A large international organization that collects consumer data has contracted with a SaaS provider to process it. The SaaS vendor uses additional processing for demonstration purposes, claiming it is not disclosing to other organizations. Which of the following BEST supports this rationale? A. The data was encrypted and only a few cloud provider employees had access. B. As the data owner, the cloud provider directs how the data will be processed. C. As the data processor, the cloud provider has authority to direct how the data will be processed. D. The agreement between both parties is vague and does not detail how data can be used.
Answer: C
Rationale: Under GDPR, a data processor acts under instruction from the data controller but manages how processing occurs operationally.
Question 782
Question 782
A security engineer auditing a company’s VoIP network finds unauthorized calls being placed internationally. Which type of attack occurred? A. Control eavesdropping B. Toll fraud C. Call hijacking D. Address spoofing
Answer: B
Rationale: Toll fraud exploits VoIP systems to make unauthorized long-distance or international calls, often for profit.
Question 783
Question 783
An organization wants to enhance wireless network threat detection. To improve response and automate alerts, which best practice should be implemented FIRST? A. Deploy a standalone guest Wi-Fi network. B. Implement MFA on all domain accounts. C. Deploy a wireless intrusion detection system (IDS). D. Implement 802.1x authentication.
Answer: D
Rationale: 802.1x ensures secure authentication and access control, which is foundational before adding detection systems.
Question 784
Question 784
Security personnel should be trained by emergency management staff in disaster response and recovery. Which part of physical security design does this fall under? A. Legal concerns B. Loss prevention C. Emergency preparedness D. Liability for employee conduct
Answer: C
Rationale: Emergency preparedness includes training, drills, and planning for effective response to incidents and disasters.
Question 785
Question 785
How is protection for hypervisor host and software administration functions BEST achieved? A. Enforce network controls using a host-based firewall. B. Deploy the management interface in a dedicated virtual network segment. C. Separate physical NICs for management traffic and network traffic. D. Deny permissions to specific VMs and objects.
Answer: B
Rationale: Isolating hypervisor management traffic in a dedicated virtual network segment prevents exposure to unauthorized access.
Question 786
Question 786
To ensure compliance with GDPR, who should the help desk manager consult before selecting a SaaS solution? A. Data owner B. Database administrator (DBA) C. Data center manager D. Data Protection Officer (DPO)
Answer: D
Rationale: The DPO oversees GDPR compliance and must review SaaS solutions handling personal or regulated data.
Question 787
Question 787
A company whose Information Technology (IT) services are being delivered from a Tier 4 data center, is preparing a companywide Business Continuity Planning (BCP). Which of the following failures should the IT manager be concerned with? A. Application B. Storage C. Power D. Network
Answer: C
Rationale: Even Tier 4 data centers are designed for fault tolerance, but power failures — especially external ones — remain a critical concern for business continuity.
Question 788
Question 788
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that A. determine the risk of a business interruption occurring B. determine the technological dependence of the business processes C. identify the operational impacts of a business interruption D. identify the financial impacts of a business interruption
Answer: B
Rationale: The BIA evaluates the impact of interruptions (operational and financial), not technological dependencies or root causes, which are handled in the risk assessment phase.
Question 789
Question 789
Which of the following actions will reduce risk to a laptop before traveling to a high risk area? A. Examine the device for physical tampering B. Implement more stringent baseline configurations C. Purge or re-image the hard disk drive D. Change access codes
Answer: D
Rationale: Changing access codes such as passwords or PINs reduces the risk of unauthorized access when traveling to high-risk areas.
Question 790
Question 790
Intellectual property rights are PRIMARY concerned with which of the following? A. Owner’s ability to realize financial gain B. Owner’s ability to maintain copyright C. Right of the owner to enjoy their creation D. Right of the owner to control delivery method
Answer: A
Rationale: Deduplication removes redundant data by storing only unique instances, making it more efficient than compression for redundant data elimination.
