0 of 100 Questions completed
Questions:
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading…
You must sign in or sign up to start the quiz.
You must first complete the following:
0 of 100 Questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 point(s), (0)
Earned Point(s): 0 of 0, (0)
0 Essay(s) Pending (Possible Point(s): 0)
Question 1
Which control below is most likely to detect a kernel level malware?
Question 2
After a change to strengthen an existing control to meet new industry guidelines has been certified and accredited (authorized) it is implemented. Immediately, users start complaining of slow performance. Which of the following should a security manager do first?
Question 3
A new exploit, taking advantage of an operating system flaw, is currently spreading rapidly on the internet through a variety of vectors including email and social networking sites. The operating system vendor has released a patch that appears to fix the vulnerability. After confirming that critical systems in an organization depend on the effected operating systems and a CISO and system owner agree to maintenance to apply the patch immediately. Which process below can be skipped?
Question 4
When connecting to an TLS server, Bob notices that the server presented two different certificates; one for the server he tried to connect to and one more. Which of the following is the most likely reason?
Question 5
Critical systems are migrated to a hot site after a disaster. The backup operator from the recovery team receives a call from a user complaining that the data that have been restored for their system are too old to be of any use. The operator checks the tape that was used for the restore and confirms it was indeed the most recent backup and that the tape was created only the night before. What is the most likely cause of the problem?
Question 6
Recovery Point Objectives (RPO) values are best described as?
Question 7
The scope of ISO/IEC 27002 includes which of the following?
Question 8
Which of the following is likely the BEST evidence of due care with regards to governance oversight?
Question 9
Intellectual property rights are the primary focus of which organization?
Question 10
Which of the following intellectual property laws provides confidentiality protection?
Question 11
Granting access to an object can be based on identity of a subject, however this can present process challenges for both administration and server CPU usage. Which of the following allows for implicit access control, by grouping subjects together with similar needs?
Question 12
In what stage of a system development life cycle would be of most use to a subject matter expert to verify their builds?
Question 13
To address a contract agreement with a new client, management is required to select stronger encryption algorithms. What directive needs to be modified to define the specifications for these new algorithms?
Question 14
Insurance is mostly associated with what risk treatment approach? It reduces
Question 15
An information owner has specified a particular file’s security category (SC) as {(confidentiality, low), (integrity, high), (availability, medium)}. Which of the following algorithms would be most appropriate for ensuring the highest requirement?
Question 16
Which of the following would be the best counter measure to protect from a Cross Site Request Forgery (CSRF)?
Question 17
Who is ultimately responsible to see that information assets are properly categorized?
Question 18
Which of the following best explains the use of asymmetric algorithms?
Question 19
The finance department requires that accountants rotate their roles as a control that falls into which category?
Question 20
An organization is in the process of implementing an intrusion detection system consisting of dozens of sensors placed at various vulnerability points on their network infrastructure. What process below is MOST imperative?
Question 21
Which of the following best explains the difference between using certificate revocation lists versus the online certificate status protocol?
Question 22
If a database system isn’t properly developed and configured to check input variables, which of the following is the most likely attack vectors?
Question 23
A system engineer would like to design a backup system that allows an operator to perform backups on all system data without giving the operator file system rights. What should the engineer consider?
Question 24
A remote database user maliciously enters a command in a user input dialog box, and manages to execute a command to upgrade his rights in the system. Which recommended remediation method is least likely to mitigate this risk?
Question 25
Which process below entails a detailed objective review of a system’s features and service assurances, often by a third party, to ensure compliance to a set of requirements?
Question 26
To address a compliance requirement, management is required to select stronger key lengths for their established algorithms. What directive needs to be modified to define the specifications for these new keys?
Question 27
To be certified under the ISO/IEC 15408 a product must meet a series of functional and assurance requirements. A vendor of a given product must provide a detailed list of the features and assurance claims, so that evaluators can conduct testing, in a document referred to as:
Question 28
A rogue application required administrator privileges during the installation by an unsuspecting system owner. It was discovered later that the application contained a back door, and was attempting to contact an external IP address. Why would simply removing the application likely fail to remove the back door?
Question 29
Which of the following statements is incorrect?
Question 30
Which step in a TLS handshake is used to select or reject a cipher suite?
Question 31
Elliptical Curve Cryptography is far more efficient than either Diffie Hellman or RSA. For example, it would require over 15,000 bits in an RSA key to provide the equivalent entropy to an ECC key of only 512 bits. Since an asymmetric system provides two basic purposes, key agreement and hash authentication, which of the following is the algorithm that is based on ECC for authenticating hash values?
Question 32
What is the primary purpose of emergency lighting?
Question 33
Many organizations use access badges for the purpose of ingress authentication. What is primary reason an organization would also implement egress authentication?
Question 34
A CISO has been asked to design a physical access solution to an organizations premise that employs smart cards. In addition to new readers, what other component is most required to gain the full benefits of smart cards versus memory cards?
