The Actual Exam Version included actual exam questions verified by IT Experts. We verified questions and updated frequently each month and also based on members’ feedback to keep updating with the real exam. We are offering money back immediately if questions in our Actual Exam Version do not appear in your exam. Highly recommend you take the Actual Exam Version then go to the exam as soon as possible.
QUESTION NO: 121
Which of the following attributes could be used to describe a protection mechanism of an open design methodology?
A. It exposes the design to vulnerabilities and malicious attacks
B. It can facilitate independent confirmation of the design security
C. It can facilitate blackbox penetration testing
D. It must be tamperproof to protect it from malicious attacks
QUESTION NO: 122
What is the BEST approach for maintaining ethics when a security professional is unfamiliar with the culture of a country and is asked to perform a questionable task?
A. Exercise due diligence when deciding to circumvent host government requests
B. Become familiar with the means in which the code of ethics is applied and considered
C. Complete the assignment based on the customer’s wishes
D. Execute according to the professional’s comfort level with the code of ethics
QUESTION NO: 123
What does the term “100-year floodplain” mean to emergency preparedness officials?
A. The odds of a flood at this level are 1 in 100 in any given year
B. The area is expected to be safe from flooding for at least 100 years
C. The last flood of any kind to hit the area was more than 100 years ago
D. The odds are that the next significant flood will hit within the next 100 years
QUESTION NO: 124
Which one of the following documentation should be included in a Disaster Recovery (DR) package?
A. Source code, compiled code, firmware updates, operational log book and manuals
B. Data encrypted in original format, auditable transaction data, and recovery instructions tailored for future extraction on demand
C. Hardware configuration instructions, hardware configuration software, an operating system image, a data restoration option, media retrieval instructions, and contact information
D. System configuration including hardware, software hardware interfaces, software Application
Programming Interface (API) configuration, data structure, and transaction data from the previous period
QUESTION NO: 125
An organization is designing a large enterprise-wide document repository system. They plan to have several different classification level areas with increasing levels of controls. The BEST way to ensure document confidentiality in the repository is to:
A. encrypt the contents of the repository and document any exceptions to that requirement
B. utilize Intrusion Detection System (IDS) set drop connections if too many requests for documents are detected
C. keep individuals with access to high security areas from saving those documents into lower security areas
D. require individuals with access to the system to sign Non-Disclosure Agreements (NDA)
QUESTION NO: 126
Which of the following MUST be considered when developing business rules for a data loss prevention (DLP) solution?
A. Data availability
B. Data sensitivity
C. Data ownership
D. Data integrity
QUESTION NO: 127
Which of the following is an important requirement when designing a secure remote access system?
A. Configure a Demilitarized Zone (DMZ) to ensure that user and service traffic is separated
B. Provide privileged access rights to computer files and systems
C. Ensure that logging and audit controls are included
D. Reduce administrative overhead through password self service
QUESTION NO: 128
What is the FIRST step in establishing an information security program?
A. Identify critical security infrastructure
B. Establish baseline security controls
C. Establish an information security policy
D. Identify factors affecting information security
QUESTION NO: 129
What does the result of Cost-Benefit Analysis (CBA) on new security initiatives provide?
A. Quantifiable justification
B. Baseline improvement
C. Risk evaluation
D. Formalized acceptance
QUESTION NO: 130
In a large company, a system administrator needs to assign users access to files using Role
Based Access Control (RBAC). Which option is an example of RBAC?
A. Allowing users access to files based on their group membership
B. Allowing users access to files based on username
C. Allowing users access to files based on the users location at time of access
D. Allowing users access to files based on the file type
QUESTION NO: 131
Which of the following access control models is MOST restrictive?
A. Discretionary Access Control (DAC)
B. Mandatory Access Control (MAC)
C. Role Based Access Control (RBAC)
D. Rule based access control
QUESTION NO: 132
Which of the following is a security weakness in the evaluation of Common Criteria (CC) products?
A. The manufacturer can state what configuration of the product is to be evaluated
B. The product can be evaluated by labs in other countries
C. The Target of Evaluation’s (TOE) testing environment is identical to the operating environment
D. The evaluations are expensive and time-consuming to perform
QUESTION NO: 133
Which of the following is a canon of the (ISC)2 Code of Ethics?
A. Integrity first, association before self, and excellence in all we do
B. Perform all professional activities and duties in accordance with all applicable laws and the highest ethical standards
C. Provide diligent and competent service to principals
D. Cooperate with others in the interchange of knowledge and ideas for mutual security
QUESTION NO: 134
In the Common Criteria (CC) for Information Technology (IT) security evaluation, increasing
Evaluation Assurance Levels (EAL) results in which of the following?
