SU Practice exam bank Flashcards
(Random Partial Bank) 1 - An updated security system is being considered for implementation to your company’s building. The system will allow employees access to the work area and various locked rooms while preventing others from entering. The system needs to be configured in such a way that doors will automatically unlock when employees are half a foot away. Which security feature would best meet these needs?
A. Electronic combination lock
B. Combination lock
C. Magnetic stripe card
D. Proximity card
D
2 - What Common Criteria assurance level is the first to require that the product is formally verified, designed, and tested?
A. EAL6
B. EAL5
C. EAL7
D. EAL4
C
3 – Using an access card to access specific rooms within a building is an example of which factor of the three-factor authentication method?
A. Something you know
B. Something you use
C. Something you are
D. Something you have
D
4 – Which cipher is most susceptible to frequency analysis attacks?
A. Polyalphabetic Substitution Cipher
B. Caesar Cipher
C. Running Key Cipher
D. Transposition Cipher
B
5 – Before the recovery strategies from the Disaster Recovery Plan (DRP) are put into action, an event is triggered that starts the event management process.
4
6 – What does the term “trusted computing base” best address?
A. The level of communication a system provides
B. The level of security a system provides
C. The level of application portability a system provides
D. The level of trust a system provides
D
7- What can you use to determine whether an information security program is on track and on budget?
A. Operational metrics
B. Strategic metrics
C. Management metrics
D. Technical metrics
B
8 – There are various threats that directly affect your operations environment. It is important that your environment is protected against these threats. You should be aware that these threats all map to the information security triad. Which threats will be directly related to the integrity component of the information security triad?
A. Destruction and theft
B. Interruption and disclosure
C. Corruption and modification
D. Disclosure and corruption
C
9 – What would be the least effective method to prevent an intruder from gaining access to a facility?
A. Guard dogs
B. CCTV
C. Smartcards
D. A fence
B
10 – Your Remote Access Server (RAS) modems are currently configured to answer incoming connections after two rings. After reviewing your current RAS logs, you have noticed multiple attempts to gain access to your network through your modems by unauthorized external users. It appears that the users are using a method of wardialing to locate your modems. What should you do to lower the success rate of wardialing attempts on your network?
A. Disable all modems that are not required for incoming calls.
B. Change the phone numbers for the modems within the RAS server
C. Decrease the number of rings that will occur before the RAS server answers an incoming call.
D. Increase the number of rings that will occur before the RAS server answers an incoming call.
D
11 – Which of the following is an example of a brute force attack?
A. A program that covers up the login screen and captures the values once they are inputted by the user
B. A program that sniffs the network and captures packets
C. A program that uses a pre-defined list of values and compares it to captured values
D. A Program that uses ever possible input combination to try to determine the correct value
D
12 – Which access control model makes use of ACLs?
A. Mandatory access control
B. Discretionary access control
C. Nondiscretionary access control
D. Role-based access control
B
13 – Which statement best describes a properly implemented incident handling program?
A. Incident handling should be part of the disaster recovery plan
B. Incident handling should be part of the business continuity plan
C. Incident handling should be approached in a reactive manner.
D. Incident reporting should be decentralized
A
15 – A BCP team determines the scope of the plan, creates a timeline, and prepares a policy statement that all department managers will sign. What other important step for initiating the project must the team perform?
A. Consider the legal regulations that apply to the industry in particular.
B. Conduct a business impact analysis (BIA).
C. Obtain senior management support for the project.
D. List the assets that the company has and their replacement values.
C
16 – During the recovery strategy planning phase, there are various items that you will have to review and create a recovery strategy for. Which resource is commonly overlooked during the recovery strategies planning phase?
A. Human resources
B. Data and voice equipment
C. Computer and network equipment
D. Environmental issues
A
17 – You need to implement a method of verifying that only authorized individuals are able to gain access to a restricted section of your facility. You need to implement an automated system that ensures every person is individually identified and authorized before they are permitted to enter. What authentication methods would best suit your needs?
A. Mantrap
B. An annuciator capable system
C. Security guards
D. Smart lock
A
18 – What best describes an information protection environment?
A. An environment for software security that encompasses all software used in an organization
B. An environment for operations security that encompasses all computing resources in an organization
C. Audits, logs, policies, and procedures used to track user activities throughout the organization
D. An environment for hardware security that encompasses all dedicated hardware in an organization
B
19 – What law protects company logos from illegal duplication?
A. Copyright
B. Patent
C. Trademark
D. Trade Secret
C
20 – Data remanence refers to the residual physical representation of data that has been removed from storage media. What is not a common method used to remove data from media before it is discarded?
A. Overwriting
B. Degausing
C. Destroying
D. Clearing
D
21 – (ISC)2 requires CISSPs to commit to fully supporting the Code of Ethics. Identify one of the mandatory canons in the CISSP Code of Ethics.
A. Thou shalt not use a computer to steal.
B. Provide diligent and competent service to principals
C. I will not misuse any information or privileges I am afforded as part of my responsibilities
D. Discharge professional responsibilities with diligence and honesty.
B
22 – The OSI model is divided into seven different layers. At which of the seven layers are you most likely to find a router?
A. Layer 3
B. Layer 1
C. Layer 2
D. Layer 7
A
23 – Which methodological framework categorizes IT processes and activities into four domains for governance?
A. COSO
B. ITIL
C. ISO 27000
D. COBIT version 4.1
D
24 – Which attack involves sending malformed packets to a system in order to cause it to crash or end processing?
A. SYN flood attack
B. Smurf attack
C. Denial of Service (DoS) attack
D. Fraggle attack
C
25 – Which type of lock provides the least amount of security?
A. Electronic combination lock
B. Smart lock
C. Warded lock
D. Tumbler lock
C
26 – IPSec is able to work in two different modes, Tunnel mode and Transport mode. Which is true in regards to protection with Tunnel mode?
A. Only the header information is protected.
B. Only the header and trailer information are protected.
C. The payload as well as the header and trailer information is protected.
D. Only the payload of the message is protected.
C
27 – What is an example of a deterrent control?
A. Smart cards
B. Security policies
C. Fences
D. Audit logs
C
28 – The integrity of data within a database can be protected by different types of operations. Which type of operation can be used when a complete database failure occurs?
A. Rollback
B. Inference
C. Savepoint
D. Commit
C
29 – Management has approached you and would like you to explain how they can possibly prevent collusion within the organization. What should you tell them?
A. Force employees to take mandatory vacations.
B. Implement separation of duties.
C. Implement the rule of least privilege.
D. Implement job rotation.
D
30 – What is the first level in the Orange Book that requires users to be individually identified and accountable for their actions?
A. C2
B. B2
C. C1
D. B1
A
31 – Which of the following are characteristics of quantitative risk analysis and qualitative risk analysis?
A. Uses a lot of educated guesses
B. Does not take into consideration cost/benefit analysis
C. Requires calculations
D. Presents yearly losses
E. Opinions are provided by process experts
Quantitative Risk Analysis: C, D
Qualitative risk analysis: A, E, and B
32 – Which statement best describes the Business Continuity Planning (BCP) recovery strategies?
A. They are predefined activities that will be used when a disaster strikes.
B. They are measures put into place to help reduce the likelihood of a disaster.
C. They are predefined activities that will be used to prevent a disaster from occurring.
D. They are measures put into place to help detect when a disaster strikes.
A
33 – Which is not a term that is used to identify the type of response an operating system will take when a failure occurs?
A. Emergency system restart
B. System reboot
C. System cold start
D. Warm reboot
D
34 – What is considered the appropriate height for a fence to deter a determined intruder?
A. Three to four feet high
B. Six to seven feet high
C. Eight feet high
D. One to two feet high
C
35 – A one-time pad is one of the most powerful substitution ciphers. What must be true order to maintain the integrity of the algorithm for the one-time pad?
A. Physical protection against disclosure for the one-time pad should be considered.
B. The one-time pad should be used no more than three times.
C. At a minimum, the key must be as long as the message that it will be encrypting.
D. The encryption key that is used for the one-time pad must be manually created.
C
36 – What is one of the best ways to keep a Business Continuity Plan (BCP) up to date?
A. Maintain a record of any revisions made to the BCP plan.
B. Integrate the BCP plan into the change management process
C. Review the BCP plan at least once a year
D. Include maintenance responsibilities in job descriptions.
B
37 – What are the advantages and disadvantages of a warm site?
A. No certainty that the site will be up and running within hours after being fully configured
B. Partially configured
C. Less expensive to maintain than a hot site
D. Testing of the site is done on an annual basisE. Good choice for organizations requiring proprietary hardwareF. Includes computers and servers
Advantages: E, CDisadvantages: B, A
38 – What is considered a misdemeanor under the Computer Fraud and Abuse Act of 1986?
A. To gain authorized access to personal medical information
B. To use classified data for the benefit of a foreign nation
C. To disclose personal medical information
D. To gain unauthorized access to government computers
D
39 – Which method is most secure when updating routing information?
A. Static updates
B. Link-state updates
C. Dynamic updates
D. Distance-vector updates
A
40 – An attacker deleting specific incriminating information out of an audit log is referred to as what?
A. Spoofing
B. Sniffing
C. Scrubbing
D. Purging
C
41 – What is the first level in the Orange Bok that requires labeled security?
A. B2
B. C1
C. C2
D. B1
D
42 – What would be the least effective method used to secure a fax transmission?
A. Require users to encrypt their own transmissions
B. Implement a fax encryptor
C. Use a fax server on the network
D. Enable logging and auditing of fax transmissions
A
43 – Which is NOT a type of programming language?
A. High-Level
B. Assembly
C. Machine
D. Interpreter
D
44 – Which option is not classified as a presentation layer standard?
A. JPEG
B. MPEG
C. TIFF
D. HTTP
D
45 – You need to send several classified documents to one of your company’s clients. You want to implement a method of detecting any illegal copying of these classified documents. Which method could you use?
