Practice Test 1
C
Alex has been with the university he works at for more than 10 years. During that time, he has been a system administrator and a database administrator, and he has worked in the university's help desk. He is now a manager for the team that runs the university's web applications. Using the provisioning diagram shown here, answer the following questions. ----- Alex has access to B, C, and D in the diagram. What concern should he raise to the university's identity management team? A. The provisioning process did not give him the rights he needs. B. He has excessive privileges. C. Privilege creep may be taking place. D. Logging is not properly enabled.
B
Alex has been with the university he works at for more than 10 years. During that time, he has been a system administrator and a database administrator, and he has worked in the university's help desk. He is now a manager for the team that runs the university's web applications. Using the provisioning diagram shown here, answer the following questions. ----- If Alex hires a new employee and the employee's account is provisioned after HR manually inputs information into the provisioning system based on data Alex provides via a series of forms, what type of provisioning has occurred? A. Discretionary account provisioning B. Workflow-based account provisioning C. Automated account provisioning D. Self-service account provisioning
C
Alex has been with the university he works at for more than 10 years. During that time, he has been a system administrator and a database administrator, and he has worked in the university's help desk. He is now a manager for the team that runs the university's web applications. Using the provisioning diagram shown here, answer the following questions. ----- When Alex changes roles, what should occur? A. He should be de-provisioned, and a new account should be created. B. He should have his new rights added to his existing account. C. He should be provisioned for only the rights that match his role. D. He should have his rights set to match those of the person he is replacing.
A
Alice would like to have read permissions on an object and knows that Bob already has those rights and would like to give them to herself. Which one of the rules in the Take-Grant protection model would allow her to complete this operation if the relationship exists between Alice and Bob? A. Take rule B. Grant rule C. Create rule D. Remote rule
C
An accounting clerk for Christopher's Cheesecakes does not have access to the salary information for individual employees but wanted to know the salary of a new hire. He pulled total payroll expenses for the pay period before the new person was hired and then pulled the same expenses for the following pay period. He computed the difference between those two amounts to determine the individual's salary. What type of attack occurred? A. Salami slicing B. Data diddling C. Inference D. Social engineering
C, D
An attacker has intercepted a large amount of data that was all encrypted with the same algorithm and encryption key. With no further information, which of the following cryptanalytic attacks are possible? (Select all that apply.) A. Known plaintext B. Chosen ciphertext C. Frequency analysis D. Brute-force
B
An attacker recently called an organization's help desk and persuaded them to reset a password for another user's account. What term best describes this attack? A. A human Trojan B. Social engineering C. Phishing D. Whaling
C
Bailey is concerned that users around her organization are using sensitive information in a variety of cloud services and would like to enforce security policies consistently across those services. What security control would be best suited for her needs? A. DRM B. IPS C. CASB D. DLP
B, C
Barb is reviewing the compliance obligations facing her organization and the types of liability that each one might incur. Which of the following laws and regulations may involve criminal penalties if violated? (Select all that apply.) A. FERPA B. HIPAA C. SOX D. PCI DSS
B
Ben is designing a database-driven application and would like to ensure that two executing transactions do not affect each other by storing interim results in the database. What property is he seeking to enforce? A. Atomicity B. Isolation C. Consistency D. Durability
D
Ben owns a coffeehouse and wants to provide wireless internet service for his customers. Ben's network is simple and uses a single consumer-grade wireless router and a cable modem connected via a commercial cable data contract. ----- After implementing the solution from the first question, Ben receives a complaint about users in his cafe hijacking other customers' web traffic, including using their usernames and passwords. How is this possible? A. The password is shared by all users, making traffic vulnerable. B. A malicious user has installed a Trojan on the router. C. A user has ARP spoofed the router, making all traffic broadcast to all users. D. Open networks are unencrypted, making traffic easily sniffable.
B
Ben owns a coffeehouse and wants to provide wireless internet service for his customers. Ben's network is simple and uses a single consumer-grade wireless router and a cable modem connected via a commercial cable data contract. ----- Ben intends to run an open (unencrypted) wireless network. How should he connect his business devices? A. Run WPA3 on the same SSID. B. Set up a separate SSID using WPA3. C. Run the open network in Enterprise mode. D. Set up a separate wireless network using WEP.