Question 35
Which VPN method is less likely to work through NAT?
Question 36
To validate a claimed identity, which of the following best describes authentication tokens
Question 37
To protect the central store of passwords, most systems have adopted the best practice of not actually storing a password, only hash values of the password. However, if hash is based on only the password value, which of the following is a serious concern?
Question 38
A CISO is asked to assist a process owner review the services provided by a cloud provider for a given application using the SaaS model. The process owner doesn’t want their users to have to maintain a separate set of credentials to gain access to the provider network. Which technology below would most likely assist the CISO if supported?
Question 39
Why is MD5 not as popular as it used to be?
Question 40
The most basic way to authenticate is Type 1 or “Something a user knows”. However stronger methods have been developed that can be based on what the user has or even through a biometric. Which protocol below allows the use of other credential types?
Question 41
Kerberos provides which of the following services?
Question 42
A penetration test is authorized and currently underway. A tester sends a TCP SYN on port 53 to a system and receives a SYN/ACK. Which of the following is most likely to assume?
Question 43
Which of the following control is more likely to provide confidentiality protection?
Question 44
An organization wants to contract with a cloud provider. The organization would like to maintain control over guest operating systems so that OS patch management can be under their control. Which Model would be most appropriate?
Question 45
Due to new laws governing the actions taken by companies when customer-identifiable information is collected, a senior manager directs internal auditors to analyze the company’s exposure to the new regulations. The results of the audit identify a number of potential violations. What is the most appropriate action to take?
Question 46
Bob is hired to perform a penetration test for Griffin Space Tech, a leading space exploration company. Alice is nearly killed when her navigation system is interrupted by what turned out to be a test on a system that was not supposed to be part of the test. What Directive, if defined and understood, most likely may have prevented such a problem?
Question 47
A person in Applications Development writes a new module for a production customer tracking system. This module may increase productivity significantly for the organization, leading to substantial savings over time. Another person in Development has tested the module and has found no problem with the code. Which of the following is not recommended?
Question 48
What types of tests are required for ISO/IEC-15408?
Question 49
An organization’s software development department has demonstrated a consistent ability to effectively repeat their processes and documented them in a shared area. What would likely follow to further the processes level of growth?
Question 50
Which of the following ways to check for input validation problems should be performed first?
Question 51
Many implementations of various authentication protocols, such as EAP-MD5 can provide authentication of a client to a server but not the reverse. Which vulnerability below would likely affect systems with such limitations?
Question 52
Which of the following is not an example of civil law?
Question 53
Which of the following is out of place?
Question 54
Standards have been decided on for an organization’s endpoint security for mobile devices. Which would follow next to direct users on how to support the security policy?
Question 55
A Data owner is primarily responsible for valuation of an asset. What other processes are the primary responsibility of the data owner?
Question 56
A CISO has met with a process owner and performed a risk assessment, identifying a potential exposure of PII. Before defining an architecture for stronger controls, what should the CISO do first?
Question 57
Having a process to regularly review vulnerability databases and initiate patching where appropriate is most associated with which of the following control categories?
Question 58
A CISO reviews an insurance policy to indemnify an organization should an accident occur to a machine due to accidental mistreatment. What situation below would most likely be the reason the CISO would decide not to implement the insurance policy?
Question 59
The cost of acquisition or development of a control is most likely far less than the costs associated with the cost of administration. In addition, the total cost of ownership should also include?
Question 60
Which of the following is considered the most secure way to ensure there is no residual data left at a cloud provider after termination of the service contract?
Question 61
Which of the following is the output of a hashing algorithm that is authenticated symmetrically?
Question 62
Which of the following best describes the difference between a Stream Cipher and a Block cipher?
Question 63
What is the relationship of focal length to field of view?
Question 64
With regards to an intrusion detection system, what is meant by an insertion attack?
Question 65
Voice Over IP or VOIP, uses two protocols; the Session Initiation Protocol (SIP) to initiate and maintain the session and one to carry the voice traffic. Which protocol listed below performs this second function?
Question 66
One of the many weaknesses of WEP is that the key used to authenticate to the access point is also used to encrypt data. WPA2 fixes this problem by using separate keys for these functions. To derive the encryption key, a function is run using a number of inputs including?
Question 67
In organizations where it is considered unacceptable risk to allow a user to make entitlement changes which access control model would be most appropriate?
Question 68
Extensible Access Control Markup Language (XACML) and Next Generation Access Control (NGAC) are both examples of which of the following?
Question 69
Which of the following is most likely to affect a change in an organization’s BC/DR policy?
Question 70
To ensure performance as expected, management has implemented continuous monitoring of a given control. Which of the following are the most important metrics to record and review for security status trending?
