A.  

Trusted third-party certification

B.  

Lightweight Directory Access Protocol (LDAP)

C.  

Security Assertion Markup language (SAML)

D.  

Cross-certification

A.  

Audit logs

B.  

Role-Based Access Control (RBAC)

C.  

Two-factor authentication

D.  

Application of least privilege

A.  

Derived credential

B.  

Temporary security credential

C.  

Mobile device credentialing service

D.  

Digest authentication

A.  

Limit access to predefined queries

B.  

Segregate the database into a small number of partitions each with a separate security level

C.  

Implement Role Based Access Control (RBAC)

D.  

Reduce the number of people who have access to the system for statistical purposes

A.  

Transport layer

B.  

Application layer

C.  

Network layer

D.  

Session layer

A.  

Link layer

B.  

Physical layer

C.  

Session layer

D.  

Application layer

A.  

WEP uses a small range Initialization Vector (IV)

B.  

WEP uses Message Digest 5 (MD5)

C.  

WEP uses Diffie-Hellman

D.  

WEP does not use any Initialization Vector (IV)

A.  

Add a new rule to the application layer firewall

B.  

Block access to the service

C.  

Install an Intrusion Detection System (IDS)

D.  

Patch the application source code

A.  

Intrusion Prevention Systems (IPS)

B.  

Intrusion Detection Systems (IDS)

C.  

Stateful firewalls

D.  

Network Behavior Analysis (NBA) tools

A.  

To send excessive amounts of data to a process, making it unpredictable

B.  

To intercept network traffic without authorization

C.  

To disguise the destination address from a target’s IP filtering devices

D.  

To convince a system that it is communicating with a known entity

A.  

Implement packet filtering on the network firewalls

B.  

Install Host Based Intrusion Detection Systems (HIDS)

C.  

Require strong authentication for administrators

D.  

Implement logical network segmentation at the switches

A.  

Packet filtering

B.  

Port services filtering

C.  

Content filtering

D.  

Application access control

A.  

Layer 2 Tunneling Protocol (L2TP)

B.  

Link Control Protocol (LCP)

C.  

Challenge Handshake Authentication Protocol (CHAP)

D.  

Packet Transfer Protocol (PTP)

A.  

Debug the security issues

B.  

Migrate to newer, supported applications where possible

C.  

Conduct a security assessment

D.  

Protect the legacy application with a web application firewall

A.  

Check arguments in function calls

B.  

Test for the security patch level of the environment

C.  

Include logging functions

D.  

Digitally sign each application module

A.  

System acquisition and development

B.  

System operations and maintenance

C.  

System initiation

D.  

System implementation

A.  

After the system preliminary design has been developed and the data security categorization has been performed

B.  

After the vulnerability analysis has been performed and before the system detailed design begins

C.  

After the system preliminary design has been developed and before the data security categorization begins

D.  

After the business functional analysis and the data security categorization have been performed

A.  

Least privilege

B.  

Privilege escalation

C.  

Defense in depth

D.  

Privilege bracketing

A.  

Purchase software from a limited list of retailers

B.  

Verify the hash key or certificate key of all updates

C.  

Do not permit programs, patches, or updates from the Internet

D.  

Test all new software in a segregated environment

A.  

Lack of software documentation

B.  

License agreements requiring release of modified code

C.  

Expiration of the license agreement

D.  

Costs associated with support of the software

A.  

Memory review

B.  

Code review

C.  

Message division

D.  

Buffer division

A.  

Configuration

B.  

Identity

C.  

Compliance

D.  

Patch

A.  

Stateful firewall

B.  

Distributed antivirus

C.  

Log analysis

D.  

Passive honeypot

A.  

Develop a written organizational policy prohibiting unauthorized USB devices

B.  

Train users on the dangers of transferring data in USB devices

C.  

Implement centralized technical control of USB port connections

D.  

Encrypt removable USB devices containing data at rest

A.  

Difference between a new and an established connection

B.  

Originating network location

C.  

Difference between a malicious and a benign packet payload

D.  

Originating application session

A.  

Aggregate it into one database in the US

B.  

Process it in the US, but store the information in France

C.  

Share it with a third party

D.  

