Chapter 5
Research, Development, and Collaboration

  1. IT security is a rapidly evolving field. As a security professional, you need to stay current of industry trends and potential impact on an enterprise. Many of these changes will lead to you adopting which of the following?
    1. Best practices
    2. Digital threats
    3. Antivirus programs
    4. NIST
  2. As a system administrator, you need to show that you did what any reasonable and prudent organization would do in certain circumstances for a legal defense. What is this minimum level of security called?
    1. Due diligence
    2. Due care
    3. Standards
    4. Policies
  3. Your company holds large amounts of company data in electronic databases as well as personally identifiable information (PII) of customers and employees. What do you do to ensure that implemented controls provide the right amount of protection?
    1. Best practices
    2. Forensics
    3. Due diligence
    4. Auditing
  4. As CIO, you took the proper steps to implement a standard of due care by fostering an environment of due diligence. You created an ecosystem that enforces more than the minimum level of required security. What are these efforts called?
    1. Best practices
    2. Due care
    3. Baseline
    4. Modeling
  5. While implementing best practices, you determine that the security fix for a specific asset costs more than the asset is worth to the organization. What must be maintained?
    1. SSH
    2. Due care
    3. CVE
    4. Fiscal responsibility
  6. You look to implement best practices and have identified other departments or people who have experience with their implementation. Where else might you look for guidance on cybersecurity best practices?
    1. NIST
    2. ADA
    3. FBI
    4. GLBA
  7. Your best practices are outlined in the compliance requirements of Payment Card Industry-Digital Security Standard (PCI-DSS). This standard specifies the digital framework around what type of organization?
    1. Any organization, regardless of size or number of transactions that stores any cardholder data
    2. The financial industry excluding trading companies
    3. Only publicly traded mortgage companies and banks
    4. Retail organizations that have more than 30,000 transactions a month
  8. As a security analyst for a large retail organization, you research best practices for PCI compliance levels. How do you know to what level your organization must build the security framework?
    1. Transaction volume for 6 months
    2. Transaction volume for 12 months
    3. Financial total for 6 months
    4. Financial total for 12 months
  9. New security technology is necessary because data thieves found another way of stealing your company's information. The inadequacy of usernames and passwords is well known. Which of these is a new and more secure form of authentication to research?
    1. Hardware authentication
    2. Rule-based access control
    3. Vulnerability management
    4. Incident detection
  10. One of your administrator's username and password combinations was compromised. An attacker with those credentials can engage your network in nefarious ways. What do you use to trigger a red flag alerting you of this type of behavior?
    1. IDR
    2. UBA
    3. RBAC
    4. AM
  11. One of your managers asked you to research data loss prevention techniques to protect data so that cyberattackers cannot monetize the stolen data. What DLP do you recommend?
    1. Encryption and tokenization
    2. HIPAA and PCI
    3. I&AM management
    4. NIST frameworks
  12. You examine activity in a data center on the corporate network. There is nonuser behavior that is malicious and suspicious. What type of model would you use to determine your reaction?
    1. COBIT
    2. Advanced threats
    3. Machine learning
    4. GDPR
  13. Your organization migrated to the cloud to host your traditional on-premises IT. Which on-premises security technique should you NOT research and adopt in the cloud?
    1. Virtual firewalls
    2. Virtual IDS and IPS
    3. Virtual security hardware
    4. Virtual physical security
  14. While doing research on current best practices, you find the Internet Engineering Task Force (IETF) authored memorandums applicable to your new project. How does the IETF list these official documents?
    1. RFQ
    2. RFP
    3. RFC
    4. IAB
  15. While investigating threats specific to your industry, you found information collected and analyzed by several companies with substantive expertise and access to source information. Which of these is the LEAST beneficial item to your organization after subscribing to threat intelligence information?
