What type of access control is intended to discover unwanted or unauthorized activity by providing information after the event has occurred?
Preventive
Corrective
Detective
Directive
Which one of the following presents the most complex decoy environment for an attacker to explore during an intrusion attempt?
Honeypot
Darknet
Honeynet
Pseudoflaw
Ben's organization is adopting biometric authentication for their high-security building's access control system. Using this chart, answer questions 3–5 about their adoption of the technology.
Ben's company is considering configuring their systems to work at the level shown by point A on the diagram. What level are they setting the sensitivity to?
The FRR crossover
The FAR point
The CER
The CFR
At point B, what problem is likely to occur?
False acceptance will be very high.
False rejection will be very high.
False rejection will be very low.
False acceptance will be very low.
What should Ben do if the FAR and FRR shown in this diagram do not provide an acceptable performance level for his organization's needs?
Adjust the sensitivity of the biometric devices.
Assess other biometric systems to compare them.
Move the CER.
Adjust the FRR settings in software.
Ed is tasked with protecting information about his organization's customers, including their name, Social Security number, birthdate, and place of birth, as well as a variety of other information. What is this information known as?
PHI
PII
Personal protected data
PID
What software development lifecycle model is shown in the following illustration?
Spiral
Agile
Boehm
Waterfall
Encapsulation is the core concept that enables what type of protocol?
Bridging
Multilayer
Hashing
Storage
Amanda wants to use contacts from the existing Gmail accounts that new users for her application already have. What protocol from the following options is used to provide secure delegated access for this type of use by many cloud providers?
Open ID
Kerberos
OAuth
SAML
Which one of the following metrics specifies the amount of time that business continuity planners find acceptable for the restoration of service after a disaster?
MTD
RTO
RPO
MTO
Jill is working to procure new network hardware for her organization. She finds a gray market supplier that is importing the hardware from outside the country at a much lower price. What security concern is the most significant for hardware acquired this way?
The security of the hardware and firmware
Availability of support for the hardware and software
Whether the hardware is a legitimate product of the actual vendor
The age of the hardware
What process is typically used to ensure data security for workstations that are being removed from service but that will be resold or otherwise reused?
Destruction
Erasing
Sanitization
Clearing
Colleen is conducting a software test that is evaluating code for both security flaws and usability issues. She is working with the application from an end-user perspective and referencing the source code as she works her way through the product. What type of testing is Colleen conducting?
White box
Blue box
Gray box
Black box
Harold is looking for a software development methodology that will help with a major issue he is seeing in his organization. Currently, developers and operations staff do not work together and are often seen as taking problems and “throwing them over the fence” to the other team. What technology management approach is designed to alleviate this problem?
ITIL
Lean
ITSM
DevOps
NIST Special Publication 800-92, the Guide to Computer Security Log Management, describes four types of common challenges to log management:
Many log sources
Inconsistent log content
Inconsistent timestamps
Inconsistent log formats
Which of the following solutions is best suited to solving these issues?
Implement SNMP for all logging devices.
Implement a SIEM.
Standardize on the Windows event log format for all devices and use NTP.
Ensure that logging is enabled on all endpoints using their native logging formats and set their local time correctly.
Mike has a flash memory card that he would like to reuse. The card contains sensitive information. What technique can he use to securely remove data from the card and allow its reuse?
Degaussing
Physical destruction
Cryptoshredding
Reformatting
Carlos is investigating the compromise of sensitive information in his organization. He believes that attackers managed to retrieve personnel information on all employees from the database and finds the following user-supplied input in a log entry for a web-based personnel management system:
Collins'&1=1;––
What type of attack took place, and how could it be prevented?
SQL injection, use of stored procedures
Buffer overflow, automatic buffer expansion
Cross-site scripting, turning on XSS prevention on the web server
Cross-site request forgery, requiring signed requests
Which one of the following is a detailed, step-by-step document that describes the exact actions that individuals must complete?
Policy
Standard
Guideline
Procedure
What purpose are the CIS benchmarks frequently used for in organizations?
