The Actual Exam Version included actual exam questions verified by IT Experts. We verified questions and updated frequently each month and also based on members’ feedback to keep updating with the real exam. We are offering money back immediately if questions in our Actual Exam Version do not appear in your exam. Highly recommend you take the Actual Exam Version then go to the exam as soon as possible.
QUESTION NO: 1
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
A. determine the risk of a business interruption occurring
B. determine the technological dependence of the business processes
C. identify the operational impacts of a business interruption
D. identify the financial impacts of a business interruption
QUESTION NO: 2
Which of the following actions will reduce risk to a laptop before traveling to a high risk area?
A. Examine the device for physical tampering
B. Implement more stringent baseline configurations
C. Purge or re-image the hard disk drive
D. Change access codes
QUESTION NO: 3
Which of the following represents the GREATEST risk to data confidentiality?
A. Network redundancies are not implemented
B. Security awareness training is not completed
C. Backup tapes are generated unencrypted
D. Users have administrative privileges
QUESTION NO: 4
What is the MOST important consideration from a data security perspective when an organization plans to relocate?
A. Ensure the fire prevention and detection systems are sufficient to protect personnel
B. Review the architectural plans to determine how many emergency exits are present
C. Conduct a gap analysis of a new facilities against existing security requirements
D. Revise the Disaster Recovery and Business Continuity (DR/BC) plan
QUESTION NO: 5
A company whose Information Technology (IT) services are being delivered from a Tier 4 data center, is preparing a company-wide Business Continuity Planning (BCP). Which of the following failures should the IT manager be concerned with?
QUESTION NO: 6
When assessing an organization’s security policy according to standards established by the International Organization for Standardization (ISO) 27001 and 27002, when can management responsibilities be defined?
A. Only when assets are clearly defined
B. Only when standards are defined
C. Only when controls are put in place
D. Only procedures are defined
QUESTION NO: 7
Which of the following types of technologies would be the MOST cost-effective method to provide a reactive control for protecting personnel in public areas?
A. Install mantraps at the building entrances
B. Enclose the personnel entry area with polycarbonate plastic
C. Supply a duress alarm for personnel exposed to the public
D. Hire a guard to protect the public area
QUESTION NO: 8
An important principle of defense in depth is that achieving information security requires a balanced focus on which PRIMARY elements?
A. Development, testing, and deployment
B. Prevention, detection, and remediation
C. People, technology, and operations
D. Certification, accreditation, and monitoring
QUESTION NO: 9
Intellectual property rights are PRIMARY concerned with which of the following?
A. Owner’s ability to realize financial gain
B. Owner’s ability to maintain copyright
C. Right of the owner to enjoy their creation
D. Right of the owner to control delivery method
QUESTION NO: 10
A control to protect from a Denial-of-Service (DoS) attack has been determined to stop 50% of attacks, and additionally reduces the impact of an attack by 50%. What is the residual risk?
QUESTION NO: 11
In the Open System Interconnection (OSI) model, which layer is responsible for the transmission of binary data over a communications network?
A. Physical Layer
B. Application Layer
C. Data-Link Layer
D. Network Layer
QUESTION NO: 12
What is the term commonly used to refer to a technique of authentication one machine to another by forging packets from a trusted source?
B. Man-in-the-Middle (MITM) attack
C. Session redirect
QUESTION NO: 13
Which of the following entails identification of data and links to business processes, applications, and data stores as well as assignment of ownership responsibilities?
A. Security governance
B. Risk management
C. Security portfolio management
D. Risk assessment
QUESTION NO: 14
Which of the following mandates the amount and complexity of security controls applied to a security risk?
A. Security vulnerabilities
B. Risk tolerance
C. Risk mitigation
D. Security staff
QUESTION NO: 15
When determining who can accept the risk associated with a vulnerability, which of the following is MOST important?
A. Countermeasure effectiveness
B. Type of potential loss
C. Incident likelihood
D. Information ownership
QUESTION NO: 16
A security professional determines that a number of outsourcing contracts inherited from a previous merger do not adhere to the current security requirements. Which of the following BEST minimizes the risk of this happening again?