Question 71
Which of the following about penetration testing is most true? Penetration tests…
Question 72
Which test type provides the most assurance that contingency technologies specified in the DR plan are appropriate in a most cost-effective manner, without impact to production?
Question 73
Which access control concept refers to isolating memory so processes can protect from violations of the need to know principle?
Question 74
Which of the following is a threat model?
Question 75
At what stage in the BC/DR life cycle are the specific criticality metrics determined?
Question 76
What is a common term for spam over VOIP?
Question 77
A Vendor releases a hot fix for their operating system which was certified under the Common Criteria (ISO/IEC 15409) through NIAP at EAL Level 4. After the fix is applied, which of the following is true?
Question 78
At what stage of a development life cycle do users validate the new system?
Question 79
What the common term used to describe the property of algorithm to mitigate chosen plain text attacks that use differential analysis to guess variables?
Question 80
The primary purpose of exercising recovery plans is to:
Question 81
Without encryption, VOIP traffic is vulnerable to sniffing. To protect against such attacks various protocols have been suggest and applied. Which method below encrypts the actual voice data?
Question 82
WPA2 made significant improvements to wireless networking over WEP. However there are still attacks that may work against it to derive the data encryption key. Which of the following is most true?
Question 83
If a program is to support mutilevel data, which of the following would allow the program to be trusted not to share memory from one level to another?
Question 84
Who would be in the best position to confirm the appropriateness of the contingency plans after a test and exercise?
Question 85
Which of the following is the biggest risk to PKI?
Question 86
Which of the following is most true about Fuzzing?
Question 87
What is the relationship between Maximum Tolerable Downtime or MTD and Recovery Time Objectives or RTO?
Question 88
Which of the following protocols allows for multiple network protocol types, including broadcast, multicast and other non routable layer 2 traffic, to be routed over an IP network through a tunnel?
Question 89
Which of the following helped improve issues with the Initialization Vectors used in WEP as opposed to when implemented in WPA2?
Question 90
During a BIA, Alice notices that data for an online customer order tracking system is backed up nightly to a remote system. However if there were a disk crash, there could be a loss of up to a full day’s transactions. When Alice informs the process owner, the owner performs a needs analysis do determine an acceptable backup schedule. What metric would Alice use to design a more appropriate solution?
Question 91
Biometrics can be used to identify and authenticate a subject. First a subject must be enrolled in a database that contains the subjects identity and unique characteristics in a reference file. Which of the following is used to both identify and authenticate the subject when their biometric characteristic is supplied by a reader?
Question 92
In remote access solutions, passwords are often used to authenticate subjects. Early systems would send the password in clear text, however making it vulnerable to interception. While encryption can protect a password, it has become desirable to use additional methods to allow a subject to be authenticate using tokens, biometrics and other methods. Which of the following can optionally be configured to perform mutual authentication using PKI?
Question 93
During a BC/DR exercise, a critical system was not recovered in the required time frame. An assessment by an independent observer identified a gap in the point of contact list accuracy. After further analysis, it was determined that the human resource records were not consistent with the contact lists in the call trees. Which of the following is most likely to improve the process?
Question 94
Which two types of attacks are likely most difficult to prevent?
Question 95
Most production applications, such as those provided by third parties through cloud SaaS models are encrypted through transport layer protocols such as SSL/TLS. However, even when all data in the payload of a transport is kept confidential from eavesdroppers, there is still a threat to the communication that would possibly allow attackers to determine otherwise private information. Which of the following attacks could more likely determine confidential information over an encrypted channel?
Question 96
Bob is asked to perform a business impact analysis for the customer service department. He is currently reviewing the service level agreements to determine the most cost effective plan. Which of the following metrics will MOST help Bob in his analysis?
Question 97
To determine the most appropriate controls of an organization’s needs, all assets must be identified and valued. As part of the valuation, it is best practice to consider the impact if an asset is compromised and experiences loss of confidentiality, integrity and or availability. These losses could come from man made or natural events. What process is used to determine if an asset could be effected by such events?
Question 98
Blockchain based consensus protocols promise to revolutionize many of the processes and applications that power the internet and other parts of society, including financial systems, agriculture and even voting by using hashing and asymmetric signing algorithms. Multisignature (multisig) is often use to mitigate fraud in such system as a way of implementing what best practice below?
Question 99
After understanding the recovery time objectives for the human resources department, Alice reviewed various alternate data processing facilities to determine which would allow a recovery process in the required time frame. She found that while it would be less expensive to lease a site from a provider, there was no vendor with a site close enough to the primary site to meet the timing constraints. She therefore decided the organization should build its own facility. At what stage in the life cycle does Alice make such decisions?
Question 100
Advances in quantum computing appear to be on the verge of cracking our most common protocols used for key agreement and signing. Many newer algorithms are currently being developed to treat this risk including lattice based systems and perhaps even quantum cryptography. Besides being resistant to Shor’s algorithm, what other feature makes quantum encryption attractive?