Special Black Friday Discount Limited Time 65% Offer - Ends in 0d 00h 00m 00s - Coupon code: netdisc

ISC CISSP Certified Information Systems Security Professional (CISSP) Exam Practice Test

Page: 1 / 99
Total 994 questions

Certified Information Systems Security Professional (CISSP) Questions and Answers

Question 1

The configuration management and control task of the certification and accreditation process is incorporated in which phase of the System Development Life Cycle (SDLC)?

Options:

A.

System acquisition and development

B.

System operations and maintenance

C.

System initiation

D.

System implementation

Question 2

Which of the following is a web application control that should be put into place to prevent exploitation of Operating System (OS) bugs?

Options:

A.

Check arguments in function calls

B.

Test for the security patch level of the environment

C.

Include logging functions

D.

Digitally sign each application module

Question 3

When in the Software Development Life Cycle (SDLC) MUST software security functional requirements be defined?

Options:

A.

After the system preliminary design has been developed and the data security categorization has been performed

B.

After the vulnerability analysis has been performed and before the system detailed design begins

C.

After the system preliminary design has been developed and before the data security categorization begins

D.

After the business functional analysis and the data security categorization have been performed

Question 4

A Java program is being developed to read a file from computer A and write it to computer B, using a third computer C. The program is not working as expected. What is the MOST probable security feature of Java preventing the program from operating as intended?

Options:

A.

Least privilege

B.

Privilege escalation

C.

Defense in depth

D.

Privilege bracketing

Question 5

What is the BEST approach to addressing security issues in legacy web applications?

Options:

A.

Debug the security issues

B.

Migrate to newer, supported applications where possible

C.

Conduct a security assessment

D.

Protect the legacy application with a web application firewall

Question 6

Which of the following is the PRIMARY risk with using open source software in a commercial software construction?

Options:

A.

Lack of software documentation

B.

License agreements requiring release of modified code

C.

Expiration of the license agreement

D.

Costs associated with support of the software

Question 7

Which of the following is the BEST method to prevent malware from being introduced into a production environment?

Options:

A.

Purchase software from a limited list of retailers

B.

Verify the hash key or certificate key of all updates

C.

Do not permit programs, patches, or updates from the Internet

D.

Test all new software in a segregated environment

Question 8

The use of strong authentication, the encryption of Personally Identifiable Information (PII) on database servers, application security reviews, and the encryption of data transmitted across networks provide

Options:

A.

data integrity.

B.

defense in depth.

C.

data availability.

D.

non-repudiation.

Question 9

Multi-threaded applications are more at risk than single-threaded applications to

Options:

A.

race conditions.

B.

virus infection.

C.

packet sniffing.

D.

database injection.

Question 10

Which of the following MUST be part of a contract to support electronic discovery of data stored in a cloud environment?

Options:

A.

Integration with organizational directory services for authentication

B.

Tokenization of data

C.

Accommodation of hybrid deployment models

D.

Identification of data location

Question 11

Which of the following is a security limitation of File Transfer Protocol (FTP)?

Options:

A.

Passive FTP is not compatible with web browsers.

B.

Anonymous access is allowed.

C.

FTP uses Transmission Control Protocol (TCP) ports 20 and 21.

D.

Authentication is not encrypted.

Question 12

Intellectual property rights are PRIMARY concerned with which of the following?

Options:

A.

Owner’s ability to realize financial gain

B.

Owner’s ability to maintain copyright

C.

Right of the owner to enjoy their creation

D.

Right of the owner to control delivery method

Question 13

A company whose Information Technology (IT) services are being delivered from a Tier 4 data center, is preparing a companywide Business Continuity Planning (BCP). Which of the following failures should the IT manager be concerned with?

Options:

A.

Application

B.

Storage

C.

Power

D.

Network

Question 14

An important principle of defense in depth is that achieving information security requires a balanced focus on which PRIMARY elements?

Options:

A.

Development, testing, and deployment

B.

Prevention, detection, and remediation

C.

People, technology, and operations

D.

Certification, accreditation, and monitoring

Question 15

Which of the following actions will reduce risk to a laptop before traveling to a high risk area?

Options:

A.

Examine the device for physical tampering

B.

Implement more stringent baseline configurations

C.

Purge or re-image the hard disk drive

D.

Change access codes

Question 16

Which of the following represents the GREATEST risk to data confidentiality?

