Security related breaches are assessed and contained through which of the following?
An access point (AP) is discovered using Wireless Equivalent Protocol (WEP). The ciphertext sent by the AP is encrypted with the same key and cipher used by its stations. What authentication method is being used?
Physical security measures typically include which of the following components?
You are having a penetration test done on your company network and the leader of the team says they discovered all the network devices because no one had changed the Simple Network Management Protocol (SNMP) community strings from the defaults. Which of the following is a default community string?
Your organization provides open guest wireless access with no captive portals. What can you do to assist with law enforcement investigations if one of your guests is suspected of committing an illegal act using your network?
Your penetration testing team installs an in-line hardware key logger onto one of your network machines. Which of the following is of major concern to the security organization?
Your incident handling manager detects a virus attack in the network of your company. You develop a signature based on the characteristics of the detected virus. Which of the following phases in the incident handling process will utilize the signature to resolve this incident?
The process for identifying, collecting, and producing digital information in support of legal proceedings is called
Which of the following is a symmetric encryption algorithm?
One of your executives needs to send an important and confidential email. You want to ensure that the message cannot be read by anyone but the recipient. Which of the following keys should be used to encrypt the message?
Which of the following is the MAIN security concern for public cloud computing?
The general ledger setup function in an enterprise resource package allows for setting accounting periods. Access to this function has been permitted to users in finance, the shipping department, and production scheduling. What is the most likely reason for such broad access?
A bastion host should be placed:
From the CISO’s perspective in looking at financial statements, the statement of retained earnings of an organization:
An organization recently acquired a Data Loss Prevention (DLP) solution, and two months after the implementation, it was found that sensitive data was posted to numerous Dark Web sites. The DLP application was checked, and there are no apparent malfunctions and no errors.
What is the MOST likely reason why the sensitive data was posted?
With a focus on the review and approval aspects of board responsibilities, the Data Governance Council recommends that the boards provide strategic oversight regarding information and information security, include these four things:
When managing a project, the MOST important activity in managing the expectations of stakeholders is:
You are the CISO for an investment banking firm. The firm is using artificial intelligence (AI) to assist in approving clients for loans.
Which control is MOST important to protect AI products?
When evaluating a Managed Security Services Provider (MSSP), which service(s) is/are most important:
A CISO must conduct risk assessments using a method where the Chief Financial Officer (CFO) receives impact data in financial terms to use as input to select the proper level of coverage in a new cybersecurity insurance policy.
What is the MOST effective method of risk analysis to provide the CFO with the information required?
What key technology can mitigate ransomware threats?
When obtaining new products and services, why is it essential to collaborate with lawyers, IT security professionals, privacy professionals, security engineers, suppliers, and others?
A key cybersecurity feature of a Personal Identification Verification (PIV) Card is:
What are the common data hiding techniques used by criminals?
In accordance with best practices and international standards, how often is security awareness training provided to employees of an organization?
When managing the security architecture for your company you must consider:
The success of the Chief Information Security Officer is MOST dependent upon:
A global health insurance company is concerned about protecting confidential information. Which of the following is of MOST concern to this organization?
When briefing senior management on the creation of a governance process, the MOST important aspect should be:
Which of the following is a critical operational component of an Incident Response Program (IRP)?
Credit card information, medical data, and government records are all examples of:
Which of the following is of MOST importance when security leaders of an organization are required to align security to influence the culture of an organization?
If your organization operates under a model of "assumption of breach", you should:
What is the definition of Risk in Information Security?
When dealing with a risk management process, asset classification is important because it will impact the overall:
Which of the following intellectual Property components is focused on maintaining brand recognition?
Scenario: An organization has recently appointed a CISO. This is a new role in the organization and it signals the increasing need to address security consistently at the enterprise level. This new CISO, while confident with skills and experience, is constantly on the defensive and is unable to advance the IT security centric agenda.
Which of the following is the reason the CISO has not been able to advance the security agenda in this organization?
Scenario: You are the CISO and have just completed your first risk assessment for your organization. You find many risks with no security controls, and some risks with inadequate controls. You assign work to your staff to create or adjust existing security controls to ensure they are adequate for risk mitigation needs.
