Its About Company Quiz

236 Questions | Attempts: 196
Share
Quiz Flashcard
SettingsSettings
Please wait...
  • 1/236 Questions

    Due to compliance regulations, a company requires a yearly penetration test. The Chief Information Security Officer (CISO) has asked that it be done under a black box methodology.Which of the following would be the advantage of conducting this kind of penetration test?

    • The risk of unplanned seiver outages is reduced
    • Using documentation provided to them, the pen-test organization can quickly determine areas to focus on.
    • The results will show an in-depth view of the network and should help pin-point areas of internal weakness.
    • The results should reflect what attackers may be able to learn about the company.
Please wait...
About This Quiz

.

Its About Company Quiz - Quiz

Quiz Preview

  • 2. 

    A company has received the contract to begin developing a new suite of software tools to replace an aging collaboration solution. The original collaboration solution hasbeen in place for nine years, contains over a million lines of code, and took over two years to develop originally. The SDLC has been broken up into eight primary stages,with each stage requiring an in-depth risk analysis before moving on to the next phase. Which of the following software development methods is MOST applicable?

    • Spiral model

    • Incremental model

    • Waterfall model

    • Agile model

    Correct Answer
    A. Waterfall model
  • 3. 

    An information security assessor for an organization finished an assessment that identified critical issues with the human resource new employee management softwareapplication. The assessor submitted the report to senior management but nothing has happened. Which of the following would be a logical next step?

    • Meet the two key VPs and request a signature on the original assessment.

    • Include specific case studies from other organizations in an updated report.

    • Schedule a meeting with key human resource application stakeholders.

    • Craft an RFP to begin finding a new human resource application.

    Correct Answer
    A. Schedule a meeting with key human resource application stakeholders.
  • 4. 

    The Chief Information Security Officer (CISO) is asking for ways to protect against zero-day exploits. The CISO is concerned that an unrecognized threat could compromisecorporate data and result in regulatory fines as well as poor corporate publicity. The network is mostly flat, with split staff/guest wireless functionality. Which of thefollowing equipment MUST be deployed to guard against unknown threats?

    • Cloud-based ant ivirus solut ion, running as local admin. with push technology for definition updates.

    • Implementation of an offsite data center hosting all company data, as well as deployment of VOi for all client computing needs.

    • Host based heuristic IPS, segregated on a management VLAN, with direct control of the perimeter firewall ACLs.

    • Behavior based IPS with a communication lank to a cloud based vulnerabthty and threat feed

    Correct Answer
    A. Behavior based IPS with a communication lank to a cloud based vulnerabthty and threat feed
  • 5. 

    ABC Corporation has introduced token-based authentication to system administrators due to the risk of password compromise. The tokens have a set of HMAC counterbasedcodes and are valid until they are used. Which of the following types of authentication mechanisms does this statement describe?

    • TOTP

    • PAP

    • CHAP

    • HOTP

    Correct Answer
    A. HOTP
  • 6. 

    A bank has decided to outsource some existing IT functions and systems to a third party service provider. The third party service provider will manage the outsourcedsystems on their own premises and will continue to directly interface with the bank's other systems through dedicated encrypted links. Which of the following is critical toensure the successful management of system security concerns between the two organizat ions?

    • ISA

    • BIA

    • MOU

    • SOA

    • BPA

    Correct Answer
    A. ISA
  • 7. 

    It has come to the IT administrator's attention that the "post your comment" field on the company blog page has been exploited, resulting in cross-site scripting attacksagainst customers reading the blog. Which of the following would be the MOST effective at. preventing the "post your comment" field from being exploited?

    • Update the blog page to HTTPS

    • Filter metacharacters

    • Install HIDS on the server

    • Patch the web application

    • Perform client side input validation

    Correct Answer
    A. Filter metacharacters
  • 8. 

    The administrator is troubleshooting availability issues on an FCoE-based storage array that uses deduplication. The single controller in the storage array has failed, so theadministrator wants to move the drives to a storage array from a different manufacturer in order to access the data. Which of the following issues may potentially occur?

    • The data may not be in a usable format.

    • The new storage array is not FCoE based.

    • The data may need a file system check.

    • The new storage array also only has a single controller.

    Correct Answer
    A. The data may not be in a usable format.
  • 9. 

    The DLP solution has been showing some unidentified encrypted data being sent using FTP to a remote server. A vulnerability scan found .a collection of Linux servers thatare missing OS level patches. Upon further investigation, a technician notices that there are a few unidentified processes running on a number of the servers. What wouldbe a key FIRST step for the data security team to undertake at this point?

    • Capture process ID data and submit to anti-virus vendor for review.

    • Reboot the Linux servers, check running processes, and install needed patches.

    • Remove a single Linux server from production and place in quarantine.

    • Notify upper management of a security breach.

    • Conduct a bit level image, including RAM, of one or more of the Linux servers.

    Correct Answer
    A. Conduct a bit level image, including RAM, of one or more of the Linux servers.
  • 10. 

