Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
IExams TI
| Question | Answer |
|---|---|
| What is the MOST significant benefit of role-based access control (RBAC)? Reduces inappropriate access Management of least privilege Most granular form of access control Reduction in authorization administration overhead | Reduction in authorization administration overhead |
| What is the MOST common security risk of a mobile device? Data spoofing Malware infection Insecure communications link data leakage | Malware infection |
| What level of Redundant Array of Independent Disks (RAID) is configured PRIMARILY for high-performance data reads and writes? RAID-0 RAID-1 RAID-5 RAID-6 | RAID-0 |
| What type of risk is related to the sequences of value-adding and managerial activities undertaken in an organization? Control risk Demand risk Supply risk Process risk | Process risk |
| International bodies established a regulatory scheme that defines how weapons are exchanged between the signatories. It also addresses cyber weapons, including malicious software, Command and Control (C2) software, and internet surveillance software. | Wassenaar arrangement |
| An organization has implemented a protection strategy to secure the network from unauthorized external access. Which Network access Control (NAC) capability BEST meets this objective? Two-Factor Authentication | Two-factor authentication |
| Which section of the assessment report addresses separate vulnerabilities, weakness and, gaps? | Key findings section |
| Why is data classification control important to an organization? To enable data discovery To ensure security controls align with organization risk appetite | To ensure security controls align with organization risk appetite |
| To monitor the security of buried data lines inside the perimeter of a facility, which of the following is the MOST effective control? | Regular sweeps of the perimeter, including manual inspection of the cable ingress points |
| An enterprise is developing a baseline cybersecurity standard its suppliers must meet before being awarded a contract. Which of the following statements is TRUE about the baseline cybersecurity standard? | It should be expressed as technical requirements |
| Which access control method is based on users issuing access requests on system resources, features assigned to those resources, the operational or situational context, and a set of policies specified in terms of those features and context? Attribute | Attribute Based Access Control (ABAC) |
| What is the BEST way to restrict access to a file system on a computing systems? Use least privilege at each level to restrict access Restrict access to all users Allow a user group to restrict access Use a third-party tool to restrict access | Use least privilege at each level to restrict access |
| Which of the following is the PRIMARY reason for selecting the appropriate level of detail for audit record generation? Avoid lengthy audit reports Enable generation of corrective action reports Facilitate a root cause analysis (RCA) | Enable generation of corrective action reports |
| what is the correct order of execution for security architecture? Strategy and program management, project delivery, governance, operations | Strategy and program management, project delivery, governance, operations |
| Physical assets defined in an organization business impact analysis (BIA) could include which of the following? | Supplies kept off-site a remote facility |
| When assessing the audit capability of an application, which of the following activities is MOST important? Identify procedures to investigate suspicious activity Determine if audit records contain sufficient information | Determine if audit records contain sufficient information |
| Which type of authorization mechanism would be the BEST choice for the organization to implement? Role-based access control (RBAC) | Role-based access control (RBAC) |
| What is the primary reason for criminal law being difficult to enforce when dealing with cybercrime? Jurisdiction is hard to define Law enforcement agencies are understaffed Numerous language barriers exist | Jurisdiction is hard to define |
| Wi-Fi Protected Access 2 (WPA2) provides users with a higher level of assurance that their data will remain protected by using which protocol? Extensible Authentication Protocol (EAP) Secure Shell (SSH) | Extensible Authentication Protocol (EAP) |
| Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system? Reference monitor Trusted Computing Base (TCB) | Trusted Computing Base (TCB) |
| What process facilitates the balance of operational and economic costs of protective measures with gains in mission capability? Performance testing Risk assessment Security audit Risk management | Risk Management |
| Under the Extended Identity principle, what is the process flow between partner businesses to allow this IAM action? Clothing retailer acts as identity provider (IDP), confirms identity of user using industry standards, then sends credentials to partne | Clothing retailer acts as identity provider (IDP), confirms identity of user using industry standards, then sends credentials to partner business that act as a Service Provider and allows access to services |