A. Define additional security controls directly after the merger
B. Include a procurement officer in the merger team
C. Verify all contracts before a merger occurs
D. Assign a compliance officer to review the merger conditions
QUESTION NO: 17
Which of the following is a direct monetary cost of a security incident?
QUESTION NO: 18
Which of the following would MINIMIZE the ability of an attacker to exploit a buffer overflow?
A. Memory review
B. Code review
C. Message division
D. Buffer division
QUESTION NO: 19
Which of the following mechanisms will BEST prevent a Cross-Site Request Forgery (CSRF) attack?
A. parameterized database queries
B. whitelist input values
C. synchronized session tokens
D. use strong ciphers
QUESTION NO: 20
What is the PRIMARY purpose for an organization to conduct a security audit?
A. To ensure the organization is adhering to a well-defined standard
B. To ensure the organization is applying security controls to mitigate identified risks
C. To ensure the organization is configuring information systems efficiently
To ensure the organization is documenting findings
QUESTION NO: 21
How does security in a distributed file system using mutual authentication differ from file security in a multi-user host?
A. Access control can rely on the Operating System (OS), but eavesdropping is not a risk
B. Access control cannot rely on the Operating System (OS), and eavesdropping is a risk
C. Access control can rely on the Operating System (OS), and eavesdropping is a risk
D. Access control cannot rely on the Operating System (OS), and eavesdropping is not a risk
QUESTION NO: 22
When defining a set of security controls to mitigate a risk, which of the following actions MUST occur?
A. Each control’s effectiveness must be evaluated individually
B. Each control must completely mitigate the risk
C. The control set must adequately mitigate the risk
The control set must evenly divide the risk
QUESTION NO: 23
Which of the following provides the BEST method to verify that security baseline configurations are maintained?
A. Perform regular system security testing
B. Design security early in the development cycle
C. Analyze logs to determine user activities
D. Perform quarterly risk assessments
QUESTION NO: 24
Which of the following is the MOST critical success factor in the security patch management process?
A. Tracking and reporting on inventory
B. Supporting documentation
C. Management review of reports
Risk and impact analysis
QUESTION NO: 25
Which of the following is MOST important when determining appropriate countermeasures for an identified risk?
A. Interaction with existing controls
B. Organizational risk tolerance
C. Patch availability
QUESTION NO: 26
What is the MAIN reason to ensure the appropriate retention periods are enforced for data stored on electronic media?
A. To reduce the carbon footprint by eliminating paper
B. To create an inventory of data assets stored on disk for backup recovery
C. To declassify information that has been improperly classified
To reduce the risk of loss, unauthorized access, use, modification, and disclosure
QUESTION NO: 27
What is the MAIN objective of risk analysis in Disaster Recovery (DR) planning?
A. Establish Maximum Tolerable Downtime (MTD) Information Systems (IS)
B. Define the variable cost for extended downtime scenarios
C. Identify potential threats to business availability
D. Establish personnel requirements for various downtime scenarios
QUESTION NO: 28
A security professional is assessing the risk in an application and does not take into account any mitigating or compensating controls. This type of risk rating is an example of which of the following?
A. Transferred risk
B. Inherent risk
C. Residual risk
D. Avoided risk
Topic 2, Asset Security
QUESTION NO: 29
Which of the following is MOST important when assigning ownership of an asset to a department?
A. The department should report to the business owner
B. Ownership of the asset should be periodically reviewed
C. Individual accountability should be ensured
D. All members should be trained on their responsibilities
QUESTION NO: 30
Which one of the following affects the classification of data?
A. Assigned security label
B. Multilevel Security (MLS) architecture
C. Minimum query size
D. Passage of time
QUESTION NO: 31
Which of the following BEST describes the responsibilities of a data owner?
A. Ensuring quality and validation through periodic audits for ongoing data integrity
B. Maintaining fundamental data availability, including data storage and archiving
C. Ensuring accessibility to appropriate users, maintaining appropriate levels of data security
D. Determining the impact the information has on the mission of the organization
QUESTION NO: 32
An organization has doubled in size due to a rapid market share increase. The size of the Information Technology (IT) staff has maintained pace with this growth. The organization hires several contractors whose onsite time is limited. The IT department has pushed its limits building servers and rolling out workstations and has a backlog of account management requests. Which contract is BEST in offloading the task from the IT staff?