A. Increase in evaluated systems
B. Increased interoperability
C. Increased functionality
D. Increase in resource requirement
QUESTION NO: 135
To control the scope of a Business Continuity Management (BCM) system, a security practitioner should identify which of the following?
A. Size, nature, and complexity of the organization
B. Business needs of the security organization
C. All possible risks
D. Adaptation model for future recovery planning
QUESTION NO: 136
When dealing with shared, privileged accounts, especially those for emergencies, what is the
BEST way to assure non-repudiation of logs?
A. Implement a password vaulting solution
B. Lock passwords in tamper proof envelopes in a safe
C. Regularly change the passwords
D. Implement a strict access control policy
QUESTION NO: 137
Which of the following is a characteristic of a challenge/response authentication process?
A. Using a password history blacklist
B. Requiring the use of non-consecutive numeric characters
C. Presenting distorted graphics of text for authentication
D. Transmitting a hash based on the user’s password
QUESTION NO: 138
Which of the following models uses unique groups contained in unique conflict classes?
A. Chinese Wall
QUESTION NO: 139
Which of the following threats exists with an implementation of digital signatures?
D. Content tampering
QUESTION NO: 140
Why should Open Web Application Security Project (OWASP) Application Security Verification
Standards (ASVS) Level 1 be considered a MINIMUM level of protection for any web application?
A. Most regulatory bodies consider ASVS Level 1 as a baseline set of controls for applications
B. Securing applications at ASVS Level 1 provides adequate protection for sensitive data
C. ASVS Level 1 ensures that applications are invulnerable to OWASP top 10 threats
D. Opportunistic attackers will look for any easily exploitable vulnerable applications
QUESTION NO: 141
The Structured Query Language (SQL) implements Discretionary Access Controls (DAC) using:
A. INSERT and DELETE
B. GRANT and REVOKE
C. PUBLIC and PRIVATE
D. ROLLBACK and TERMINATE
QUESTION NO: 142
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
QUESTION NO: 143
What is the PRIMARY purpose of auditing, as it relates to the security review cycle?
A. To ensure the organization’s controls and policies are working as intended
B. To ensure the organization can still be publicly traded
C. To ensure the organization’s executive team won’t be sued
D. To ensure the organization meets contractual requirements
Topic 4, Communication and Network Security
QUESTION NO: 144
What is the purpose of an Internet Protocol (IP) spoofing attack?
A. To send excessive amounts of data to a process, making it unpredictable
B. To intercept network traffic without authorization
C. To disguise the destination address from a target’s IP filtering devices
D. To convince a system that it is communicating with a known entity
QUESTION NO: 145
At what level of the Open System Interconnection (OSI) model is data at rest on a Storage Area
Network (SAN) located?
A. Link layer
B. Physical layer
C. Session layer
D. Application layer
QUESTION NO: 146
In a Transmission Control Protocol/Internet Protocol (TCP/IP) stack, which layer is responsible for negotiating and establishing a connection with another node?
A. Transport layer
B. Application layer
C. Network layer
D. Session layer
QUESTION NO: 147
Which of the following is used by the Point-to-Point Protocol (PPP) to determine packet formats?
A. Layer 2 Tunneling Protocol (L2TP)
B. Link Control Protocol (LCP)
C. Challenge Handshake Authentication Protocol (CHAP)
D. Packet Transfer Protocol (PTP)
QUESTION NO: 148
Which of the following operates at the Network Layer of the Open System Interconnection (OSI) model?
A. Packet filtering
B. Port services filtering
C. Content filtering
D. Application access control
QUESTION NO: 149
An external attacker has compromised an organization’s network security perimeter and installed a sniffer onto an inside computer. Which of the following is the MOST effective layer of security the organization could have implemented to mitigate the attacker’s ability to gain further information?
A. Implement packet filtering on the network firewalls
B. Install Host Based Intrusion Detection Systems (HIDS)
C. Require strong authentication for administrators
D. Implement logical network segmentation at the switches
QUESTION NO: 150
An input validation and exception handling vulnerability has been discovered on a critical web based system. Which of the following is MOST suited to quickly implement a control?
A. Add a new rule to the application layer firewall
B. Block access to the service
C. Install an Intrusion Detection System (IDS)
D. Patch the application source code
QUESTION NO: 151
Which of the following is the BEST network defense against unknown types of attacks or stealth attacks in progress?