B
Ben owns a coffeehouse and wants to provide wireless internet service for his customers. Ben's network is simple and uses a single consumer-grade wireless router and a cable modem connected via a commercial cable data contract. ----- How can Ben provide access control for his customers without having to provision user IDs before they connect while also gathering useful contact information for his business purposes? A. WPA2 PSK B. A captive portal C. Require customers to use a publicly posted password like "BensCoffee" D. WPA3 SAE
B
Bert is considering the use of an infrastructure as a service cloud computing partner to provide virtual servers. Which one of the following would be a vendor responsibility in this scenario? A. Maintaining the hypervisor B. Managing operating system security settings C. Maintaining the host firewall D. Configuring server access control
D
Bob is configuring egress filtering on his network, examining traffic destined for the internet. His organization uses the public address range 12.8.195.0/24. Packets with which one of the following destination addresses should Bob permit to leave the network? A. 12.8.195.15 B. 10.8.15.9 C. 192.168.109.55 D. 129.53.44.124
D
Brian is considering increasing the length of the cryptographic keys used by his organization. If he adds 8 bits to the encryption key, how many more possible keys will be added to the keyspace for the algorithm? A. The size of the keyspace will double. B. The size of the keyspace will increase by a factor of 8. C. The size of the keyspace will increase by a factor of 64. D. The size of the keyspace will increase by a factor of 256.
A
Colleen is conducting a business impact assessment for her organization. What metric provides important information about the amount of time that the organization may be without a service before causing irreparable harm? A. MTD B. ALE C. RPO D. RTO
C
Dana is selecting a hash function for use in her organization and would like to balance a concern for a cryptographically strong hash with the speed and efficiency of the algorithm. Which one of the following hash functions would best meet her needs? A. MD5 B. RIPEMD C. SHA-2 D. SHA-3
A, C, D
Daniel is selecting a new mobile device management (MDM) solution for his organization and is writing the RFP. He is trying to decide what features he should include as requirements after aligning his organization's security needs with an MDM platform's capabilities. Which of the following are typical capabilities of MDM solutions? (Select all that apply.) A. Remotely wiping the contents of a mobile device B. Assuming control of a nonregistered BYOD mobile device C. Enforcing the use of device encryption D. Managing device backups
D
Darren is troubleshooting an authentication issue for a Kerberized application used by his organization. He believes the issue is with the generation of session keys. What Kerberos service should he investigate first? A. KDC B. TGT C. AS D. TGS
B
Dave is responsible for password security in his organization and would like to strengthen the security of password files. He would like to defend his organization against the use of rainbow tables. Which one of the following techniques is specifically designed to frustrate the use of rainbow tables? A. Password expiration policies B. Salting C. User education D. Password complexity policies
C
Denise is preparing for a trial relating to a contract dispute between her company and a software vendor. The vendor is claiming that Denise made a verbal agreement that amended their written contract. What rule of evidence should Denise raise in her defense? A. Real evidence rule B. Best evidence rule C. Parol evidence rule D. Testimonial evidence rule
B
During a log review, Danielle discovers a series of logs that show login failures: What type of attack has Danielle discovered? A. A pass-the-hash attack B. A brute-force attack C. A man-in-the-middle attack D. A dictionary attack
B
During a security audit, Susan discovers that the organization is using hand geometry scanners as the access control mechanism for their secure data center. What recommendation should Susan make about the use of hand geometry scanners? A. They have a high FRR and should be replaced. B. A second factor should be added because they are not a good way to reliably distinguish individuals. C. The hand geometry scanners provide appropriate security for the data center and should be considered for other high-security areas. D. They may create accessibility concerns, and an alternate biometric system should be considered.