Secure coding standards
Performance testing
Baselining
Monitoring metrics
Bryan has a set of sensitive documents that he would like to protect from public disclosure. He would like to use a control that, if the documents appear in a public forum, may be used to trace the leak back to the person who was originally given the document copy. What security control would best fulfill this purpose?
Digital signature
Document staining
Hashing
Watermarking
Carlos is planning a design for a data center that will be constructed within a new four-story corporate headquarters. The building consists of a basement and three above-ground floors. What is the best location for the data center?
Basement
First floor
Second floor
Third floor
Chris is an information security professional for a major corporation, and as he is walking into the building, he notices that the door to a secure area has been left ajar. Physical security does not fall under his responsibility, but he takes immediate action by closing the door and informing the physical security team of his action. What principle is Chris demonstrating?
Due care
Crime prevention through environmental design
Separation of duties
Informed consent
Which one of the following investigation types always uses the beyond-a-reasonable-doubt standard of proof?
Civil investigation
Criminal investigation
Operational investigation
Regulatory investigation
Kristen wants to use multiple processing sites for her data, but does not want to pay for a full data center. Which of the following options would you recommend as her best option if she wants to be able to quickly migrate portions of her custom application environment to facilities in multiple countries without having to wait to ship or acquire hardware?
A cloud PaaS vendor
A hosted data center provider
A cloud IaaS vendor
A data center vendor that provides rack, power, and remote hands services
What type of alternate processing facility contains the hardware necessary to restore operations but does not have a current copy of data?
Hot site
Warm site
Cold site
Mobile site
Which one of the following terms describes a period of momentary high voltage?
Sag
Brownout
Spike
Surge
Greg needs to label drives used for his company's medical insurance claims database. What data label from the following list best matches the type of data he is dealing with?
PII
Secret
Business confidential
PHI
The Open Shortest Path First (OSPF) protocol is a routing protocol that keeps a map of all connected remote networks and uses that map to select the shortest path to a remote destination. What type of routing protocol is OSPF?
Link state
Shortest path first
Link mapping
Distance vector
Selah wants to ensure that vehicles cannot crash through into her company's entryway and front lobby while still remaining accessible to pedestrians and wheelchairs or other mobility devices. What physical security control is best suited to this purpose?
Fences
Bollards
Walls
Stairs
For questions 30–34, please refer to the following scenario:
Concho Controls is a midsize business focusing on building automation systems. It hosts a set of local file servers in its on-premises data center that store customer proposals, building plans, product information, and other data that is critical to their business operations.
Tara works in the Concho Controls IT department and is responsible for designing and implementing the organization's backup strategy, among other tasks. She currently conducts full backups every Sunday evening at 8 p.m. and differential backups on Monday through Friday at noon.
Concho experiences a server failure at 3 p.m. on Wednesday. Tara rebuilds the server and wants to restore data from the backups.
What backup should Tara apply to the server first?
Sunday's full backup
Monday's differential backup
Tuesday's differential backup
Wednesday's differential backup
How many backups in total must Tara apply to the system to make the data it contains as current as possible?
1
2
3
4
In this backup approach, some data may be irretrievably lost. How long is the time period where any changes made will have been lost?
3 hours.
5 hours.
8 hours.
No data will be lost.
If Tara followed the same schedule but switched the differential backups to incremental backups, how many backups in total would she need to apply to the system to make the data it contains as current as possible?
1
2
3
4
If Tara made the change from differential to incremental backups and we assume that the same amount of information changes each day, which one of the following files would be the largest?
Monday's incremental backup.
Tuesday's incremental backup.
Wednesday's incremental backup.
All three will be the same size.
The following figure shows an example of an attack where Mal, the attacker, has redirected traffic from a user's system to their own, allowing them to read TLS encrypted traffic. Which of the following terms best describes this attack?
A DNS hijacking attack
An ARP spoofing attack
A man-in-the-middle attack
A SQL injection attack
Bob has been tasked with writing a policy that describes how long data should be kept and when it should be purged. What concept does this policy deal with?
Data remanence
Record retention
Data redaction
Audit logging
Which component of IPsec provides authentication, integrity, and nonrepudiation?