A. Intrusion Prevention Systems (IPS)
B. Intrusion Detection Systems (IDS)
C. Stateful firewalls
D. Network Behavior Analysis (NBA) tools
QUESTION NO: 152
Which of the following factors contributes to the weakness of Wired Equivalent Privacy (WEP) protocol?
A. WEP uses a small range Initialization Vector (IV)
B. WEP uses Message Digest 5 (MD5)
C. WEP uses Diffie-Hellman
D. WEP does not use any Initialization Vector (IV)
QUESTION NO: 153
Which of the following is BEST achieved through the use of eXtensible Access Markup Language
A. Minimize malicious attacks from third parties
B. Manage resource privileges
C. Share digital identities in hybrid cloud
D. Define a standard protocol
QUESTION NO: 154
An organization has discovered that users are visiting unauthorized websites using anonymous proxies.
Which of the following is the BEST way to prevent future occurrences?
A. Remove the anonymity from the proxy
B. Analyze Internet Protocol (IP) traffic for proxy requests
C. Disable the proxy server on the firewall
D. Block the Internet Protocol (IP) address of known anonymous proxies
QUESTION NO: 155
A post-implementation review has identified that the Voice Over Internet Protocol (VoIP) system was designed to have gratuitous Address Resolution Protocol (ARP) disabled.
Why did the network architect likely design the VoIP system with gratuitous ARP disabled?
A. Gratuitous ARP requires the use of Virtual Local Area Network (VLAN) 1.
B. Gratuitous ARP requires the use of insecure layer 3 protocols.
C. Gratuitous ARP requires the likelihood of a successful brute-force attack on the phone.
D. Gratuitous ARP requires the risk of a Man-in-the-Middle (MITM) attack.
QUESTION NO: 156
Within the company, desktop clients receive Internet Protocol (IP) address over Dynamic Host
Configuration Protocol (DHCP).
Which of the following represents a valid measure to help protect the network against unauthorized access?
A. Implement path management
B. Implement port based security through 802.1x
C. Implement DHCP to assign IP address to server systems
D. Implement change management
QUESTION NO: 157
Transport Layer Security (TLS) provides which of the following capabilities for a remote access server?
A. Transport layer handshake compression
B. Application layer negotiation
C. Peer identity authentication
D. Digital certificate revocation
QUESTION NO: 158
A chemical plan wants to upgrade the Industrial Control System (ICS) to transmit data using Ethernet instead of RS422. The project manager wants to simplify administration and maintenance by utilizing the office network infrastructure and staff to implement this upgrade.
Which of the following is the GREATEST impact on security for the network?
A. The network administrators have no knowledge of ICS
B. The ICS is now accessible from the office network
C. The ICS does not support the office password policy
D. RS422 is more reliable than Ethernet
QUESTION NO: 159
What does a Synchronous (SYN) flood attack do?
A. Forces Transmission Control Protocol /Internet Protocol (TCP/IP) connections into a reset state
B. Establishes many new Transmission Control Protocol / Internet Protocol (TCP/IP) connections
C. Empties the queue of pending Transmission Control Protocol /Internet Protocol (TCP/IP) requests
D. Exceeds the limits for new Transmission Control Protocol /Internet Protocol (TCP/IP) connections
QUESTION NO: 160
Which of the following is considered best practice for preventing e-mail spoofing?
A. Cryptographic signature
B. Uniform Resource Locator (URL) filtering
C. Spam filtering
D. Reverse Domain Name Service (DNS) lookup
QUESTION NO: 161
A Denial of Service (DoS) attack on a syslog server exploits weakness in which of the following protocols?
A. Point-to-Point Protocol (PPP) and Internet Control Message Protocol (ICMP)
B. Transmission Control Protocol (TCP) and User Datagram Protocol (UDP)
C. Address Resolution Protocol (ARP) and Reverse Address Resolution Protocol (RARP)
D. Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
QUESTION NO: 162
In a High Availability (HA) environment, what is the PRIMARY goal of working with a virtual router address as the gateway to a network?
A. The second of two routers can periodically check in to make sure that the first router is operational.
B.The second of two routers can better absorb a Denial of Service (DoS) attack knowing the first router is present.
C. The first of two routers fails and is reinstalled, while the second handles the traffic flawlessly.
D. The first of two routers can better handle specific traffic, while the second handles the rest of the traffic seamlessly.
QUESTION NO: 163
How does Encapsulating Security Payload (ESP) in transport mode affect the Internet Protocol (IP)?
A. Authenticates the IP payload and selected portions of the IP header
B. Encrypts and optionally authenticates the complete IP packet
C. Encrypts and optionally authenticates the IP header, but not the IP payload
D. Encrypts and optionally authenticates the IP payload, but not the IP header
QUESTION NO: 164
A company receives an email threat informing of an Imminent Distributed Denial of Service (DDoS) attack targeting its web application, unless ransom is paid. Which of the following techniques BEST addresses that threat?
