registrations? Whois Simple Network Management Protocol (SNMP) Ping Domain Name System (DNS)
Whois
Marco is in a web development program. He is studying various web-related standards that apply to Cascading Style Sheets (CSS) and HyperText Markup Language (HTML). What authoritative source should he consult? International Electrotechnical Commission (IEC) Internet Engineering Task Force (IETF) International Organization for Standardization (ISO) World Wide Web Consortium (W3C)
World Wide Web Consortium (W3C)
Hacking groups create _______ to launch attacks whereby they infect vulnerable machines with agents that perform various functions at the command of the controller. logic bombs honeypots ransomware botnets
botnets
A(n) _________ is an event that prevents a critical business function (CBF) from operating for a period greater than the maximum tolerable downtime (MTD). incident violation disaster contingency
disaster
Leola is a cybersecurity consultant hired by a company to test the effectiveness of its network's defenses. She has something in common with the malicious people who would perform the same tasks involved in _________________, except that, unlike Leola, they would not have consent to perform this action against the system. stateful matching penetration testing network access control system hardening
penetration testing