L2TP
Encapsulating Security Payload
Encryption Security Header
Authentication Header
Renee notices that a system on her network recently received connection attempts on all 65,536 TCP ports from a single system during a short period of time. What type of attack did Renee most likely experience?
Denial-of-service
Reconnaissance
Malicious insider
Compromise
What type of Windows audit record describes events like an OS shutdown or a service being stopped?
An application log
A security log
A system log
A setup log
Melissa is in charge of her organization's security compliance efforts and has been told that the organization does not install Windows patches until a month has passed since the patch has been released unless there is a zero-day exploit that is being actively exploited. Why would the company delay patching like this?
To minimize business impact of the installation
To allow any flaws with the patch to be identified
To prevent malware in the patches from being installed before it is identified
To allow the patch to be distributed to all systems
What level of RAID is also known as disk striping?
RAID 0
RAID 1
RAID 5
RAID 10
Jacob executes an attack against a system using a valid but low-privilege user account by accessing a file pointer that the account has access to. After the access check, but before the file is opened, he quickly switches the file pointer to point to a file that the user account does not have access to. What type of attack is this?
TOCTOU
Permissions creep
Impersonation
Link swap
What is the minimum number of disks required to implement RAID level 0?
1
2
3
5
Fred's company wants to ensure the integrity of email messages sent via its central email servers. If the confidentiality of the messages is not critical, what solution should Fred suggest?
Digitally sign and encrypt all messages to ensure integrity.
Digitally sign but don't encrypt all messages.
Use TLS to protect messages, ensuring their integrity.
Use a hashing algorithm to provide a hash in each message to prove that it hasn't changed.
The leadership at Susan's company has asked her to implement an access control system that can support rule declarations like “Only allow access to salespeople from managed devices on the wireless network between 8 a.m. and 6 p.m.” What type of access control system would be Susan's best choice?
ABAC
RBAC
DAC
MAC
Nora's company operates servers on a five-year lifecycle. When they reach their end of life according to that process, the servers are sent to an e-waste recycler. Which of the following is the most effective control that Nora could implement to ensure that a data breach does not occur due to remanent data?
Zero wipe the drives before the servers leave the organization.
Remove the drives and shred them.
Reformat the drives before the servers are sent to the e-waste company.
Require certificates of disposal from the e-waste company.
Chris is deploying a gigabit Ethernet network using Category 6 cable between two buildings. What is the maximum distance he can run the cable according to the Category 6 standard?
50 meters
100 meters
200 meters
300 meters
Howard is a security analyst working with an experienced computer forensics investigator. The investigator asks him to retrieve a forensic drive controller, but Howard cannot locate a device in the storage room with this name. What is another name for a forensic drive controller?
RAID controller
Write blocker
SCSI terminator
Forensic device analyzer
The web application that Saria's development team is working on needs to provide secure session management that can prevent hijacking of sessions using the cookies that the application relies on. Which of the following techniques would be the best for her to recommend to prevent this?
Set the Secure attribute for the cookies, thus forcing TLS.
Set the Domain cookie attribute to example.com to limit cookie access to servers in the same domain.
Set the Expires cookie attribute to less than a week.
Set the HTTPOnly attribute to require only unencrypted sessions.
Ben's company has recently retired its fleet of multifunction printers. The information security team has expressed concerns that the printers contain hard drives and that they may still have data from scans and print jobs. What is the technical term for this issue?
Data pooling
Failed clearing
Data permanence
Data remanence
What access control scheme labels subjects and objects and allows subjects to access objects when the labels match?
DAC
MAC
Rule-based access control (RBAC)
Role-based access control (RBAC)
A cloud-based service that provides account provisioning, management, authentication, authorization, reporting, and monitoring capabilities is known as what type of service?
PaaS
IDaaS
IaaS
SaaS
Sally wants to secure her organization's VoIP systems. Which of the following attacks is one that she shouldn't have to worry about?
Eavesdropping
Denial-of-service
Blackboxing
Caller ID spoofing
Marty discovers that the access restrictions in his organization allow any user to log into the workstation assigned to any other user, even if they are from completely different departments. This type of access most directly violates which information security principle?