    1. Determining acceptable business risks
    2. Developing controls and budgets
    3. Making equipment and staffing decisions
    4. Creating a marketing plan for your product
  16. You are reading threat intelligence reports focusing on the triad of actors and capability as well as tactics and techniques. You try to make informed decisions regarding this intelligence. Which of these is NOT a type of assessment you make with cyberthreat intelligence?
    1. Strategic
    2. Arbitrary
    3. Operational
    4. Tactical
  17. You and your organization are performing an annual threat modeling exercise. You look for potential threats coming from physical or digital vulnerabilities. Using the most popular Microsoft IT threat-modeling methodology, you try to find threats that align to your product. What is this methodology called?
    1. STRIDE
    2. PASTA
    3. TRIKE
    4. VAST
  18. You have mission-critical software running on a server in your data center with a known security flaw. The software vendor does not have a patch in place to fix the problem, and there is potential attacker exploitation. What is this called?
    1. No-day vulnerability
    2. Zero-day vulnerability
    3. Patch vulnerability
    4. Java vulnerability
  19. A zero-day vulnerability was found in your organization and presents a serious security risk. To keep your computer and data safe, it is smart to be proactive. Which of these options has the lowest priority to secure endpoints?
    1. Use comprehensive security software that protects against threats.
    2. Install new software updates when they become available from the manufacturer or vendor.
    3. Remove unnecessary software and features and update drivers.
    4. Develop some security awareness processes to be followed sometime in the future.
  20. Your security manager petitioned management to disallow social media account access on company-issued property. Upper management feels that giving up social media is not a reasonable option. You were asked to take steps to protect your company against common social media threats. Which one of these is a big risk to your company?
    1. Unattended social media accounts
    2. Strict privacy settings
    3. Social media policy
    4. Audits
  21. You believe you successfully locked down your company's social media accounts. While doing more research, you find another malicious attack vector related to social media. Which of these could enable an attacker to gain access to your social media account through app vulnerabilities?
    1. Imposter accounts
    2. Third-party apps
    3. Privacy settings
    4. Authentication
  22. You have a team of people working on social media messaging and customer service. While you may focus on threats coming from outside the organization, research has shown that employees are more likely to cause cybersecurity incidents. What is your first line of defense?
    1. Limit the number of people who can post on your company's social media accounts.
    2. Share the individual login information for social network accounts with only marketing personnel.
    3. When someone leaves the organization, disable their social media access.
    4. Create brand guidelines that explain how to talk about your company on social media.
  23. Your business is using social media and created a social media policy. These guidelines outline how your employees will use social media responsibly and protect you from security threats and legal trouble. Which of the following would not be included in your social media policy?
    1. Guidelines on brand and copyright
    2. Rules regarding confidentiality and personal social media use and who to notify if a concern arises
    3. Guidelines on password creation and rotation
    4. Latest threats on social media
  24. While researching how your retail organization should regulate social media use and access, you discovered that cybercriminals use social media botnets to disseminate malicious links and collect intelligence on high-profile targets. A common attack you need to watch for includes leveraging a hashtag for a specific organization and distributing malicious links that appear in your new feeds. What is this social media attack called?
    1. Hashtag hijacking
    2. Trend-jacking
    3. Retweet storm
    4. Spray and pray
  25. Your pharmaceutical company uses social media for press releases. A hacktivist organization believes your pharmaceutical company makes too much money on the drugs it sells. After your company tweets a press release about a new drug treatment approved by the government, traffic on social media explodes with a negative comment. This comment is immediately retweeted by the thousands. What type of attack is this?
    1. Click farming
    2. Retweet storm
    3. Spray and pray
    4. Watering hole
  26. You were asked to perform a quarterly audit on your social media accounts. Social media security threats are constantly changing. Attackers are coming up with new strategies, so a regular audit should keep you ahead of an attacker. Which of the following is most important and should be included in your regular audit?