B
During what phase of the electronic discovery reference model does an organization ensure that potentially discoverable information is protected against alteration or deletion? A. Identification B. Preservation C. Collection D. Processing
B
Ed has been tasked with identifying a service that will provide a low-latency, high-performance, and high-availability way to host content for his employer. What type of solution should he seek out to ensure that his employer's customers around the world can access their content quickly, easily, and reliably? A. A hot site B. A CDN C. Redundant servers D. A P2P CDN
A
Elliott is using an asymmetric cryptosystem and would like to add a digital signature to a message. What key should he use to encrypt the message digest? A. Elliott's private key B. Elliott's public key C. Recipient's private key D. Recipient's public key
C
Evelyn believes that one of her organization's vendors has breached a contractual obligation to protect sensitive data and would like to conduct an investigation into the circumstances. Based upon the results of the investigation, it is likely that Evelyn's organization will sue the vendor for breach of contract. What term best describes the type of investigation that Evelyn is conducting? A. Administrative investigation B. Criminal investigation C. Civil investigation D. Regulatory investigation
A, B, C
Fran is building a forensic analysis workstation and is selecting a forensic disk controller to include in the setup. Which of the following are functions of a forensic disk controller? (Select all that apply.) A. Preventing the modification of data on a storage device B. Returning data requested from the device C. Reporting errors sent by the device to the forensic host D. Blocking read commands sent to the device
C
Frances is concerned that equipment failures within her organization's servers will lead to a loss of power to those servers. Which one of the following controls would best address this risk? A. Redundant power sources B. Backup generators C. Dual power supplies D. Uninterruptible power supplies
A
Frank is the security administrator for a web server that provides news and information to people located around the world. His server received an unusually high volume of traffic that it could not handle and was forced to reject requests. Frank traced the source of the traffic back to a botnet. What type of attack took place? A. Denial-of-service B. Reconnaissance C. Compromise D. Malicious insider
A
GAD Systems is concerned about the risk of hackers stealing sensitive information stored on a file server. They choose to pursue a risk mitigation strategy. Which one of the following actions would support that strategy? A. Encrypting the files B. Deleting the files C. Purchasing cyber-liability insurance D. Taking no action
A
Gina recently took the CISSP certification exam and then wrote a blog post that included the text of many of the exam questions that she experienced. What aspect of the (ISC)2 Code of Ethics is most directly violated in this situation? A. Advance and protect the profession. B. Act honorably, honestly, justly, responsibly, and legally. C. Protect society, the common good, necessary public trust and confidence, and the infrastructure. D. Provide diligent and competent service to principals.
A
Gordon is conducting a risk assessment for his organization and determined the amount of damage that flooding is expected to cause to his facilities each year. What metric has Gordon identified? A. ALE B. ARO C. SLE D. EF
B
Greg is building a disaster recovery plan for his organization and would like to determine the amount of time that it should take to restore a particular IT service after an outage. What variable is Greg calculating? A. MTD B. RTO C. RPO D. SLA
B
Greg is evaluating a new vendor that will be supplying networking gear to his organization. Due to the nature of his organization's work, Greg is concerned that an attacker might attempt a supply chain exploit. Assuming that both Greg's organization and the vendor operate under reasonable security procedures, which one of the following activities likely poses the greatest supply chain risk to the equipment? A. Tampering by an unauthorized third party at the vendor's site B. Interception of devices in transit C. Misconfiguration by an administrator after installation D. Tampering by an unauthorized third party at Greg's site
C
Greg would like to implement application control technology in his organization. He would like to limit users to installing only approved software on their systems. What type of application control would be appropriate in this situation? A. Blacklisting B. Graylisting C. Whitelisting D. Bluelisting
C
Gwen is a cybersecurity professional for a financial services firm that maintains records of their customers. These records include personal information about each customer, including the customer's name, Social Security number, date and place of birth, and mother's maiden name. What category best describes these records? A. PHI B. Proprietary data C. PII D. EDI