Options:

A.

Network redundancies are not implemented

B.

Security awareness training is not completed

C.

Backup tapes are generated unencrypted

D.

Users have administrative privileges

Question 17

Which of the following types of technologies would be the MOST cost-effective method to provide a reactive control for protecting personnel in public areas?

Options:

A.

Install mantraps at the building entrances

B.

Enclose the personnel entry area with polycarbonate plastic

C.

Supply a duress alarm for personnel exposed to the public

D.

Hire a guard to protect the public area

Question 18

What is the MOST important consideration from a data security perspective when an organization plans to relocate?

Options:

A.

Ensure the fire prevention and detection systems are sufficient to protect personnel

B.

Review the architectural plans to determine how many emergency exits are present

C.

Conduct a gap analysis of a new facilities against existing security requirements

D.

Revise the Disaster Recovery and Business Continuity (DR/BC) plan

Question 19

When assessing an organization’s security policy according to standards established by the International Organization for Standardization (ISO) 27001 and 27002, when can management responsibilities be defined?

Options:

A.

Only when assets are clearly defined

B.

Only when standards are defined

C.

Only when controls are put in place

D.

Only procedures are defined

Question 20

All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that

Options:

A.

determine the risk of a business interruption occurring

B.

determine the technological dependence of the business processes

C.

Identify the operational impacts of a business interruption

D.

Identify the financial impacts of a business interruption

Question 21

A Virtual Machine (VM) environment has five guest Operating Systems (OS) and provides strong isolation. What MUST an administrator review to audit a user’s access to data files?

Options:

A.

Host VM monitor audit logs

B.

Guest OS access controls

C.

Host VM access controls

D.

Guest OS audit logs

Question 22

Which of the following could cause a Denial of Service (DoS) against an authentication system?

Options:

A.

Encryption of audit logs

B.

No archiving of audit logs

C.

Hashing of audit logs

D.

Remote access audit logs

Question 23

An external attacker has compromised an organization’s network security perimeter and installed a sniffer onto an inside computer. Which of the following is the MOST effective layer of security the organization could have implemented to mitigate the attacker’s ability to gain further information?

Options:

A.

Implement packet filtering on the network firewalls

B.

Install Host Based Intrusion Detection Systems (HIDS)

C.

Require strong authentication for administrators

D.

Implement logical network segmentation at the switches

Question 24

Which of the following operates at the Network Layer of the Open System Interconnection (OSI) model?

Options:

A.

Packet filtering

B.

Port services filtering

C.

Content filtering

D.

Application access control

Question 25

An input validation and exception handling vulnerability has been discovered on a critical web-based system. Which of the following is MOST suited to quickly implement a control?

Options:

A.

Add a new rule to the application layer firewall

B.

Block access to the service

C.

Install an Intrusion Detection System (IDS)

D.

Patch the application source code

Question 26

Which of the following is used by the Point-to-Point Protocol (PPP) to determine packet formats?

Options:

A.

Layer 2 Tunneling Protocol (L2TP)

B.

Link Control Protocol (LCP)

C.

Challenge Handshake Authentication Protocol (CHAP)

D.

Packet Transfer Protocol (PTP)

Question 27

What is the purpose of an Internet Protocol (IP) spoofing attack?

Options:

A.

To send excessive amounts of data to a process, making it unpredictable

B.

To intercept network traffic without authorization

C.

To disguise the destination address from a target’s IP filtering devices

D.

To convince a system that it is communicating with a known entity

Question 28

Which of the following is the BEST network defense against unknown types of attacks or stealth attacks in progress?

Options:

A.

Intrusion Prevention Systems (IPS)

B.

Intrusion Detection Systems (IDS)

C.

Stateful firewalls

D.

Network Behavior Analysis (NBA) tools

Question 29

In a Transmission Control Protocol/Internet Protocol (TCP/IP) stack, which layer is responsible for negotiating and establishing a connection with another node?

Options:

A.

Transport layer

B.

Application layer

C.

Network layer

D.

Session layer

Question 30

Which of the following factors contributes to the weakness of Wired Equivalent Privacy (WEP) protocol?

Options:

A.

WEP uses a small range Initialization Vector (IV)

B.

WEP uses Message Digest 5 (MD5)

C.

WEP uses Diffie-Hellman

D.

