You are a security consultant. A large enterprise customer hires you to ensure that their security operations are following industry standard control frameworks. For this project, the customer wants you to focus on technology solutions that will discourage malicious activities. Which type of control framework should you focus on?
[ ] Preventative
[ ] Deterrent
[ ] Detective
[ ] Corrective
[ ] Assessment
You are performing a risk analysis for an internet service provider (ISP) that has thousands of customers on its broadband network. Over the past 5 years, some customers have been compromised or experienced data breaches. The ISP has a large amount of monitoring and log data for all customers. You need to figure out the chances of additional customers experiencing a security incident based on that data. Which type of approach should you use for the risk analysis?
[ ] Qualitative
[ ] Quantitative
[ ] STRIDE
[ ] Reduction
[ ] Market
You are working on a business continuity project for a company that generates a large amount of content each day for use in social networks. Your team establishes 4 hours as the maximum tolerable data loss in a disaster recovery or business continuity event. In which part of the business continuity plan should you document this?
[ ] Recovery time objective (RTO)
[ ] Recovery point objective (RPO)
[ ] Maximum tolerable downtime (MTD)
[ ] Maximum data tolerance (MDT)
You are performing a security audit for a customer. During the audit, you find several instances of users gaining access to data without going through a formal access approval process. As part of the remediation, you recommend establishing a formal access approval process. Which role should you list to approve policies that dictate which users can gain access to data?
[ ] Data creator
[ ] Data processor
[ ] Data custodian
[ ] Data owner
[ ] System owner
Your organization has a goal to maximize the protection of organizational data. You need to recommend 3 methods to minimize data remanence in the organization. Which 3 of the following methods should you recommend?
(Select 3)
[ ] Formatting volumes
[ ] Overwriting of data
[ ] Data encryption
[ ] Degaussing
[ ] Physical destruction
You are preparing to build a hybrid cloud environment for your organization. Three vendors present their proposed solution. Which methodology should your team use to select the best solution?
[ ] Standards selection
[ ] Standards deviation
[ ] Vendor screening
[ ] Vendor reviewing
You are a security consultant tasked with reviewing a company’s security model. The current model has the following characteristics:
- It establishes confidentiality such that people cannot read access classified at a higher level than their clearance.
- It forbids users with a specific clearance from writing data to a document with a lower clearance level.
You note that the current model does not account for somebody with a low clearance level from writing data to a document classified at a higher level than their clearance. You need to implement a model to mitigate this. Which of the following security tenets should the new model focus on?
[ ] Availability
[ ] Governance
[ ] Integrity
[ ] Due diligence
[ ] Due care
You are documenting the attempted attacks on your organization’s IT systems. The top type of attack was injection attacks. Which definition should you use to describe an injection attack?
[ ] Overloading a system or network
[ ] Plugging in infected portable hard drives
[ ] Capturing packets on a network
[ ] Providing invalid input
[ ] Intercepting and altering network communications
You are designing a public key infrastructure for your organization. The organization has issued the following requirements for the PKI:
- Maximize security of the PKI architecture
- Maximize the flexibility of the PKI architecture
You need to choose a PKI design to meet the requirements. Which design should you choose?
[ ] A two-tier hierarchy with an offline root CA being in the first tier and issuing CAs in the second tier
[ ] A two-tier hierarchy with an online root CA being in the first tier and issuing CAs in the second tier
[ ] A three-tier hierarchy with an offline root CA being in the first tier, offline policy CAs being in the second tier, and issuing CAs being in the third tier
[ ] A three-tier hierarchy with an offline root CA being in the first tier, online policy CAs being in the second tier, and issuing CAs being in the third tier
You are troubleshooting some anomalies with network communication on your network. You notice that some communication isn’t taking the expected or most efficient route to the destination. Which layer of the OSI model you should troubleshoot?
[ ] Layer 2
[ ] Layer 3
[ ] Layer 4
[ ] Layer 5
[ ] Layer 7
A wireless network has a single access point and two clients. One client is on the south side of the building toward the edge of the network. The other client is on the north side of the building, also toward the edge of the network. The clients are too far from each other to see each other. In this scenario, which technology can be used to avoid collisions?
[ ] Collision detection
[ ] Collision avoidance
[ ] Channel service unit
[ ] Data service unit
Your company uses VoIP for internal telephone calls. You are deploying a new intrusion detection system and need to capture traffic related to internal telephone calls only. Which protocol should you capture?