Anonymize it and process it in the US

A.  

To ensure Information Technology (IT) staff knows and performs roles assigned to each of them

B.  

To validate backup sites’ effectiveness

C.  

To find out what does not work and fix it

D.  

To create a high level DRP awareness among Information Technology (IT) staff

A.  

Deploying load balancers to distribute inbound traffic across multiple data centers

B.  

Set Up Web Application Firewalls (WAFs) to filter out malicious traffic

C.  

Implementing reverse web-proxies to validate each new inbound connection

D.  

Coordinate with and utilize capabilities within Internet Service Provider (ISP)

A.  

Negotiate schedule with the Information Technology (IT) operation’s team

B.  

Log vulnerability summary reports to a secured server

C.  

Enable scanning during off-peak hours

D.  

Establish access for Information Technology (IT) management

A.  

Awareness activities should be used to focus on security concerns and respond to those concerns

accordingly

B.  

Awareness is not an activity or part of the training but rather a state of persistence to support the program

C.  

Awareness is training. The purpose of awareness presentations is to broaden attention of security.

D.  

Awareness is not training. The purpose of awareness presentation is simply to focus attention on security.

A.  

Senior management

B.  

Information security department

C.  

Audit committee

D.  

All users

A.  

Exterior Gateway Protocol (EGP)

B.  

Border Gateway Protocol (BGP)

C.  

Open Shortest Path First (OSPF)

D.  

Internet Control Message Protocol (ICMP)

A.  

through a firewall at the Session layer

B.  

through a firewall at the Transport layer

C.  

in the Point-to-Point Protocol (PPP)

D.  

in the Payload Compression Protocol (PCP)

A.  

Platform as a Service (PaaS)

B.  

Identity as a Service (IDaaS)

C.  

Desktop as a Service (DaaS)

D.  

Software as a Service (SaaS)

A.  

The process will require too many resources

B.  

It will be difficult to apply to both hardware and software

C.  

It will be difficult to assign ownership to the data

D.  

The process will be perceived as having value

A.  

Personal Identity Verification (PIV)

B.  

Cardholder Unique Identifier (CHUID) authentication

C.  

Physical Access Control System (PACS) repeated attempt detection

D.  

Asymmetric Card Authentication Key (CAK) challenge-response

A.  

Assigned security label

B.  

Multilevel Security (MLS) architecture

C.  

Minimum query size

D.  

Passage of time

A.  

The department should report to the business owner

B.  

Ownership of the asset should be periodically reviewed

C.  

Individual accountability should be ensured

D.  

All members should be trained on their responsibilities

A.  

system security managers

B.  

business managers

C.  

Information Technology (IT) managers

D.  

end users

A.  

Ensuring quality and validation through periodic audits for ongoing data integrity

B.  

Maintaining fundamental data availability, including data storage and archiving

C.  

Ensuring accessibility to appropriate users, maintaining appropriate levels of data security

D.  

Determining the impact the information has on the mission of the organization

A.  

Identify the contractual security obligations that apply to the organizations

B.  

Understand the value of the information assets

C.  

Identify the level of residual risk that is tolerable to management

D.  

Identify relevant legislative and regulatory compliance requirements

A.  

Testing with a Botnet

B.  

Testing with an EICAR file

C.  

Executing a binary shellcode

D.  

Run multiple antivirus programs

A.  

Workplace privacy laws

B.  

Level of organizational trust

C.  

Results of background checks

D.  

Business ethical considerations

A.  

Availability

B.  

Confidentiality

C.  

Integrity

D.  

Ownership

A.  

Resource Servers are required to use passwords to authenticate end users.

B.  

Revocation of access of some users of the third party instead of all the users from the third party.

C.  

Compromise of the third party means compromise of all the users in the service.

D.  

Guest users need to authenticate with the third party identity provider.

A.  

the policy and procedures manual.

B.  

an existing BCP from a similar organization.

C.  

a review of the business processes and procedures.

D.  

a standard checklist of required items and objectives.

A.  

Maintaining an inventory of authorized Access Points (AP) and connecting devices

B.  

Setting the radio frequency to the minimum range required

C.  