| Which of the following statements BEST describes least privilege principle in a cloud environment? Network segments remain private if unneeded to access the internet A single cloud administrator is ocnfigured to access core functions | Network segments remain private if unneeded to access the internet |
| An organization has been collecting a large amount of redundant and unusable data and filling up the storage (SAN). Management has requested the identification of a solution that will address ongoing storage problems. Which is the BEST technical solution? | Deduplication |
| Which Wide Area Network (WAN) technology requires the first router in the path to determine the full path the packet will travel, removing the need for other routers in the patch to make independent determinations? Multiprotocol Label Switching (MPLS) | Multiprotocol Label switching (MPLS) |
| Which of the following would an information security professional use to recognize changes to content, particularly unauthorized changes? Security information and event management (SIEM) system Audit logs | Security information and event management (SIEM) system |
| Which of the following is included in change management? Technical review by business owner User Acceptance Testing (UAT) before implementation Business continuity testing | Business continuity testing |
| A company is enrolled in a hard drive reuse program where decommissioned equipment is sold back to the vendor when it is no longer needed. Multi-pass wipes | Multi-pass wipes |
| When reviewing vendor certifications for handling and processing of company data, which of the following is the BEST Service Organization Controls (SOC) certification for the vendor to possess? SOC 2 Type 2 | SOC 2 Type 2 |
| Which application type is considered high risk and provides a common way for malware and viruses to enter a network? Instant messaging or chat applications Peer-to-Peer (P2P) file sharing applications E-mail applications | Peer-to-Peer (P2P) file sharing applications |
| An organization is looking to include mobile devices in its asset management system for better tracking. In which system tier of the reference architecture would mobile devices be tracked? 0 1 2 3 | 0 |
| Which of the following is the BEST way to protect an organization's data assets? Monitor and enforce adherence to security policies | Monitor and enforce adherence to security policies |
| Within a large organization, what business unit is BEST positioned to initiate provisioning and deprovisioning of user accounts? Training department Internal audit Human resources Information Technology (IT) | Human Resources |
| Which of the following is the PRIMARY purpose of installing a mantrap within a facility? Control traffic Control air flow Prevent piggybacking Prevent rapid movement | Prevent piggybacking |
| In the "DO" phase of the Plan-Do-Check-Act model, which of the following is performed Monitor and review performance against business continuity policy and objectives, report the results to management for review, and determine and authorize actions for | Monitor and review performance against business continuity policy and objectives, report the results to management for review, and determine and authorize actions for remediation and improvement |
| What industry-recognized document could be used as a baseline reference that is related to data security and business operations or conducting a security assessment? Service Organization Control (SOC) 2 Type 1 | Service Organization Control (SOC) 2 Type 1 |
| A criminal organization is planning to attack on a government network. Which of the following scenarios presents the HIGHEST risk to the organization? Organization loses control of their network devices | Organization loses control of their network devices |
| Which reporting type requires a service organization to describe its system and define its control objectives and controls that are relevant to users' internal control over financial reporting? Service Organization Control 1 (SOC) | Service Organization Control 1 (SOC) financial reporting |
| Which of the following is the BEST method to validate secure coding techniques against injection and overflow attacks? Using automated programs to test for the latest known vulnerability patterns | Using automated programs to test for the latest known vulnerability patterns |
| When resolving ethical conflicts, the information security professional MUST consider many factors. In what order should the considerations be prioritized? Public safety, duties to principals, duties to individuals, and duties to the profession | Public safety, duties to principals, duties to individuals, and duties to the profession |
| Which service management process BEST helps information technology (IT) organizations with reducing cost, mitigating risk, and improving customer service? Information Technology Infrastructure Library (ITIL) | Information Technology Infrastructure Library (ITIL) |
| A company is attempting to enhance the security of its user authentication processes. After evaluating several options, the company has decided to utilized Identity as a Service (IDaaS). Which of the following factors leads the company to choose an IDaaS? | In-house team lacks resources to support an on-premise solution |
| An organization recently suffered from a web-application attack that resulted in stolen user session cookie information. The attacker was able to obtain the information when a user's browser executed a script upon visiting a compromised website. | Cross-Site Scripting (XSS) |
