Topic 9: Exam Set A
Which of the following MUST be done when promoting a security awareness program to senior management?
A.
Show the need for security; identify the message and the audience
B.
Ensure that the security presentation is designed to be all-inclusive
C.
Notify them that their compliance is mandatory
D.
Explain how hackers have enhanced information security
Explain how hackers have enhanced information security
Which one of the following security mechanisms provides the BEST way to restrict the execution of privileged procedures?
A.
Role Based Access Control (RBAC)
B.
Biometric access control
C.
Federated Identity Management (IdM)
D.
Application hardening
Role Based Access Control (RBAC)
How can a forensic specialist exclude from examination a large percentage of operating
system files residing on a copy of the target system?
A.
Take another backup of the media in question then delete all irrelevant operating system files.
B.
Create a comparison database of cryptographic hashes of the files from a system with the same operating system and patch level.
C.
Generate a message digest (MD) or secure hash on the drive image to detect tampering of the media being examined.
D.
Discard harmless files for the operating system, and known installed programs
Create a comparison database of cryptographic hashes of the files from a system with the same operating system and patch level.
Which of the following is the BEST way to verify the integrity of a software patch?
A.
Cryptographic checksums
B.
Version numbering
C.
Automatic updates
D.
Vendor assurance
Cryptographic checksums
Copyright provides protection for which of the following?
A.
Ideas expressed in literary works
B.
A particular expression of an idea
C.
New and non-obvious inventions
D.
Discoveries of natural phenomena
A particular expression of an idea
Which of the following assessment metrics is BEST used to understand a system's
vulnerability to potential exploits?
A.
Determining the probability that the system functions safely during any time period
B.
Quantifying the system's available services
C.
Identifying the number of security flaws within the system
D.
Measuring the system's integrity in the presence of failure
Identifying the number of security flaws within the system
Why MUST a Kerberos server be well protected from unauthorized access?
A.
It contains the keys of all clients.
B.
It always operates at root privilege.
C.
It contains all the tickets for services.
D.
It contains the Internet Protocol (IP) address of all network entities.
It contains the keys of all clients.
Which of the following is considered best practice for preventing e-mail spoofing?
A.
Spam filtering
B.
Cryptographic signature
C.
Uniform Resource Locator (URL) filtering
D.
Reverse Domain Name Service (DNS) lookup
Cryptographic signature
Which of the following MUST be part of a contract to support electronic discovery of data stored in a cloud environment?
A.
Integration with organizational directory services for authentication
B.
Tokenization of data
C.
Accommodation of hybrid deployment models
D.
Identification of data location
Identification of data location
Which type of control recognizes that a transaction amount is excessive in accordance with
corporate policy?
A.
Detection
B.
Prevention
C.
Investigation
D.
Correction
Detection
Which Hyper Text Markup Language 5 (HTML5) option presents a security challenge for network data leakage prevention and/or monitoring?
A.
Cross Origin Resource Sharing (CORS)
B.
WebSockets
C.
Document Object Model (DOM) trees
D.
Web Interface Definition Language (IDL)
WebSockets
Which of the following wraps the decryption key of a full disk encryption implementation and ties the hard disk drive to a particular device?
A.
Trusted Platform Module (TPM)
B.
Preboot eXecution Environment (PXE)
C.
Key Distribution Center (KDC)
D.
Simple Key-Management for Internet Protocol (SKIP)
Trusted Platform Module (TPM)
| Page 11 out of 124 Pages |
| Previous |