Question 791
Question 791
Which of the following types of technologies would be the MOST cost-effective method to provide a reactive control for protecting personnel in public areas? A. Install mantraps at the building entrances B. Enclose the personnel entry area with polycarbonate plastic C. Supply a duress alarm for personnel exposed to the public D. Hire a guard to protect the public area
Answer: D
Rationale: Hiring a guard provides a reactive human control capable of immediate response in public areas, balancing cost and effectiveness better than structural or technical measures.
Question 792
Question 792
What is the MOST important consideration from a data security perspective when an organization plans to relocate? A. Ensure the fire prevention and detection systems are sufficient to protect personnel B. Review the architectural plans to determine how many emergency exits are present C. Conduct a gap analysis of a new facilities against existing security requirements D. Revise the Disaster Recovery and Business Continuity (DR/BC) plan
Answer: C
Rationale: A gap analysis ensures the new facility meets current security requirements and identifies discrepancies before relocation, preventing unaddressed data security risks.
Question 793
Question 793
Which one of the following affects the classification of data? A. Assigned security label B. Multilevel Security (MLS) architecture C. Minimum query size D. Passage of time
Answer: D
Rationale: Data classification can change over time as information becomes less sensitive, thus the passage of time is a factor that affects classification levels.
Question 794
Question 794
When implementing a data classification program, why is it important to avoid too much granularity? A. The process will require too many resources B. It will be difficult to apply to both hardware and software C. It will be difficult to assign ownership to the data D. The process will be perceived as having value
Answer: A
Rationale: Excessive granularity complicates management and consumes resources, making classification impractical and inconsistent across the organization.
Question 795
Question 795
Which security service is served by the process of encryption plaintext with the sender’s private key and decrypting cipher text with the sender’s public key? A. Confidentiality B. Integrity C. Identification D. Availability
Answer: A
Rationale: Encrypting with a private key allows anyone with the public key to verify authenticity—serving integrity and non-repudiation—but here it’s intended to demonstrate authenticity, often tied to integrity. (Note: the document’s answer lists A, but conceptually, it aligns with integrity/non-repudiation.)
Question 796
Question 796
Who in the organization is accountable for classification of data information assets? A. Data owner B. Data architect C. Chief Information Security Officer (CISO) D. Chief Information Officer (CIO)
Answer: A
Rationale: The data owner determines classification and protection level because they understand the sensitivity and business value of the data.
Question 797
Question 797
What is the second phase of Public Key Infrastructure (PKI) key/certificate life-cycle management? A. Implementation Phase B. Initialization Phase C. Cancellation Phase D. Issued Phase
Answer: D
Rationale: After initialization, keys are issued for operational use, making the issuance phase the second stage of the PKI lifecycle.
Question 798
Question 798
Which of the following operates at the Network Layer of the Open System Interconnection (OSI) model? A. Packet filtering B. Port services filtering C. Content filtering D. Application access control
Answer: A
Rationale: Packet filtering operates at the Network Layer (Layer 3), inspecting IP packets based on address and protocol information.
Question 799
Question 799
Which of the following is used by the Point-to-Point Protocol (PPP) to determine packet formats? A. Layer 2 Tunneling Protocol (L2TP) B. Link Control Protocol (LCP) C. Challenge Handshake Authentication Protocol (CHAP) D. Packet Transfer Protocol (PTP)
Answer: B
Rationale: LCP negotiates and establishes PPP connections, including determining packet formats and configuration options.
Question 800
Question 800
Which of the following factors contributes to the weakness of Wired Equivalent Privacy (WEP) protocol? A. WEP uses a small range Initialization Vector (IV) B. WEP uses Message Digest 5 (MD5) C. WEP uses Diffie-Hellman D. WEP does not use any Initialization Vector (IV)
Answer: A
Rationale: WEP’s weakness stems from its small 24-bit IV, which causes key reuse and makes it susceptible to cryptographic attacks.