Separation of duties
Two-person control
Need to know
Least privilege
Fred needs to transfer files between two servers on an untrusted network. Since he knows the network isn't trusted, he needs to select an encrypted protocol that can ensure that his data remains secure. What protocol should he choose?
SSH
TCP
SFTP
IPsec
Chris uses a packet sniffer to capture traffic from a TACACS+ server. What protocol should he monitor, and what data should he expect to be readable?
UDP; none—TACACS+ encrypts the full session.
TCP; none—TACACS+ encrypts the full session.
UDP; all but the username and password, which are encrypted.
TCP; all but the username and password, which are encrypted.
Use your knowledge of Kerberos authentication and authorization as well as the following diagram to answer questions 57–59.
If the client has already authenticated to the KDC, what does the client workstation send to the KDC at point A when it wants to access a resource?
It resends the password
A TGR
Its TGT
A service ticket
What occurs between steps A and B?
The KDC verifies the validity of the TGT and whether the user has the right privileges for the requested resource.
The KDC updates its access control list based on the data in the TGT.
The KDC checks its service listing and prepares an updated TGT based on the service request.
The KDC generates a service ticket to issue to the client.
What system or systems does the service that is being accessed use to validate the ticket?
The KDC.
The client workstation and the KDC.
The client workstation supplies it in the form of a client-to-server ticket and an authenticator.
The KVS.
What does a service ticket (ST) provide in Kerberos authentication?
It serves as the authentication host.
It provides proof that the subject is authorized to access an object.
It provides proof that a subject has authenticated through a KDC and can request tickets to access other objects.
It provides ticket granting services.
Judy is preparing to conduct a business impact analysis. What should her first step be in the process?
Identify threats to the business.
Identify risks to the organization.
Identify business priorities.
Conduct likelihood analysis.
What is the most common risk that cellular phone hotspots create for business networks?
They can provide attackers with a nonsecured network path into your network.
They can be used like rogue access points for man-in-the-middle attacks.
They allow wireless data to be intercepted.
They are unencrypted and can be easily sniffed.
Which one of the following fire suppression systems poses the greatest risk of accidental discharge that damages equipment in a data center?
Wet pipe
Dry pipe
Deluge
Preaction
Amanda's healthcare provider maintains such data as details about her health, treatments, and medical billing. What type of data is this?
Protected health information
Personally identifiable information
Protected health insurance
Individual protected data
What type of code review is best suited to identifying business logic flaws?
Mutational fuzzing
Manual
Generational fuzzing
Interface testing
Something you know is an example of what type of authentication factor?
Type 1
Type 2
Type 3
Type 4
Saria is the system owner for a healthcare organization. What responsibilities does she have related to the data that resides on or is processed by the systems she owns?
She has to classify the data.
She has to make sure that appropriate security controls are in place to protect the data.
She has to grant appropriate access to personnel.
She bears sole responsibility for ensuring that data is protected at rest, in transit, and in use.
During software testing, Jack diagrams how a hacker might approach the application he is reviewing and determines what requirements the hacker might have. He then tests how the system would respond to the attacker's likely behavior. What type of testing is Jack conducting?
Misuse case testing
Use case testing
Hacker use case testing
Static code analysis
Rick's risk assessment for his company's web application noted that it could suffer from SQL injection attacks. Which of the following mitigation techniques would you recommend Rick apply to help reduce this risk? (Select all that apply.)
Stored procedures
Escaping all user-supplied input
Parameterized queries
Input validation
Chris has been assigned to scan a system on all of its possible TCP and UDP ports. How many ports of each type must he scan to complete his assignment?
65,536 TCP ports and 32,768 UDP ports
1,024 common TCP ports and 32,768 ephemeral UDP ports
65,536 TCP and 65,536 UDP ports
16,384 TCP ports, and 16,384 UDP ports
CVE and the NVD both provide information about what?
Vulnerabilities
Markup languages
Vulnerability assessment tools
Penetration testing methodologies
Michelle wants to ensure that her company does not keep logs for longer than they need to. What type of policy should she write and implement to ensure this?
An EOL policy
A data classification policy
An EOS policy
A record retention policy
In what type of trusted recovery process does the system recover against one or more failure types without administrator intervention while protecting itself against data loss?