A. Platform as a Service (PaaS)
Identity as a Service (IDaaS)
C. Desktop as a Service (DaaS)
D. Software as a Service (SaaS)
QUESTION NO: 33
When implementing a data classification program, why is it important to avoid too much granularity?
A. The process will require too many resources
B. It will be difficult to apply to both hardware and software
C. It will be difficult to assign ownership to the data
D. The process will be perceived as having value
QUESTION NO: 34
In a data classification scheme, the data is owned by the
A. system security managers
B. business managers
C. Information Technology (IT) managers
D. end users
QUESTION NO: 35
Which of the following is an initial consideration when developing an information security management system?
A. Identify the contractual security obligations that apply to the organizations
B. Understand the value of the information assets
C. Identify the level of residual risk that is tolerable to management
D. Identify relevant legislative and regulatory compliance requirements
QUESTION NO: 36
Which of the following is an effective control in preventing electronic cloning of Radio Frequency
Identification (RFID) based access cards?
A. Personal Identity Verification (PIV)
B. Cardholder Unique Identifier (CHUID) authentication
C. Physical Access Control System (PACS) repeated attempt detection
D. Asymmetric Card Authentication Key (CAK) challenge-response
QUESTION NO: 37
Which factors MUST be considered when classifying information and supporting assets for risk management, legal discovery, and compliance?
A. System owner roles and responsibilities, data handling standards, storage and secure development lifecycle requirements
B. Data stewardship roles, data handling and storage standards, data lifecycle requirements
C. Compliance office roles and responsibilities, classified material handling standards, storage system lifecycle requirements
D. System authorization roles and responsibilities, cloud computing standards, lifecycle requirements
QUESTION NO: 38
When network management is outsourced to third parties, which of the following is the MOST effective method of protecting critical data assets?
A. Log all activities associated with sensitive systems
B. Provide links to security policies
C. Confirm that confidentiality agreements are signed
D. Employ strong access controls
QUESTION NO: 39
Which of the following is the MOST appropriate action when reusing media that contains sensitive data?
QUESTION NO: 40
An organization recently conducted a review of the security of its network applications. One of the vulnerabilities found was that the session key used in encrypting sensitive information to a third party server had been hard-coded in the client and server applications. Which of the following would be MOST effective in mitigating this vulnerability?
A. Diffle-Hellman (DH) algorithm
B. Elliptic Curve Cryptography (ECC) algorithm
C. Digital Signature algorithm (DSA)
D. Rivest-Shamir-Adleman (RSA) algorithm
QUESTION NO: 41
Which of the following methods of suppressing a fire is environmentally friendly and the MOST appropriate for a data center?
A. Inert gas fire suppression system
B. Halon gas fire suppression system
C. Dry-pipe sprinklers
D. Wet-pipe sprinklers
QUESTION NO: 42
Unused space in a disk cluster is important in media analysis because it may contain which of the following?
A. Residual data that has not been overwritten
B. Hidden viruses and Trojan horses
C. Information about the File Allocation table (FAT)
D. Information about patches and upgrades to the system
QUESTION NO: 43
A company seizes a mobile device suspected of being used in committing fraud. What would be the BEST method used by a forensic examiner to isolate the powered-on device from the network and preserve the evidence?
A. Put the device in airplane mode
B. Suspend the account with the telecommunication provider
C. Remove the SIM card
D. Turn the device off
QUESTION NO: 44.
Which of the following is MOST appropriate for protecting confidentiality of data stored on a hard drive?
A. Triple Data Encryption Standard (3DES)
B. Advanced Encryption Standard (AES)
C. Message Digest 5 (MD5)
D. Secure Hash Algorithm 2 (SHA-2)
QUESTION NO: 45
Which of the following is the MOST effective method to mitigate Cross-Site Scripting (XSS) attacks?
A. Use Software as a Service (SaaS)
B. Whitelist input validation
C. Require client certificates
D. Validate data output
QUESTION NO: 46.
What is the MOST significant benefit of an application upgrade that replaces randomly generated session keys with certificate based encryption for communications with backend servers?
QUESTION NO: 47
A user has infected a computer with malware by connecting a Universal Serial Bus (USB) storage device. Which of the following is MOST effective to mitigate future infections?