D
Harry would like to access a document owned by Sally stored on a file server. Applying the subject/object model to this scenario, who or what is the object of the resource request? A. Harry B. Sally C. File server D. Document
C
Helen recently built a new system as part of her organization's deception campaign. The system is configured in a manner that makes it vulnerable to attack and that conveys that it might contain highly sensitive information. What term best describes this system? A. Honeynet B. Darknet C. Honeypot D. Pseudoflaw
A
In the database table shown here, which column would be the best candidate for a primary key? A. Company ID B. Company Name C. ZIP Code D. Sales Rep
C
Ivan is installing a motion detector to protect a sensitive work area that uses high-frequency microwave signal transmissions to identify potential intruders. What type of detector is he installing? A. Infrared B. Heat-based C. Wave pattern D. Capacitance
B
Jen is selecting a fire suppression system for her organization's data center and would like to narrow down the list of candidates. Which one of the following suppression systems would be LEAST appropriate for use? A. Dry pipe B. Wet pipe C. Pre-action D. FM-200
B
Jerry is investigating an attack where the attacker stole an authentication token from a user's web session and used it to impersonate the user on the site. What term best describes this attack? A. Masquerading B. Replay C. Spoofing D. Modification
D
Jesse is looking at the /etc/passwd file on a system configured to use shadowed passwords. What should she expect to see in the password field of this file? A. Plaintext passwords B. Encrypted passwords C. Hashed passwords D. x
A
Jim is implementing an IDaaS solution for his organization. What type of technology is he putting in place? A. Identity as a service B. Employee ID as a service C. Intrusion detection as a service D. OAuth
B, D
John is developing a tangible asset inventory for his organization. Which of the following items would most likely be included in this inventory? (Select all that apply.) A. Intellectual property B. Server hardware C. Files stored on servers D. Mobile devices
A
Kailey is reviewing a set of old records maintained by her organization and wants to dispose of them securely. She is unsure how long the organization should keep the records because they involve tax data. How can Kailey determine whether the records may be disposed? A. Consult the organization's records retention policy. B. Consult IRS requirements. C. Retain the records for at least seven years. D. Retain the records permanently.
C
Kevin is operating in a single-level security environment and is seeking to classify information systems according to the type of information that they process. What procedure would be the best way for him to assign asset classifications? A. Assign systems the classification of information that they most commonly process. B. Assign systems the classification of the highest level of information that they are expected to process regularly. C. Assign systems the classification of the highest level of information that they are ever expected to process. D. Assign all systems the same classification level.
C
Kevin is reviewing and updating the security documentation used by his organization. He would like to document some best practices for securing IoT devices that his team has developed over the past year. The practices are generalized in nature and do not cover specific devices. What type of document would be best for this purpose? A. Policy B. Standard C. Guideline D. Procedure
B
Kim is the system administrator for a small business network that is experiencing security problems. She is in the office in the evening working on the problem, and nobody else is there. As she is watching, she can see that systems on the other side of the office that were previously behaving normally are now exhibiting signs of infection one after the other. What type of malware is Kim likely dealing with? A. Virus B. Worm C. Trojan horse D. Logic bomb
A
Lila is reviewing her organization's adverse termination process. In that process, when would be the most appropriate time to revoke a user's access privileges to digital systems? A. At the time the user is informed of the termination B. At the end of the last day of employment C. At the time the decision is made D. Several days after the last day of employment
A, B, D
Lisa is attempting to prevent her network from being targeted by IP spoofing attacks as well as preventing her network from being the source of those attacks. Which of the following rules are best practices that Lisa should configure at her network border? (Select all that apply.) A. Block packets with internal source addresses from entering the network. B. Block packets with external source addresses from leaving the network. C. Block packets with public IP addresses from entering the network. D. Block packets with private IP addresses from exiting the network.