WEP does not use any Initialization Vector (IV)

Question 31

At what level of the Open System Interconnection (OSI) model is data at rest on a Storage Area Network (SAN) located?

Options:

A.

Link layer

B.

Physical layer

C.

Session layer

D.

Application layer

Question 32

Which security service is served by the process of encryption plaintext with the sender’s private key and decrypting cipher text with the sender’s public key?

Options:

A.

Confidentiality

B.

Integrity

C.

Identification

D.

Availability

Question 33

Which technique can be used to make an encryption scheme more resistant to a known plaintext attack?

Options:

A.

Hashing the data before encryption

B.

Hashing the data after encryption

C.

Compressing the data after encryption

D.

Compressing the data before encryption

Question 34

Which of the following is a BEST practice when traveling internationally with laptops containing Personally Identifiable Information (PII)?

Options:

A.

Use a thumb drive to transfer information from a foreign computer.

B.

Do not take unnecessary information, including sensitive information.

C.

Connect the laptop only to well-known networks like the hotel or public Internet cafes.

D.

Request international points of contact help scan the laptop on arrival to ensure it is protected.

Question 35

Without proper signal protection, embedded systems may be prone to which type of attack?

Options:

A.

Brute force

B.

Tampering

C.

Information disclosure

D.

Denial of Service (DoS)

Question 36

What is the MOST critical factor to achieve the goals of a security program?

Options:

A.

Capabilities of security resources

B.

Executive management support

C.

Effectiveness of security management

D.

Budget approved for security resources

Question 37

Refer to the information below to answer the question.

A large organization uses unique identifiers and requires them at the start of every system session. Application access is based on job classification. The organization is subject to periodic independent reviews of access controls and violations. The organization uses wired and wireless networks and remote access. The organization also uses secure connections to branch offices and secure backup and recovery strategies for selected information and processes.

Following best practice, where should the permitted access for each department and job classification combination be specified?

Options:

A.

Security procedures

B.

Security standards

C.

Human resource policy

D.

Human resource standards

Question 38

The use of proximity card to gain access to a building is an example of what type of security control?

Options:

A.

Legal

B.

Logical

C.

Physical

D.

Procedural

Question 39

Refer to the information below to answer the question.

An organization experiencing a negative financial impact is forced to reduce budgets and the number of Information Technology (IT) operations staff performing basic logical access security administration functions. Security processes have been tightly integrated into normal IT operations and are not separate and distinct roles.

Which of the following will MOST likely allow the organization to keep risk at an acceptable level?

Options:

A.

Increasing the amount of audits performed by third parties

B.

Removing privileged accounts from operational staff

C.

Assigning privileged functions to appropriate staff

D.

Separating the security function into distinct roles

Question 40

Refer to the information below to answer the question.

A new employee is given a laptop computer with full administrator access. This employee does not have a personal computer at home and has a child that uses the computer to send and receive e-mail, search the web, and use instant messaging. The organization’s Information Technology (IT) department discovers that a peer-to-peer program has been installed on the computer using the employee's access.

Which of the following solutions would have MOST likely detected the use of peer-to-peer programs when the computer was connected to the office network?

Options:

A.

Anti-virus software

B.

Intrusion Prevention System (IPS)

C.

Anti-spyware software

D.

Integrity checking software

Question 41

Refer to the information below to answer the question.

A large, multinational organization has decided to outsource a portion of their Information Technology (IT) organization to a third-party provider’s facility. This provider will be responsible for the design, development, testing, and support of several critical, customer-based applications used by the organization.

The organization should ensure that the third party's physical security controls are in place so that they

Options:

A.

are more rigorous than the original controls.

B.

are able to limit access to sensitive information.

C.

allow access by the organization staff at any time.

D.

cannot be accessed by subcontractors of the third party.

Question 42

When is security personnel involvement in the Systems Development Life Cycle (SDLC) process MOST beneficial?

Options:

A.

Testing phase

B.

Development phase

C.

Requirements definition phase

D.

Operations and maintenance phase

Question 43

Refer to the information below to answer the question.

In a Multilevel Security (MLS) system, the following sensitivity labels are used in increasing levels of sensitivity: restricted, confidential, secret, top secret. Table A lists the clearance levels for four users, while Table B lists the security classes of four different files.

In a Bell-LaPadula system, which user cannot write to File 3?

Options:

A.

User A

B.

User B

C.

User C

D.