    1. Privacy settings, access, and publishing privileges
    2. All network attack vectors and access management
    3. Social network trending of competitors
    4. All mentions of your company on the Internet
  27. Your manufacturing company uses sensor data to detect production processes that malfunctioned. You are concerned that an attacker could undermine the quality of your big data analysis by fabricating data. What would this vulnerability revolve around?
    1. Fake data
    2. Fraud detection
    3. Alarming trends
    4. Wrong quality
  28. You work for the power company that supplies electricity to three states. You rely heavily on the data you collect. Once your big data is collected, it undergoes parallel processing. Data is split into numerous arrays, and a mapper processes them to certain storage options. What is the biggest threat to this process?
    1. Encryption
    2. Inadequate key/value pairs
    3. Poisoning
    4. Perimeter security
  29. You work in IT for a medical research facility. You need to grant different levels of access for multiple roles within your agency. End users can see no personal information even if it could theoretically be helpful for medical researchers. People can access needed dataset but view only the information they are allowed to see. What do you use to separate this data?
    1. A data warehouse
    2. RAID 1+0
    3. SAN
    4. NAS
  30. A new objective for your department is to establish data provenance or historical data records. Moving forward, you must now document the data's source and all manipulations performed on it. Every data item will have detailed information about its origin and the ways it was influenced. Why is this crucial to the security of the data?
    1. Unauthorized changes in metadata can lead you to the wrong datasets.
    2. Authorized changes to the data warehouse can lead you to the wrong datasets.
    3. Traceable data sources make it difficult to find security breaches.
    4. Traceable data sources make it difficult to find fake data generation.
  31. You work for a luxury car manufacturer. Your CEO wants to use machine learning and artificial intelligence to build models of customer buying patterns and to use those models to make future predictions for a competitive lead. Machine learning engines learn for themselves and constantly evolve. Optimization is hard and it is nearly impossible to trace how decisions are made. You risk ending up with a car that no one wants. What is this called?
    1. Transparency
    2. Computational power
    3. Massive datasets
    4. Model drift
  32. One of your enterprise security vendors was working toward incorporating machine learning into old products. What would machine learning help with the most?
    1. Malware detection
    2. Provisioning
    3. Incident remediation
    4. Compliance
  33. You are a security analyst working for a casino. You work with a security firm and have traced the origin of a ransomware attack to a connected fish tank in the casino lobby. The attack was stopped within seconds, and the threat was mitigated. What would have led to the quick discovery of the attack?
    1. Signatures
    2. Endpoint analysis
    3. Machine learning algorithms
    4. Immunity learning
  34. You are the CIO of an organization with many governmental contracts. You were challenged by the board of directors to reduce staff and the need for staff to do repetitive, low-value, decision-making activities so that your staff can work strategically. What tool would you use for this?
    1. Machine learning
    2. Zero-day exploits
    3. Triaged threats
    4. Human resources
  35. You are tasked with building a team that will handle computer security incidents. What has this team been called historically?
    1. NIST
    2. CERT
    3. ADA
    4. Red Cross
  36. You were selected to manage a systems development project. Your supervisor asked you to follow the proper phases in the systems development life cycle. Where does the SDLC begin?
    1. Functional requirements
    2. System design specifications
    3. Initiation
    4. Implementation
  37. You finished the initiation and planning stage of the system development life cycle for a project you're managing. Next, you need to evaluate how the system fits end-user needs. What stage in the SDLC is this?
    1. Development
    2. Implementation
    3. Acceptance
    4. Requirements
  38. Your system completed all the system design specifications defining how information enters a system, how it flows through, and what should be produced. What part of the system development life cycle comes next?
    1. Development
    2. Documentation
    3. Acceptance
    4. Rejection
  39. You documented the controls that are required for a system including how data is edited, the type of logs that will be generated, and any system revision processes. According to the SDLC, what phase comes next?