A. Steganography
B. Running key cipher
C. Watermarking
D. Code words
C
46 – What is the term that describes an understanding with another company to use their facilities in the event of a disaster?A. Mobile hot siteB. Reciprocal agreementC. Redundant siteD. Alternate off-site facility
B
47 – Which access control concept is used when operational secrecy is a major concern?
A. Compartmentalization
B. Security domain
C. Need to know
D. Least privilege
C
48 – Many attackers are never caught and successfully prosecuted. What can make identifying attackers a difficult challenge for investigators?
A. There are only a few laws that specifically address computer crimes
B. Most attacks are performed by individuals located outside of the network
C. Most companies do not use firewalls
D. Many attackers spoof their IP addresses and erase logs to cover their tracks.
D
49 – You are currently doing a comprehensive technical evaluation on the security components within your organization. What is this referred to as?
A. Affirmation
B. Certification
C. Hallmark
D. Accreditation
B
50 – Change control documentation needs to be maintained and updated on a regular basis. What reason accurately describes why?
A. For use in future employee training sessions
B. In order to share information between corporate sites
C. In order to reflect the constant change in the corporate landscape
D. To keep track of constant changes in software and hardware
D
51 – The application layer of the TCP/IP model maps to which layers of the OSI model?
A. Presentation, Session, Transport
B. Application, Session, Transport
C. Transport, Network, Data Link
D. Application, Presentation, Session
D
52 – What might a security architect use as a starting point for their design?
A. Bell-LaPadula model
B. Reference architecture
C. Access control matrix
D. Distributed data model
B
53 – The risk management framework defines six major areas of risk management. The operational risk management area is broken down further into which specific areas of risk?
A. Financial, strategic, technology
B. People process, events
C. People, credit, market
D. Process, market, events
B
54 – You work for a high tech firm that is half a kilometer away from a high school. Students have to pass by your building to get to the mail where they often eat lunch. You want to secure the building to physically prevent high school students from walking on the property and to be notified if students bypass the barrier. Part of the solution is to use a coaxial strain-sensitive cable. Which other mechanism should be implemented to BWEST meet these needs?
A. Landscaping
B. Fences
C. Bollards
D. Gates
B
55 – What is the main factor for strengthening the functions of cryptographic systems?
A. Increase in classified information
B. Increase in computational power
C. Increase in the number of cryptographic algorithms
D. Increase in the number of hackers
B
56 – Aggregation and inference are classified as database security issues. Which statement is true in regards to aggregation?
A. A user lacks the permissions to access information, and does not have the required permissions to access subsets of the same information.
B. A user lacks the permissions to access information, but has the required permissions to access subsets of the same information.
C. A user has the permissions to access information, and does not have the required permissions to access subsets of the same information.
D. A user has the permissions to access information, and also has the required permissions to access subsets of the same information.
B
57 – Which cryptographic attack involves learning the cryptographic key by comparing false results from an error state with known good information?
A. Fault analysis
B. Linear cryptanalysis
C. Related key attack
D. Probing attack
A
58 – There are many different types of computer crimes, each of which can be committed differently. An employee who makes small, periodic changes to the company’s financial records in an effort to go unnoticed is committing what type of crime?
A. Salami attack
B. Data diddling
C. Denial of Service (DoS)
D. Emanations capturing
A
59 – Management has approached you about the current Rdundant Array of Independent Disks (RAID) configuration implemented within the organization. They would like to know which type of RAID level supports multiple drive failures. What should you tell them?
A. RIAD 10
B. RAID 5
C. RAID 1
D. RAID 0
A
60 – Which type of attack involves deceiving a trusting person into sharing confidential information?
A. Passive
B. Active
C. Spoofing
D. Social engineering
D
61 – What Common Criteria assurance level is the first to require that the product is methodically tested and checked?
A. EAL 5
B. EAL 4
C. EAL 3
D. EAL 2
C
62 – What is NOT true regarding the services that MPLS provides?
A. Traffic engineering is provided
B. Encryption is provided
C. Packet labeling is provided
D. QoS is provided
B
63 – Which method does not provide integrity for a message?
A. Hashing a message
B. Encrypting a message
C. Encrypting and digitally signing a message
D. Digitally signing a message
B
64 - Which option is NOT TRUE in regards to key management?
A. The lifetime of a key should be dictated by the amount of usage.
B. Key lengths should be long enough to provide the level of protection that is required.
C. Keys should be maintained in a secure location when their lifetime expires.
D. Keys should be stored and transmitted in a secure manner.
C
65 – Disk mirroring is an electronic backup method that reduces the risk of data loss due to component failure. What is also true of disk mirroring?
A. It increases disk overhead.
B. It offers a higher level of protection than disk duplexing.
C. The controller is not a single point of failure.
D. It transfers exact copies of data files to a remote location.
A
66 – What is not a type of attribute that can be used to make authentication decisions in a biometric system?
A. Skin scan
B. Keyboard dynamics
C. Facial scan
D. Hand geometry
A
67 – Which access control threats match each description?
A. Dictionary Attacks
B. Brute force attacks
C. Spoofing
- Involves a fake user logon screen being presented to a user for them to input their username and password
- Involves using a list of ordinary words as possible passwords from a file in an attempt to find a valid password
- Involves trying different input combinations in an attempt to find a correct password
- [C] Involves a fake user logon screen being presented to a user for them to input their username and password
- [A] Involves using a list of ordinary words as possible passwords from a file in an attempt to find a valid password
- [B] Involves trying different input combinations in an attempt to find a correct password
68 – A junior technician has approached you to ask what she should do to ensure users are accountable for their actions. What should you tell her?
A. You should tell her to only hire honest people.
B. You should tell her to implement logs.
C. You should tell her to implement auditing.
D. You should tell her to implement an accountability server.
C
69 – Which of the following is NOT one of the principles identified by the Directive on Data Protection?
A. Notice
B. Data confidentiality
C. Choice
D. Data integrity
B
70 – What type of iris lens would typically be used in an area that has fixed lighting?
A. Annuciator
B. Charged-coupled
C. Manual
D. Automatic
C
71 – You are attempting to determine the types of preventative measures to put in place to protect your company’s facility. What is not a preventative measure you might implement?
A. Purchase generators
B. Implement a hot site
C. Create redundant power lines
D. Increase inventory
B
72 – What is not true with respect to the relationships between threat, vulnerability, exposure, countermeasure and risk?
A. A threat agent takes advantage of a vulnerability
B. A vulnerability can expose a system to possible damage.
C. A countermeasure can mitigate a vulnerability.
D. The probability of a fire causing damage is a risk.
C
74 – What type of alarm system triggers an alarm at your organization’s security command center when it detects an intruder?
A. Local
B. Proprietary
C. Central station
D. Auxiliary station
B
76 – Which type of attack is considered a passive attack?
A. Replay attack
B. Chosen-Plaintext attack
C. Ciphertext-Only attack
D. Sniffing attack
D
77 – What attributes are used when evaluating a system’s protection mechanisms under the Information Technology Security Evaluation Criteria (ITSEC)?
A. Integrity and Authentication
B. Assurance and Integrity
C. Functionality and Assurance
D. Confidentiality and Functionality
C
78 – What is the second stage of the SDLC?
A. Defining system requirements
B. Project initiation and planning
C. Defining functional objectives
D. Developing and implementing
C
79 – What is the correct order of sensitivity levels for military data classification?
A. Top secret, Secret, Private, Sensitive, Unclassified
B. Top secret, Secret, Confidential, Sensitive but unclassified, Unclassified
C. Top secret, Confidential, Secret, Sensitive but unclassified, Unclassified
D. Top secret, Sensitive, Sensitive but unclassified, Private, Unclassified
B
80 – Which identity management system characteristics match with the identity management system?
A. Provides packet delivery with UDP
B. Uses PPP connections
C. Supports the Apple Talk protocol
D. Combines services for authentication and authorizationE. Provides packet delivery with TCPF. Encrypts packets between the server and the client-TACAS+-RADIUS
TACAS+: C, F, and E
RADIUS: A, B, and D
81 – Which user requirement is true for compartmented security mode but not for multilevel security mode?
A. A clearance level that is equal to or higher than the highest resource level of clearance is required for information on the system.
B. There must be a signed Non-Disclosure Agreement (NDA) for all information that the user will access on the system.
C. All users must have a valid need to know some of the information on the system.
D. There must be formal access approval for all information that the user will access on the system.
A
82 – Which OSI layer is responsible for the addressing and routing of packets so that they can reach their destination?
A. Session
B. Physical
C. Data link
D. Network
D
83 – Most large organizations today have acknowledged the need for a C-level security officer, typically classed as the chief information security officer; however, there are still issues in identifying the most appropriate reporting structure for the chief information security officer within the organization. The greatest potential for a conflict of interest is inherent to a chief information security officer reporting to which role within an organization?
A. Chief security officer
B. Chief financial officer
C. Chief information officer
D. Chief executive officer
C
84 – Which information concealment methods match to each description?
A. Code words
B. Watermarking
C. Stenography
D. Cryptography
- Uses additional information within a file for detecting the theft of information
- Uses sophisticated mathematical techniques to hide information
- Uses a specific medium to hide information within
- Uses letters to represent an idea or sentiment
- [B] Uses additional information within a file for detecting the theft of information
- [D] Uses sophisticated mathematical techniques to hide information
- [C] Uses a specific medium to hide information within
- [A] Uses letters to represent an idea or sen
85 – A junior network technician has approached you and asked for your opinion on what type of cable would be the least resistant to electromagnetic Interference (EMI). What should you tell them?
A. Unshielded Twisted Pair
B. Fiber-optic
C. Shielded Twisted Pair
D. Coaxial
A
86 – Which mode of the Data Ecryption Standard (DES) is similar to the Output Feedback (OFB) mode but uses a 64-bit random data block as the first initialization vector (IV)?
A. Cipher Feedback
B. Electric Code Book
C. Counter
D. Cipher Block Chaining
C
87 – Resource protection is one of the three critical requirements for operations controls. Its goal is to protect resources within the organization from loss or compromise. Which is NOT a concern for the resource protection critical requirement?