User D

Question 44

What is the BEST first step for determining if the appropriate security controls are in place for protecting data at rest?

Options:

A.

Identify regulatory requirements

B.

Conduct a risk assessment

C.

Determine business drivers

D.

Review the security baseline configuration

Question 45

Which of the following is the PRIMARY consideration when determining the frequency an automated control should be assessed or monitored?

Options:

A.

The complexity of the automated control

B.

The level of automation of the control

C.

The range of values of the automated control

D.

The volatility of the automated control

Question 46

What type of access control determines the authorization to resource based on pre-defined job titles within an organization?

Options:

A.

Role-Based Access Control (RBAC)

B.

Role-based access control

C.

Non-discretionary access control

D.

Discretionary Access Control (DAC)

Question 47

Digital non-repudiation requires which of the following?

Options:

A.

A trusted third-party

B.

Appropriate corporate policies

C.

Symmetric encryption

D.

Multifunction access cards

Question 48

What is the BEST way to correlate large volumes of disparate data sources in a

Security Operations Center (SOC) environment?

Options:

A.

Implement Intrusion Detection System (IDS).

B.

Implement a Security Information and Event Management (SIEM) system.

C.

Hire a team of analysts to consolidate data and generate reports.

D.

Outsource the management of the SOC.

Question 49

Match the level of evaluation to the correct common criteria (CC) assurance level.

Drag each level of evaluation on the left to is corresponding CC assurance level on the right

Options:

Question 50

Which of the following types of data would be MOST difficult to detect by a forensic examiner?

Options:

A.

Slack space data

B.

Steganographic data

C.

File system deleted data

D.

Data stored with a different file type extension

Question 51

Which of the following is MOST important when determining appropriate countermeasures for an identified risk?

Options:

A.

Interaction with existing controls

B.

Cost

C.

Organizational risk tolerance

D.

Patch availability

Question 52

In Identity Management (IdM), when is the verification stage performed?

Options:

A.

As part of system sign-on

B.

Before creation of the identity

C.

After revocation of the identity

D.

During authorization of the identity

Question 53

Limiting the processor, memory, and Input/output (I/O) capabilities of mobile code is known as

Options:

A.

code restriction.

B.

on-demand compile.

C.

sandboxing.

D.

compartmentalization.

Question 54

Which of the following is the MOST secure password technique?

Options:

A.

Passphrase

B.

One-time password

C.

Cognitive password

D.

dphertext

Question 55

A security professional is assessing the risk in an application and does not take into account any mitigating or compensating controls. This type of risk rating is an example of which of the following?

Options:

A.

Transferred risk

B.

Inherent risk

C.

Residual risk

D.

Avoided risk

Question 56

What is the BEST approach for controlling access to highly sensitive information when employees have the same level of security clearance?

Options:

A.

Audit logs

B.

Role-Based Access Control (RBAC)

C.

Two-factor authentication

D.

Application of least privilege

Question 57

A manufacturing organization wants to establish a Federated Identity Management (FIM) system with its 20 different supplier companies. Which of the following is the BEST solution for the manufacturing organization?

Options:

A.

Trusted third-party certification

B.

Lightweight Directory Access Protocol (LDAP)

C.

Security Assertion Markup language (SAML)

D.

Cross-certification

Question 58

Users require access rights that allow them to view the average salary of groups of employees. Which control would prevent the users from obtaining an individual employee’s salary?

Options:

A.

Limit access to predefined queries

B.

Segregate the database into a small number of partitions each with a separate security level

C.

Implement Role Based Access Control (RBAC)

D.

Reduce the number of people who have access to the system for statistical purposes

Question 59

Which of the following BEST describes an access control method utilizing cryptographic keys derived from a smart card private key that is embedded within mobile devices?

Options:

A.

Derived credential

B.

Temporary security credential

C.

Mobile device credentialing service

D.

Digest authentication

Question 60

An organization has doubled in size due to a rapid market share increase. The size of the Information Technology (IT) staff has maintained pace with this growth. The organization hires several contractors whose onsite time is limited. The IT department has pushed its limits building servers and rolling out workstations and has a backlog of account management requests.

Which contract is BEST in offloading the task from the IT staff?

Options:

A.

Platform as a Service (PaaS)

B.

Identity as a Service (IDaaS)

C.

Desktop as a Service (DaaS)

D.