A
Lisa wants to integrate with a cloud identity provider that uses OAuth 2.0, and she wants to select an appropriate authentication framework. Which of the following best suits her needs? A. OpenID Connect B. SAML C. RADIUS D. Kerberos
B
MAC models use three types of environments. Which of the following is not a mandatory access control design? A. Hierarchical B. Bracketed C. Compartmentalized D. Hybrid
B
Mandy is the team leader for a project team that includes six people. She would like to provide those people with the ability to communicate privately, such that any pair of people can exchange communications that are not subject to interception by anyone else (team member or nonteam member). She is using an asymmetric encryption algorithm. How many keys are required to implement these requirements? A. 6 B. 12 C. 15 D. 36
D
Maria is analyzing a security incident where she believes that an attacker gained access to a fiber-optic cable and installed a tap on that cable. What layer of the OSI model did this attack occur at? A. Transport B. Network C. Data Link D. Physical
C
Mark is planning a disaster recovery test for his organization. He would like to perform a live test of the disaster recovery facility but does not want to disrupt operations at the primary facility. What type of test should Mark choose? A. Full interruption test B. Checklist review C. Parallel test D. Tabletop exercise
A, D
Matt is designing a set of information handling requirements for his organization and would like to draw upon common industry practices. Which of the following practices should Matt implement? (Select all that apply.) A. Labeling both paper and electronic documents with their classification level B. Automatically granting senior executives full access to all classified information C. Automatically granting visitors access to information classified at the lowest level of sensitivity D. Encrypting sensitive information in storage and at rest
B
Matthew is experiencing issues with the quality of network service on his organization's network. The primary symptom is that packets are occasionally taking too long to travel from their source to their destination. The length of this delay changes for individual packets. What term describes the issue Matthew is facing? A. Latency B. Jitter C. Packet loss D. Interference
B
Mike is building a fault-tolerant server and wants to implement RAID 1. How many physical disks are required to build this solution? A. 1 B. 2 C. 3 D. 5
C
Nandi is evaluating a set of candidate systems to replace a biometric authentication mechanism in her organization. What metric would be the best way to compare the effectiveness of the different systems? A. FAR B. FRR C. CER D. FDR
C
Owen recently designed a security access control structure that prevents a single user from simultaneously holding the role required to create a new vendor and the role required to issue a check. What principle is Owen enforcing? A. Two-person control B. Least privilege C. Separation of duties D. Job rotation
A
Perry is establishing information handling requirements for his organization. He discovers that the organization often needs to send sensitive information over the internet to a supplier and is concerned about it being intercepted. What handling requirement would best protect against this risk? A. Require the use of transport encryption. B. Require proper classification and labeling. C. Require the use of data loss prevention technology. D. Require the use of storage encryption.
A, C
Peter is reviewing the remote access technologies used by his organization and would like to eliminate the use of any techniques that do not include built-in encryption. Which of the following approaches should he retain? (Select all that apply.) A. RDP B. Telnet C. SSH D. Dial-up
C
Rob recently received a notice from a vendor that the EOL date is approaching for a firewall platform that is used in his organization. What action should Rob take? A. Prepare to discontinue use of the platform as soon as possible. B. Immediately discontinue use of the device. C. Prepare to discontinue use of the device as part of the organization's normal planning cycle. D. No action is necessary.
B
Robert is reviewing a system that has been assigned the EAL2 evaluation assurance level under the Common Criteria. What is the highest level of assurance that he may have about the system? A. It has been functionally tested. B. It has been structurally tested. C. It has been formally verified, designed, and tested. D. It has been semiformally designed and tested.
D
Robert is the network administrator for a small business and recently installed a new firewall. After seeing signs of unusually heavy network traffic, he checked his intrusion detection system, which reported that a smurf attack was underway. What firewall configuration change can Robert make to most effectively prevent this attack? A. Block the source IP address of the attack. B. Block inbound UDP traffic. C. Block the destination IP address of the attack. D. Block inbound ICMP traffic.