A. Protect resources that are required for data processing.
B. Ensure that resource security is maintained during a failure.
C. Ensure that vulnerabilities directed at the availability, integrity, and confidentiality of resources is reduced.
D. Provide a balance between the implemented security controls and the user’s productivity.
B
88 – It is important to conduct a risk assessment as part of the planning process to determine what threatens the organization. Risk assessment also determines ways in which available resources should be used to guard against the identified threats. What is the probability of a threat?
A. The need to insure against it
B. The severity of the damage it could inflict
C. The likelihood that it will occur
D. The cost of implementing a plant o curb its effects
C
93 – You need to deploy a video surveillance solution in the front lobby of your organization’s building. It is important that the security guards are able to monitor the full lobby, but you want to limit the number of cameras needed to facilitate this. What capability will allow you to meet your goals?
A. PTZ capable system
B. CCD capable system
C. Automatic iris capable system
D. A photometric system
A
(Bank 1) 1 – Which of the following is an example of a dictionary attack?
A. A program that sniffs the network and captures packets
B. A program that covers up the login screen and captures the values once they are inputted by the user.
C. A program that uses every possible input combination to try to determine what the correct value would beD. A program that uses a pre-defined list of values and compares it to captured values
D
2 – What is the main factor for strengthening the functions of cryptographic systems?
A. Increase in the number of hackers
B. Increase in classified information
C. Increase in the number of cryptographic algorithms
D. Increase in computational power
D
3 – A computer crime has been reported and an investigation by the company’s incident response team has confirmed that an actual crime has been committed. The initial evidence indicates that the crime appears to have been committed by an employee within the company. What department should be notified?
A. Software Development
B. Human Resources
C. Finance
D. Marketing
B
4 – What Common Criteria assurance level is the first to require that the product is methodically tested and checked?
A. EAL4
B. EAL5
C. EAL3
D. EAL2
C
5 - What is the benefit of using clustering in your enterprise data management scheme?
A. Creates a single point of failure
B. Scalability and redundancy
C. Requires less memory to operate
D. Amount of data storage is increased
B
6 - You have been tasked with implementing an intrusion detection system that learns as it performs its day-to-day tasks and uses this knowledge to detect any changes that could mean an intrusion is occurring. Which one should you implement?
A. Statistical anomaly-based intrusion detection
B. Signature-based intrusion detection
C. Network-based intrusion detection system
D. Host-based intrusion detection system
A
7 - Which is the final step that you should include in any backup plan?
A. Determine what type of backup media you will require.
B. Test the backup plan.
C. Determine where you should store the backup media and how long you should store it there.
D. Determine what data you will need to back up.
B
8 - The network administrator for your company has asked you to provide a report on the number of modems attached to the network that are unaccounted for. What should you do to accomplish this?
A. Piggybacking
B. Modemsurfing
C. Wardriving
D. Wardialing
D
9 - Which of the following is NOT true in regards to content-dependent access control?
A. Content-dependent filtering can be used with email programs and web browsers.
B. It uses rules to define what can and cannot occur between an object and a user.
C. It is often used within databases.
D. Access to objects is determined by the actual content of the object.
B
10 - Which method is most secure when updating routing information?
A. Distance-vector updates
B. Static updates
C. Link-state updates
D. Dynamic updates
B
11 - Ten professional practice areas make up the basis of NFPA 1600. Which practice area involves determining the threats that apply to an organization and limiting their potential impact?
A. Project initiation and management
B. Risk evaluation and control
C. Maintaining and exercising BCPs
D. Awareness and training programs
B
12 - Which type of security device is set into a door's edge? A. Biometric reader B. Card reader C. Mortise lock D. Rim lock
C
13 - Companies that have been attacked often choose not to release this information to the media. However, there are several well-known computer crimes that have been widely publicized. What hacker or group of hackers demonstrated how a web-based Trojan horse could be used to extract money from a bank account?
A. Kevin Mitnick
B. Chaos Computer Club
C. Legion of Doom
D. Cult of the Dead Cow
B
14 - Biometric devices are among the most accurate and secure methods of authentication available. However, some users find them obtrusive and are therefore reluctant to use them. What biometric recognition system is the most widely accepted and implemented?
A. Iris patterns
B. Facial features
C. Retinal patterns
D. Fingerprints
D
15 - Which term defines a group of networks that work together for the sole purpose of propagating code that performs undesirable functions?
A. Malnets
B. Botnets
C. Extranets
D. Malvertisements
A
16 - What ITSEC rating is concerned with a high level of integrity during communications?
A. F6
B. F8
C. F7
D. F9
B
17 - Which regulation for financial institutions emphasizes resuming and maintaining business operations after a disaster?
A. FFIEC
B. NYSE Rule 446
C. Electronic Funds Transfer Act
D. NASD Rule 3510
A
18 - Electronic devices emit electrical and eloctromagnetic signals through the airwaves. This is referred to as what?
A. White noise
B. Emanation
C. EMI
D. Tempest
B
19 - What can you use to determine whether an information security program is on track and on budget?
A. Management metrics
B. Technical metrics
C. Strategic metrics
D. Operational metrics
C
20 - What methodology focuses mainly on risk management related to information systems?
A. NIST SP 800-39
B. NIST SP 800-30
C. ORION
D. CRAMM
B
21 - What is NOT one of the three critical requirements for operations controls?
A. Resource protection
B. Privileged-entry control
C. Software control
D. Hardware control
C
22 - What law protects company logos from illegal duplication?
A. Patent
B. Copyright
C. Trademark
D. Trade secret
C
23 - Which technology provides availability, load balancing, redundancy, and failover?
A. Clustering
B. RADIUS
C. RAID
D.Redundant Servers
A
24 - Which is NOT a type of programming language?
A. Assembly
B. High-Level
C. Machine
D. Interpreter
D
25 - Which type of attack exploits the communications session between two communicating devices so that the session can be hijacked?
A. Ping of Death Attack
B. DNS Poisoning
C. Sniffer Attack
D. TCP Sequence Number Attack
D
26 - What is the most common security issue for most companies?
A. DoS attacks
B. Excessive privileges
C. IP spoofing attacks
D. Data diddling
B
27 - What type of water sprinkler system is best used in an environment that contains a lot of expensive computer and electronic equipment?
A. Deluge
B. Dry pipe
C. Preaction
D. Wet Pipe
C
28 - Which item used in conjunction with a fence emits radio frequency signals to detect an intruder pushing a fence?
A. CCTV
B. PPTP
C. TDR
D. DSA
C
29 - Which OSI reference model layers match to each function?
A. Transport B. Data-link C. Application D. Session E. Presentation F. Network
- Specifies how data is routed from hosts on one network to hosts on another network
- Responsible for error-free packet transfers between network nodes
- Establishes, maintains, and terminates connections between devices and applications
- Segments data in the appropriate size and format
- Interacts directly with end users to provide network services
- Ensures that data represented by one system can be interpreted by another system
[F]- Specifies how data is routed from hosts on one network to hosts on another network
[B]- Responsible for error-free packet transfers between network nodes
[D]- Establishes, maintains, and terminates connections between devices and applications
[A]- Segments data in the appropriate size and format
[C]- Interacts directly with end users to provide network services
[E]- Ensures that data represented by one system can be interpreted by another system
30 - What is the Biba model most concerned with?
A. Integrity
B. Verification
C. Confidentiality
D. Repudiation
A
31 - What type of threat involves retransmitting packets to perform undesirable effects?
A. Impersonation
B. Dumpster diving
C. Data remanence
D. Replay
D
32 - A temporary site has been set up for various users that will be working on a project in a remote location. The users will be dialing-in to a RAS server within the central office to gain access to the corporate network as required. Management is worried that unauthorized users at unauthorized locations will be able to dial-in to the RAS server and gain access to the corporate network. What should you implement for increased security?
A. Callback
B. A firewall
C. Encryption
D. VPN
A
33 - Using an access card to access specific rooms within a building is an example of which factor of the three-factor authentication method?
A. Something you know
B. Something you have
C. Something you use
D. Something you are
B
34 - Data remanence refers to the residual physical representation of data that has been removed from storage media. What is not a common method used to remove data from media before it is discarded?
A. Destroying
B. Degaussing
C. Cleaning
D. Overwriting
C
35 - In regards to data within an organization, what is the Clark-Wilson model most concerned with?
A. Confidentiality
B. Authentication
C. Integrity
D. Availability
C
36 - What is an example of a detective control?
A. Firewall
B. Fences
C. Job rotation
D. Lighting
C
37 - Which stage descriptions match to each lifecycle?
A. Ideas are brainstormed for the system and security measures are considered.
B. Errors are identified and traced once the system is in production.
C. How the system will be created to fulfill the functional objectives is determined.
D. All the planning, designs, and system requirements are physically created.
E. Weaknesses are resolved by implementing new improvements.
- Systems Development Life Cycle
- System Life Cycle
[A, C, D] -Systems Development Life Cycle
[B, E] - System Life Cycle
38 - What is an example of a deterrent control?
A. Audit logs
B. Security policies
C. Fences
D. Smart cards
C
39 - It is important to conduct a risk assessment as part of the planning process to determine what threatens the organization. Risk assessment also determines ways in which available resources should be used to guard against the identified threats. What is the probability of a threat?
A. The likelihood that it will occur
B. The need to insure against it
C. The severity of the damage it could inflict
D. The cost of implementing a plan to curb its effects
A
40 - A junior technician has approached you to ask what she should do to ensure users are accountable for their actions. What should you tell her?
A. You should tell her to implement auditing.
B. You should tell her to implement an accountability server.
C. You should tell her to implement logs.
D. You should tell her to only hire honest people.
A
41 - What is the most secure method of storing private keys in a PKI implementation for a commercial bank?
A. Key repository
B. Key escrow service
C. Simple offline storage system
D. M-of-N process
B
42 - Which statement is not true in relation to the term “back door”?
