Question 701
When reviewing the security logs, the password shown for an administrative login event was ‘OR ‘1’=‘1’–. This is an example of which of the following kinds of attack?
A. Structured Query Language (SQL) Injection
B. Brute Force Attack
C. Rainbow Table Attack
D. Cross-Site Scripting (XSS)
Question 702
Which is the BEST control to meet the Statement on Standards for Attestation Engagements 18 (SSAE-18) confidentiality category?
A. File hashing
B. Storage encryption
C. Data retention policy
D. Data processing
Question 703
Which of the following BEST describes why software assurance is critical in helping prevent an increase in business and mission risk for an organization?
A. Request for proposals (RFP) avoid purchasing software that does not meet business needs.
B. Contracting processes eliminate liability for security vulnerabilities for the purchaser.
C. Decommissioning of old software reduces long-term costs related to technical debt.
D. Software that does not perform as intended may be exploitable which makes it vulnerable to attack.
Question 704
An employee’s home address should be categorized according to which of the following references?
A. The consent form terms and conditions signed by employees
B. An organization security plan for human resources
C. Existing employee data classifications
D. The organization’s data classification model
Question 705
Which of the following activities should a forensic examiner perform FIRST when determining the priority of digital evidence collection at a crime scene?
A. Gather physical evidence.
B. Assign responsibilities to personnel on the scene.
C. Establish a list of files to examine.
D. Establish order of volatility.
Question 706
Which software defined networking (SDN) architectural component is responsible for translating network requirements?
A. SDN Controller
B. SDN Datapath
C. SDN Northbound Interfaces
D. SDN Application
Question 707
An internal audit for an organization recently identified malicious actions by a user account. Upon further investigation, it was determined the offending user account was used by multiple people at multiple locations simultaneously for various services and applications. What is the BEST method to prevent this problem in the future?
A. Ensure each user has their own unique account.
B. Allow several users to share a generic account.
C. Ensure the security information and event management (SIEM) is set to alert.
D. Inform users only one user should be using the account at a time.
Question 708
Who should perform the design review to uncover security design flaws as part of the Software Development Life Cycle (SDLC)?
A. A security subject matter expert (SME)
B. A developer subject matter expert (SME)
C. The business owner
D. The application owner
Question 709
The initial security categorization should be done early in the system life cycle and should be reviewed periodically. Why is it important for this to be done correctly?
A. It determines the functional and operational requirements.
B. It determines the security requirements.
C. It affects other steps in the certification and accreditation process.
D. The system engineering process works with selected security controls.
Question 710
When designing a Cyber-Physical System (CPS), which of the following should be a security practitioner’s first consideration?
A. Detection of sophisticated attackers
B. Topology of the network used for the system
C. Risk assessment of the system
D. Resiliency of the system
Question 711
Which of the following events prompts a review of the disaster recovery plan (DRP)?
A. Change in senior management
B. Completion of the security policy review
C. Organizational merger
D. New members added to the steering committee
Question 712
A user is allowed to access the file labeled “Financial Forecast,” but only between 9:00 a.m. and 5:00 p.m., Monday through Friday. Which type of access mechanism should be used to accomplish this?
A. Minimum access control
B. Limited role-based access control (RBAC)
C. Access control list (ACL)
D. Rule-based access control
Question 713
What is the benefit of using Network Admission Control (NAC)?
A. NAC only supports Windows operating systems (OS).
B. NAC supports validation of the endpoint’s security posture prior to allowing the session to go into an authorized state.
C. NAC can require the use of certificates, passwords, or a combination of both before allowing network admission.
D. Operating system (OS) versions can be validated prior to allowing network access.
Question 714
When MUST an organization’s information security strategic plan be reviewed?
A. Whenever there are major changes to the business
B. Quarterly, when the organization’s strategic plan is updated
C. Every three years, when the organization’s strategic plan is updated
D. Whenever there are significant changes to a major application
Question 715
An established information technology (IT) consulting firm is considering acquiring a successful local startup. To gain a comprehensive understanding of the startup’s security posture, which type of assessment provides the BEST information?
A. A security audit
B. A tabletop exercise
C. A penetration test
D. A security threat model
Question 716
An organization plans to acquire a commercial off-the-shelf (COTS) system to replace their aging home-built reporting system. When should the organization’s security team FIRST get involved in this acquisition’s life cycle?
A. When the system is verified and validated
B. When the need for a system is expressed and the purpose of the system is documented
C. When the system is deployed into production
D. When the system is being designed, purchased, programmed, developed, or otherwise constructed
Question 717
Which of the following is a PRIMARY security weakness in the design of Domain Name System (DNS)?
A. Each DNS server must hold the address of the root servers.
B. A DNS server can be disabled in a denial-of-service (DoS) attack.
C. A DNS server does not authenticate source of information.
D. A DNS server database can be injected with falsified checksums.
Question 718
To minimize the vulnerabilities of a web-based application, which of the following FIRST actions will lock down the system and minimize the risk of an attack?
A. Apply the latest vendor patches and updates
B. Run a vulnerability scanner
C. Review access controls
D. Install an antivirus on the server
Question 719
An organization has implemented a password complexity and an account lockout policy enforcing five incorrect logins tries within ten minutes. Network users have reported significantly increased account lockouts. Which of the following security principles is this company affecting?
A. Confidentiality
B. Integrity
C. Availability
D. Authentication
Question 720
In the last 15 years a company has experienced three electrical failures. The cost associated with each failure is listed below. Which of the following would be a reasonable annual loss expectation?
Availability – 60,000
Integrity – 10,000
Confidentiality – 0
Total Impact – 70,000
A. 3,500
B. 14,000
C. 10,000
D. 350,000