A company seizes a mobile device suspected of being used in committing fraud. What would be the BEST method used by a forensic examiner to isolate the powered-on device from the network and preserve the evidence?

A.

Put the device in airplane mode

B.

Suspend the account with the telecommunication provider

C.

Remove the SIM card

D.

Turn the device off

What is the MAIN purpose of a change management policy?

A.

To assure management that changes to the Information Technology (IT) infrastructure
are necessary

B.

To identify the changes that may be made to the Information Technology (IT)
infrastructure

C.

To verify that changes to the Information Technology (IT) infrastructure are approved

D.

To determine the necessary for implementing modifications to the Information
Technology (IT)
infrastructure

What is the process of removing sensitive data from a system or storage device with the intent that the data cannot be reconstructed by any known technique?

A.

Purging

B.

Encryption

C.

Destruction

D.

Clearing

What protocol is often used between gateway hosts on the Internet?

A.

Exterior Gateway Protocol (EGP)

B.

Border Gateway Protocol (BGP)

C.

Open Shortest Path First (OSPF)

D.

Internet Control Message Protocol (ICMP)

Which of the following entails identification of data and links to business processes, applications, and data
stores as well as assignment of ownership responsibilities?

A.

Security governance

B.

Risk management

C.

Security portfolio management

D.

Risk assessment

Which of the following is the MOST important security goal when performing application
interface testing?

A.

Confirm that all platforms are supported and function properly

B.

Evaluate whether systems or components pass data and control correctly to one another

C.

Verify compatibility of software, hardware, and network connections

D.

Examine error conditions related to external interfaces to prevent application details leakage

Which of the following is the MOST common method of memory protection?

A.

Compartmentalization

B.

Segmentation

C.

Error correction

D.

Virtual Local Area Network (VLAN) tagging

Which of the following is the MOST effective practice in managing user accounts when an employee is terminated?

A.

Implement processes for automated removal of access for terminated employees.

B.

Delete employee network and system IDs upon termination.

C.

Manually remove terminated employee user-access to all systems and applications.

D.

Disable terminated employee network ID to remove all access.

An organization plan on purchasing a custom software product developed by a small vendor to support its
business model. Which unique consideration should be made part of the contractual
agreement potential long-term risks associated with creating this dependency?

A.

A source code escrow clause

B.

Right to request an independent review of the software source code

C.

Due diligence form requesting statements of compliance with security requirements

D.

Access to the technical documentation

Which of the following is the MOST appropriate action when reusing media that contains sensitive data?

A.

Erase

B.

Sanitize

C.

Encrypt

D.

Degauss

In a High Availability (HA) environment, what is the PRIMARY goal of working with a virtual
router address as the gateway to a network?

A.

The second of two routers can periodically check in to make sure that the first router is operational.

B.

The second of two routers can better absorb a Denial of Service (DoS) attack knowing the first router is present.

C.

The first of two routers fails and is reinstalled, while the second handles the traffic flawlessly.

D.

The first of two routers can better handle specific traffic, while the second handles the rest of the traffic seamlessly.

Who has the PRIMARY responsibility to ensure that security objectives are aligned with organization goals?

A.

Senior management

B.

Information security department

C.

Audit committee

D.

All users