A. There are various tools on the market that allow you to easily create and execute back door attacks.
B. It is an intentional opening within an application that allows developers to bypass security features for troubleshooting purposes.
C. It is the placement of a program or utility within a network that provides unauthorized access to the network that it is installed in.
D. A back door attack allows an attacker to masquerade themselves as someone else.
D
43 - Which access control model makes use of ACLs?
A. Discretionary access control
B. Role-based access control
C. Nondiscretionary access control
D. Mandatory access control
A
44 - What is an organization exercising when senior management understands the security risk faced by the company and it investigates possible weaknesses and vulnerabilities?
A. Due diligence
B. Due care
C. Demonstrative evidence
D. Incident recognition
A
45 - What type of backup will contain any files that have changed since the last full backup?
A. Full
B. Incremental
C. Differential
D. Complete
C
46 - Which statement best describes what occurs during a Chosen Plaintext attack?
A. An attacker obtains the ciphertext of several messages encrypted using the same encryption algorithm, attempts to determine the key used for the encryption process, and then decrypts all the messages with that key.
B. An attacker obtains the plaintext and ciphertext of one or more messages, attempts to determine the key used for the encryption process, and then attempts to decrypt all other messages with that key.
C. An attacker creates a plaintext message and sends it to a recipient hoping they will encrypt it and send it to another recipient. The attacker then sniffs out the encrypted message, captures it, and then figures out the key used to encrypt the original plaintext message. The attacker will then use the key to decrypt all messages captured from the original recipient.
D. An attacker captures data passing from a sender to a receiver, and resubmits the data to the legitimate receiver hoping they are fooled into thinking that it is the legitimate information from the original sender.
C
47 - What is the first level in the Orange Book that requires users to be individually identified and accountable for their actions?
A. C1
B. B2
C. C2
D. B1
C
48 - You need to provide security for your client’s connections to your web server. You need to make sure that the entire communications channel between the two computers is protected. Which technology should you implement to accomplish this?
A. HTTP
B. HTTPS
C. S-HTTP
D. SET
B
49 - A biometric system that weighs people entering a facility to ensure that only one person is being granted access is typically used in what type of security prevention method?
A. Fail-safe
B. Mantrap
C. Fail-secure
D. Piggybacking
B
50 - Two or more employees assisting each other to commit a fraudulent or destructive act is called collusion. Which security practice will help prevent collusion?
A. Intrusion detection
B. Access control
C. Separation of duties
D. Rotation of duties
D
51 - Which protocol relies on a “web of trust” for its key management approach instead of a hierarchy of certificate authorities?
A. Deffie-Hellman
B. RSA
C. PGP
D. SSL
C
52 - What type of analysis can information security professionals use proactively in-house, and in reaction to an attack?
A. Quantitative risk analysis
B. Forensic engineering
C. Software forensics
D. Business impact analysis
C
53 - The terms threat, vulnerability, exposure, countermeasure, and risk are sometimes intermingled and used interchangeably in conversation or writings about security management. Which of the following options contains the statement that accurately describes the relationship between these terms?
A. Option C
B. Option B
C. Option A
D. Option D
A
54 - You are the network administrator for a large company in North America. Many of the employees work from remote locations. You need to set up a secure, private connection between the remote users and their head office so that they can access resources. What would be the best solution?
A. Use the Point-to-Point Tunneling Protocol
B. Use a Virtual Private Network
C. Use the Point-to-Point Protocol
D. Use the Layer 2 Tunneling Protocol
B
55 - A junior network technician has approached you and asked for your opinion on what type of cable would be the least resistant to electromagnetic interference (EMI). What should you tell them?
A. Fiber-optic
B. Shielded Twisted Pair
C. Unshielded Twisted Pair
D. Coaxial
C
56 - Which access control model is based on a security label system?
A. Discretionary access control
B. Mandatory access control
C. Nondiscretionary access control
D. Role-based access control
B
57 - You are the network administrator for a branch office. You need to secure the network traffic as it enters and leaves your office. Your plan is to implement a hardware based firewall. The firewall should be able to inspect the data’s source and destination address. This will allow you to implement access control lists to control access to specific applications and services. What type of firewall should you implement to meet the branch office security requirements?
A. Stateful Inspection
B. Packet Filtering
C. Application Level
D. Circuit Level
B
58 - Which is not a term that is used to identify the type of response an operating system will take when a failure occurs?
A. System cold start
B. Warm reboot
C. Emergency system restart
D. System reboot
B
59 - Which security model has the ability to address the interference attack?
A. Noninterference model
B. Graham-Denning model
C. Biba model
D. Lattice model
A
60 - What type of cipher moves bits, characters, and blocks around to hide the original plaintext message?
A. Transposition cipher
B. Scramble cipher
C. Substitution cipher
D. Replacement cipher.
A
61 - Which attack takes advantage of weaknesses in the design of the TCP protocol?
A. SYN flood
B. Teardrop
C. Fraggle
D. Smurf
A
62 - When does a buffer overflow occur?
A. When an application sends too much information to another application cuasing a blue screen
B. When too much data is entered into the buffer
C. When the operating system runs out of RAM and causes a reboot
D. When an application runs out of memory and crashes the system
B
63 - What is not true of a qualitative risk analysis?
A. It is scenario-based.
B. Assets are defined as tangible physical objects.
C. Its results are easier to understand than that of a quantitative risk analysis.
D. Threats are given an exposure rating.
B
64 - Which RAID levels match each characteristic?
A. Level 10 B. Level 5 C. Level 3 D. Level 0 E. Level 1
- Parity
- No parity
- [C, B] Parity
- [D, E, A] No parity
65 - The company’s database server contains multiple tables with customer orders. A possible disaster could take the server offline and the company would start to lose significant amounts of money after about 24 hours. What category of maximum tolerable downtime (MTD) should the server be placed in?
A. Normal
B. Nonessential
C. Critical
D. Urgent
D
66 - What law protects software programs from illegal distribution?
A. Trade secret
B. Trademark
C. Patent
D. Copyright
D
67 - Which term represents a collection of technologies that gathers and stores access control information and specified system activity for later study?
A. SIEM
B. FMEA
C. ITIL
D. MTBF
A
68 - The act of monitoring, auditing, and logging provides which measure within an organization?
A. Integrity
B. Accountability
C. Availability
D. Confidentiality
B
69 - What is the best method of preventing a buffer overflow?
A. Limit the amount of data that can be entered into memory
B. Limit the amount of data that is accepted by an application
C. Increase the amount of virtual memory available to the operating system
D. Add RAM to the computer
A
70 - The evidence of a computer crime must be gathered carefully and preserved in order to protect its integrity. The data collected during an investigation must be detailed in the chain of evidence or chain of custody. Which statement is true of the chain of evidence?
A. Evidence must be returned to its owner once presented in court
B. Modifying computer-generated evidence is impossible
C. Evidence must not be admissible
D. Evidence must be legally permissible
D
71 - Why are most companies unaware that they have ever been attacked?
A. Attackers usually spoof their IP addresses.
B. There are only a few laws that specifically address computer crimes.
C. Attackers usually erase any logs that record their activities.
D. Most attacks are performed by individuals located inside the target network.
C
72 - Once the risk analysis has been completed, the organization must decide how to handle the risk. What four options are available for handling risk?
A. Reject, transfer, reduce, and accept
B. Reject, transfer, recover, and accept
C. Transmit, accept, refer, and reject
D. Accept, refer reject, and transmit
A
73- What type of intrusion detection system (IDS) is used to detect any sound that can be made by someone trying to force their way into a facility?
A. Acoustical detection system
B. Electro-mechanical system
C. Photometric system
D. Proximity detector
A
74 - What type of mobile code control serves as a protected area for a program to execute?
A. Access matrix
B. Kernel
C. Covert channel
D. Sandbox
D
75 - Management has approached you about the current Redundant Array of Independent Disks (RAID) configuration implemented within the organization. They would like to know which type of RAID level supports multiple drive failures. What should you tell them?
A. RAID 0
B. RAID 1
C. RAID 10
D. RAID 5
C
76 - What is the Bell-La Padula model most concerned with?
A. Repudiation
B. Integrity
C. Verification
D. Confidentiality
D
77 - Administrative, technical, and physical controls should be used by security administrators to meet an organization’s security requirements. What is an example of a preventive physical control?
A. Biometric system
B. Router
C. Data backup
D. Closed-circuit TV
A
78 - Which algorithms match to each type?
A. Knapsack B. Blowfish C. DES D. RSA E. ECC F. AES
- Asymmetric
- Symmetric
[D, E, A] - Asymmetric
[F, C, B] - Symmetric
79 - The reporting structure for the information security officer (ISO) will vary from organization to organization. The ISO should report as high up in the organization as possible, as this reinforces the importance of information security to the organization. When deciding which organizational role the ISO needs to report to, it is important to acknowledge that there is a potential conflict of interest. A conflict of interest could arise from having the ISO report to which organizational role?
A. Risk management department
B. Chief executive officer
C. Chief security officer
D. Internal audit department
D
80 - Which type of virus takes advantage of system precedence?
A. Polymorphic virus
B. Macro virus
C. Multipartite virus
D. Companion virus
D
81 - A junior network technician has approached you and asked for your opinion on what would be the most secure cable to implement within the organization. What should you tell them?
A. Coaxial
B. Unshielded Twisted Pair (UTP)
C. Fiber-optic
D. Shielded Twisted Pair (STP)
C
82 - The integrity of data within a database can be protected by different types of operations. Which type of operation can be used when a complete database failure occurs?
A. Inference
B. Commit
C. Rollback
D. Savepoint
D
83 - What type of technology makes use of a sandbox as a security mechanism?
A. Malware
B. ActiveX
C. DBMS
D. Java
D
84 - Which is NOT an integrity goal that is addressed by the Clark Wilson model?
