Match the access control type to the example of the control type.
Drag each access control type net to its corresponding example.
A proxy firewall operates at what layer of the Open System Interconnection (OSI) model?
Which of the following is a document that identifies each item seized in an investigation, including date and time seized, full name and signature or initials of the person who seized the item, and a detailed description of the item?
In configuration management, what baseline configuration information MUST be maintained for each computer system?
Which technology is a prerequisite for populating the cloud-based directory in a federated identity solution?
Which of the following is a strategy of grouping requirements in developing a Security Test and Evaluation (ST&E)?
Which of the following is a remote access protocol that uses a static authentication?
During the Security Assessment and Authorization process, what is the PRIMARY purpose for conducting a hardware and software inventory?
The design review for an application has been completed and is ready for release. What technique should an organization use to assure application integrity?
A chemical plan wants to upgrade the Industrial Control System (ICS) to transmit data using Ethernet instead
of RS422. The project manager wants to simplify administration and maintenance by utilizing the office
network infrastructure and staff to implement this upgrade.
Which of the following is the GREATEST impact on security for the network?
Which of the following is a benefit in implementing an enterprise Identity and Access Management (IAM) solution?
Which of the following steps should be performed FIRST when purchasing Commercial Off-The-Shelf (COTS) software?
When developing solutions for mobile devices, in which phase of the Software Development Life Cycle (SDLC) should technical limitations related to devices be specified?
Due to system constraints, a group of system administrators must share a high-level access set of credentials.
Which of the following would be MOST appropriate to implement?
Which of the following combinations would MOST negatively affect availability?
Transport Layer Security (TLS) provides which of the following capabilities for a remote access server?
A vulnerability assessment report has been submitted to a client. The client indicates that one third of the hosts
that were in scope are missing from the report.
In which phase of the assessment was this error MOST likely made?
In an organization where Network Access Control (NAC) has been deployed, a device trying to connect to the network is being placed into an isolated domain. What could be done on this device in order to obtain proper
connectivity?
Which of the following is the MOST appropriate action when reusing media that contains sensitive data?
An organization has discovered that users are visiting unauthorized websites using anonymous proxies.
Which of the following is the BEST way to prevent future occurrences?
Access to which of the following is required to validate web session management?
The use of private and public encryption keys is fundamental in the implementation of which of the following?
Which technique can be used to make an encryption scheme more resistant to a known plaintext attack?
What is the second phase of Public Key Infrastructure (PKI) key/certificate life-cycle management?
Which security service is served by the process of encryption plaintext with the sender’s private key and decrypting cipher text with the sender’s public key?
What steps can be taken to prepare personally identifiable information (PII) for processing by a third party?
Which of the following MUST be considered when developing business rules for a data loss prevention (DLP) solution?
Which of the following is a process in the access provisioning lifecycle that will MOST likely identify access aggregation issues?
Which of the following attacks is dependent upon the compromise of a secondary target in order to reach the primary target?
During which of the following processes is least privilege implemented for a user account?
What should an auditor do when conducting a periodic audit on media retention?
Which of the following is the BEST method to reduce the effectiveness of phishing attacks?
A security analyst for a large financial institution is reviewing network traffic related to an incident. The analyst determines the traffic is irrelevant to the investigation but in the process of the review, the analyst also finds that an applications data, which included full credit card cardholder data, is transferred in clear text between the server and user’s desktop. The analyst knows this violates the Payment Card Industry Data Security Standard (PCI-DSS). Which of the following is the analyst’s next step?
Which component of the Security Content Automation Protocol (SCAP) specification contains the data required to estimate the severity of vulnerabilities identified automated vulnerability assessments?
Who in the organization is accountable for classification of data information assets?
Which of the following is an initial consideration when developing an information security management system?
An organization has doubled in size due to a rapid market share increase. The size of the Information Technology (IT) staff has maintained pace with this growth. The organization hires several contractors whose onsite time is limited. The IT department has pushed its limits building servers and rolling out workstations and has a backlog of account management requests.
Which contract is BEST in offloading the task from the IT staff?
Which of the following is an effective control in preventing electronic cloning of Radio Frequency Identification (RFID) based access cards?
Which of the following is MOST important when assigning ownership of an asset to a department?
Which of the following BEST describes the responsibilities of a data owner?
When implementing a data classification program, why is it important to avoid too much granularity?
Which of the following is an authentication protocol in which a new random number is generated uniquely for each login session?
An organization is designing a large enterprise-wide document repository system. They plan to have several different classification level areas with increasing levels of controls. The BEST way to ensure document confidentiality in the repository is to
Which of the following is the FIRST step in the incident response process?
What should be the FIRST action to protect the chain of evidence when a desktop computer is involved?
Which of the following types of business continuity tests includes assessment of resilience to internal and external risks without endangering live operations?
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?
A Business Continuity Plan/Disaster Recovery Plan (BCP/DRP) will provide which of the following?
An organization is found lacking the ability to properly establish performance indicators for its Web hosting solution during an audit. What would be the MOST probable cause?