    1. Certification
    2. Common controls
    3. Integration and test
    4. Requirements definition
  40. You have reports from an independent third party that have verified the systems you designed meet all the functional and security specifications documented. The next important process requires that a certified person compare the system against a set of standards, verifies that best coding practices were followed, and that there is a process where management then approves the system. What are these two processes called?
    1. Functionality and testing
    2. Certification and accreditation
    3. Acceptance and implementation
    4. Replacement and production
  41. You have almost completed the SDLC for an assigned project and are ready to complete the phase that pushes the system to production. What is this phase called?
    1. Revisions
    2. Operations
    3. Accreditation
    4. Implementation
  42. The SDLC phases are part of a bigger process known as the system life cycle (SLC). The SLC has two phases after the implementation phase of the SDLC that address post-installation and future changes. What are they called?
    1. revisions and replacement
    2. evaluation and versioning
    3. authentication and monitoring
    4. compliance and functionality
  43. You have been selected to manage a systems development project. Your supervisor told you to follow the SDLC phases. What happens during the accreditation process?
    1. The system is tested and is waiting for certification.
    2. A system is accepted by the data owner, even if it's not certified.
    3. All testing is completed and certified for security requirements.
    4. The system is tested but not certified.
  44. You have turned a system project over to operations. Which of the following are you not responsible for in the SDLC?
    1. Acceptance
    2. Licensing
    3. Development
    4. Evaluation
  45. You are a software engineer and need to use a software development process that follows a strict predetermined path through a set of phases. What type of method is this called?
    1. Agile
    2. Waterfall
    3. Adaptable
    4. Verifiable
  46. You are a software engineer and prefer to use a flexible framework that enables software development to evolve with teamwork and feedback. What type of software development model would this be called?
    1. Prototyping
    2. Ceremony
    3. Agile
    4. Radical
  47. You are a software developer, and as part of the testing phase in the SDLC, you need to ensure that an application is handling errors correctly. What is the BEST tool for you to use in this situation?
    1. Fuzzer
    2. Compliance
    3. Access control
    4. Remediator
  48. You are working on a high-risk software development project that is large, the releases are to be frequent, and the requirements are complex. The waterfall and agile models are too simple. What software development model would you opt for?
    1. Functional
    2. Cost estimation
    3. Continuous delivery
    4. Spiral
  49. You want to enhance your overall compliance and protect your company more carefully. You also want to prioritize which web applications should be secured first and how they will be tested. What do you need to sit down with your IT security team and build?
    1. Web application security plan
    2. Web application–level attack list
    3. Business logic justifications
    4. Container security
  50. You have an application that performs authentication, which makes checking for session management, brute forcing, and password complexity appropriate. What else might you check for?
    1. SQLi
    2. Ransomware
    3. Privilege escalation
    4. Static analysis
  51. To protect your company's web applications, you first must determine any highly problematic area of the application. You have applications that enable users to use large amounts of data like blog posts. When these blog posts are done through HTML, they are at a high risk of what type of attack?
    1. NGINX
    2. Injection
    3. Arbitrary
    4. Recursive
  52. You are creating a web application security plan and need to do white-box security testing on source code to find vulnerabilities earlier in the SDLC. If you can find vulnerabilities earlier in the process, they are cheaper to fix. What type of testing do you need to do?
    1. SAST
    2. CAST
    3. DAST
    4. FAST
  53. You are creating a web application security plan and need to do black-box security testing on a running application. What type of testing do you need to do?
    1. SAST
    2. CAST
    3. DAST
    4. iAST
  54. You completed the inventory of your existing web applications and must sort them in order of priority. Your list is quite long, and if you do not prioritize, it will be difficult to know which application to focus on first. What should NOT be a category rating?
    1. Normal
    2. Baseline
    3. Serious
    4. Critical
  55. You had a discussion with the nontechnical members of your upper management team and explained why eliminating all vulnerabilities from all web applications is not possible or needed. By limiting yourself to testing the vulnerabilities that pose a threat, what will you save the company?