A. All users must be identified and authenticated.
B. Unauthorized users should be prevented from making changes.
C. Authorized users should be prevented from making unauthorized changes.
D. Internal and external consistency should be maintained at all times.
A
85 - What is not considered when determining a recovery strategy as part of a business continuity plan?
A. User recovery
B. Data recovery
C. Technical recovery
D. Certificate recovery
D
86 - What best describes an information protection environment?
A. Audits, logs, policies, and procedures used to track user activities throughout the organization
B. An environment for hardware security that encompasses all dedicated hardware in an organization
C. An environment for operations security that encompasses all computing resources in an organization
D. An environment for software security that encompasses all software used in an organization
C
87 - At which stage of the SLC does the development team observe how the system operates to make sure it is functioning as expected?
A. Operations and maintenance support
B. Recording and documenting
C. Producing and installing
D. Revisions and system replacement
A
88 - What type of power fluctuation occurs due to a loss of power?
A. Fault
B. Spike
C. Brownout
D. Sag
A
89 - What type of alarm system triggers an alarm at your organization’s security command center when it detects an intruder?
A. Proprietary
B. Local
C. Central station
D. Auxiliary station
A
90 - Which piece of equipment is not recommended for use by incident response teams?
A. Digital camera
B. Plastic containers
C. Spiral notebook
D. Ball-point pen
C
91 - What needs to be done by the organization to help ensure that the insurance company is responsible for coverage in the event of a disaster?
A. The organization must practice due care
B. The organization must practice due diligence
C. The organization must purchase a Business Interruption Insurance policy
D. Nothing, the insurance company is always responsible
A
92 - What classification of gate is designed to secure an industrial yard that only authorized individuals are permitted entry?
A. Class II
B. Class IV
C. Class I
D. Class III
D
93 - What is the first level in the Orange Book that requires verified protection?
A. A1
B. B1
C. B2
D. C1
A
94 - Which examples match with the types of controls?
A. Classifying data B. Clipping levels C. Hiring procedures D. Supervisory activities E. Monitoring keystrokes F. Access control lists
- Technical
- Administrative
[E, F, B] - Technical
[C, A, D] - Administrative
95 - Which type of detective software intelligently analyzes unknown code?
A. Change detection software
B. Heuristic scanner
C. Signature scanner
D. Activity monitor
B
96 - Which statement specifies a characteristic of quantum cryptography?
A. It is used to encrypt and store the encrypted data.
B. It uses physics as its fundamental mechanism.
C. It is used to transfer encrypted data between two hosts.
D. It uses special encryption algorithms to encrypt information.
B
97 - Which backup strategy copies only the files that have changed since the last backup without altering their archive bits?
A. Differential backup
B. Full backup
C. Copy backup
D. Incremental backup
A
98 - Which rule is also classified as the “no read down” rule?
A. Simple integrity axiom
B. Simple security rule
C. Star integrity axiom
D. Star property rule
A
99 - Which statement best describes maintenance hooks?
A. They are cycles of downtime for software access controls.
B. They are backdoors into software that only the developer knows about.
C. They are periods of time in which the software security is lax.
D. They are Trojan horses placed in the software by hackers.
B
100 - What type of fire suppression system would be the worst choice to use in an environment that contains a lot of expensive computer and electronic equipment?
A. FM 200
B. Preaction
C. Deluge
D. Dry pipe
C
101 - For applications to Interact with various types of databases, a type of interface is needed. What type of database interface language is used for structuring data so that it can be shared between applications and web technologies?
A. ADO
B. OLE DB
C. ODBC
D. XML
D
102 - Which type of cryptographic algorithm uses public and private keys?
A. AES
B. RSA
C. DES
D. 3DES
B
103 - You have just been hired as a junior security analyst at a security consulting firm. Your manager gives you a list of ciphers and asks you to determine their type. Rail fence, rectangular substitution, monoalphabetic, and polyalphabetic are all examples of which type of cipher?
A. Transposition
B. Substitution
C. Null
D. Running key
A
104 - Which type of access control involves the installation of a lock on a server room door?
A. Directive
B. Compensating
C. Preventive
D. Deterrent
C
105 - Which statement best defines a clipping level?
A. A baseline that defines a threshold that must be met before a violation is recorded for further review
B. The implementation of assurance levels and the management of security features
C. A threshold that defines a baseline that must be met before a violation is recorded for further review
D. The act of discovering a problem before it becomes a major issue and causes damage
A
106 - Which task is not part of the initial steps an attacker would perform when attacking a network?
A. Start building a network topology
B. Determining which computers are physically active.
C. Determining which operating systems are installed on the active computers
D. Determining which ports are open by performing port scans
D
107 - Your current network uses the Open Shortest Path First (OSPF) dynamic routing protocol to update routes to different destinations on the network. It has been brought to your attention that a rouge router is updating routes on the internal network. This is creating false routes to destinations internally and externally which imposes a security issue. What should you do to prevent the rogue router from updating your internal routing information?
A. Implement a different type of dynamic routing protocol.
B. Implement update authentication between the internal routers.
C. Unplug the rogue router.
D. Contact the local authorities.
B
108 - Which type of media access technology is primarily used in Ethernet networks?
A. Token Passing
B. Polling
C. CSMA
D. Ethernet
C
109 - A stateful firewall uses what type of access control?
A. Content-dependent access control
B. Context-dependent access control
C. Rule-based access control
D. Access control matrix
B
110 - Which type of operations security control deals with the behavior expected of employees when accessing information resources within the organization?
A. Corrective controls
B. Directive controls
C. Preventive controls
D. Detective controls
B
111 - With Biometrics systems, what is the term used to describe when the system incorrectly grants the user access when they should have been denied?
A. FRR
B. FAR
C. CER
D. EMP
B
112 - Each of the management levels has a set of information security responsibilities inherent to their role within the organization,. For what is the information security officer primarily responsible?
A. Ensuring the security program complies with regulations
B. Evaluating risk management practices in the organization
C. Identifying emerging security risks
D. Facilitating information security within the organization
D
113 - Carrie has a secret message that she wants only Todd to read. A hybrid approach is used for this transaction. Which statements regarding hybrid cryptography are true and which statements are false?
A. Todd decrypts the encrypted symmetric key with his private key and decrypts Carrie’s message with the symmetric key
B. Carrie encrypts the message with her private key and her private key with Todd’s public key
C. Todd decrypts Carrie’s encrypted private key with his public key and decrypts Carrie’s message with Carrie’s private key
D. Carrie encrypts the message with a symmetric key and the symmetric key with Todd’s public key
[B, C]-False
[D, A]-True
114 - Which type of cipher is typically used in an application where encryption is not needed, but the system itself requires encryption?
A. Transposition cipher
B. Running key cipher
C. Substitution cipher
D. Null cipher
D
115 - (ISC)2 requires CISSPs to commit to fully supporting the Code of Ethics, Identify one of the mandatory cannons in the CISSP Code of Ethics.
A. Discharge professional responsibilities with diligence and honesty
B. Provide diligent and competent service to principals
C. Thou shalt not use a computer to steal
D. I will not misuse any information or privileges I am afforded as part of my responsibilities
B
116 - What type of database integrity exists if all foreign keys point to existing primary keys?
A. Referential
B. Entity
C. Semantic
D. Structural
A
117 - The risk management framework defines six major areas of risk management. The operational risk management area is broken down further into which specific areas of risk?
A. People, credit, market
B. Financial, strategic, technology
C. Process, market, events
D. People, process, events
D
118 - What RAID level stripes both data and parity across all drives, ensuring that there is no single point of failure?
A. RAID 0
B. RAID 5
C. RAID 3
D. RAID 1
B
119 - Which of the following are characteristics of quantitative risk analysis and qualitative risk analysis?
A. Does not take into consideration cost/benefit analysis
B. Requires calculations
C. Uses a lot of educated guesses
D. Opinions are provided by process experts
E. Presents yearly losses
- Qualitative risk analysis
- Quantitative risk analysis
[C, D, A]- Qualitative risk analysis
[B, E]- Quantitative risk analysis
120 - Which Common Criteria Evaluation Assurance Level (EAL) involves semiformal design and testing of systems?
A. EAL 7
B. EAL 5
C. EAL 3
D. EAL 1
B
121 - Which access control concept involves isolating groups of people and information so that information is not passed between the groups?
A. Least privilege
B. Compartmentalization
C. Need to know
D. Security domain
B
122 - Which attack involves sending malformed packets to a system in order to cause it to crash or end processing?
A. SYN flood attack
B. Smurf attack
C. Denial of Service (DoS) attack
D. Fraggle attack
C
123 - Which examples match security frameworks and risk assessment methodologies?
A. CRAMM B. OCTAVE C. COBIT D. FRAP E. ITIL F. COSO
- Security Frameworks
- Risk Assessment Methodologies
[C, F, E]- Security Frameworks
[A, D, B]- Risk Assessment Methodologies
124 - After determining the risks that could affect business functions, what would be the least effective type of measure that could be implemented to help reduce the impact as much as possible?
A. Reactive
B. Cost-effective
C. Preventative
D. Proactive
A
125 - Which is TRUE in relation to a one-way hash function?
A. It takes a variable-length string and produces a fixed-length value.
B. It takes a variable -length string and produces a variable-length value.
C. It takes a fixed-length string and produces a fixed-length value.
D. It takes a fixed-length string and produces and variable-length value.
A
126 - Which viable weekly backup strategy will take the least amount of time to complete?
A. Perform a full backup every Monday and a differential backup on the remaining days of the week.
B. Perform a differential backup every Monday and an incremental backup on the remaining days of the week
C. Perform a full backup every Monday and an incremental backup on the remaining days of the week.
D. Perform a full backup every day.
C
127 - Which attack occurs when an attacker sends packets that are too small?
A. Smurf
B. Fraggle
C. Teardrop
D.SYN flood
C
128 - What type of interference can be caused by the fluorescent lights that are commonly found in office buildings?
A. Electrostatic discharge
B. Intermodulation
C. Radio frequency interference
D. Electromagnetic Interference
C
129 - Which rule states that a subject at a particular security level is unable to write information to a security level that is lower than the one in which the user currently resides?
