Which of the following is the PRIMARY benefit of a formalized information classification program?

A.

It minimized system logging requirements.

B.

It supports risk assessment.

C.

It reduces asset vulnerabilities.

D.

It drives audit processes.

Which of the following sets of controls should allow an investigation if an attack is no tblocked by preventive controls or detected by monitoring?

A.

Logging and audit trail controls to enable forensic analysis

B.

Security incident response lessons learned procedures

C.

Security event alert triage done by analysts using a Security Information and Event Management (SIEM) system

D.

Transactional controls focused on fraud prevention

Which of the following are effective countermeasures against passive network-layer attacks?

A.

Federated security and authenticated access controls

B.

Trusted software development and run time integrity controls

C.

Encryption and security enabled applications

D.

Enclave boundary protection and computing environment defense

Which of the following BEST represents the concept of least privilege?

A.

Access to an object is denied unless access is specifically allowed.

B.

Access to an object is only available to the owner.

C.

Access to an object is allowed unless it is protected by the information security policy.

D.

Access to an object is only allowed to authenticated users via an Access Control List (ACL).

Which of the following is a weakness of Wired Equivalent Privacy (WEP)?

A.

Length of Initialization Vector (IV)

B.

Protection against message replay

C.

Detection of message tampering

D.

Built-in provision to rotate keys

Which of the following is BEST suited for exchanging authentication and authorization messages in a multi-party decentralized environment?

A.

Lightweight Directory Access Protocol (LDAP)

B.

Security Assertion Markup Language (SAML)

C.

Internet Mail Access Protocol

D.

Transport Layer Security (TLS)

What is an advantage of Elliptic Curve Cryptography (ECC)?

A.

Cryptographic approach that does not require a fixed-length key

B.

Military-strength security that does not depend upon secrecy of the algorithm

C.

Opportunity to use shorter keys for the same level of security

D.

Ability to use much longer keys for greater security

A proxy firewall operates at what layer of the Open System Interconnection (OSI) model?

A.

Transport

B.

Data link

C.

Network

D.

Application

Which of the following adds end-to-end security inside a Layer 2 Tunneling Protocol (L2TP) Internet Protocol Security (IPSec) connection?

A.

Temporal Key Integrity Protocol (TKIP)

B.

Secure Hash Algorithm (SHA)

C.

Secure Shell (SSH)

D.

Transport Layer Security (TLS)

Which of the following is a characteristic of the initialization vector when using Data Encryption Standard (DES)?

A.

It must be known to both sender and receiver.

B.

It can be transmitted in the clear as a random number.

C.

It must be retained until the last block is transmitted.

D.

It can be used to encrypt and decrypt information.

Which of the following BEST describes a chosen plaintext attack?

A.

The cryptanalyst can generate ciphertext from arbitrary text.

B.

The cryptanalyst examines the communication being sent back and forth.

C.

The cryptanalyst can choose the key and algorithm to mount the attack.

D.

The cryptanalyst is presented with the ciphertext from which the original message is determined.

An application developer is deciding on the amount of idle session time that the application allows before a timeout. The BEST reason for determining the session timeout requirement is

A.

organization policy.

B.

industry best practices.

C.

industry laws and regulations.

D.

management feedback.