Establishing a Virtual Private Network (VPN) tunnel between the WLAN client device and a VPN concentrator

D.  

Verifying that all default passwords have been changed

A.  

Security procedures

B.  

Security standards

C.  

Human resource policy

D.  

Human resource standards

A.  

Time of the access

B.  

Security classification

C.  

Denied access attempts

D.  

Associated clearance

A.  

Automatically create exceptions for specific actions or files

B.  

Determine which files are unsafe to access and blacklist them

C.  

Automatically whitelist actions or files known to the system

D.  

Build a baseline of normal or safe system events for review

A.  

Perform a service provider PCI-DSS assessment on a yearly basis.

B.  

Validate the service provider's PCI-DSS compliance status on a regular basis.

C.  

Validate that the service providers security policies are in alignment with those of the organization.

D.  

Ensure that the service provider updates and tests its Disaster Recovery Plan (DRP) on a yearly basis.

A.  

Use and specify a strong character encoding.

B.  

Use automated static analysis tools that target this type of weakness.

C.  

Perform input validation on any numeric inputs by assuring that they are within the expected range.

D.  

Use data flow analysis to minimize the number of false positives.

A.  

Provide multiple links from the same telecommunications vendor.

B.  

Ensure that the telecommunications links connect to the network in one location.

C.  

Ensure that the telecommunications links connect to the network in multiple locations.

D.  

Provide multiple links from multiple telecommunications vendors.

A.  

Secondary use of the data by business users

B.  

The organization's security policies and standards

C.  

The business purpose for which the data is to be used

D.  

The overall protection of corporate resources and data

A.  

periodically during a session.

B.  

for each business process.

C.  

at system sign-off.

D.  

after a period of inactivity.

A.  

User D can write to File 1

B.  

User B can write to File 1

C.  

User A can write to File 1

D.  

User C can write to File 1

A.  

vulnerabilities are proactively identified.

B.  

audits are regularly performed and reviewed.

C.  

backups are regularly performed and validated.

D.  

risk is lowered to an acceptable level.

A.  

System integrity

B.  

System availability

C.  

System confidentiality

D.  

System auditability

A.  

Policy database

B.  

Digital signature

C.  

Policy decision point

D.  

Policy enforcement point

A.  

Testing phase

B.  

Development phase

C.  

Requirements definition phase

D.  

Operations and maintenance phase

A.  

Two-factor authentication

B.  

Digital certificates and hardware tokens

C.  

Timed sessions and Secure Socket Layer (SSL)

D.  

Passwords with alpha-numeric and special characters

A.  

Encrypt communications between the servers

B.  

Encrypt the web server traffic

C.  

Implement server-side filtering

D.  

Filter outgoing traffic at the perimeter firewall

A.  

Requirements Analysis

B.  

Development and Deployment

C.  

Production Operations

D.  

Utilization Support

A.  

802.11i

B.  

Kerberos

C.  

Lightweight Directory Access Protocol (LDAP)

D.  

Security Assertion Markup Language (SAML)

A.  

least privilege.

B.  

rule based access controls.

C.  

Mandatory Access Control (MAC).

D.  

separation of duties.

A.  

Provide students with Internet Protocol Security (IPSec) Virtual Private Network (VPN) client software.

B.  

Use Secure Sockets Layer (SSL) VPN technology.

C.  

Use Secure Shell (SSH) with public/private keys.

D.  

Require students to purchase home router capable of VPN.

A.  

Changing all canonical passwords

B.  

Decreasing the number of concurrent user sessions

C.  

Restricting initial password delivery only in person

D.  

Introducing a delay after failed system access attempts

A.  

Install mantraps at the building entrances

B.  

Enclose the personnel entry area with polycarbonate plastic

C.  

Supply a duress alarm for personnel exposed to the public

D.  

Hire a guard to protect the public area

A.  

Owner’s ability to realize financial gain

B.  

Owner’s ability to maintain copyright

C.  

Right of the owner to enjoy their creation

D.  

Right of the owner to control delivery method

A.  

Network redundancies are not implemented

B.  

Security awareness training is not completed

C.  

Backup tapes are generated unencrypted

D.  

Users have administrative privileges

A.  