A. Simple integrity axiom
B. Star integrity axiom
C. Simple security rule
D. Star property rule
D
130 - Which system security modes match to each description?
A. Multilevel Security Mode
B. Dedicated Security Mode
C. Compartmented Security Mode
D. System High-Security Mode
- All users lack formal need to know, but possess the necessary clearance.
- All users possess a formal need to know and clearance for all the data in the system.
- All users possess system high-security clearance, but may lack formal approval or need to know.
- Various classification levels are required to be processed at the same time.
- [D] All users lack formal need to know, but possess the necessary clearance.
- [B] All users possess a formal need to know and clearance for all the data in the system.
- [C] All users possess system high-security clearance, but may lack formal approval or need to know.
- [A] Various classification levels are required to be processed at the same time.
131 - Which algorithms match to each type?
A. MD5 B. AES C. SHA-1 D. HAVAL E. IDEA F. RSA
- Hashing algorithm
- Encryption algorithm
- [D, A, C] Hashing algorithm
- [B, E, F] Encryption algorithm
132 - What should be the first step completed in the project initiation phase?
A. Define plan goals
B. Appoint a leader
C. Appoint a BCP team
D. Obtain management support
D
133 - Which type of law acts on civil violations against an organization or individual?
A. Regulatory
B. Criminal
C. Tort
D. Administrative
C
134 - An updated security system is being considered for implementation to your company’s building. The system will allow employees access to the work area and various locked rooms while preventing others from entering. The system needs to be configured in such a way that doors will automatically unlock when employees are half a foot away. Which security feature would best meet these needs?
A. Magnetic stripe card
B. Proximity card
C. Electronic combination lock
D. Combination lock
B
135 - What should you configure to ensure that received fax documents are kept confidential and secure?
A. Configure a fax server to print the faxes to the nearest printer and include a cover page that separates the printed faxes by user name
B. Configure the fax device to only accept faxes when a user is present to receive it.
C. Configure a fax server to route the received faxes to the fax device that is nearest to the recipient.
D.Configure a fax server to route the received faxes to the appropriate user’s electronic mailbox
D
136 - What type of power fluctuation are you experiencing if there is a complete loss of power for only a moment?
A. Brownout
B. Blackout
C. Fault
D. Sag
C
137 - What is not an example of a physical control?
A. Subnets
B. Building location
C. External lights
D. Data backups
A
138 - When developing a business continuity plan, what recovery strategy would address transportation and accommodation requirements for employees in the event of a disaster?
A. User recovery
B. Business recovery
C. Data recovery
D. Technical recovery
A
139 - Which user requirement is true for compartmented security mode but not for multilevel security mode?
A. There must be formal access approval for all information that the user will access on the system.
B. There must be a signed Non-Disclosure Agreement (NDA) for all information that the user will access on the system.
C.A clearance level that is equal to or higher than the highest resource level of clearance is required for information on the system.
D. All users must have a valid need to know some of the information on the system.
C
140 - What security mode is a system operating in if all users have the formal clearance and approval required to access all data in the system but they only formally need to know some of it?
A. Multilevel Security Mode
B. Dedicated Security Mode
C. System High-Security Mode
D. Compartmented Security Mode
C
141 - You are currently meeting with management to have them formally approve the products, systems, and components within your organization. What is the process referring to?
A. Accreditation
B. Certification
C. Affirmation
D. Verification
A
142 - Most alternate off-site facilities are provided by third party companies that charge a subscription fee for usage. What is the term for an alternate off-side facility that is owned by the company?
A. Redundant site
B. Warm site
C. Hot site
D. Cold site
A
143 - Which of the standard listed identifies the format for public key certificates?
A. X21
B. X500
C. X509
D. X400
C
144 - What often happens unexpectedly because of the development of a company’s contingency plan?
A. Support from senior management is realized
B. RTOs are discovered
C. Improved business operations
D. Hot sites are found to be expensive to maintain
C
145 - Which algorithm requires that the sender and receiver use two instances of the same key?
A. RSA
B. Diffie-Hellman
C. Knapsack
D. 3DES
D
146 - What part of the product evaluation process deals with product development and maintenance?
A. Life-cycle assurance
B. Clipping levels
C. Operational assurance
D. Change control
A
147 - While away on business you are forced to leave a company laptop unattended in your hotel room for several hours. What would be the best method of securing the sensitive data stored on its laptop from theft?
A. Maintain backups of the sensitive data in a secure location
B. Have the laptop engraved with an ID number
C. Use encryption software to encrypt the sensitive data
D. Secure the laptop to a hotel desk using a locking cable
C
148 - IPSec is able to work in two different modes, Tunnel mode and Transport mode. Which is true in regards to protection with Tunnel mode?
A. Only the header and trailer information are protected.
B. The payload as well as the header and trailer information is protected.
C. Only the payload of the message is protected.
D. Only the header information is protected.
B
149 - According to the event management process, which action should be taken immediately after an event occurs?
A. Report to the assessment team
B. Assess the event
C. Report to the communications center
D. Implement a recovery strategy and and plans
C
150 - When developing the business continuity plan (BCP), what is not the responsibility of management?
A. Making the necessary resources available
B. Creating the policy statement and setting goals
C. Determining any legal and regulatory requirements
D. The outcome of the BCP development process
C
151 - Which database model stores data in more than one database while maintaining a logical connection between databases for the clients?
A. Relational data model
B. Distributed data model
C. Hierarchical data model
D. Rational data model
B
152 - Your security department has been gathering information to present to management about the security mechanisms that are implemented within the organization and an evaluation of their overall effectiveness. What is this process referred to as?
A. Affirmation
B. Accreditation
C. Certification
D. Hallmark
C
153 - You are currently doing a comprehensive technical evaluation on the security components within your organization. What is this referred to as?
A. Hallmark
B. Affirmation
C. Certification
D. Accreditation
C
154 - Which statements match each organization’s code of ethics?
A. Compromising the privacy of others
B. Act honorably, honestly, justly, responsibly, and legally
C. Provide diligent and competent services to principals
D. Seeking to gain unauthorized access to internet resources
E. Destroying the integrity of computer-based information
F. Advance and protect the security profession
- ISC2
- IAB
- [B, C, F] ISC2
- [E, D, A] IAB
155 - Which IDS technologies match each characteristics?
A. Anomaly-based
B. Signature-based
- Has the ability to identify new attacks
- Is synonymous with heuristic-based
- Is able to identify several activities and compare them to known patterns simultaneously
- Does not have the ability to identify new attacks
- [A] Has the ability to identify new attacks
- [A] Is synonymous with heuristic-based
- [B] Is able to identify several activities and compare them to known patterns simultaneously
- [B] Does not have the ability to identify new attacks
156 - which component is used to create digital signatures?
A. DSA
B. PPTP
C. SKIP
D. IPSec
A
157 - Why should an organization implement auditing for its Business Continuity Plan (BCP)?
A. To identify possible business interruptions
B. To reveal weaknesses in a system
C. To detect unauthorized activity
D. To keep it up to date
D
158 - Which information concealment methods match to each description?
A. Watermarking
B. Cryptography
C. Code words
D. Stenography
- Uses letters to represent an idea or sentiment
- Uses sophisticated mathematical techniques to hid information
- Uses a specific medium to hid information within
- Uses additional information within a file for detecting the theft of information
- [C] Uses letters to represent an idea or sentiment
- [B] Uses sophisticated mathematical techniques to hid information
- [D] Uses a specific medium to hid information within
- [A] Uses additional information within a file for detecting the theft of information
159 - What ensures the accountability and integrity of evidence once it is collected?
A. Chain of evidence
B. Tangibility
C. Due care
D. Due diligence
A
160 - What is true regarding the relationship between laws and ethics?
A. Ethics and laws are synonymous.
B. Most laws are derived from ethics.
C. Ethics are always derived from laws.
D. An action that is legal is also ethical.
B
161 - An organization that partners with other corporations has multiple communication channels. What should be taken into consideration by all employees regarding these channels?
A. Single sign-on
B. Intrusion detection
C. Privacy compliance
D. Monitoring technologies
C
162 - Which component is used by operators to monitor controllers in a SCADA system?
A. HMI
B. RTU
C. PLC
D. TCP
A
163 - Which aspect of IAM involves creating, modifying, and deleting user accounts?
A. Authorization
B. Entitlement
C. Identify management
D. Provisioning
D
164 - Fire suppression systems use different methods to combat fires. What substance is non-toxic, does not deplete the ozone, and is safe to use around electrical equipment?
A. Halon
B. Deluge
C. FM 200
D. Carbon dioxide (CO2)
C
165 - Which type of lock provides the least amount of security?
A. Warded lock
B. Smart lock
C. Tumbler lock
D. Electronic combination lock
A
166 - Which access control threats match each description?
A. Brute force attacks
B. Spoofing
C. Dictionary attacks
- Involves trying different input combinations in an attempt to find a correct password
- Involves using a list of ordinary words as possible passwords from a file in an attempt to find a valid password
- Involves a fake user logon screen being presented to a user for them to input their username and password
- [A] Involves trying different input combinations in an attempt to find a correct password
- [C] Involves using a list of ordinary words as possible passwords from a file in an attempt to find a valid password
- [B] Involves a fake user logon screen being presented to a user for them to input their username and password
167 - The international information Systems Security Certification Consortium requires CISSPs to commit to fully supporting the Code of Ethics. What is not a mandatory cannon in the CISSP Code of Ethics?
A. Protect society, the commonwealth, and the infrastructure.
B. Act honorably, honestly, justly, responsibly, and legally.
C. Discharge professional responsibilities with diligence and honesty. Discharge professional responsibilities with diligence and honesty.
D. Provide diligent and competent service to principals.
C
168 - Which standard is recommended by the Implementing the 9/11 Commission Recommendations Act of 2007?
