Which of the following is the BEST reason to review audit logs periodically?

A.

Verify they are operating properly

B.

Monitor employee productivity

C.

Identify anomalies in use patterns

D.

Meet compliance regulations

Refer to the information below to answer the question.
Desktop computers in an organization were sanitized for re-use in an equivalent security
environment. The data was destroyed in accordance with organizational policy and all
marking and other external indications of the sensitivity of the data that was formerly stored
on the magnetic drives were removed.
Organizational policy requires the deletion of user data from Personal Digital Assistant
(PDA) devices before disposal. It may not be possible to delete the user data if the device
is malfunctioning. Which destruction method below provides the BEST assurance that the
data has been removed?

A.

Knurling

B.

Grinding

C.

Shredding

D.

Degaussing

According to best practice, which of the following groups is the MOST effective in
performing an information security compliance audit?

A.

In-house security administrators

B.

In-house Network Team

C.

Disaster Recovery (DR) Team

D.

External consultants

Refer to the information below to answer the question.
An organization has hired an information security officer to lead their security department.
The officer has adequate people resources but is lacking the other necessary components
to have an effective security program. There are numerous initiatives requiring security
involvement.
The effectiveness of the security program can PRIMARILY be measured through

A.

audit findings.

B.

risk elimination.

C.

audit requirements.

D.

customer satisfaction.

Refer to the information below to answer the question.
In a Multilevel Security (MLS) system, the following sensitivity labels are used in increasing
levels of sensitivity: restricted, confidential, secret, top secret. Table A lists the clearance
levels for four users, while Table B lists the security classes of four different files

In a Bell-LaPadula system, which user has the MOST restrictions when writing data to any of the four files?

A.

User A

B.

User B

C.

User C

D.

User D

Refer to the information below to answer the question.
An organization experiencing a negative financial impact is forced to reduce budgets and
the number of Information Technology (IT) operations staff performing basic logical access
security administration functions. Security processes have been tightly integrated into
normal IT operations and are not separate and distinct roles.
Which of the following will be the PRIMARY security concern as staff is released from the
organization?

A.

Inadequate IT support

B.

Loss of data and separation of duties

C.

Undocumented security controls

D.

Additional responsibilities for remaining staff

Which of the following is the BEST way to determine if a particular system is able to identify malicious software without executing it?

A.

Testing with a Botnet

B.

Testing with an EICAR file

C.

Executing a binary shellcode

D.

Run multiple antivirus programs

What is the MAIN feature that onion routing networks offer?

A.

Non-repudiation

B.

Traceability

C.

Anonymity

D.

Resilience

Which of the following is the MOST difficult to enforce when using cloud computing?

A.

Data access

B.

Data backup

C.

Data recovery

D.

Data disposal

An organization publishes and periodically updates its employee policies in a file on their intranet. Which of the following is a PRIMARY security concern?

A.

Availability

B.

Confidentiality

C.

Integrity

D.

Ownership

Which of the following is a process within a Systems Engineering Life Cycle (SELC) stage?

A.

Requirements Analysis

B.

Development and Deployment

C.

Production Operations

D.

Utilization Support

Identify the component that MOST likely lacks digital accountability related to information
access.
Click on the correct device in the image below.