Question 441
Which of the following technologies can be used to monitor and dynamically respond to potential threats on web applications?
A. Field-level tokenization
B. Web application vulnerability scanners
C. Runtime application self-protection (RASP)
D. Security Assertion Markup Language (SAML)
Question 442
A security architect is developing an information system for a client. One of the requirements is to deliver a platform that mitigates against common vulnerabilities and attacks. What is the MOST efficient option used to prevent buffer overflow attacks?
A. Access control mechanisms
B. Process isolation
C. Address Space Layout Randomization (ASLR)
D. Processor states
Question 443
In a quarterly system access review, an active privileged account was discovered that did not exist in the prior review on the production system. The account was created one hour after the previous access review. Which of the following is the BEST option to reduce overall risk in addition to quarterly access reviews?
A. Implement bi-annual reviews
B. Create policies for system access
C. Implement and review risk-based alerts
D. Increase logging levels
Question 444
A corporation does not have a formal data destruction policy. During which phase of a criminal legal proceeding will this have the MOST impact?
A. Sentencing
B. Trial
C. Discovery
D. Arraignment
Question 445
What is considered the BEST explanation when determining whether to provide remote network access to a third-party security service?
A. Contract negotiation
B. Supplier request
C. Business need
D. Vendor demonstration
Question 446
The acquisition of personal data being obtained by a lawful and fair means is an example of what principle?
A. Collection Limitation Principle
B. Openness Principle
C. Purpose Specification Principle
D. Data Quality Principle
Question 447
Which of the following is the MOST appropriate control for asset data labeling procedures?
A. Categorizing the types of media being used
B. Logging data media to provide a physical inventory control
C. Reviewing off-site storage access controls
D. Reviewing audit trails of logging records
Question 448
What is the BEST approach to anonymizing personally identifiable information (PII) in a test environment?
A. Swapping data
B. Randomizing data
C. Encoding data
D. Encrypting data
Question 449
Which of the following departments initiates the request, approval, and provisioning business process?
A. Operations
B. Security
C. Human resources (HR)
D. Information technology (IT)
Question 450
An organization is setting a security assessment scope with the goal of developing a Security Management Program (SMP). The next step is to select an approach for conducting the risk assessment. Which of the following approaches is MOST effective for the SMP?
A. Security controls–driven assessment
B. Business process–based risk assessment
C. Asset-driven assessment
D. Data-driven assessment
Question 451
Which technique helps system designers consider potential security concerns of their systems and applications?
A. Threat modeling
B. Manual inspections and reviews
C. Source code review
D. Penetration testing
Question 452
A security professional can BEST mitigate the risk of using a Commercial Off-The-Shelf (COTS) solution by deploying the application with which of the following controls in place?
A. Network segmentation
B. Blacklisting application
C. Whitelisting application
D. Hardened configuration
Question 453
Which of the following BEST describes centralized identity management?
A. Service providers perform as both the credential and identity provider (IdP).
B. Service providers identify an entity by behavioral analysis versus an identification factor.
C. Service providers agree to integrate identity system recognition across organizational boundaries.
D. Service providers rely on a trusted third party (TTP) to provide requestors with both credentials and identifiers.
Question 454
What is the MOST significant benefit of role-based access control (RBAC)?
A. Reduces inappropriate access
B. Management of least privilege
C. Most granular form of access control
D. Reduction in authorization administration overhead
Question 455
What is the MOST common security risk of a mobile device?
A. Data spoofing
B. Malware infection
C. Insecure communications link
D. Data leakage
Question 456
What level of Redundant Array of Independent Disks (RAID) is configured PRIMARILY for high-performance data reads and writes?
A. RAID-0
B. RAID-1
C. RAID-5
D. RAID-6
Question 457
What type of risk is related to the sequences of value-adding and managerial activities undertaken in an organization?
A. Control risk
B. Demand risk
C. Supply risk
D. Process risk
Question 458
International bodies established a regulatory scheme that defines how weapons are exchanged between the signatories. It also addresses cyber weapons, including malicious software, Command and Control (C2) software, and internet surveillance software. This is a description of which of the following?
A. International Traffic in Arms Regulations (ITAR)
B. Palermo convention
C. Wassenaar arrangement
D. General Data Protection Regulation (GDPR)
Question 459
An organization has implemented a protection strategy to secure the network from unauthorized external access. The new Chief Information Security Officer (CISO) wants to increase security by better protecting the network from unauthorized internal access. Which Network Access Control (NAC) capability BEST meets this objective?
A. Port security
B. Two-factor authentication (2FA)
C. Strong passwords
D. Application firewall
Question 460
Which section of the assessment report addresses separate vulnerabilities, weaknesses, and gaps?
A. Findings definition section
B. Risk review section
C. Executive summary with full details
D. Key findings section