Question 281
Data remanence refers to which of the following?
A. The remaining photons left in a fiber optic cable after a secure transmission.
B. The retention period required by law or regulation.
C. The magnetic flux created when removing the network connection from a server or personal computer.
D. The residual information left on magnetic storage media after a deletion or erasure.
Question 282
Which of the following is the MOST important element of change management documentation?
A. List of components involved
B. Number of changes being made
C. Business case justification
D. A stakeholder communication
Question 283
Which of the following is a reason to use manual patch installation instead of automated patch management?
A. The cost required to install patches will be reduced.
B. The time during which systems will remain vulnerable to an exploit will be decreased.
C. The likelihood of system or application incompatibilities will be decreased.
D. The ability to cover large geographic areas is increased.
Question 284
If compromised, which of the following would lead to the exploitation of multiple virtual machines?
A. Virtual device drivers
B. Virtual machine monitor
C. Virtual machine instance
D. Virtual machine file system
Question 285
After a thorough analysis, it was discovered that a perpetrator compromised a network by gaining access to the network through a Secure Socket Layer (SSL) Virtual Private Network (VPN) gateway. The perpetrator guessed a username and brute forced the password to gain access. Which of the following BEST mitigates this issue?
A. Implement strong passwords authentication for VPN
B. Integrate the VPN with centralized credential stores
C. Implement an Internet Protocol Security (IPSec) client
D. Use two-factor authentication mechanisms
Question 286
A mobile device application that restricts the storage of user information to just that which is needed to accomplish lawful business goals adheres to what privacy principle?
A. Onward transfer
B. Collection Limitation
C. Collector Accountability
D. Individual Participation
Question 287
Which of the following PRIMARILY contributes to security incidents in web-based applications?
A. Systems administration and operating systems
B. System incompatibility and patch management
C. Third-party applications and change controls
D. Improper stress testing and application interfaces
Question 288
Which of the following is most helpful in applying the principle of LEAST privilege?
A. Establishing a sandboxing environment
B. Setting up a Virtual Private Network (VPN) tunnel
C. Monitoring and reviewing privileged sessions
D. Introducing a job rotation program
Question 289
What is an important characteristic of Role Based Access Control (RBAC)?
A. Supports Mandatory Access Control (MAC)
B. Simplifies the management of access rights
C. Relies on rotation of duties
D. Requires two factor authentication
Question 290
Which of the following is the BIGGEST weakness when using native Lightweight Directory Access Protocol (LDAP) for authentication?
A. Authorizations are not included in the server response
B. Unsalted hashes are passed over the network
C. The authentication session can be replayed
D. Passwords are passed in cleartext
Question 291
Which security approach will BEST minimize Personally Identifiable Information (PII) loss from a data breach?
A. A strong breach notification process
B. Limited collection of individuals' confidential data
C. End-to-end data encryption for data in transit
D. Continuous monitoring of potential vulnerabilities
Question 292
Which of the following are Systems Engineering Life Cycle (SELC) Technical Processes?
A. Concept, Development, Production, Utilization, Support, Retirement
B. Stakeholder Requirements Definition, Architectural Design, Implementation, Verification, Operation
C. Acquisition, Measurement, Configuration Management, Production, Operation, Support
D. Concept, Requirements, Design, Implementation, Production, Maintenance, Support, Disposal
Question 293
Which of the following describes the BEST configuration management practice?
A. After installing a new system, the configuration files are copied to a separate back-up system and hashed to detect tampering.
B. After installing a new system, the configuration files are copied to an air-gapped system and hashed to detect tampering.
C. The firewall rules are backed up to an air-gapped system.
D. A baseline configuration is created and maintained for all relevant systems.
Question 294
Which of the following is the PRIMARY security concern associated with the implementation of smart cards?
A. The cards have limited memory
B. Vendor application compatibility
C. The cards can be misplaced
D. Mobile code can be embedded in the card
Question 295
Retaining system logs for six months or longer can be valuable for what activities?
A. Disaster recovery and business continuity
B. Forensics and incident response
C. Identity and authorization management
D. Physical and logical access control
Question 296
Secure Sockets Layer (SSL) encryption protects
A. data at rest.
B. the source IP address.
C. data transmitted.
D. data availability.
Question 297
The implementation of which features of an identity management system reduces costs and administration overhead while improving audit and accountability?
A. Two-factor authentication
B. Single Sign-On (SSO)
C. User self-service
D. A metadirectory
Question 298
Application of which of the following Institute of Electrical and Electronics Engineers (IEEE) standards will prevent an unauthorized wireless device from being attached to a network?
A. IEEE 802.1F
B. IEEE 802.1H
C. IEEE 802.1Q
D. IEEE 802.1X
Question 299
The PRIMARY security concern for handheld devices is the
A. strength of the encryption algorithm.
B. spread of malware during synchronization.
C. ability to bypass the authentication mechanism.
D. strength of the Personal Identification Number (PIN).
Question 300
Software Code signing is used as a method of verifying what security concept?
A. Integrity
B. Confidentiality
C. Availability
D. Access Control