    1. Time and money
    2. Compliance and experience
    3. Testing and implementation
    4. Recurrence and risk
  56. For security reasons, during the system development life cycle you are looking at security at the hardware level as well as software. You need a CPU that will separate memory areas so that one is used for instructions and one is used for storage. What is this called?
    1. NX
    2. CN
    3. AR
    4. C++
  57. In your role as a hospital's security architect, not only do you have to worry about confidentiality attacks like attackers stealing PHI, you also must worry about availability attacks like a DoS. One of the most popular attacks you want to thwart is a buffer overflow attack. Which of the following is a technique designed to protect against buffer overflow attacks?
    1. MAC
    2. OSPF
    3. ASLR
    4. RLSA
  58. Your organization is blending its development team with the operations team because the speed at which you're rolling out applications is faster than ever. Applications change with new services required in production, so you have undertaken the challenge of eliminating those silos of development and operations. What is this called?
    1. Incremental
    2. DevOps
    3. Agile
    4. Waterfall
  59. You are reviewing the code for a new application that will be used for a specific function and used for only a short period of time. What is this type of code called?
    1. High-quality code
    2. Low-quality code
    3. Code analyzing
    4. Static code
  60. You are using continuous integration involving different members of your team while developing a new application. You meet every day after lunch to review, which can mean multiple integrations every day. What are the security implications of using continuous integration?
    1. There are no security issues.
    2. Errors will not need to be fixed because the next integration will fix them.
    3. Encryption will be impossible because of timing.
    4. Errors need to be handled as soon as possible.
  61. Your team replaced version 1.2 of software with 2.0. The newest version has a completely different interface in addition to updates. What is this called?
    1. Versioning
    2. Coding integration
    3. Secure coding
    4. Vulnerability assessment
  62. You built an Excel spreadsheet for system security test activities. Included in this spreadsheet are an identification number, a description of the requirement, the source of the requirement, the objective of the test, and the verification method of this test. What is this spreadsheet called?
    1. NIST
    2. OSCP
    3. OSPF
    4. SRTM
  63. You are conducting a unit test on a new piece of software. By looking at an individual program, how do you ensure that each module behaves as it should?
    1. Input/output
    2. BIOS
    3. Processes running
    4. Services running
  64. You are doing a peer review of software and walking through each line of code, examining each object, method, and routine. You are inspecting code granularly to find any possible errors or areas for improvement and to see if all security concerns are met. What is the main disadvantage to doing a peer review?
    1. Money
    2. Damage
    3. Time
    4. Reproducibility
  65. While performing unit testing on software requested of your department, you found that privilege escalation is possible. Privilege escalation means that an attacker can elevate their privilege on a system from a lower level to an administrator level. What two techniques do you need to test?
    1. Vertical and horizontal
    2. Left and right
    3. North and south
    4. Ring 1 and Ring 3
  66. You are shopping on a popular website for computer parts. As you move from page to page, cookies are being used to maintain session state. This means the cookie is used to store needed information, such as the selections made on previous pages. Not all websites protect cookies when they are transmitted over HTTP because HTTP is stateless. If an attacker gets ahold of your cookie, what can they not do with it?
    1. Modify the cookie content
    2. Rewrite session data
    3. Inject malicious content
    4. Eat it
  67. According to the Center for Internet Security, the number-one control of the top 20 controls is to know what assets you have. Having an asset and data inventory is a basic part of any security program, but it may look easier than it is. Vulnerability scanning will give you a lot of information about your assets, including IP address and operating systems, but it will not be able to give you which of the following?
    1. Hostname
    2. Business context and prioritization
    3. Age of vulnerabilities
    4. Risk scores
  68. As a risk manager, you know that accurate inventories are critical for many reasons. You receive an alert of multiple failed logins on a root account on a server. How do you decide the criticality of responding to the alert?