Application

B.  

Storage

C.  

Power

D.  

Network

A.  

Only when assets are clearly defined

B.  

Only when standards are defined

C.  

Only when controls are put in place

D.  

Only procedures are defined

A.  

Ensure the fire prevention and detection systems are sufficient to protect personnel

B.  

Review the architectural plans to determine how many emergency exits are present

C.  

Conduct a gap analysis of a new facilities against existing security requirements

D.  

Revise the Disaster Recovery and Business Continuity (DR/BC) plan

A.  

Examine the device for physical tampering

B.  

Implement more stringent baseline configurations

C.  

Purge or re-image the hard disk drive

D.  

Change access codes

A.  

determine the risk of a business interruption occurring

B.  

determine the technological dependence of the business processes

C.  

Identify the operational impacts of a business interruption

D.  

Identify the financial impacts of a business interruption

A.  

Development, testing, and deployment

B.  

Prevention, detection, and remediation

C.  

People, technology, and operations

D.  

Certification, accreditation, and monitoring

A.  

Executive audiences will understand the outcomes of testing and most appropriate next steps for corrective actions to be taken

B.  

Technical teams will understand the testing objectives, testing strategies applied, and business risk associated with each vulnerability

C.  

Management teams will understand the testing objectives and reputational risk to the organization

D.  

Technical and management teams will better understand the testing objectives, results of each test phase, and potential impact levels

A.  

Encryption of audit logs

B.  

No archiving of audit logs

C.  

Hashing of audit logs

D.  

Remote access audit logs

A.  

Quarterly access reviews

B.  

Security continuous monitoring

C.  

Business continuity testing

D.  

Annual security training

A.  

Change management processes

B.  

User administration procedures

C.  

Operating System (OS) baselines

D.  

System backup documentation

A.  

Host VM monitor audit logs

B.  

Guest OS access controls

C.  

Host VM access controls

D.  

Guest OS audit logs

A.  

Diffie-Hellman algorithm

B.  

Secure Sockets Layer (SSL)

C.  

Advanced Encryption Standard (AES)

D.  

Message Digest 5 (MD5)

A.  

Data owner

B.  

Data architect

C.  

Chief Information Security Officer (CISO)

D.  

Chief Information Officer (CIO)

A.  

Implementation Phase

B.  

Initialization Phase

C.  

Cancellation Phase

D.  

Issued Phase

A.  

Confidentiality

B.  

Integrity

C.  

Identification

D.  

Availability

A.  

Code signing

B.  

Class authentication

C.  

Sandboxing

D.  

Type safety

A.  

Hashing the data before encryption

B.  

Hashing the data after encryption

C.  

Compressing the data after encryption

D.  

Compressing the data before encryption

A.  

Common Vulnerabilities and Exposures (CVE)

B.  

Common Vulnerability Scoring System (CVSS)

C.  

Asset Reporting Format (ARF)

D.  

Open Vulnerability and Assessment Language (OVAL)

A.  

The SDN is mostly composed of virtual machines (VM).

B.  

The SDN is composed entirely of client-server pairs.

C.  

Virtual memory is used in preference to random-access memory (RAM).

D.  

Random-access memory (RAM) is used in preference to virtual memory.

A.  

As part of system sign-on

B.  

Before creation of the identity

C.  

After revocation of the identity

D.  

During authorization of the identity

A.  

Service level report

B.  

Business impact analysis (BIA)

C.  

Service level agreement (SLA)

D.  

Service Level Requirement (SLR)

A.  

Organization principle, policy, standard, guideline

B.  

Policy, organization principle, standard, guideline

C.  

Standard, policy, organization principle, guideline

D.  

Organization principle, guideline, policy, standard

A.  

Test business continuity and disaster recovery (DR) plans.

B.  

Design networks with the ability to adapt, reconfigure, and fail over.

C.  

Implement network segmentation to achieve robustness.

D.  

Follow security guidelines to prevent unauthorized network access.

A.  

Develop comprehensive security strategies for the organization.

B.  

Perform is, honestly, fairly, responsibly, and lawfully for the organization.

C.  

Create secure data protection policies to principals.

D.  