You have identified potential solutions for all of your risks that do not have security controls. What is the NEXT step?
A CISO wants to change the defense strategy to ward off attackers. To accomplish this the CISO is looking to a strategy where attackers are lured into a zone of a safe network where attackers can be monitored, controlled, quarantined, or eradicated.
Which technology can provide a computing environment without requiring a dedicated hardware backend?
The total cost of security controls should:
Smith, the project manager for a larger multi-location firm, is leading a software project team that has 18
members, 5 of which are assigned to testing. Due to recent recommendations by an organizational quality audit
team, the project manager is convinced to add a quality professional to lead to test team at additional cost to
the project.
The project manager is aware of the importance of communication for the success of the project and takes the
step of introducing additional communication channels, making it more complex, in order to assure quality
levels of the project. What will be the first project management document that Smith should change in order to
accommodate additional communication channels?
Which of the following terms is used to describe countermeasures implemented to minimize risks to physical
property, information, and computing systems?
Annual Loss Expectancy is derived from the function of which two factors?
If a Virtual Machine’s (VM) data is being replicated and that data is corrupted, this corruption will automatically
be replicated to the other machine(s). What would be the BEST control to safeguard data integrity?
Which of the following is the MOST important reason for performing assessments of the security portfolio?
SCENARIO: A CISO has several two-factor authentication systems under review and selects the one that is most sufficient and least costly. The implementation project planning is completed and the teams are ready to implement the solution. The CISO then discovers that the product it is not as scalable as originally thought and will not fit the organization’s needs.
What is the MOST logical course of action the CISO should take?
Scenario: An organization has made a decision to address Information Security formally and consistently by adopting established best practices and industry standards. The organization is a small retail merchant but it is expected to grow to a global customer base of many millions of customers in just a few years.
This global retail company is expected to accept credit card payments. Which of the following is of MOST concern when defining a security program for this organization?
When entering into a third party vendor agreement for security services, at what point in the process is it BEST to understand and validate the security posture and compliance level of the vendor?
An example of professional unethical behavior is:
Which of the following is the MOST important component of any change management process?
As the CISO for your company you are accountable for the protection of information resources commensurate with:
An international organization is planning a project to implement encryption technologies to protect company confidential information. This organization has data centers on three continents. Which of the following would be considered a MAJOR constraint for the project?
Which of the following is MOST beneficial in determining an appropriate balance between uncontrolled innovation and excessive caution in an organization?
A CISO decides to analyze the IT infrastructure to ensure security solutions adhere to the concepts of how hardware and software is implemented and managed within the organization. Which of the following principles does this best demonstrate?
When managing the critical path of an IT security project, which of the following is MOST important?
Which of the following represents the BEST method for obtaining business unit acceptance of security controls within an organization?
When selecting a security solution with reoccurring maintenance costs after the first year, the CISO should: (choose the BEST answer)
Which business stakeholder is accountable for the integrity of a new information system?
A CISO sees abnormally high volumes of exceptions to security requirements and constant pressure from business units to change security processes. Which of the following represents the MOST LIKELY cause of this situation?
Which of the following tests is an IS auditor performing when a sample of programs is selected to determine if the source and object versions are the same?
An employee successfully avoids becoming a victim of a sophisticated spear phishing attack due to knowledge gained through the corporate information security awareness program. What type of control has been effectively utilized?
The MOST common method to get an unbiased measurement of the effectiveness of an Information Security Management System (ISMS) is to
Your IT auditor is reviewing significant events from the previous year and has identified some procedural oversights. Which of the following would be the MOST concerning?
When a critical vulnerability has been discovered on production systems and needs to be fixed immediately, what is the BEST approach for a CISO to mitigate the vulnerability under tight budget constraints?
You work as a project manager for TYU project. You are planning for risk mitigation. You need to quickly identify high-level risks that will need a more in-depth analysis. Which of the following activities will help you in this?
The implementation of anti-malware and anti-phishing controls on centralized email servers is an example of what type of security control?