Automated recovery
Manual recovery
Function recovery
Automated recovery without undue data loss
What three important items should be considered if you are attempting to control the strength of signal for a wireless network as well as where it is accessible?
Antenna placement, antenna type, antenna power levels
Antenna design, power levels, use of a captive portal
Antenna placement, antenna design, use of a captive portal
Power levels, antenna placement, FCC minimum strength requirements
What is the best way to ensure that data is unrecoverable from an SSD?
Use the built-in erase commands.
Use a random pattern wipe of 1s and 0s.
Physically destroy the drive.
Degauss the drive.
Alice sends a message to Bob and wants to ensure that Mal, a third party, does not read the contents of the message while in transit. What goal of cryptography is Alice attempting to achieve?
Confidentiality
Integrity
Authentication
Nonrepudiation
Place the following stages in their proper order for the MITRE ATT&CK framework shown here. Note that Recon is the start of the process and Maintain is the end.
The company that Gary works for processes credit cards and operates under an industry standard for credit card handling. Which of the following standards will his company need to comply with?
ISO27001
FIPS 140
PCI-DSS
ISO 27002
James has opted to implement a NAC solution that uses a post-admission philosophy for its control of network connectivity. What type of issues can't a strictly post-admission policy handle?
Out-of-band monitoring
Preventing an unpatched laptop from being exploited immediately after connecting to the network
Denying access when user behavior doesn't match an authorization matrix
Allowing a user access to a specific object when user behavior is allowed based on an authorization matrix
Ben has built an access control list that lists the objects that his users are allowed to access. When users attempt to access an object that they don't have rights to, they are denied access, even though there isn't a specific rule that prevents it. What access control principle is key to this behavior?
Least privilege
Implicit deny
Explicit deny
Final rule fall-through
Mary is a security risk analyst for an insurance company. She is currently examining a scenario where a hacker might use a SQL injection attack to deface a web server due to a missing patch in the company's web application. In this scenario, what is the risk?
Unpatched web application
Web defacement
Hacker
Operating system
The mean time to detect a compromise is what type of security measurement?
An MTO
A technical control objective
A compliance objective
A KPI
Val is attempting to review security logs but is overwhelmed by the sheer volume of records maintained in her organization's central log repository. What technique can she use to select a representative set of records for further review?
Statistical sampling.
Clipping.
Choose the first 5 percent of records from each day.
Choose 5 percent of records from the middle of the day.
In Jen's job as the network administrator for an industrial production facility, she is tasked with ensuring that the network is not susceptible to electromagnetic interference due to the large motors and other devices running on the production floor. What type of network cabling should she choose if this concern is more important than cost and difficulty of installation?
10Base2
100BaseT
1000BaseT
Fiber optic
For questions 85–88, please refer to the following scenario:
Jasper Diamonds is a jewelry manufacturer that markets and sells custom jewelry through its website. Bethany is the manager of Jasper's software development organization, and she is working to bring the company into line with industry-standard practices. She is developing a new change management process for the organization and wants to follow commonly accepted approaches.
Bethany would like to put in place controls that provide an organized framework for company employees to suggest new website features that her team will develop. What change management process facilitates this?
Configuration control
Change control
Release control
Request control
Bethany would also like to create a process that helps multiple developers work on code at the same time. What change management process facilitates this?
Configuration control
Change control
Release control
Request control
Bethany is working with her colleagues to conduct user acceptance testing. What change management process includes this task?
Configuration control
Change control
Release control
Request control
Bethany noticed that some problems arise when system administrators update libraries without informing developers. What change management process can assist with this problem?
Configuration control
Change control
Release control
Request control
Ben has written the password hashing system for the web application he is building. His hashing code function for passwords results in the following process for a series of passwords:
What flaw has Ben introduced with his hashing implementation?
Plaintext salting
Salt reuse
Use of a short salt
Poor salt algorithm selection
Which one of the following is an example of risk transference?
Building a guard shack
Purchasing insurance
Erecting fences
Relocating facilities
What protocol takes the place of certificate revocation lists and adds real-time status verification?