Provide diligent and competent service to principals.

A.  

Multi-layer access controls working in isolation

B.  

Multi-vendor approach to technology implementation

C.  

Multi-layer firewall architecture with Internet Protocol (IP) filtering enabled

D.  

Multi-layer access controls with diversification of technologies

A.  

Review applicable destination country laws, forensically clean devices prior to travel, and only download sensitive data over a virtual private network (VPN) upon arriving at the destination.

B.  

Keep laptops, external storage devices, and smartphones in the hotel room when not in use.

C.  

Leverage a Secure Socket Layer (SSL) connection over a virtual private network (VPN) to download sensitive data upon arriving at the destination.

D.  

Use multi-factor authentication (MFA) to gain access to data stored on laptops or external storage devices and biometric fingerprint access control isms to unlock smartphones.

A.  

Classless Inter-Domain Routing (CIDR)

B.  

Deterministic routing

C.  

Internet Protocol (IP) routing lookups

D.  

Boundary routing

A.  

nslookup

B.  

show config

C.  

netstat

D.  

show interface

E.  

show counters

A.  

To provide a framework for developing good security metrics

B.  

To justify the selection of costly security controls

C.  

To classify the security controls sensitivity that helps scope the risk assessment

D.  

To help determine the appropriate level of data security controls

A.  

Proper security controls, security goals, and fault mitigation are properly conducted.

B.  

Proper security controls, security objectives, and security goals are properly initiated.

C.  

Security goals, proper security controls, and validation are properly initiated.

D.  

Security objectives, security goals, and system test are properly conducted.

A.  

Encrypt disks on personal laptops.

B.  

Issue cable locks for use on personal laptops.

C.  

Create policies addressing critical information on personal laptops.

D.  

Monitor personal laptops for critical information.

A.  

Map the organization's current security practices to industry standards and frameworks.

B.  

Define the organization's objectives regarding security and risk mitigation.

C.  

Select from a choice of security best practices.

D.  

Review the past security assessments.

A.  

A full-scale simulation of an emergency and the subsequent response functions

B.  

A specific test by response teams of individual emergency response functions

C.  

A functional evacuation of personnel

D.  

An activation of the backup site

A.  

data integrity.

B.  

defense in depth.

C.  

data availability.

D.  

non-repudiation.

A.  

Analyzing a network diagram of the target network

B.  

Notifying the company's customers

C.  

Obtaining the approval of the company's management

D.  

Scheduling the penetration test during a period of least impact

A.  

To assign responsibility for mitigating the risk to vulnerable systems

B.  

To ensure that information assets receive an appropriate level of protection

C.  

To recognize that the value of any item of information may change over time

D.  

To recognize the optimal number of classification categories and the benefits to be gained from their use

A.  

A defined goal, limited time period, and approval of management

B.  

A general objective, unlimited time, and approval of the network administrator

C.  

An objective statement, disclosed methodology, and fixed cost

D.  

A stated objective, liability waiver, and disclosed methodology

A.  

system software.

B.  

system hardware.

C.  

application software.

D.  

network hardware.

A.  

Ideas expressed in literary works

B.  

A particular expression of an idea

C.  

New and non-obvious inventions

D.  

Discoveries of natural phenomena

A.  

It may serve to create unnecessary code complexity

B.  

It may not enforce job separation duties

C.  

It may create unnecessary application hardening

D.  

It may allow malicious code to be inserted

A.  

It contains the keys of all clients.

B.  

It always operates at root privilege.

C.  

It contains all the tickets for services.

D.  

It contains the Internet Protocol (IP) address of all network entities.

A.  

encrypt the contents of the repository and document any exceptions to that requirement.

B.  

utilize Intrusion Detection System (IDS) set drop connections if too many requests for documents are detected.

C.  

keep individuals with access to high security areas from saving those documents into lower security areas.

D.  

require individuals with access to the system to sign Non-Disclosure Agreements (NDA).

A.  

Man-in-the-Middle (MITM) attack

B.  

Smurfing

C.  

Session redirect

D.  

Spoofing

A.  

exploit security weaknesses in the IS.

B.  

measure system performance on systems with weak security controls.