A. NFPA 1600
B. TCSEC
C. ISO/IEC/27002
D. Common Criteria
A
169 - Which characteristics match to each type of offsite facility?
A. Configured with some equipment
B. Are usually ready within a few hours after equipment arrive
C. Can be operational very quickly
D. Fully configured spaces with all the technical equipment and resources an organization requires
E. No technical equipment or resources, except for air conditioning, power, and telecommunications
F. May take several hours or longer to get set up
- Hot sites
- Warm sites
- Cold sites
- [D, C] Hot sites
- [A, B] Warm sites
- [E, F] Cold sites
170 - A security practitioner is designing access control monitoring. The design includes a non-filtering router, a firewall, and a company network. In particular, the company wants to correctly place an IPS so that the number of alerts is significantly reduced.
Internet
[ ]- / \-[ ]
Firewall Router
|-[ ] |-[ ]
Company Net Company Net
The point between the firewall and the company network.
171 - What would be the least effective method used to secure a fax transmission?
A. Enable logging and auditing of fax transmissions
B. Use a fax server on the network
C. Implement a fax encryptor
D. Require users to encrypt their own transmissions
D
172 - Which method involves the hiding of data within another form of media so that the existence of the original data is concealed?
A. Tasseography
B. Cryptography
C. Stenography
D. Steganography
D
173 - You have received a change request from your client on a project you are currently developing for them. What is the correct order of steps you should take to ensure that you follow the change control process?
A. Make a formal request, Analyze the request, Record the request, Submit the request for approval, Develop the change, Report the results to management
B. Analyze the request, Record the request, Make a formal request, Submit the request for approval, Develop the change, Report the results to management
C. Make a formal request, Submit the request for approval, Develop the change, Analyze the request, Record the request, Report the results to management
D. Submit the request for approval, Make a formal request, Analyze the request, Record the request, Develop the change, Report the results to management
A
174 - Which rule will protect data at an integrity level from being corrupted by data at a lower integrity level?
A. Strong star property rule
B. Star property rule
C. Simple integrity axiom
D. Simple security rule
C
175 - An NDA addresses which security principal?
A. Availability
B. Integrity
C. Authenticity
D. Confidentiality
D
176 - Your company is implementing wireless technologies to provide users with the mobility they require to perform their day to day activities. Management has approached you and is questioning the security of the wireless technologies in relation to wardriving. You need to assure them that the network will be secured against wardriving. Which security measure will not provide protection against wardriving?
A. Enable the broadcasting of SSIDs on the access points that will be implemented within the network.
B. Change the SSID that will be used to identify the access point on the network.
C. Physically place the access points within the middle of the buildings.
D. Use 128-bit WEP as the encryption standard on the wireless network
A
177 - What method for database security involves having multiple instances of rows with the same primary key, each displaying a different set of data depending on the user’s security level?
A. Polyinstantiation
B. Aggregation
C. Views
D. Inference
A
178 - What is considered a felony under the US Computer Fraud and Abuse Act of 1986?
A. To gain unauthorized access to government systems
B. To disclose personal medical information
C. To use classified data for the benefit of a foreign nation
D. To exchange passwords for unauthorized access to systems
C
179 - Penetration testing is made up of a five-step process. What is the correct order of steps in which penetration testing should be carried out?
A. Reconnaissance, Vulnerability Analysis, Enumeration, Execution, Document Findings
B. Reconnaissance, Enumeration, Vulnerability Analysis, Execution, Document Findings
C. Reconnaissance, Enumeration, Execution, Vulnerability Analysis, Document Findings
D. Reconnaissance, Enumeration, Vulnerability Analysis, Document Findings, Execution
B
180 - What is the most common method used to locate unsecured wireless networks?
A. Wardialing
B. Piggybacking
C. Wardriving
D. Salami
C
181 - In a secure network, personnel play a key role in the maintenance and promotion of security procedures. Allotting different roles and responsibilities to different personnel provides increased security. It is important that each participant’s role is clearly defined and understood by the participants and by their peers. Which role is responsible for ensuring that the company complies with software license agreements?
A. Process owner
B. Product-line manager
C. Data analyst
D. Solution provider
B
182 - The AIC triad is made up of three main principals of information security: availability, integrity and confidentiality. Which threat can compromise data integrity?
A. Denial-of-Service (DoS) attack
B. Dumpster diving
C. Social engineering
D. Virus
D
183 - Security policies can be categorized as regulatory, advisory or informative. What is true of an advisory policy?
A. An advisory policy is designed for educational purposes.
B. An advisory policy cannot be enforced.
C. An advisory policy is specific to the company’s industry.
D. An advisory policy may describe the consequences of not abiding by the rules and procedures.
D
184 - The terms threat, vulnerability, exposure, countermeasure and risk are sometimes intermingled and used interchangeably in conversation or writings about security management. Which of the following options contain the statement that accurately describes the relationship between these terms?
A. Option C
B. Option A
C. Option B
D. Option D
C
185 - What is a security professional considered when they use hacking tools to test their own network for vulnerabilities?
A. Script kiddie
B. White hat
C. Red hat
D. Black hat
B
186 - What is the most significant risk associated with instant messaging, social networking technologies, message boards, and blogs?
A. Accidental disclosure of confidential, private information
B. Susceptibility to DoS attacks
C. Their being used to identify wireless hotspots that attackers can use to initiate attacks
D. Their being used to facilitate the spread of malicious code
A
187 - What has a primary focus on ensuring the business functions that are critical to the organization’s survival are available in the event of a business interruption?
A. Resource dependency analysis
B. Business impact analysis
C. NYSE Rule 446
D. Corporate contingency planning
D
188 - Which identity management system characteristics match with the identity management system?
A. Combines services for authentication and authorization
B. Provides packet delivery with TCP
C. Supports the AppleTalk protocol
D. Usess PPP connections
E. Encrypts packets between the server and the client
F. Provides packet delivery with UDP
- RADIUS
- TACACS+
- [F, D, A] RADIUS
- [C, E, B] TACACS+
189 - An attacker deleting specific incriminating information out of an audit log is referred to as what?
A. Sniffing
B. Scrubbing
C. Spoofing
D. Purging
B
190 - What type of attack involves the capturing of packets as they pass from a source to a destination over a network link?
A. Spamming attack
B. Teardrop attack
C. Ping of death attack
D. Sniffer attack
D
191 - When might an organization require an export license?
A. To implement cloud computing
B. To employ a key escrow service
C. To permit trans-border data flows
D. To establish a distributed data model
C
192 - Which database model allows for the storage of a wide spectrum of different types of data, including images, audio, and documents?
A. Object-oriented database model
B. Hierarchical database model
C. Distributed database model
D. Relational database model
A
193 - What can be done to enforce employee accountability?
A. Ensuring employees arrive on time for work
B. Employee’s maintaining corporate documentation
C. Including employee IDs in the audit logs
D. Employee’s providing a password or passphrase
C
194 - Which option is not classified as a presentation layer standard?
A. TIFF
B. MPEG
C. JPEG
D. HTTP
D
195 - Vulnerability scanning is a common method used by intruders to determine the weaknesses within a system. What is the first line of defense against vulnerability scanning?
A. Close all open ports that are not required for daily activities.
B. Apply the most current patches to the system.
C. Perform a periodic vulnerability scan on the network.
D. Have defined change control procedures within the organization.
A
196 - There are many different types of computer crimes, each of which can be committed differently. An employee who eavesdrops on the electronic signals emitted by a computer is committing what type of attack?
A. TEMPEST
B. Emanations capturing
C. Data diddling
C. Salami attack
B
197 - Which term best describes an access control concept that is responsible for the mediation of access controls to objects by subjects?
A. Secure state
B. Security kernel
C. Security perimeter
D. Reference monitor
D
198 - Which of the following is NOT one of the principles identified by the Directive on Data Protection?
A. Notice
B. Choice
C. Data integrity
D. Data confidentiality
D
199 - What is the BEST way to secure all data at rest on a portable computer without degrading system performance?
A. Software-based FDE
B. Hardware-based FDE
C. Cloud computing
D. SSL
B
200 - What is not a necessary step for developing a data classification program?
A. Assign responsibility for data classification to the data custodian.
B. Assign a data custodian.
C. Define procedures for declassifying data.
D. Define the classification levels.
A
201 - What is NOT true regarding the services that MPLS provides?
A. Packet labeling is provided
B. Encryption is provided
C. QoS is provided
D. Traffic engineering is provided
B
202 - Which layer of the OSI model maps to the Host-to-Host layer of the TCP/IP model?
A. Data link
B. Physical
C. Transport
D. Network
C
203 - What is not a basic principle used to help protect against threats to data integrity?
A. Rotation of duties
B. Need-to-know
C. Separation of duties
D. Repudiation
D
204 - The investigation team can use surveillance techniques to obtain evidence of computer crime. What is an example of physical surveillance?
A. Keyboard monitoring
B. Audit logs
C. Closed Circuit Television (CCTV)
D. Fencing
C
205 - Which OSI layer is responsible for the addressing and routing of packets so that they can reach their destination?
A. Network
B. Session
C. Physical
D. Data link
A
206 - Which stages match to each lifecycle?
A. Operations and maintenance support B. Revisions and system replacement C. Testing and evaluating D. Recording and documenting E. Defining functional objectives
- Systems Development Life Cycle
- System Life Cycle
- [E, D, C] Systems Development Life Cycle
- [B, A] System Life Cycle
207 - Mantraps are an example of what type of security control?
A. Detective controls
B. Corrective controls
C. Recovery controls
D. Preventive controls
D
208 - What type of attack prevents a system from responding to legitimate traffic from authorized clients?
A. An IP spoofing attack
B. A password cracking attack
C. A denial of service attack
D. A Trojan horse attack
C
209 - The planning phase should involve creating a timeline for developing the BCP. It is important to prioritize certain areas and to specify when plans for those areas will be completed. For a medium-sized company with an experienced planner and the full support of management, when should a BIA be completed?