What is the MOST important step during forensic analysis when trying to learn the purpose of an unknown application?
Which of the following is a PRIMARY advantage of using a third-party identity service?
A continuous information security monitoring program can BEST reduce risk through which of the following?
What would be the MOST cost effective solution for a Disaster Recovery (DR) site given that the organization’s systems cannot be unavailable for more than 24 hours?
Recovery strategies of a Disaster Recovery planning (DRIP) MUST be aligned with which of the following?
In a Transmission Control Protocol/Internet Protocol (TCP/IP) stack, which layer is responsible for negotiating and establishing a connection with another node?
An input validation and exception handling vulnerability has been discovered on a critical web-based system. Which of the following is MOST suited to quickly implement a control?
An external attacker has compromised an organization’s network security perimeter and installed a sniffer onto an inside computer. Which of the following is the MOST effective layer of security the organization could have implemented to mitigate the attacker’s ability to gain further information?
Which of the following is used by the Point-to-Point Protocol (PPP) to determine packet formats?
At what level of the Open System Interconnection (OSI) model is data at rest on a Storage Area Network (SAN) located?
Which of the following is the BEST network defense against unknown types of attacks or stealth attacks in progress?
Which of the following operates at the Network Layer of the Open System Interconnection (OSI) model?
A Java program is being developed to read a file from computer A and write it to computer B, using a third computer C. The program is not working as expected. What is the MOST probable security feature of Java preventing the program from operating as intended?
What is the BEST approach to addressing security issues in legacy web applications?
The configuration management and control task of the certification and accreditation process is incorporated in which phase of the System Development Life Cycle (SDLC)?
Which of the following is the BEST method to prevent malware from being introduced into a production environment?
Which of the following is a web application control that should be put into place to prevent exploitation of Operating System (OS) bugs?
Which of the following is the PRIMARY risk with using open source software in a commercial software construction?
When in the Software Development Life Cycle (SDLC) MUST software security functional requirements be defined?
Which of the following is the PRIMARY issue when analyzing detailed log information?
A company hired an external vendor to perform a penetration test ofa new payroll system. The company’s internal test team had already performed an in-depth application
and security test of the system and determined that it met security requirements. However, the external vendor uncovered significant security weaknesses where sensitive
personal data was being sent unencrypted to the tax processing systems. What is the MOST likely cause of the security issues?
Which of the following factors is á PRIMARY reason to drive changes in an Information Security Continuous Monitoring (ISCM) strategy?
Assuming an individual has taken all of the steps to keep their internet connection private, which of the following is the BEST to browse the web privately?
The ability to send malicious code, generally in the form of a client side script, to a different end user is categorized as which type of vulnerability?
Which of the following is the MAIN difference between a network-based firewall and a host-based firewall?
Which of the following protection is provided when using a Virtual Private Network (VPN) with Authentication Header (AH)?
Which of the following should be done at a disaster site before any item is removed, repaired, or replaced?
Why is it important that senior management clearly communicates the formal Maximum Tolerable Downtime (MTD) decision?
Which of the following is the MOST comprehensive Business Continuity (BC) test?
Which of the following security objectives for industrial control systems (ICS) can be adapted to securing any Internet of Things (IoT) system?
Which of the following is an example of a vulnerability of full-disk encryption (FDE)?
What is the FIRST step when developing an Information Security Continuous Monitoring (ISCM) program?
A Certified Information Systems Security Professional (CISSP) with identity and access management (IAM) responsibilities is asked by the Chief Information Security Officer (CISO) to4 perform a vulnerability assessment on a web application to pass a Payment Card Industry (PCI) audit. The CISSP has never performed this before. According to the (ISC)? Code of Professional Ethics, which of the following should the CISSP do?
What is the BEST method if an investigator wishes to analyze a hard drive which may be used as evidence?
Which of the following is the BEST definition of Cross-Site Request Forgery (CSRF)?
A client has reviewed a vulnerability assessment report and has stated it is inaccurate. The client states that the vulnerabilities listed are not valid because the host’s Operating system (OS) was not properly detected.
Where in the vulnerability assessment process did the error MOST likely occur?
Company A is evaluating new software to replace an in-house developed application. During the acquisition process. Company A specified the security retirement, as well as the functional requirements. Company B responded to the acquisition request with their flagship product that runs on an Operating System (OS) that Company A has never used nor evaluated. The flagship product meets all security -and functional requirements as defined by Company A.
Based upon Company B's response, what step should Company A take?
Which of the following techniques is MOST useful when dealing with Advanced persistent Threat (APT) intrusions on live virtualized environments?
Internet protocol security (IPSec), point-to-point tunneling protocol (PPTP), and secure sockets Layer (SSL) all use Which of the following to prevent replay attacks?
A security practitioner has been tasked with establishing organizational asset handling procedures. What should be considered that would have the GRFATEST impact to the development of these procedures?
Secure real-time transport protocol (SRTP) provides security for which of the following?
Which of the following would present the higher annualized loss expectancy (ALE)?
What is the MOST important consideration from a data security perspective when an organization plans to relocate?