A. Deploying load balancers to distribute inbound traffic across multiple data centers
B. Set Up Web Application Firewalls (WAFs) to filter out malicious traffic
C. Implementing reverse web-proxies to validate each new inbound connection
D. Coordinate with and utilize capabilities within Internet Service Provider (ISP)
QUESTION NO: 165
The MAIN use of Layer 2 Tunneling Protocol (L2TP) is to tunnel data
A. through a firewall at the Session layer
B. through a firewall at the Transport layer
C. in the Point-to-Point Protocol (PPP)
D. in the Payload Compression Protocol (PCP)
QUESTION NO: 166
What protocol is often used between gateway hosts on the Internet?
A. Exterior Gateway Protocol (EGP)
B. Border Gateway Protocol (BGP)
C. Open Shortest Path First (OSPF)
D. Internet Control Message Protocol (ICMP)
QUESTION NO: 167
From a security perspective, which of the following is a best practice to configure a Domain Name Service (DNS) system?
A. Disable all recursive queries on the name servers
B. Limit zone transfers to authorized devices
C. Configure secondary servers to use the primary server as a zone forwarder
D. Block all Transmission Control Protocol (TCP) connections
QUESTION NO: 168
“Stateful” differs from “Static” packet filtering firewalls by being aware of which of the following?
A. Difference between a new and an established connection
B. Originating network location
C. Difference between a malicious and a benign packet payload
D. Originating application session
QUESTION NO: 169
Which of the following provides the MOST comprehensive filtering of Peer-to-Peer (P2P) traffic?
A. Application proxy
B. Port filter
C. Network boundary router
D. Access layer switch
QUESTION NO: 170
What can happen when an Intrusion Detection System (IDS) is installed inside a firewall-protected internal network?
A. The IDS can detect failed administrator logon attempts from servers.
B. The IDS can increase the number of packets to analyze.
C. The firewall can increase the number of packets to analyze.
D. The firewall can detect failed administrator login attempts from servers
QUESTION NO: 171
A security practitioner is tasked with securing the organization’s Wireless Access Points (WAP).
Which of these is the MOST effective way of restricting this environment to authorized users?
A. Enable Wi-Fi Protected Access 2 (WPA2) encryption on the wireless access point
B. Disable the broadcast of the Service Set Identifier (SSID) name
C. Change the name of the Service Set Identifier (SSID) to a random value not associated with the organization
D. Create Access Control Lists (ACL) based on Media Access Control (MAC) addresses
QUESTION NO: 172
Access to which of the following is required to validate web session management?
A. Log timestamp
B. Live session traffic
C. Session state variables
D. Test scripts
QUESTION NO: 173
Which of the following would an attacker BEST be able to accomplish through the use of Remote Access Tools (RAT)?
A. Reduce the probability of identification
B. Detect further compromise of the target
C. Destabilize the operation of the host
D. Maintain and expand control
QUESTION NO: 174
Digital certificates used in Transport Layer Security (TLS) support which of the following?
A. Information input validation
B. Non-repudiation controls and data encryption
C. Multi-Factor Authentication (MFA)
D. Server identity and data confidentiality
QUESTION NO: 175
During examination of Internet history records, the following string occurs within a Unique
Resource Locator (URL):
http://www.companysite.com/products/products.asp?productid=123 or 1=1
What type of attack does this indicate?
A. Directory traversal
B. Structured Query Language (SQL) injection
C. Cross-Site Scripting (XSS)
D. Shellcode injection
QUESTION NO: 176
Which testing method requires very limited or no information about the network infrastructure?
A. White box
C. Black box
QUESTION NO: 177
Which of the following will an organization’s network vulnerability testing process BEST enhance?
A. Firewall log review processes
B. Asset management procedures
C. Server hardening processes
D. Code review procedures
QUESTION NO: 178
Which of the following provides the MOST secure method for Network Access Control (NAC)?
A. Media Access Control (MAC) filtering
B. 802.1X authentication
C. Application layer filtering
D. Network Address Translation (NAT)
QUESTION NO: 179
Individual access to a network is BEST determined based on:
A. risk matrix
B. value of the data
C. business need
D. data classification
QUESTION NO: 180
A security professional should consider the protection of which of the following elements FIRST when developing a defense-in-depth strategy for a mobile workforce?
A. Network perimeters
B. Demilitarized Zones (DMZ)
C. Databases and back-end servers
D. End-user devices