RTCP
RTVP
OCSP
CSRTP
Xavier's company has been using an increasing number of cloud services, and he is concerned that the security policies that the company has implemented in its existing data center are not being followed in the cloud. Which of the following solutions is best suited to ensuring that policies are applied to all cloud services?
A CIPS
A CASB
A CSG
A CDLP
What process makes TCP a connection-oriented protocol?
It works via network connections.
It uses a handshake.
It monitors for dropped connections.
It uses a complex header.
Susan wants to build a security awareness program for her organization, but knows that keeping staff engaged is difficult. Which of the following techniques is often associated with the use of points and scores as part of the assessment process?
Gamification
Phishing testing
Security champions
Social engineering evaluations
You are conducting a qualitative risk assessment for your organization. The two important risk elements that should weigh most heavily in your analysis of risk are probability and ________________.
Likelihood
History
Impact
Cost
Using the OSI model, what format does the Data Link layer use to format messages received from higher up the stack?
A data stream
A frame
A segment
A datagram
What is the maximum penalty that may be imposed by an (ISC)2 peer review board when considering a potential ethics violation?
Revocation of certification
Termination of employment
Financial penalty
Suspension of certification
Which one of the following statements about the SDLC is correct?
The SDLC requires the use of an iterative approach to software development.
The SDLC requires the use of a sequential approach to software development.
The SDLC does not include training for end users and support staff.
The waterfall methodology is compatible with the SDLC.
In the diagram shown here, Harry is prevented from reading a file at a higher classification level than his security clearance. What security model prevents this behavior?
Bell–LaPadula
Biba
Clark–Wilson
Brewer–Nash
Susan is setting up the network for a local coffee house and wants to ensure that users have to authenticate using an email address and agree to the coffee house's acceptable use policy before being allowed on the network. What technology should she use to do this?
802.11
NAC
A captive portal
A wireless gateway
Travis is concerned about the security that his organization's use of Microsoft's BitLocker provides for systems. When are the systems most secure from data loss based on the encryption state of the drive if the systems are equipped with TPM and use full disk encryption?
When they are booted up and running because the system monitors for drive access
When the system is shutting down because keys are removed from memory
When they are booting up because the TPM checks for a secure boot process
When they are off because the drive is fully encrypted
Andrea wants to ensure that her virtualized networks are secure between virtual environments. She uses virtual machine clusters in multiple locations in her state with third-party internet service providers between those locations. Which of the following solutions is best suited to protecting her traffic if she runs a flattened layer 2 network between those locations?
TLS
BGP
IPsec
AES
For questions 103–105, please refer to the following scenario:
The company that Fred works for is reviewing the security of their company-issued cell phones. They issue 4G-capable smartphones running Android and iOS and use a mobile device management solution to deploy company software to the phones. The mobile device management software also allows the company to remotely wipe the phones if they are lost.
What security considerations should Fred's company require for sending sensitive data over the cellular network?
They should use the same requirements as data over any public network.
Cellular provider networks are private networks and should not require special consideration.
Encrypt all traffic to ensure confidentiality.
Require the use of WAP for all data sent from the phone.
Fred intends to attend a major hacker conference this year and needs to connect to his employer's network during his time at the conference. What should he do when connecting to his cellular provider's 4G network while at the conference?
Continue normal usage.
Discontinue all usage; towers can be spoofed.
Only use trusted WiFi networks.
Connect to his company's encrypted VPN service.
What are the most likely circumstances that would cause a remote wipe of a mobile phone to fail?
The phone has a passcode on it.
The phone cannot contact a network.
The provider has not unlocked the phone.
The phone is in use.
Elaine is developing a business continuity plan for her organization. What value should she seek to minimize?
AV
SSL
RTO
MTO
Warren wants to conduct an internal security audit. He wants to use a broadly accepted audit framework so that he can more easily compare the results to other organizations. Which of the following options should he select as his base audit framework?
ITSM
ATT&CK
COBIT
CIS
Place the list of disaster recovery test types in order of their potential impact on the business, starting with the least impactful and progressing through the most impactful.