| An attack utilizing social engineering and a malicious Uniform Resource Locator (URL) link to take advantage of a victim's existing browser session with a web application is an example of which of the following types of attack? | Cross-site request forgery (CSRF) |
| Which of the following encryption technologies has the ability to function as a stream cipher? Electronic Code Book (ECB) Cipher Feedback (CFB) | Cipher Feedback (CFB) |
| In a disaster recovery (DR) test, which of the following would be a trait of crisis management? Process Anticipate Strategic Wide foce | Anticipate |
| Which of the following BEST describes the purpose of the reference monitor when defining access control enforce the security model? Policies to validate organization rules | Policies to validate organization rules |
| Which of the following is security control volatility? A reference to the likelihood of change in the security control | A reference to the likelihood of change in the security control |
| When auditing the Software Development Life Cycle (SDLC) which of the following is one of the high-level audit phases? Requirements | Requirements |
| What is the term to define where data is geographically stored in the cloud? Data privacy rights Data sovereignty | Data sovereignty |
| Which of the following does the security design process ensure within the System Development Life Cycle (SDLC)? Proper security controls, security Objectives, and security goals are properly initiated | Proper security controls, security OBJECTIVES, and security goals are properly initiated |
| Which of the following is MOST important when developing information security controls for an organization? Exercise due diligence with regard to all risk management information to tailor appropriate controls | Exercise due diligence with regard to all risk management information to tailor appropriate controls |
| When recovering from an outage, what is the Recovery POINT Objective (RPO), in terms of data recovery? The RPO is the maximum amount of time for which LOSS of data isACCEPTABLE | The RPO is the maximum amount of time for which LOSS of data is ACCEPTABLE |
| Which of the following attacks, if successful, could give an intruder complete control of a software-defined networking (SDN) architecture? Sending control messages to pen a flow that does not pass a firewall from a compromised host within the network | Sending control messages to open a flow that does not pass a firewall from a compromised host within the network |
| Which of the following is the BEST option to reduce the network attack surface of a system? Disabling unnecessary ports and services Ensuring that there are no group accounts on the system | Disabling unnecessary ports and services |
| The security architect is designing and implementing an internal certification authority to generate digital certificates for all employees. Which of the following is the BEST solution to securely store the private keys? Trusted Platform Module (TPM) | Trusted Platform Module (TPM) |
| The existence of physical barriers, card and personal identification number (PIN) access systems, cameras, alarms, and security guards BEST describes this security approach? | Defense-in-depth |
| A hospital enforces the Code of Fair Information Practices. What practice applies to a patient requesting their medical records from a web portal? | Purpose specification |
| A colleague who recently left the organization asked a security professional for a copy of the organization's confidential incident management policy. Which of the following is the BEST response to this request? Submit the request | Submit the request using company official channels to ensure the policy is okay to distribute |
| Which of the following BEST describes when an organization should conduct a black box security audit on a new software protect? When the organization is confident the final source code is complete | When the organization has experienced a security incident |
| In software development, which of the following entities normally signs the code to protect the code integrity? The organization developing the code The quality control group The developer The data owner | The organization developing the code |
| Which of the following technologies can be used to monitor and dynamically RESPOND to potential threats on web applications? Runtime application self-protection (RASP) | Runtime application self-protection (RASP) |
| A security architect is developing an information system for a client. What is the MOST efficient option used to prevent buffer overflow attacks? Address Space Layout Randomization (ASLR) | Address Space Layout Randomization (ASLR) |
| In a quarterly system review, an active privileged account was discovered that did not exist in the prior review on the production system. Which of the following is the BEST option to reduce overall risk in addition to quarterly access reviews? | Create policies for system access |
| A corporation does not have a formal data destruction policy. During which phase of a criminal legal proceeding will this have the MOST impact? Discovery | Discovery |
| What is considered the BEST explanation when determining whether to provide remote network access to a third-party security service? Business need | Business need |
