The 802.1x standard provides a framework for what?

A.

Network authentication for only wireless networks

B.

Network authentication for wired and wireless networks

C.

Wireless encryption using the Advanced Encryption Standard (AES)

D.

Wireless network encryption using Secure Sockets Layer (SSL)

For an organization considering two-factor authentication for secure network access, which
of the following is MOST secure?

A.

Challenge response and private key

B.

Digital certificates and Single Sign-On (SSO)

C.

Tokens and passphrase

D.

Smart card and biometrics

In the network design below, where is the MOST secure Local Area Network (LAN)
segment to deploy a Wireless Access Point (WAP) that provides contractors access to the
Internet and authorized enterprise services?

Which of the following has the GREATEST impact on an organization's security posture?

A.

International and country-specific compliance requirements

B.

Security violations by employees and contractors

C.

Resource constraints due to increasing costs of supporting security

D.

Audit findings related to employee access and permissions process

Which of the following is the MOST important output from a mobile application threat modeling exercise according to Open Web Application Security Project (OWASP)?

A.

Application interface entry and endpoints

B.

The likelihood and impact of a vulnerability

C.

Countermeasures and mitigations for vulnerabilities

D.

A data flow diagram for the application and attack surface analysis

Which of the following is the BEST method to assess the effectiveness of an organization's vulnerability management program?

A.

Review automated patch deployment reports

B.

Periodic third party vulnerability assessment

C.

Automated vulnerability scanning

D.

Perform vulnerability scan by security team

Which of the following is an essential step before performing Structured Query Language (SQL) penetration tests on a production system?

A.

Verify countermeasures have been deactivated.

B.

Ensure firewall logging has been activated.

C.

Validate target systems have been backed up.

D.

Confirm warm site is ready to accept connections

Application of which of the following Institute of Electrical and Electronics Engineers (IEEE) standards will prevent an unauthorized wireless device from being attached to a network?

A.

IEEE 802.1F

B.

IEEE 802.1H

C.

IEEE 802.1Q

D.

IEEE 802.1X

Secure Sockets Layer (SSL) encryption protects

A.

data at rest.

B.

the source IP address.

C.

data transmitted.

D.

data availability.

If an identification process using a biometric system detects a 100% match between a presented template and a stored template, what is the interpretation of this result?

A.

User error

B.

Suspected tampering

C.

Accurate identification

D.

Unsuccessful identification

Which of the following is generally indicative of a replay attack when dealing with biometric authentication?

A.

False Acceptance Rate (FAR) is greater than 1 in 100,000

B.

False Rejection Rate (FRR) is greater than 5 in 100

C.

Inadequately specified templates

D.

Exact match

Order the below steps to create an effective vulnerability management process.