Software as a Service (SaaS)

Question 61

Which of the following is an initial consideration when developing an information security management system?

Options:

A.

Identify the contractual security obligations that apply to the organizations

B.

Understand the value of the information assets

C.

Identify the level of residual risk that is tolerable to management

D.

Identify relevant legislative and regulatory compliance requirements

Question 62

Which one of the following affects the classification of data?

Options:

A.

Assigned security label

B.

Multilevel Security (MLS) architecture

C.

Minimum query size

D.

Passage of time

Question 63

In a data classification scheme, the data is owned by the

Options:

A.

system security managers

B.

business managers

C.

Information Technology (IT) managers

D.

end users

Question 64

Which of the following is an effective control in preventing electronic cloning of Radio Frequency Identification (RFID) based access cards?

Options:

A.

Personal Identity Verification (PIV)

B.

Cardholder Unique Identifier (CHUID) authentication

C.

Physical Access Control System (PACS) repeated attempt detection

D.

Asymmetric Card Authentication Key (CAK) challenge-response

Question 65

Which of the following BEST describes the responsibilities of a data owner?

Options:

A.

Ensuring quality and validation through periodic audits for ongoing data integrity

B.

Maintaining fundamental data availability, including data storage and archiving

C.

Ensuring accessibility to appropriate users, maintaining appropriate levels of data security

D.

Determining the impact the information has on the mission of the organization

Question 66

When implementing a data classification program, why is it important to avoid too much granularity?

Options:

A.

The process will require too many resources

B.

It will be difficult to apply to both hardware and software

C.

It will be difficult to assign ownership to the data

D.

The process will be perceived as having value

Question 67

When developing a business case for updating a security program, the security program owner MUST do

which of the following?

Options:

A.

Identify relevant metrics

B.

Prepare performance test reports

C.

Obtain resources for the security program

D.

Interview executive management

Question 68

Which of the following is MOST effective in detecting information hiding in Transmission Control Protocol/internet Protocol (TCP/IP) traffic?

Options:

A.

Stateful inspection firewall

B.

Application-level firewall

C.

Content-filtering proxy

D.

Packet-filter firewall

Question 69

What is the MAIN purpose of a change management policy?

Options:

A.

To assure management that changes to the Information Technology (IT) infrastructure are necessary

B.

To identify the changes that may be made to the Information Technology (IT) infrastructure

C.

To verify that changes to the Information Technology (IT) infrastructure are approved

D.

To determine the necessary for implementing modifications to the Information Technology (IT)

infrastructure

Question 70

Mandatory Access Controls (MAC) are based on:

Options:

A.

security classification and security clearance

B.

data segmentation and data classification

C.

data labels and user access permissions

D.

user roles and data encryption

Question 71

Which of the following is a characteristic of an internal audit?

Options:

A.

An internal audit is typically shorter in duration than an external audit.

B.

The internal audit schedule is published to the organization well in advance.

C.

The internal auditor reports to the Information Technology (IT) department

D.

Management is responsible for reading and acting upon the internal audit results

Question 72

A post-implementation review has identified that the Voice Over Internet Protocol (VoIP) system was designed

to have gratuitous Address Resolution Protocol (ARP) disabled.

Why did the network architect likely design the VoIP system with gratuitous ARP disabled?

Options:

A.

Gratuitous ARP requires the use of Virtual Local Area Network (VLAN) 1.

B.

Gratuitous ARP requires the use of insecure layer 3 protocols.

C.

Gratuitous ARP requires the likelihood of a successful brute-force attack on the phone.

D.

Gratuitous ARP requires the risk of a Man-in-the-Middle (MITM) attack.

Question 73

The security accreditation task of the System Development Life Cycle (SDLC) process is completed at the end of which phase?

Options:

A.

System acquisition and development

B.

System operations and maintenance

C.

System initiation

D.

System implementation

Question 74

As part of an application penetration testing process, session hijacking can BEST be achieved by which of the following?

Options:

A.

Known-plaintext attack

B.

Denial of Service (DoS)

C.

Cookie manipulation

D.

Structured Query Language (SQL) injection

Question 75

Which of the following is the GREATEST benefit of implementing a Role Based Access Control (RBAC)

system?

Options:

A.

Integration using Lightweight Directory Access Protocol (LDAP)

B.

Form-based user registration process

C.

Integration with the organizations Human Resources (HR) system

D.