    1. Use the inventory to find what service this server provides and what data is stored on it.
    2. Use the inventory to find the physical location and unplug the machine from the network.
    3. Use the inventory to find the environment the asset services and send an email to operations.
    4. Log into the machine and watch tasks that are running while deploying antivirus software.
  69. You identified an SSL cipher weakness on a human resources web server named MS16_HR. You know that this weakness throws you out of compliance for a specific human resources web application. You have been written up during an audit for allowing SSLv2 on another web application used by human resources. Why would an inventory help with these risks?
    1. These three findings are related to the same risk.
    2. These three findings are not related to the same risk.
    3. A software inventory would not help with this risk.
    4. DHCP would be more helpful in this scenario.
  70. The second CIS control of the top 20 controls is knowing software inventory. A feature of Nmap is the ability to remotely detect operating systems. By default, Nmap will attempt to identify which of the following using the nmap-os-db file?
    1. Hostname and IP address
    2. OS vendor, generation, and device type
    3. FQDN and open ports
    4. OS patch level and DNS
  71. As a CIO, you are concerned with the lack of skilled cybersecurity professionals and the difficulty of keeping good talent. According to sources, in 2019 there were 1.3 million cyber positions available worldwide and climbing. To change this trend, what must our industry do?
    1. Provide formal education and development programs.
    2. Perform more trending analysis.
    3. Use more artificial intelligence (AI).
    4. Deploy more IaaS, SaaS, and PaaS.
  72. You deployed more than half of your enterprise into the cloud, but you still have concerns about data loss, unauthorized access, and encryption. What continues to be the vulnerability in cloud infrastructure that leads to the most breaches?
    1. Misconfiguration
    2. SIEM
    3. SaaS
    4. Machine learning
  73. You are a network defender and are finding it difficult to keep up with the volume of network attacks. What can you leverage to help with early detection and response to these threats, especially new ones?
    1. Machine learning
    2. SIEM
    3. DevSecOps
    4. Security as Code
  74. The rise of the Internet of Things (IoT) has presented challenges for your organization's security team while they are trying to secure your corporate network. Attacks on IoT have been steadily trending upward as attackers enlist devices to launch attacks. What is the BEST method to combat this threat?
    1. Adding network intrusion devices
    2. Performing inventory management
    3. Adding more security tools
    4. Reducing the attack surface
  75. The Internet was developed with voluntary cooperation and collaboration. Collaborative security is based on responsibility, confidence, protection, evolution, and consensus. The purpose of collaborative security does NOT include which of the following?
    1. Ensuring continued success of economic and social innovation
    2. Encouraging participants to share responsibility
    3. Making sure security solutions are compatible with human rights
    4. Providing involuntary top-down corporate organization that thinks locally and acts globally
  76. You work for a security software company. For any sales customer conversation to be productive, customers must understand what you're saying, see the value in what is offered, and build trust. How do you convey value and persuade a customer to purchase your software?
    1. Marketing
    2. Sales enablement
    3. Product training
    4. All of the above
  77. As a security engineer, you are comfortable with the security aspect of information technology. However, real security requires being able to communicate with stakeholders. You read security reports, and any findings that are related to risk are given to department heads for review. This collaboration technique is which of the following?
    1. Independent review
    2. Structured review
    3. Strategic alignment
    4. Security controls
  78. As a security engineer, you are comfortable with the security aspect of information technology. However, real security mandates requirements and goals being communicated to stakeholders. You read security reports, and the findings related to risk are reviewed during a meeting with all appropriate people in attendance. Which of the following describes this approach?
    1. Independent review
    2. Structured review
    3. Strategic alignment
    4. Security controls
  79. You are a security engineer and will be holding a meeting to discuss risk analysis processes. Individuals at this meeting will review your prepared material and write down their responses for you, as the team leader, to review. What is this collaboration method called?