[ ] H.264
[ ] DNS
[ ] H.263
[ ] HTTPS
[ ] SIP
You are implementing a multi-factor authentication solution. As part of the design, you are capturing the three authentication factors. What are they?
(Select 3)
[ ] Something you make
[ ] Something you know
[ ] Something you have
[ ] Something you need
[ ] Something you are
[ ] Something you do
Your company is rapidly expanding its public cloud footprint, especially with Infrastructure as a Service (IaaS), and wants to update its authentication solution to enable users to be authenticated to services in the cloud that are yet to be specified. The company issues the following requirements:
- Minimize the infrastructure required for the authentication.
- Rapidly deploy the solution.
- Minimize the overhead of managing the solution.
You need to choose the authentication solution for the company. Which solution should you choose?
[ ] A federated identity solution
[ ] A cloud-based identity service
[ ] A multi-factor authentication solution
[ ] A third-party identity service
A user reports that they cannot gain access to a shared folder. You investigate and find the following information:
- Neither the user nor any groups the user is a member of have been granted permissions to the folder.
- Other users and groups have been granted permissions to the folder.
- Another IT person on your team reports that he updated the permissions on the folder recently.
Based on the information in this scenario, which type of access control is in use?
[ ] RBAC
[ ] Rule-based access control
[ ] MAC
[ ] DAC
Your company recently implemented a pre-release version of a new email application. The company wants to perform testing against the application and has issued the following requirements:
- Testers must test all aspects of the email application.
- Testers must not have any knowledge of the new e-mail environment.
Which type of testing should you use to meet the company requirements?
[ ] White box testing
[ ] Black box testing
[ ] Negative testing
[ ] Static testing
[ ] Dynamic testing
You are working with your company to validate assessment and audit strategies. The immediate goal is to ensure that all auditors are following the processes and procedures defined by the company’s audit policies. Which type of audit should you use for this scenario?
[ ] Internal
[ ] External
[ ] Third-party
[ ] Hybrid
Your company is planning to perform some security control testing. The following requirements have been established:
- The team must try to bypass controls in the systems.
- The team can use technical methods or non-technical methods in attempting to bypass controls.
Which type of testing should you perform to meet the requirements?
[ ] Vulnerability assessment testing
[ ] Penetration testing
[ ] Synthetic transaction testing
[ ] Misuse case testing
You are conducting an analysis of a compromised computer. You figure out that the computer had all known security patches applied prior to the computer being compromised. Which two of the following statements are probably true about this incident?
[ ] The company has a zero-day vulnerability.
[ ] The company was compromised by a zero-day exploit.
[ ] The computer does not have a configuration management agent.
[ ] The computer does not have anti-malware.
You are investigating poor performance of a company’s telephone system. The company uses IP-based phones and reports that in some scenarios, such as when there is heavy use, the call quality drops and there are sometimes lags or muffling. You need to maximize the performance of the telephone system. Which technology should you use?
[ ] System resilience
[ ] Quality of service
[ ] Fault tolerance
[ ] Whitelisting
[ ] Blacklisting
[ ] Configuration management
You are preparing your company for disaster recovery. The company issues the following requirements for disaster recovery testing:
- The company must have the ability to restore and recover to an alternate data center.
- Restore and recovery operations must not impact your data center.
- IT teams must perform recovery steps during testing.
Which type of recovery should you use to meet the company’s requirements?
[ ] Partial interruption
[ ] Tabletop
[ ] Full interruption
[ ] Parallel
You are a software development manager starting a new development project. You want to focus the development process around user stories. The development process must be efficient and have multiple iterations as changes and requirements are discovered. Which development methodology should you use?
[ ] Agile
[ ] Waterfall
[ ] Spiral
[ ] Rapid application development
You are in the early stages of the development lifecycle and creating design requirements. The application will contain several forms that allow users to enter information to be saved in a database. The forms should require users to submit up to 200 alphanumeric characters, but should prevent certain strings. What should you perform on the text fields?
[ ] Input validation
[ ] Unit testing
[ ] Prototyping
[ ] Buffer regression
You plan on creating an artificial intelligence application that is based on constraints and an end goal. What generation language should you use for the development process?
[ ] Generation 2
[ ] Generation 3
[ ] Generation 4
[ ] Generation 5