A considerably simpler provisioning process

Question 76

What is the PRIMARY goal of fault tolerance?

Options:

A.

Elimination of single point of failure

B.

Isolation using a sandbox

C.

Single point of repair

D.

Containment to prevent propagation

Question 77

Which of the following is considered a secure coding practice?

Options:

A.

Use concurrent access for shared variables and resources

B.

Use checksums to verify the integrity of libraries

C.

Use new code for common tasks

D.

Use dynamic execution functions to pass user supplied data

Question 78

What is the MOST important step during forensic analysis when trying to learn the purpose of an unknown application?

Options:

A.

Disable all unnecessary services

B.

Ensure chain of custody

C.

Prepare another backup of the system

D.

Isolate the system from the network

Question 79

When is a Business Continuity Plan (BCP) considered to be valid?

Options:

A.

When it has been validated by the Business Continuity (BC) manager

B.

When it has been validated by the board of directors

C.

When it has been validated by all threat scenarios

D.

When it has been validated by realistic exercises

Question 80

What should be the FIRST action to protect the chain of evidence when a desktop computer is involved?

Options:

A.

Take the computer to a forensic lab

B.

Make a copy of the hard drive

C.

Start documenting

D.

Turn off the computer

Question 81

Which of the following types of business continuity tests includes assessment of resilience to internal and external risks without endangering live operations?

Options:

A.

Walkthrough

B.

Simulation

C.

Parallel

D.

White box

Question 82

A continuous information security monitoring program can BEST reduce risk through which of the following?

Options:

A.

Collecting security events and correlating them to identify anomalies

B.

Facilitating system-wide visibility into the activities of critical user accounts

C.

Encompassing people, process, and technology

D.

Logging both scheduled and unscheduled system changes

Question 83

Recovery strategies of a Disaster Recovery planning (DRIP) MUST be aligned with which of the following?

Options:

A.

Hardware and software compatibility issues

B.

Applications’ critically and downtime tolerance

C.

Budget constraints and requirements

D.

Cost/benefit analysis and business objectives

Question 84

A Business Continuity Plan/Disaster Recovery Plan (BCP/DRP) will provide which of the following?

Options:

A.

Guaranteed recovery of all business functions

B.

Minimization of the need decision making during a crisis

C.

Insurance against litigation following a disaster

D.

Protection from loss of organization resources

Question 85

Which of the following is the FIRST step in the incident response process?

Options:

A.

Determine the cause of the incident

B.

Disconnect the system involved from the network

C.

Isolate and contain the system involved

D.

Investigate all symptoms to confirm the incident

Question 86

An organization is found lacking the ability to properly establish performance indicators for its Web hosting solution during an audit. What would be the MOST probable cause?

Options:

A.

Absence of a Business Intelligence (BI) solution

B.

Inadequate cost modeling

C.

Improper deployment of the Service-Oriented Architecture (SOA)

D.

Insufficient Service Level Agreement (SLA)

Question 87

What would be the MOST cost effective solution for a Disaster Recovery (DR) site given that the organization’s systems cannot be unavailable for more than 24 hours?

Options:

A.

Warm site

B.

Hot site

C.

Mirror site

D.

Cold site

Question 88

Which of the following is a PRIMARY advantage of using a third-party identity service?

Options:

A.

Consolidation of multiple providers

B.

Directory synchronization

C.

Web based logon

D.

Automated account management

Question 89

What security risk does the role-based access approach mitigate MOST effectively?

Options:

A.

Excessive access rights to systems and data

B.

Segregation of duties conflicts within business applications

C.

Lack of system administrator activity monitoring

D.

Inappropriate access requests

Question 90

Which of the following types of security testing is the MOST effective in providing a better indication of the everyday security challenges of an organization when performing a security risk assessment?

Options:

A.

External

B.

Overt

C.

Internal

D.

Covert

Question 91

Which of the following is the MOST important element of change management documentation?

Options:

A.

List of components involved

B.

Number of changes being made

C.

Business case justification

D.

A stakeholder communication

Question 92

Which methodology is recommended for penetration testing to be effective in the development phase of the life-cycle process?

Options:

A.

White-box testing

B.

Software fuzz testing

C.

Black-box testing

D.

Visual testing

Question 93

Which of the following BEST avoids data remanence disclosure for cloud hosted resources?

Options:

A.