C.  

evaluate the effectiveness of security controls.

D.  

prepare for Disaster Recovery (DR) planning.

A.  

Immediately document the finding and report to senior management.

B.  

Use system privileges to alter the permissions to secure the server

C.  

Continue the testing to its completion and then inform IT management

D.  

Terminate the penetration test and pass the finding to the server management team

A.  

Job rotation

B.  

Separation of duties

C.  

Least privilege model

D.  

Increased monitoring

A.  

overcome the problems of key assignments.

B.  

monitor the opening of windows and doors.

C.  

trigger alarms when intruders are detected.

D.  

lock down a facility during an emergency.

A.  

Availability

B.  

Accountability

C.  

Integrity

D.  

Non-repudiation

A.  

It has normalized severity ratings.

B.  

It has many worksheets and practices to implement.

C.  

It aims to calculate the risk of published vulnerabilities.

D.  

It requires a robust risk management framework to be put in place.

A.  

An explanation of how long the data subject's collected information will be retained for and how it will be eventually disposed.

B.  

An explanation of who can be contacted at the organization collecting the information if corrections are required by the data subject.

C.  

An explanation of the regulatory frameworks and compliance standards the information collecting organization adheres to.

D.  

An explanation of all the technologies employed by the collecting organization in gathering information on the data subject.

A.  

Role Based Access Control (RBAC)

B.  

Biometric access control

C.  

Federated Identity Management (IdM)

D.  

Application hardening

A.  

Spam filtering

B.  

Cryptographic signature

C.  

Uniform Resource Locator (URL) filtering

D.  

Reverse Domain Name Service (DNS) lookup

A.  

Show the need for security; identify the message and the audience

B.  

Ensure that the security presentation is designed to be all-inclusive

C.  

Notify them that their compliance is mandatory

D.  

Explain how hackers have enhanced information security

A.  

Encrypt and hash all PII to avoid disclosure and tampering.

B.  

Store PII for no more than one year.

C.  

Avoid storing PII in a Cloud Service Provider.

D.  

Adherence to collection limitation laws and regulations.

A.  

Transparent Database Encryption (TDE)

B.  

Column level database encryption

C.  

Volume encryption

D.  

Data tokenization

A.  

Ensuring the media is not labeled in any way that indicates the organization's name.

B.  

Disassembling the media and removing parts that may contain sensitive datA.

C.  

Physically breaking parts of the media that may contain sensitive datA.

D.  

Establishing a contract with the third party regarding the secure handling of the mediA.

A.  

Take another backup of the media in question then delete all irrelevant operating system files.

B.  

Create a comparison database of cryptographic hashes of the files from a system with the same operating system and patch level.

C.  

Generate a message digest (MD) or secure hash on the drive image to detect tampering of the media being examined.

D.  

Discard harmless files for the operating system, and known installed programs.

A.  

Trojan horse

B.  

Denial of Service (DoS)

C.  

Spoofing

D.  

Man-in-the-Middle (MITM)

A.  

Program change control

B.  

Regression testing

C.  

Export exception control

D.  

User acceptance testing

A.  

Smurf

B.  

Rootkit exploit

C.  

Denial of Service (DoS)

D.  

Cross site scripting (XSS)

A.  

Anti-tampering

B.  

Secure card reader

C.  

Radio Frequency (RF) scanner

D.  

Intrusion Prevention System (IPS)

A.  

confidentiality of the traffic is protected.

B.  

opportunity to sniff network traffic exists.

C.  

opportunity for device identity spoofing is eliminated.

D.  

storage devices are protected against availability attacks.

A.  

Statistical anomaly

B.  

Perimeter intrusion

C.  

Port scanning

D.  

Network spoofing

A.  

Vulnerability to crime

B.  

Adjacent buildings and businesses

C.  

Proximity to an airline flight path

D.  

Vulnerability to natural disasters

A.  

Users would be able to alter the input after validation has occurred

B.  

The web server would not be able to validate the input after transmission

C.  

The client system could receive invalid input from the web server

D.  

The web server would not be able to receive invalid input from the client

A.  

Remove their computer access

B.  

Require them to turn in their badge

C.  