A
Roger is concerned that a third-party firm hired to develop code for an internal application will embed a backdoor in the code. The developer retains rights to the intellectual property and will only deliver the software in its final form. Which one of the following languages would be least susceptible to this type of attack because it would provide Roger with code that is human-readable in its final form? A. JavaScript B. C C. C++ D. Java
A
Roger is reviewing a list of security vulnerabilities in his organization and rating them based upon their severity. Which one of the following models would be most useful to his work? A. CVSS B. STRIDE C. PASTA D. ATT&CK
B
Sally has been tasked with deploying an authentication, authorization, and accounting server for wireless network services in her organization and needs to avoid using proprietary technology. What technology should she select? A. OAuth B. RADIUS C. XTACACS D. TACACS+
B
Sally is wiring a gigabit Ethernet network. What cabling choices should she make to ensure she can use her network at the full 1000 Mbps she wants to provide to her users? A. Cat 5 and Cat 6 B. Cat 5e and Cat 6 C. Cat 4e and Cat 5e D. Cat 6 and Cat 7
C
Sean suspects that an individual in his company is smuggling out secret information despite his company's careful use of data loss prevention systems. He discovers that the suspect is posting photos, including the one shown here, to public internet message boards. What type of technique may the individuals be using to hide messages inside this image? A. Watermarking B. VPN C. Steganography D. Covert timing channel
B, D
Seth is designing the physical security controls for a new facility being constructed by his organization. He would like to deter attacks to the extent possible. Which of the following controls serve as deterrents? (Select all that apply.) A. Motion detectors B. Guard dogs C. Mantraps D. Lighting
C
Susan sets up a firewall that keeps track of the status of the communication between two systems and allows a remote system to respond to a local system only after the local system starts communication. What type of firewall is Susan using? A. A static packet filtering firewall B. An application-level gateway firewall C. A stateful packet inspection firewall D. A circuit-level gateway firewall
D
The company Chris works for has notifications posted at each door reminding employees to be careful to not allow people to enter when they do. Which type of control is this? A. Detective B. Physical C. Preventive D. Directive
C
The organization that Ben works for has a traditional on-site Active Directory environment that uses a manual provisioning process for each addition to their 350-employee company. As the company adopts new technologies, they are increasingly using software as a service applications to replace their internally developed software stack. Ben has been tasked with designing an identity management implementation that will allow his company to use cloud services while supporting their existing systems. Using the logical diagram shown here, answer the following questions about the identity recommendations Ben should make. ----- If Ben needs to share identity information with the business partner shown, what should he investigate? A. Single sign-on B. Multifactor authentication C. Federation D. IDaaS
C
The organization that Ben works for has a traditional on-site Active Directory environment that uses a manual provisioning process for each addition to their 350-employee company. As the company adopts new technologies, they are increasingly using software as a service applications to replace their internally developed software stack. Ben has been tasked with designing an identity management implementation that will allow his company to use cloud services while supporting their existing systems. Using the logical diagram shown here, answer the following questions about the identity recommendations Ben should make. ----- If availability of authentication services is the organization's biggest priority, what type of identity platform should Ben recommend? A. On-site B. Cloud-based C. Hybrid D. Outsourced
B
The organization that Ben works for has a traditional on-site Active Directory environment that uses a manual provisioning process for each addition to their 350-employee company. As the company adopts new technologies, they are increasingly using software as a service applications to replace their internally developed software stack. Ben has been tasked with designing an identity management implementation that will allow his company to use cloud services while supporting their existing systems. Using the logical diagram shown here, answer the following questions about the identity recommendations Ben should make. ----- What technology is likely to be involved when Ben's organization needs to provide authentication and authorization assertions to their cloud e-commerce application? A. Active Directory B. SAML C. RADIUS D. SPML
B
Thomas recently signed an agreement for a serverless computing environment where his organization's developers will be able to write functions in Python and deploy them on the cloud provider's servers for execution. The cloud provider will manage the servers. What term best describes this model? A. SaaS B. PaaS C. IaaS D. Containerization
D
Tom is tuning his security monitoring tools in an attempt to reduce the number of alerts received by administrators without missing important security events. He decides to configure the system to only report failed login attempts if there are five failed attempts to access the same account within a one-hour period of time. What term best describes the technique that Tom is using? A. Thresholding B. Sampling C. Account lockout D. Clipping
A
Tony is developing a data classification system for his organization. What factor should he use as the primary driver when determining the classification level of each category of information? A. Sensitivity B. Source C. Likelihood of theft D. Likelihood of data loss
C
Ursula is seeking to expand the reach and scalability of her organization's website. She would like to position copies of her data around the world in locations close to website visitors to reduce loading time and the burden on her servers. What type of cloud service would best meet her needs? A. IaaS B. Containerization C. CDN D. SaaS
C
Viola is conducting a user account audit to determine whether accounts have the appropriate level of permissions and that all permissions were approved through a formal process. The organization has approximately 50,000 user accounts and an annual employee turnover rate of 24 percent. Which one of the following sampling approaches would be the most effective use of her time when choosing records for manual review? A. Select all records that have been modified during the past month. B. Ask access administrators to identify the accounts most likely to have issues and audit those. C. Select a random sample of records, either from the entire population or from the population of records that have changed during the audit period. D. Sampling is not effective in this situation, and all accounts should be audited.