| The acquisition of personal data being obtained by a lawful and fair means is an example of what principle? Collection of Limitation Principle | Collection of Limitation Principle |
| Which of the following is the MOST appropriate control for asset data labeling procedures? Categorizing the types of media being used | Categorizing the types of media being used |
| What is the BEST approach to anonymizing personally identifiable information (PII) in a test environment? Randomizing data | Randomizing data |
| Which of the following departments initiates the request, approval, and provisioning business process? Human resources (HR) | Human Resources (HR) |
| An organization is setting a security assessment scope with the goal of developing a Security Management Program (SMP). Which of the following approaches is MOST effective for the SMP? Asset driven risk assessment with a focus on the assets | Asset driven risk assessment with a focus on the assets |
| Which technique helps system designers consider potential security concerns of their systems and applications? | Threat modeling |
| A security professional can BEST mitigate the risk of using a Commercial Off-The-Shelf (COTS) solution by deploying the application with which of the following controls in place? | Hardened configuration |
| Which of the following BEST describes centralized identity management? Service providers agree to integrate identity system recognition across organizational boundaries | Service providers agree to integrate identity system recognition across organizational boundaries |
| What is as security concern when considering implementing software-defined networking (SDN)? It increases the attack footprint It is cloud based | It increases the attack footprint |
| What is the BEST way to restrict access to a failed system on computing systems? Use least privilege at each level to restrict access | Use least privilege at each level to restrict access |
| Which of the following is the PRIMARY reason for selecting the appropriate level of detail for audit record generation? | Facilitate a root cause analysis (RCA) |
| An international organization has decided to use a Software as a Service (SaaS) solution to support its business operations. Which of the following compliance standards should the organization use to assess the international code security and data priv | Service Organization Control (SOC)2 |
| An authentication system that uses challenge and response was recently implemented on an organization's network because the organization conducted an annual penetration test showing that testers were able to move laterally using authenticated creden | Pass the ticket |
| Which of the following would qualify as an exception to the "right to be forgotten" of the General Data Protection Regulation (GDPR)? For the establishment, exercise, or defense of legal claims | For the establishment, exercise, or defense of legal claims |
| Dumpster diving is a technique used in which stage of penetration testing methodology? Discovery | Discovery |
| Which of the following is performed to determine a measure of success of security awareness training program designed to prevent social engineering attacks? Internal assessment of the training program's effectiveness | Internal assessment of the training program's effectiveness |
| The security team is notified that a device is infected with malware. Which of the following is MOST effective in enabling the device to be quickly located and remediated? Information Technology Asset Management (ITAM) | Information Technology Asset Management (ITAM) |
| Which of the following threats would be MOST likely mitigated by monitoring assets containing open source libraries for vulnerabilities? Advanced persistent threat (APT) attempt | Advanced persistent threat (APT) attempt |
| As a design principle, which one of the following actors is responsible for identifying and approving data security requirement in a cloud ecosystem? D. Cloud consumer | Cloud consumer |
| Which of the following is the MOST effective way to ensure the endpoint devices used by remote users are compliant with an organization's approved policies before being allowed on the network? Network Access Control (NAC) | Network Access Control (NAC) |
| Which of the following BEST protects vendor accounts that are used for emergency maintenance? Vendor access should be disabled until needed | Vendor access should be disabled until needed |
| Which event magnitude is defined as deadly, destructive, and disruptive when a hazard interacts with human vulnerability? Crisis Catastrophe Accident Disaster | Disaster |
| Which of the following BEST describes the purpose of software forensics? | To determine the author and behavior of the code |
| A web developer is completing a new web application security checklist before releasing the application to production. The task of disabling unnecessary services is on the checklist. Which web application threat is being mitigated by this action? | Security misconfiguration |
| What is the BEST method to use for assessing the security impact of acquired software? Threat modeling Common vulnerability review Vendor assessment | Threat modeling |
| Which of the following ensures old log data is not overwritten? Log retention Implement Syslog Increase log file size Log Preservation | Log Preservation |
Created by:
zstudycards