Conduct an exit interview

D.  

Reduce their physical access level to the facility

A.  

Evaluating the efficiency of the plan

B.  

Identifying the benchmark required for restoration

C.  

Validating the effectiveness of the plan

D.  

Determining the Recovery Time Objective (RTO)

A.  

strength of the encryption algorithm.

B.  

spread of malware during synchronization.

C.  

ability to bypass the authentication mechanism.

D.  

strength of the Personal Identification Number (PIN).

A.  

right to refuse or permit commercial rentals.

B.  

right to disguise the software's geographic origin.

C.  

ability to tailor security parameters based on location.

D.  

ability to confirm license authenticity of their works.

A.  

Patches on the network are difficult to keep current.

B.  

It is the responsibility of the systems administrator.

C.  

User ID and passwords are never set to expire.

D.  

Network diagrams are not up to date.

A.  

Document the system as high risk

B.  

Perform a vulnerability assessment

C.  

Perform a quantitative threat assessment

D.  

Notate the information and move on

A.  

To identify system threats, vulnerabilities, and acceptable level of risk

B.  

To formalize the confirmation of compliance to security policies and standards

C.  

To formalize the confirmation of completed risk mitigation and risk analysis

D.  

To verify that system architecture and interconnections with other systems are effectively implemented

A.  

Developing a consistent and uniform method of controlling access on information assets

B.  

Developing appropriate access control policies and guidelines

C.  

Assigning a financial value to an organization’s information assets

D.  

Determining the appropriate level of protection

A.  

the scalability of token enrollment.

B.  

increased accountability of end users.

C.  

it protects against unauthorized access.

D.  

it simplifies user access administration.

A.  

Transport and Session

B.  

Data-Link and Transport

C.  

Network and Session

D.  

Physical and Data-Link

A.  

systems integration.

B.  

risk management.

C.  

quality assurance.

D.  

change management.

A.  

Provide vulnerability reports to management.

B.  

Validate vulnerability remediation activities.

C.  

Prevent attackers from discovering vulnerabilities.

D.  

Remediate known vulnerabilities.

A.  

Revoke access temporarily.

B.  

Block user access and delete user account after six months.

C.  

Block access to the offices immediately.

D.  

Monitor account usage temporarily.

A.  

Data Custodian

B.  

Executive Management

C.  

Chief Information Security Officer

D.  

Data/Information/Business Owners

A.  

IEEE 802.1F

B.  

IEEE 802.1H

C.  

IEEE 802.1Q

D.  

IEEE 802.1X

A.  

By reviewing the configuration after the system goes into production

B.  

By running vulnerability scanning tools on all devices in the environment

C.  

By comparing the actual configuration of the system against the baseline

D.  

By verifying all the approved security patches are implemented

A.  

Examines log messages or other indications on the system.

B.  

Monitors alarms sent to the system administrator

C.  

Matches traffic patterns to virus signature files

D.  

Examines the Access Control List (ACL)

A.  

Notification tool

B.  

Message queuing tool

C.  

Security token tool

D.  

Synchronization tool

A.  

exploits weak authentication to penetrate networks.

B.  

can be detected with signature analysis.

C.  

looks like normal network activity.

D.  

is commonly confused with viruses or worms.

A.  

To verify that only employees have access to the facility.

B.  

To identify present hazards requiring remediation.

C.  

To monitor staff movement throughout the facility.

D.  

To provide a safe environment for employees.

A.  

Administrator should request data owner approval to the user access

B.  

Administrator should request manager approval for the user access

C.  

Administrator should directly grant the access to the non-sensitive files

D.  

Administrator should assess the user access need and either grant or deny the access

A.  

Data Redaction

B.  

Data Minimization

C.  

Data Encryption

D.  

Data Storage

A.  

Qualitative analysis

B.  

Quantitative analysis

C.  

Remediation

D.  

System security categorization

A.  

enhance the skills required to create, maintain, and execute the plan.

B.  

provide for a high level of recovery in case of disaster.

C.  

describe the recovery organization to new employees.

D.  

provide each recovery team with checklists and procedures.

A.  

The cryptanalyst can generate ciphertext from arbitrary text.

B.  