C
What business process typically requires sign-off from a manager before modifications are made to a system? A. SDN B. Release management C. Change management D. Versioning
C
What is the process that occurs when the Session layer removes the header from data sent by the Transport layer? A. Encapsulation B. Packet unwrapping C. De-encapsulation D. Payloading
C
What markup language uses the concepts of a requesting authority, a provisioning service point, and a provisioning service target to handle its core functionality? A. SAML B. SAMPL C. SPML D. XACML
D
What principle states that an individual should make every effort to complete his or her responsibilities in an accurate and timely manner? A. Least privilege B. Separation of duties C. Due care D. Due diligence
D
What type of risk assessment uses tools such as the one shown here? A. Quantitative B. Loss expectancy C. Financial D. Qualitative
B
When Ben records data and then replays it against his test website to verify how it performs based on a real production workload, what type of performance monitoring is he undertaking? A. Passive B. Proactive C. Reactive D. Replay
A, B, C, D
Which of the following data assets may be safely and effectively disposed of using shredding? (Select all that apply.) A. Paper records B. Credit cards C. Removable media D. SSD hard drives
B, C, D
Which of the following statements about SSAE-18 are correct? (Select all that apply.) A. It mandates a specific control set. B. It is an attestation standard. C. It is used for external audits. D. It uses a framework, including SOC 1, SOC 2, and SOC 3 reports.
B
Which one of the following is not a principle of the Agile approach to software development? A. The best architecture, requirements, and designs emerge from self-organizing teams. B. Deliver working software infrequently, with an emphasis on creating accurate code over longer timelines. C. Welcome changing requirements, even late in the development process. D. Simplicity is essential.
C
Which one of the following types of firewalls does not have the ability to track connection status between different packets? A. Stateful inspection B. Application proxy C. Packet filter D. Next generation
A
While Lauren is monitoring traffic on two ends of a network connection, she sees traffic that is inbound to a public IP address show up inside the production network. It is headed for an internal host with an RFC 1918 reserved destination address. What technology should she expect is in use at the network border? A. NAT B. VLANs C. S/NAT D. BGP
C
William is reviewing log files that were stored on a system with a suspected compromise. He finds the log file shown here. What type of log file is this? A. Firewall log B. Change log C. Application log D. System log
C
Adam is processing an access request for an end user. What two items should he verify before granting the access? A. Separation and need to know B. Clearance and endorsement C. Clearance and need to know D. Second factor and clearance
B
Alan is considering the use of new identification cards in his organization that will be used for physical access control. He comes across a sample card and is unsure of the technology. He breaks it open and sees the following internal construction. What type of card is this? A. Smart card B. Proximity card C. Magnetic stripe D. Phase-two card
C
Quentin is analyzing network traffic that he collected with Wireshark on a TCP/IP network. He would like to identify all new connections that were set up during his traffic collection. If he is looking for the three packets that constitute the TCP three-way handshake used to establish a new connection, what flags should be set on the first three packets? A. SYN, ACK, SYN/ACK B. PSH, RST, ACK C. SYN, SYN/ACK, ACK D. SYN, RST, FIN
A
Rob is reviewing his organization's campus for physical security using the Crime Prevention Through Environmental Design (CPTED) framework. Which one of the following is NOT a strategy in this framework? A. Natural intrusion detection B. Natural access control C. Natural surveillance D. Natural territorial reinforcement