    1. Independent review
    2. Structured review
    3. Unmodified Delphi
    4. Modified Delphi
  80. What are the three components of implementing information security programs?
    1. People, processes, policies
    2. Assets, authentication, authorization
    3. Backups, broadband, BCPs
    4. Servers, SaaS, supply chains
  81. As a technical project manager, you are collaborating with programmers working quickly to develop code. Some common problems that programmers face are debugging their code, keeping up with technology, and which of the following?
    1. Understanding the user
    2. Being very well paid
    3. Keeping up with high demands
    4. Being curious
  82. You are working as the “Sec” part of a DevSecOps team. Developers are working quickly to get out code, while security is working to keep the network safe. “Ops” is comprised of network engineers who are tasked with keeping services and software up and running and available. What might cause difficulties between you and the network engineers?
    1. Objectives
    2. Committees
    3. Training
    4. Debugging
  83. You work as a database administrator for a large enterprise. You are tasked with making sure only authorized users have access to the data. This requires the implementation of a rigorous security infrastructure for both production and test databases. What is this control called?
    1. Background checks
    2. Job rotation
    3. Mandatory vacation
    4. Least privilege
  84. You have interviewed several candidates for a position that is open in your security department. Human resources will need to conduct a background check before offering a position to your final candidate. Why is a background check necessary?
    1. Helps provide the right person for the right job
    2. Is a single point of failure
    3. Reinforces a separation of duties
    4. Improves performance
  85. You have an accountant on staff who refuses to take a vacation. Your CISO has asked you to start collecting data, emails, and messages on your unified collaborative software. After two weeks, this accountant is forced to take a vacation. Why would a mandatory vacation be required?
    1. To uncover misuse
    2. Job rotation
    3. Separation of duties
    4. Confidentiality
  86. You work in the training department of a software company and have only one full-time trainer. What can you do to prevent a single point of failure if that trainer should become ill and unable to teach?
    1. Job rotation
    2. Dual control
    3. NDA
    4. Mandatory vacation
  87. You have policies and procedures in place for the finance department. One of the policies and procedures requires one person to input account payables and another to do account receivables. You have another control in place where one person writes the check and another signs the check. Another control in place states that if an expenditure is over $5,000, it requires two signatures. What is this control called?
    1. Dual control
    2. Job rotation
    3. Nondisclosure agreement
    4. Nonrepudiation
  88. You hired a new person to be on your security team, and HR is helping them fill out all the proper paperwork. Before they can be privy to any classified information, they must sign a document that helps prevent any disclosure of sensitive information. What is this document called?
    1. MTTR
    2. MOU
    3. NDA
    4. RFQ
  89. You identified people who should be on your IT security steering committee. These are individuals who are from various levels of management and who you meet with to discuss security issues. Another name for these people could be which of the following?
    1. Employees
    2. Consultants
    3. Stakeholders
    4. Users
  90. You have been tasked with a goal of keeping something from happening. What type of control would you want to put in place?
    1. Detective
    2. Preventative
    3. Corrective
    4. Recovery
  91. You want to gather your team together to evaluate potential corrective and recovery controls for your company. You want to encourage them to contribute and evaluate, taking an active role in the discussion. The three-tiered approach consists of brainstorming ideas for solutions, evaluating the best possible solutions, and which of the following?
    1. Decide
    2. Commit
    3. Administer
    4. Recover
  92. Forming a response team and assigning responsibilities is a critical step in emergency response planning. If your team is not familiar with their assigned role, important actions could be missed when a security incident occurs. Overall, a cyber emergency response team should analyze incident data, discuss observations, manage communications, remediate, and close the incident with what response?
    1. Understanding lessons learned
    2. Negotiating a contract
    3. Building an SOC
    4. Performing risk analysis
  93. You need a strategy for managing your organization's overall governance, risk management, and compliance regulations. What is the structured approach to aligning IT with business objectives?
    1. GRC
    2. ITIL
    3. PMI
    4. CRMA
  94. Establishing effective communication to obtain collaboration requires the support of senior management. How can upper management support be made apparent?