The cryptanalyst examines the communication being sent back and forth.

C.  

The cryptanalyst can choose the key and algorithm to mount the attack.

D.  

The cryptanalyst is presented with the ciphertext from which the original message is determined.

A.  

Validate compliance with X.509 digital certificate standards

B.  

Establish a certificate life cycle management framework

C.  

Use a third-party Certificate Authority (CA)

D.  

Use no less than 256-bit strength encryption when creating a certificate

A.  

They should be recycled to save energy.

B.  

They should be recycled according to NIST SP 800-88.

C.  

They should be inspected and sanitized following the organizational policy.

D.  

They should be inspected and categorized properly to sell them for reuse.

A.  

Authorizations are not included in the server response

B.  

Unsalted hashes are passed over the network

C.  

The authentication session can be replayed

D.  

Passwords are passed in clear text

A.  

Lightweight Directory Access Protocol (LDAP)

B.  

Security Assertion Markup Language (SAML)

C.  

Internet Mail Access Protocol

D.  

Transport Layer Security (TLS)

A.  

Challenge response and private key

B.  

Digital certificates and Single Sign-On (SSO)

C.  

Tokens and passphrase

D.  

Smart card and biometrics

A.  

User error

B.  

Suspected tampering

C.  

Accurate identification

D.  

Unsuccessful identification

A.  

Excessive access rights to systems and data

B.  

Segregation of duties conflicts within business applications

C.  

Lack of system administrator activity monitoring

D.  

Inappropriate access requests

A.  

It is useful for testing communications protocols and graphical user interfaces.

B.  

It is characterized by the stateless behavior of a process implemented in a function.

C.  

Test inputs are obtained from the derived threshold of the given functional specifications.

D.  

An entire partition can be covered by considering only one representative value from that partition.

A.  

Secure Hash Algorithm 1 (SHA-1)

B.  

Secure Sockets Layer (SSL)

C.  

Cipher Block Chaining Message Authentication Code (CBC-MAC)

D.  

Transport Layer Security (TLS)

A.  

Take the computer to a forensic lab

B.  

Make a copy of the hard drive

C.  

Start documenting

D.  

Turn off the computer

A.  

Absence of a Business Intelligence (BI) solution

B.  

Inadequate cost modeling

C.  

Improper deployment of the Service-Oriented Architecture (SOA)

D.  

Insufficient Service Level Agreement (SLA)

A.  

Collecting security events and correlating them to identify anomalies

B.  

Facilitating system-wide visibility into the activities of critical user accounts

C.  

Encompassing people, process, and technology

D.  

Logging both scheduled and unscheduled system changes

A.  

Consolidation of multiple providers

B.  

Directory synchronization

C.  

Web based logon

D.  

Automated account management

A.  

Disable all unnecessary services

B.  

Ensure chain of custody

C.  

Prepare another backup of the system

D.  

Isolate the system from the network

A.  

Warm site

B.  

Hot site

C.  

Mirror site

D.  

Cold site

A.  

Walkthrough

B.  

Simulation

C.  

Parallel

D.  

White box

A.  

Continuously without exception for all security controls

B.  

Before and after each change of the control

C.  

At a rate concurrent with the volatility of the security control

D.  

Only during system implementation and decommissioning

A.  

When it has been validated by the Business Continuity (BC) manager

B.  

When it has been validated by the board of directors

C.  

When it has been validated by all threat scenarios

D.  

When it has been validated by realistic exercises

A.  

Guaranteed recovery of all business functions

B.  

Minimization of the need decision making during a crisis

C.  

Insurance against litigation following a disaster

D.  

Protection from loss of organization resources

A.  

Determine the cause of the incident

B.  

Disconnect the system involved from the network

C.  

Isolate and contain the system involved

D.  

Investigate all symptoms to confirm the incident

A.  

Hardware and software compatibility issues

B.  

Applications’ critically and downtime tolerance

C.  

Budget constraints and requirements

D.  

Cost/benefit analysis and business objectives

A.  

Certify and approve releases to the environment

B.  

Provide version rollbacks for system changes

C.  

Ensure that all applications are approved

D.  

Ensure accountability for changes to the environment