Question 721
A security practitioner has been asked to model best practices for disaster recovery (DR) and business continuity. The practitioner has decided that a formal committee is needed to establish a business continuity policy. Which of the following BEST describes this stage of business continuity development?
A. Developing and Implementing business continuity plans (BCP)
B. Project Initiation and Management
C. Risk Evaluation and Control
D. Business impact analysis (BIA)
Question 722
What physical characteristic does a retinal scan biometric device measure?
A. The amount of light reflected by the retina
B. The pattern of blood vessels at the back of the eye
C. The size, curvature, and shape of the retina
D. The pattern of light receptors in the back of the eye
Question 723
Which of the following BEST represents a defense in depth concept?
A. Network-based data loss prevention (DLP), Network Access Control (NAC), network-based Intrusion prevention system (NIPS), Port security on core switches
B. Host-based data loss prevention (DLP), Endpoint anti-malware solution, Host-based integrity checker, Laptop locks, hard disk drive (HDD) encryption
C. Endpoint security management, network intrusion detection system (NIDS), Network Access Control (NAC), Privileged Access Management (PAM), security information and event management (SIEM)
D. Web application firewall (WAF), Gateway network device tuning, Database firewall, Next-Generation Firewall (NGFW), Tier-2 demilitarized zone (DMZ) tuning
Question 724
Which of the following is required to verify the authenticity of a digitally signed document?
A. Agreed upon shared secret
B. Digital hash of the signed document
C. Recipient’s public key
D. Sender’s private key
Question 725
Which of the following contributes MOST to the effectiveness of a security officer?
A. Developing precise and practical security plans
B. Integrating security into the business strategies
C. Understanding the regulatory environment
D. Analyzing the strengths and weaknesses of the organization
Question 726
Where can the Open Web Application Security Project (OWASP) list of associated vulnerabilities be found?
A. OWASP Mobile Project
B. OWASP Software Assurance Maturity Model (SAMM) Project
C. OWASP Guide Project
D. OWASP Top 10 Project
Question 727
Employee training, risk management, and data handling procedures and policies could be characterized as which type of security measure?
A. Preventative
B. Management
C. Non-essential
D. Administrative
Question 728
A hospital’s building controls system monitors and operates the environmental equipment to maintain a safe and comfortable environment. Which of the following could be used to minimize the risk of utility supply interruption?
A. Digital protection and control devices capable of minimizing the adverse impact to critical utility
B. Standardized building controls system software with high connectivity to hospital networks
C. Lock out maintenance personnel from the building controls system access that can impact critical utility supplies
D. Digital devices that can turn equipment off and continuously cycle rapidly in order to increase supplies and conceal activity on the hospital network
Question 729
Which of the following statements BEST distinguishes a stateful packet inspection firewall from a stateless packet filter firewall?
A. The SPI inspects traffic on a packet-by-packet basis.
B. The SPI inspects the flags on Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) packets.
C. The SPI is capable of dropping packets based on a pre-defined rule set.
D. The SPI inspects the traffic in the context of a session.
Question 730
What is the MAIN purpose of conducting a business impact analysis (BIA)?
A. To determine the cost for restoration of damaged information system
B. To determine the controls required to return to business critical operations
C. To determine the critical resources required to recover from an incident within a specified time period
D. To determine the effect of mission-critical information system failures on core business processes
Question 731
Which algorithm gets its security from the difficulty of calculating discrete logarithms in a finite field and is used to distribute keys, but cannot be used to encrypt or decrypt messages?
A. Kerberos
B. Digital Signature Algorithm (DSA)
C. Diffie-Hellman
D. Rivest-Shamir-Adleman (RSA)
Question 732
Which of the following is established to collect information in accordance with pre-established metrics, utilizing information readily available in part through implemented security controls?
A. Security Assessment Report (SAR)
B. Organizational risk tolerance
C. Risk assessment report
D. Information Security Continuous Monitoring (ISCM)
Question 733
When conducting a remote access session using Internet Protocol Security (IPSec), which Open Systems Interconnection (OSI) model layer does this connection use?
A. Presentation
B. Transport
C. Network
D. Data link
Question 734
Which of the following is the MOST effective corrective control to minimize the effects of a physical intrusion?
A. Rapid response by guards or police to apprehend a possible intruder
B. Sounding a loud alarm to frighten away a possible intruder
C. Automatic videotaping of a possible intrusion
D. Activating bright lighting to frighten away a possible intruder
Question 735
Which of the following are the three MAIN categories of security controls?
A. Preventative, corrective, detective
B. Administrative, technical, physical
C. Corrective, detective, recovery
D. Confidentiality, integrity, availability
Question 736
Which is the PRIMARY mechanism for providing the workforce with the information needed to protect an agency’s vital information resources?
A. Implementation of access provisioning process for coordinating the creation of user accounts
B. Incorporating security awareness and training as part of the overall information security program
C. An information technology (IT) security policy to preserve the confidentiality, integrity, and availability of systems
D. Execution of periodic security and privacy assessments to the organization
Question 737
Which of the following is considered the FIRST step when designing an internal security control assessment?
A. Create a plan based on comprehensive knowledge of known breaches.
B. Create a plan based on reconnaissance of the organization’s infrastructure.
C. Create a plan based on a recognized framework of known controls.
D. Create a plan based on recent vulnerability scans of the systems in question.
Question 738
The Open Web Application Security Project’s (OWASP) Software Assurance Maturity Model (SAMM) allows organizations to implement a flexible software security strategy to measure organizational impact based on what risk management aspect?
A. Risk exception
B. Risk tolerance
C. Risk treatment
D. Risk response
Question 739
What is the PRIMARY reason that a bit-level copy is more desirable than a file-level copy when replicating a hard drive’s contents for an e-discovery investigation?
A. The corruption of files is less likely.
B. Files that have been deleted will be transferred.
C. The file and directory structure is retained.
D. File-level security settings will be preserved.
Question 740
An organization outgrew its internal data center and is evaluating third-party hosting facilities. In this evaluation, which of the following is a PRIMARY factor for selection?
A. Facility provides an acceptable level of risk
B. Facility provides disaster recovery (DR) services
C. Facility has physical access protection measures
D. Facility provides the most cost-effective solution