A. Six to nine months
B. Nine to 12 months
C. Within the first month
D. Within six months
D
210 - Which phase of the Business Continuity Plan (BCP) involves the first widespread interaction between business areas and security managers?
A. Plan Design and Development
B. Project Management and initiation
C. Recovery Strategies
D. Business Impact Analysis (BIA)
D
211 - Which standard is most commonly used by IPsec for key management?
A. IKE
B. OAKLEY
C. SKIP
D. ISAKMP
A
212 - A computer crime is suspected and reported to senior management. What should the incident response team consider during the preliminary investigation?
A. Which company officials should be informed viea e-mail
B. Whether the suspect should be contacted
C. Whether the police should be contacted
D. Who will communicate with the media.
C
213 - Your Remote Access Server (RAS) modems are currently configured to answer incoming connections after two rings. After reviewing your current RAS logs, you have noticed multiple attempts to gain access to your network through your modems by unauthorized external users. It appears that the users are using a method of wardialing to locate your modems. What should you do to lower the success rate of wardialing attempts on your network?
A. Decrease the number of rings that will occur before the RAS server answers an incoming call.
B. Change the phone numbers for the modems within the RAS server.
C. Disable all modems that are not required for incoming calls.
D. Increase the number of rings that will occur before the RAS server answers an incoming call.
D
214 - You work for a high tech firm that is half a kilometer away from a high school. Students have to pass by your building to get to the mall where they often eat lunch. You want to secure the building to physically prevent high school students from walking on the property and to be notified if students bypass the barrier. Part of the solution is to use a coaxial strain-sensitive cable. Which other mechanism should be implemented to BEST meet these needs?
A. Gates
B. Landscaping
C. Fences
D. Bollards
C
215 - Debora, an American citizen who works for a large accounting firm in Los Angeles, receives a memo from the company’s president regarding internal computer crime investigations. The letter informs all employees that management may remove files from their workstations at any time, without notice. How would such actions apply to Debora’s Fourth Amendment rights?
A. If Debora is acting as a police agent, management’s Fourth Amendment rights would not be violated.
B. If management is acting as private citizens, Debora’s Fourth Amendment rights would be violated.
C. If management is acting as a police agent, Debora’s Fourth Amendment rights would not be violated.
D. If management is acting as private citizens, Debora’s Fourth Amendment rights would not be violated.
D
216 - What is not a valid type of test for a Business Continuity Plan (BCP)?
A. Partial interruption
B. Parallel
C. Checklist
D. Simulation
A
217 - Which feature defines the protocols needed to register public key information?
A. SHA-1
B. X-KISS
C. HAVAL
D. X-KRSS
D
218 - The AIC triad is made up of three main principals of information security: availability, integrity and confidentiality. Which threat can compromise availability?
A. Denial-of-Service attack
B. Social engineering
C. Human error
D. Dumpster diving
A
219 - To ensure that threats to integrity are kept to a minimum, database software should implement the ACID test. What characteristic of the ACID test will stop all steps in a transaction from occurring if one of the steps fails?
A. Isolation
B. Consistency
C. Durability
D. Atomicity
D
220 - Which algorithms match to each type?
A. Diffie-Hellman B. IDEA C. DSA D. RC6 E. El Gamal F. 3DES
- Asymmetric
- Symmetric
- [A, C, E] Asymmetric
- [B, D, F] Symmetric
221 - What is the first step that should be performed for a penetration test?
A. Vulnerability analysis
B. Reconnaissance
C. Enumeration
D. Exploitation
B
222 - Which type of light is ideal for indoor lighting but not for outdoor lighting?
A. Mercury vapor
B. Fluorescent
C. Quartz lamps
D. Sodium Vapor
B
223 - What can users inherit from group memberships or roles that they have within an organization?
A. Covert channels
B. Inference
C. Entitlements
D. Emanation
C
224 - Which type of lock allows for a certain amount of individual accountability?
A. Cipher lock
B. Smart lock
C. Electronic combination lock
D. Combination lock
B
225 - The OSI model is divided into seven different layers. At which of the seven layers are you most likely to find a router?
A. Layer 3
B. Layer 2
C. Layer 7
D. Layer 1
A
226 - Several ethical bases have been identified to help with IT decision making. Which statement provides the basis for the golden rule?
A. Assume that all property and information belongs to someone.
B. Incur least harm or cost.
C. If an action is not repeatable at all times, it is not right at any time.
D. Treat others as you wish to be treated.
D
227 - Which layers of the OSI model map to the Network Access layer of the TCP/IP model?
A. Network and Physical
B. Transport and Network
C. Network and Data Link
D. Data Link and Physical
D
228 - What step in creating a business continuity plan involves calculating the maximum tolerable downtime (MTD) for resources?
A. Business impact analysis
B. Plan maintenance
C. Policy statement and team creation
D. Develop recovery strategies
A
229 - Several measures can be taken to help protect against electric power issues. What is not a recommended method of protecting devices?
A. Use shielded cables.
B. Do not run cables close to fluorescent lights.
C. Plug all devices into surge protectors.
D. Plug power bars into other power bars to help provide additional protection.
D
230 - Which security standard consists of five principles and seven enablers?
A. COBIT version 5
B. ISO/IEC 15408
C. ISO/IEC 27001; 2005
D. ITSEC
A
231 - Security management is supported by the three core information security principles. They are confidentiality, availability, and integrity. Which controls are used for availability and integrity?
A. Physical access controls B. Database encryption C. Hashing D. Clustering E. Warm sites
- Availability
- Integrity
- [D, E] Availability
- [A, C] Integrity
232 - Many attackers are never caught and successfully prosecuted. What can make identifying attackers a difficult challenge for investigators?
A. Most attacks are performed by individuals located outside of the network
B. Most companies do not use firewalls
C. Many attackers spoof their IP addresses and erase logs to cover their tracks
D. There are only a few laws that specifically address computer crimes
C
233 - The first step in performing a risk assessment is to identify vulnerabilities. Which of the following is considered a security vulnerability?
A. The absence of a security guard
B. A disgruntled employee
C. An access control system not functioning properly
D. A piece of code written to create a DoS attack
A
234 - Which intellectual property laws match each example?
A. Trade Secret
B. Trademark
C. Patent
D. Copyright
- Double tapping a screen for enlarging documents on a tablet
- A recipe for chicken batter at a popular restaurant chain
- A logo of a large restaurant chain
- Printed sheet music for a popular song
- [C] Double tapping a screen for enlarging documents on a tablet
- [A] A recipe for chicken batter at a popular restaurant chain
- [B] A logo of a large restaurant chain
- [D] Printed sheet music for a popular song
235 - What is the highest level of information classification used by the majority of organizations?
A. Confidential
B. Internal use only
C. Secret
D. Restricted
D
236 - Which access cards match to each description?
A. Magnetic stripe card
B. Proximity card
C. Smart card
- Contains a microchip and can store a large amount of data
- Contains a microchip and opens a magnetic lock
- Made of PVC material and is easily damaged
- [C] Contains a microchip and can store a large amount of data
- [B] Contains a microchip and opens a magnetic lock
- [A] Made of PVC material and is easily damaged
237 - What is NOT a valid method of protecting against static electricity?
A. Manage humidity levels.
B. Ensure equipment and electrical outlets are grounded.
C. Install carpets on server room floors.
D. Use an ESD Wrist strap.
C
238 - As part of the security steering committee for a high-tech security firm, you suggest that two high level employees are required to have information that, when put together, provides access to a plaintext key. Upon which concept is the suggestion based?
A. Dual control
B. Split knowledge
C. Social engineering
D. Rotation of duties
B
239 - Resource protection is one of the three critical requirements for operations controls. Its goal is to protect resources within the organization from loss or compromise. Which is NOT a concern for the resource protection critical requirement?
A. Protect resources that are required for data processing.
B. Ensure that resource security is maintained during a failure.
C. Ensure that vulnerabilities directed at the availability, integrity, and confidentiality of resources is reduced.
D. Provide a balance between the implemented security controls and the user’s productivity.
B
240 - Your security department has presented management with an overview of the security mechanisms that have been implemented and an evaluation of their overall effectiveness. What is the process referred to as when management formally accepts the information you have presented them with?
A. Accreditation
B. Hallmark
C. Affirmation
D. Certification
A
241 - Which is not a characteristic of business impact analysis?
A. Determining the maximum tolerable downtime (MTD)
B. Identifying critical systems
C. Determining a recovery strategy
D. Developing it early in business continuity planning
C
242 - During the recovery strategy planning phase, there are various items that you will have to review and create a recovery strategy for. Which resource is commonly overlooked during the recovery strategies planning phase?
A. Human resources
B. Data and voice equipment
C. Environmental issues
D. Computer and network equipment
A
243 - What is considered a misdemeanor under the Computer Fraud and Abuse Act of 1986?
A. To use classified data for the benefit of a foreign nation
B. To disclose personal medical information
C. To gain unauthorized access to government computers
D. To gain authorized access to personal medical information
C
244 - What would be the least effective method to prevent an intruder from gaining access to a facility?
A. Smartcards
B. A fence
C. Guard dogs
D. CCTV
D
245 - What type of interference can be caused by a disturbance in the circuit from the difference in the hot, neutral, and ground wires and the magnetic field they generate?
A. Electromagnetic interference
B. Intermodulation
C. Electrostatic discharge
D. Radio frequency interference
A
246 - What is the first level in the Orange Book that requires labeled security?
A. C2
B. B1
C. C1
D. B2
B
247 - There are three critical requirements for operations controls. Which statement correctly identifies the critical requirement referred to as privileged-entity controls?
A. Provide users with the level of access they require to complete their assigned tasks.
B. Provide compliance with legislative and industry guidelines to protect sensitive information and personnel.
C. Provide all users with administrative-like access control capabilities.
D. Provide specific users with administrative-like access control capabilities.
D
248 - What does the term “trusted computing base” best address?
A. The level of application portability a system provides
B. The level of trust a system provides
C. The level of security a system provides
D. The level of communication a system provides
B