Checklist review
Parallel test
Tabletop exercise
Full interruption test
1, 2, 3, 4
1, 3, 2, 4
1, 3, 4, 2
2, 1, 3, 4
Jack's data center design calls for dual-power supplies in every critical server. What part of the CIA triad is he addressing with this design decision?
Confidentiality
Integrity
Availability
None of the above
What step is missing from the IR process cycle diagram shown here?
Forensics
Retribution
Recovery
Analysis
Frank is attempting to protect his web application against cross-site scripting attacks. Users do not need to provide input containing scripts, so he decided the most effective way to filter would be to write a filter on the server that watches for the
<SCRIPT>
tag and removes it. What is the issue with Frank's approach?
Validation should always be performed on the client side.
Attackers may use XSS filter evasion techniques against this approach.
Server-side validation requires removing all HTML tags, not just the
<SCRIPT>
tag.
There is no problem with Frank's approach.
Megan wants to ensure that the new software as a service provider that her company is signing a contract with will make sure the service works all the time without disruptions. Which of the following is often part of contracts to provide that assurance?
An SLA
An RPA
An NDA
An MOU
Uptown Records Management recently entered into a contract with a hospital for the secure storage of medical records. The hospital is a U.S.-based, HIPAA-covered entity, which means it needs to ensure that organizations they contract with can meet security practice requirements. What type of agreement should the two organizations sign to meet this requirement?
NDA
NCA
BAA
SLA
Norm would like to conduct a disaster recovery test for his organization and wants to choose the most thorough type of test, recognizing that it may be quite disruptive. What type of test should Norm choose?
Full interruption test
Parallel test
Tabletop exercise
Checklist review
Ed is building a network that supports IPv6 but needs to connect it to an IPv4 network. What type of device should Ed place between the networks?
A switch
A router
A bridge
A gateway
Henry's company has deployed an extensive IoT infrastructure for building monitoring that includes environmental controls, occupancy sensors, and a variety of other sensors and controllers that help manage the building. Which of the following security concerns should Henry report as the most critical in his analysis of the IoT deployment?
The lack of local storage space for security logs that is common to IoT devices.
The IoT devices may not have a separate administrative interface, allowing anybody on the same network to attempt to log into them and making brute-force attacks possible.
The IoT devices may not support strong encryption for communications, exposing the log and sensor data to interception on the network.
The long-term support and patching model for the IoT devices may create security and operational risk for the organization.
Isaac wants to use a connectionless protocol to transfer data because he needs to optimize speed of transmission over reliability. Which protocol should he select?
ICMP
TCP
UDP
SNMP
Which one of the following actions is not required under the EU General Data Protection Regulation?
Organizations must allow individuals to opt out of information sharing.
Organizations must provide individuals with lists of employees with access to information.
Organizations must use proper mechanisms to protect data against unauthorized disclosure.
Organizations must have a dispute resolution process for privacy issues.
Tammy is selecting a disaster recovery facility for her organization. She would like to choose a facility that balances the time required to recover operations with the cost involved. What type of facility should she choose?
Hot site
Warm site
Cold site
Red site
What layer of the OSI model is associated with datagrams?
Session
Transport
Network
Data Link
Which one of the following is not a valid key length for the Advanced Encryption Standard?
128 bits
192 bits
256 bits
384 bits
Which one of the following technologies provides a function interface that allows developers to directly interact with systems without knowing the implementation details of that system?
Data dictionary
Object model
Source code
API
Ian wants to assess the security of his company's new SaaS provider. Which of the following options is the most likely option that he can realistically expect to be able to use to assess a major cloud provider's security?
Run a vulnerability scan against the provider's external services.
Request a SOC 2 Type II report.
Run a vulnerability scan against the provider's internal systems.
Request a SOC 1 Type II report.
When Ben lists the files on a Linux system, he sees a set of attributes as shown here.
The letters rwx indicate different levels of what?
Identification
Authorization
Authentication
Accountability
Match each one of the numbered protocols with the most accurate lettered description. Use each answer exactly once.
Protocol
TCP
UDP
DNS
ARP
Description
Performs translations between MAC addresses and IP addresses
Performs translations between FQDNs and IP addresses
Transports data over a network in a connection-oriented fashion
Transports data over a network in a connectionless fashion