Which of the following actions will reduce risk to a laptop before traveling to a high risk area?
A company whose Information Technology (IT) services are being delivered from a Tier 4 data center, is preparing a companywide Business Continuity Planning (BCP). Which of the following failures should the IT manager be concerned with?
Which of the following types of technologies would be the MOST cost-effective method to provide a reactive control for protecting personnel in public areas?
An important principle of defense in depth is that achieving information security requires a balanced focus on which PRIMARY elements?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
When assessing an organization’s security policy according to standards established by the International Organization for Standardization (ISO) 27001 and 27002, when can management responsibilities be defined?
Which of the following represents the GREATEST risk to data confidentiality?
Intellectual property rights are PRIMARY concerned with which of the following?
A Virtual Machine (VM) environment has five guest Operating Systems (OS) and provides strong isolation. What MUST an administrator review to audit a user’s access to data files?
Which of the following is of GREATEST assistance to auditors when reviewing system configurations?
Which of the following could cause a Denial of Service (DoS) against an authentication system?
Which of the following is a PRIMARY benefit of using a formalized security testing report format and structure?
In which of the following programs is it MOST important to include the collection of security process data?
A manufacturing organization wants to establish a Federated Identity Management (FIM) system with its 20 different supplier companies. Which of the following is the BEST solution for the manufacturing organization?
A security professional is asked to provide a solution that restricts a bank teller to only perform a savings deposit transaction but allows a supervisor to perform corrections after the transaction. Which of the following is the MOST effective solution?
While inventorying storage equipment, it is found that there are unlabeled, disconnected, and powered off devices. Which of the following is the correct procedure for handling such equipment?
Which of the following is an advantage of on-premise Credential Management Systems?
Which of the following BEST describes the purpose of the security functional requirements of Common Criteria?
Which of the following is the BEST example of weak management commitment to the protection of security assets and resources?
What is the PRIMARY difference between security policies and security procedures?
The goal of a Business Continuity Plan (BCP) training and awareness program is to
What is the process called when impact values are assigned to the security objectives for information types?
While investigating a malicious event, only six days of audit logs from the last month were available. What policy should be updated to address this problem?
During the risk assessment phase of the project the CISO discovered that a college within the University is collecting Protected Health Information (PHI) data via an application that was developed in-house. The college collecting this data is fully aware of the regulations for Health Insurance Portability and Accountability Act (HIPAA) and is fully compliant.
What is the best approach for the CISO?
Below are the common phases to creating a Business Continuity/Disaster Recovery (BC/DR) plan. Drag the remaining BC\DR phases to the appropriate corresponding location.
Which of the following is the MOST important output from a mobile application threat modeling exercise according to Open Web Application Security Project (OWASP)?
Sensitive customer data is going to be added to a database. What is the MOST effective implementation for ensuring data privacy?
Which of the following is the BEST approach to take in order to effectively incorporate the concepts of business continuity into the organization?
Which of the following controls is the FIRST step in protecting privacy in an information system?
Without proper signal protection, embedded systems may be prone to which type of attack?
During an investigation of database theft from an organization's web site, it was determined that the Structured Query Language (SQL) injection technique was used despite input validation with client-side scripting. Which of the following provides the GREATEST protection against the same attack occurring again?
Refer to the information below to answer the question.
An organization has hired an information security officer to lead their security department. The officer has adequate people resources but is lacking the other necessary components to have an effective security program. There are numerous initiatives requiring security involvement.
Which of the following is considered the MOST important priority for the information security officer?
For a service provider, which of the following MOST effectively addresses confidentiality concerns for customers using cloud computing?
Host-Based Intrusion Protection (HIPS) systems are often deployed in monitoring or learning mode during their initial implementation. What is the objective of starting in this mode?
Refer to the information below to answer the question.
An organization has hired an information security officer to lead their security department. The officer has adequate people resources but is lacking the other necessary components to have an effective security program. There are numerous initiatives requiring security involvement.
The effectiveness of the security program can PRIMARILY be measured through
Which of the following actions MUST be taken if a vulnerability is discovered during the maintenance stage in a System Development Life Cycle (SDLC)?
What do Capability Maturity Models (CMM) serve as a benchmark for in an organization?
Which of the following is a critical factor for implementing a successful data classification program?
Refer to the information below to answer the question.
A security practitioner detects client-based attacks on the organization’s network. A plan will be necessary to address these concerns.
In addition to web browsers, what PRIMARY areas need to be addressed concerning mobile code used for malicious purposes?
Which of the following is the PRIMARY benefit of a formalized information classification program?
With data labeling, which of the following MUST be the key decision maker?
A system is developed so that its business users can perform business functions but not user administration functions. Application administrators can perform administration functions but not user business functions. These capabilities are BEST described as
Refer to the information below to answer the question.
An organization experiencing a negative financial impact is forced to reduce budgets and the number of Information Technology (IT) operations staff performing basic logical access security administration functions. Security processes have been tightly integrated into normal IT operations and are not separate and distinct roles.
Which of the following will indicate where the IT budget is BEST allocated during this time?