A. Develop a written organizational policy prohibiting unauthorized USB devices
B. Train users on the dangers of transferring data in USB devices
C. Implement centralized technical control of USB port connections
D. Encrypt removable USB devices containing data at rest
QUESTION NO: 48
An organization has a short-term agreement with a public Cloud Service Provider (CSP). Which of the following BEST protects sensitive data once the agreement expires and the assets are reused?
A. Recommend that the business data owners use continuous monitoring and analysis of applications to prevent data loss
B. Recommend that the business data owners use internal encryption keys for data-at-rest and data in-transit to the storage environment
C. Use a contractual agreement to ensure the CSP wipes and data from the storage environment
D. Use a National Institute of Standards and Technology (NIST) recommendation for wiping data on the storage environment
QUESTION NO: 49
The MAIN task of promoting security for Personal Computers (PC) is:
A. understanding the technical controls and ensuring they are correctly installed
B. understanding the required systems and patching processes for different Operating Systems (OS)
C. making sure that users are using only valid, authorized software, so that the chance of virus infection is reduced
D. making users understand the risks to the machines and data, so they will take appropriate steps to protect them
QUESTION NO: 50
The personal laptop of an organization executive is stolen from the office, complete with personnel and project records. Which of the following should be done FIRST to mitigate future occurrences?
A. Encrypt disks on personal laptops
B. Issue cable locks for use on personal laptops
C. Create policies addressing critical information on personal laptops
D. Monitor personal laptops for critical information
QUESTION NO: 51
Which one of the following can be used to detect an anomaly in a system by keeping track of the state of files that do not normally change?
A. System logs
C. Integrity checker
D. Firewall logs
QUESTION NO: 52
Which attack defines a piece of code that is inserted into software to trigger a malicious function?
C. Back door
D. Logic bomb
QUESTION NO: 53
Data remanence is the biggest threat in which of the following scenarios?
A. A physical disk drive has been overwritten and reused within a datacenter
B. A physical disk drive has been degaussed, verified, and released to a third party for destruction
C. A flash drive has been overwritten, verified, and reused within a datacenter
D. A flash drive has been overwritten and released to a third party for destruction
QUESTION NO: 54
Which of the following is used to ensure that data mining activities will NOT reveal sensitive data?
A. Implement two-factor authentication on the underlying infrastructure
B. Encrypt data at the field level and tightly control encryption keys
C. Preprocessor the databases to see if information can be disclosed from the learned patterns
D. Implement the principle of least privilege on data elements so a reduced number of users can access the database
QUESTION NO: 55
How long should the records on a project be retained?
A. For the duration of the project, or at the discretion of the record owner
B. Until they are no longer useful or required by policy
C. Until five years after the project ends, then move to archives
D. For the duration of the organization fiscal year
QUESTION NO: 56
Which of the following is the MOST effective countermeasure against data remanence?
QUESTION NO: 57
The application owner of a system that handles confidential data leaves an organization. It is anticipated that a replacement will be hired in approximately six months. During that time, which of the following should the organization do?
A. Grant temporary access to the former application owner’s account
B. Assign a temporary application owner to the system
C. Restrict access to the system until a replacement application owner is hired
D. Prevent changes to the confidential data until a replacement application owner is hired
QUESTION NO: 58
Assume that a computer was powered off when an information security professional arrived at a crime scene. Which of the following actions should be performed after the crime scene is isolated?
A. Turn the computer on and collect volatile data
B. Turn the computer on and collect network information
C. Leave the computer off and prepare the computer for transportation to the laboratory
D. Remove the hard drive, prepare it for transportation, and leave the hardware at the scene
QUESTION NO: 59
Which of the following is a MAJOR concern when there is a need to preserve or retain information for future retrieval?
A. Laws and regulations may change in the interim, making it unnecessary to retain the information
B. The expense of retaining the information could become untenable for the organization
C. The organization may lose track of the information and not dispose of it securely
D. The technology needed to retrieve the information may not be available in the future
QUESTION NO: 60
Which of the following is the BEST way to protect against Structured Query Language (SQL) injection?
A. Enforce boundary checking
B. Restrict use of SELECT command
C. Restrict HyperText Markup Language (HTML) source code access
D. Use stored procedures