Strong encryption and deletion of the keys after data is deleted.

B.

Strong encryption and deletion of the virtual host after data is deleted.

C.

Software based encryption with two factor authentication.

D.

Hardware based encryption on dedicated physical servers.

Question 94

In which order, from MOST to LEAST impacted, does user awareness training reduce the occurrence of the events below?

Options:

Question 95

Which Web Services Security (WS-Security) specification negotiates how security tokens will be issued, renewed and validated? Click on the correct specification in the image below.

Options:

Question 96

Which Web Services Security (WS-Security) specification handles the management of security tokens and the underlying policies for granting access? Click on the correct specification in the image below.

Options:

Question 97

Which of the following analyses is performed to protect information assets?

Options:

A.

Business impact analysis

B.

Feasibility analysis

C.

Cost benefit analysis

D.

Data analysis

Question 98

Disaster Recovery Plan (DRP) training material should be

Options:

A.

consistent so that all audiences receive the same training.

B.

stored in a fire proof safe to ensure availability when needed.

C.

only delivered in paper format.

D.

presented in a professional looking manner.

Question 99

What is an important characteristic of Role Based Access Control (RBAC)?

Options:

A.

Supports Mandatory Access Control (MAC)

B.

Simplifies the management of access rights

C.

Relies on rotation of duties

D.

Requires two factor authentication

Question 100

During the Security Assessment and Authorization process, what is the PRIMARY purpose for conducting a hardware and software inventory?

Options:

A.

Calculate the value of assets being accredited.

B.

Create a list to include in the Security Assessment and Authorization package.

C.

Identify obsolete hardware and software.

D.

Define the boundaries of the information system.

Question 101

When writing security assessment procedures, what is the MAIN purpose of the test outputs and reports?

Options:

A.

To force the software to fail and document the process

B.

To find areas of compromise in confidentiality and integrity

C.

To allow for objective pass or fail decisions

D.

To identify malware or hidden code within the test results

Question 102

In configuration management, what baseline configuration information MUST be maintained for each computer system?

Options:

A.

Operating system and version, patch level, applications running, and versions.

B.

List of system changes, test reports, and change approvals

C.

Last vulnerability assessment report and initial risk assessment report

D.

Date of last update, test report, and accreditation certificate

Question 103

Which technology is a prerequisite for populating the cloud-based directory in a federated identity solution?

Options:

A.

Notification tool

B.

Message queuing tool

C.

Security token tool

D.

Synchronization tool

Question 104

Which of the following are effective countermeasures against passive network-layer attacks?

Options:

A.

Federated security and authenticated access controls

B.

Trusted software development and run time integrity controls

C.

Encryption and security enabled applications

D.

Enclave boundary protection and computing environment defense

Question 105

Which Radio Frequency Interference (RFI) phenomenon associated with bundled cable runs can create information leakage?

Options:

A.

Transference

B.

Covert channel

C.

Bleeding

D.

Cross-talk

Question 106

Which of the following is BEST suited for exchanging authentication and authorization messages in a multi-party decentralized environment?

Options:

A.

Lightweight Directory Access Protocol (LDAP)

B.

Security Assertion Markup Language (SAML)

C.

Internet Mail Access Protocol

D.

Transport Layer Security (TLS)

Question 107

Which of the following is the PRIMARY reason to perform regular vulnerability scanning of an organization network?

Options:

A.

Provide vulnerability reports to management.

B.

Validate vulnerability remediation activities.

C.

Prevent attackers from discovering vulnerabilities.

D.

Remediate known vulnerabilities.

Question 108

From a cryptographic perspective, the service of non-repudiation includes which of the following features?

Options:

A.

Validity of digital certificates

B.

Validity of the authorization rules

C.

Proof of authenticity of the message

D.

Proof of integrity of the message

Question 109

Which of the following countermeasures is the MOST effective in defending against a social engineering attack?

Options:

A.

Mandating security policy acceptance

B.

Changing individual behavior

C.

Evaluating security awareness training

D.

Filtering malicious e-mail content

Question 110

The goal of a Business Impact Analysis (BIA) is to determine which of the following?

Options:

A.

Cost effectiveness of business recovery

B.

Cost effectiveness of installing software security patches

C.

Resource priorities for recovery and Maximum Tolerable Downtime (MTD)

D.

Which security measures should be implemented

Page: 1 / 99
Total 994 questions