    1. Not providing resources for implementation
    2. Delaying approval for monitoring and policies
    3. Decreasing budget
    4. Voicing support and approval for strategies
  95. The facilities manager should be part of the physical security controls team because they are responsible for the care and maintenance of the building. Physical controls protect against theft and loss. Examples of physical controls do NOT include which of the following?
    1. Mantraps
    2. Locks
    3. CCTV
    4. Password policies
  96. Your organization has a remote workforce and often works with multiple global offices, partners, and contractors. You are a security engineer and have been asked to collaborate on security goals. All communications must be encrypted and remain on site. All users must use the same programs, and those programs must be patched regularly. Which solution do you recommend?
    1. Deploy an SSL reverse proxy and have end users use full disk encryption with the TPM chip.
    2. Install an SSL VPN to your data center and have users connect with a virtual workstation image.
    3. Create a portal using web-based software. Your company hosts the database.
    4. Use a terminal server and use remote management tools to standardize workstations.
  97. You are implementing a new program to handle e-business transactions. The project has multiple stakeholders. The audit division controls the database, the physical team controls the data center, and the development team is responsible for the front end of the web application. As technical project manager, you are responsible for which of the following?
    1. Ensuring the process is secure from start to finish
    2. Ensuring that the customer experience is seamless
    3. Ensuring all audit processing is compliant
    4. Building a security control library
  98. Your organization opened new offices on a different continent. This expansion requires internal security as well as compliance. Existing policy states that all employee activity could be monitored. What would be the reason that policy could change?
    1. Teams in other countries fall under different legal or regulatory requirements.
    2. The time it takes to export data to the data warehouse.
    3. Cybersecurity shortage of qualified analysts.
    4. Social networking initiatives.
  99. A hospital database is hosting PHI data with high volatility. Data changes constantly and is used by doctors, nurses, and surgeons, as well as the finance department for billing. The database is located in a secure network where there is limited access. What is the most likely threat?
    1. Internal fraud
    2. Malware
    3. Compliance
    4. Inappropriate admin access
  100. You work for a small bank that implemented least privilege but is still concerned about compliance, fraud, and identity theft. Which of the following BEST addresses the risk team's concerns?
    1. Awareness training
    2. Job rotation
    3. Mandatory vacations
    4. Background checks
  101. You work for a health provider as an information security officer. Upper management, including medical staff, requested using the internal email systems on their personal smartphones. Which of the following concerns you the most?
    1. Radiation from smartphones affecting patients
    2. Compliance
    3. Email server could crash
    4. Smartphones as rogue access points
  102. Your company has been fined for a security breach that resulted in the loss of sensitive customer information. As part of improving security, you recommended hiring a third-party training company to provide security awareness classroom training. What should the primary focus of the training be?
    1. Data handling policies
    2. Possible vulnerabilities and threats
    3. Data classification
    4. Explanation of how customer data is created, used, shared, and managed
  103. Which of the following is a use case for configuration management software?
    1. Incident remediation
    2. Continuance
    3. Asset management
    4. Collaboration
  104. Disciplinary actions for noncompliance should be included in security policy. These actions should be strong enough to deter violating policy, including suspension, termination, or legal prosecution. Who has to endorse the security policy?
    1. Senior management
    2. Human resources
    3. All employees
    4. Contractors
  105. Which of these should not be covered in your security policy?
    1. Details and procedures
    2. Exceptions to policy
    3. Password policy
    4. Access control of client data
  106. If you wanted to require employees to follow certain steps to avoid malware, you would create a procedure. If you wanted to require employees to use specific software to avoid malware, which of the following would you create?
    1. Policy
    2. Standard
    3. Baseline
    4. Scope
  107. In a comprehensive security program, which of the following documents is considered to be discretionary?
    1. Policies
    2. Procedures
    3. Guidelines
    4. Baselines
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.119.143.4