    A security manager has received the following email from the Chief Financial Officer (CFO):'While I am concerned about the security of the proprietary financial data in our ERP application, we have had a lot of turnover in the accounting group and I am having adifficult time meeting our monthly performance targets. As things currently stand, we do not allow employees to work from home but this is something I am willing to allowso we can get back on track. What should we do first to securely enable this capability for my group?" Based on the information provided, which of the following would bethe MOST appropriate response to the CFO?

    • Remote access to the ERP tool introduces additional security vulnerabilities and should not be allowed .

    • Allow VNC access to corporate desktops from personal computers for the users working from home.

    • Allow terminal services access from personal computers after the CFO provides a list of the users working from home.

    • Work with the executive management team to revise policies before allowing any remote access.

    Correct Answer
    A. Work with the executive management team to revise policies before allowing any remote access.
  • 11. 

    Company ABC is hiring customer service representatives from Company XYZ. The representatives reside at Company XYZ's headquarters. Which of the following BESTprevents Company XYZ representatives from gaining access to unauthorized Company ABC systems?

    • Require each Company XYZ employee to use an IPSec connection to the required systems

    • Require Company XYZ employees to establish an encrypted VDI session to the required systems

    • Require Company ABC employees to use two-factor authentication on the required systems

    • Require a site-to-site VPN for intercompany communications

    Correct Answer
    A. Require Company XYZ employees to establish an encrypted VDI session to the required systems
  • 12. 

    A human resources manager at a software development company has been tasked with recruiting personnel for a new cyber defense division in the company. This divisionwill require personnel to have high technology skills and industry certifications. Which of the following is the BEST method for this manager to gain insight into this industryto execute the task?

    • Interview candidates, attend training, and hire a staffing company that specializes in technology jobs

    • Interview employees and managers to discover the industry h ct topics and trends

    • Attend meetings with staff, internal training, and become certified in software management

    • Attend conferences, webinars, and training to remain current with the industry and job requirements

    Correct Answer
    A. Attend conferences, webinars, and training to remain current with the industry and job requirements
  • 13. 

    The Chief Executive Officer (CEO) of a small start-up company wants to set up offices around the country for the sales staff to generate business. The company needs aneffective communication solution to remain in constant contact with each other, while maintaining a secure business environment. A junior-level administrator suggests thatthe company and the sales staff stay connected via free social media. Which of the following decisions is BEST for the CEO to make?

    • Social media is an effective solution because it is easily adaptable to new situations.

    • Social media is an ineffective solution because the policy may not align with the business.

    • Social media is an effective solution because it implements SSL encryption.

    • Social media is an ineffective solution because it is not primarily intended for business applications.

    Correct Answer
    A. Social media is an ineffective solution because the policy may not align with the business.
  • 14. 

    A security administrator is tasked with increasing the availability of the storage networks while enhancing the performance of existing applications. Which of the followingtechnologies should the administrator implement to meet these goals? (Select TWO).

    • LUN masking

    • Snapshots

    • VSAN

    • Dynamic disk pools

    • Multipath

    • Deduplication

    Correct Answer(s)
    A. Dynamic disk pools
    A. Multipath
  • 15. 

    A company Chief Information Officer (CIO) is unsure which set of standards should govern the company's IT policy. The CIO has hired consultants to develop use cases totest against various government and industry security standards. The CIO is convinced that there is large overlap between the configuration checks and security controlsgoverning each set of standards. Which of the following selections represent the BEST option for the CIO?

    • Issue a RFQ for vendors to quote a complete vulnerability and risk management solution to the company.

    • Issue a policy that requires only the most stringent security standards be implemented throughout the company

    • Issue a policy specifying best practice security standards and a baseline to be implemented across the company.

    • Issue a RFI for vendors to determine which set of security standards i s best for the company

    Correct Answer
    A. Issue a policy specifying best practice security standards and a baseline to be implemented across the company.
  • 16. 

    A penetration tester is assessing a mobile banking application. Man-in-the-middle attempts via a HTTP intercepting proxy are failing with SSL errors. Which of the followingcontrols has likely been implemented by the developers?

    • SSL certificate revocation

    • SSL certificate pinning

    • Mobile device root-kit detection

    • Extended Validation certificates

    Correct Answer
    A. SSL certificate pinning
  • 17. 

    The risk manager at a small bank wants to use quantitative analysis to determine the ALE of running a business system at a location which is subject to fires during theyear. A risk analyst reports to the risk manager that the asset value of the business system is $120,000 and. based on industry data, the exposure factor to fires is only20% due to the fire suppression system installed at the site. Fires occur in the area on average every four years. Which of the following is the ALE?

    • $6,000

    • $24,000

    • $30,000

    • $96,000

    Correct Answer
    A. $6,000
  • 18. 

    An information security assessor for an organization finished an assessment that identified critical issues with the human resource new employee management softwareapplication. The assessor submitted the report to senior management but nothing has happened. Which of the following would be a logical next step?

    • Meet the two key VPs and request a signature on the original assessment.

    • Include specific case studies from other organizations in an updated report.

    • Schedule a meeting with key human resource application stakeholders.

    • Craft an RFP to begin finding a new human resource application.

    Correct Answer
    A. Schedule a meeting with key human resource application stakeholders.
  • 19. 

    A system worth $100,000 has an exposure factor of eight percent and an ARO of four. Which of the following figures is the system's SLE?

    • $2,000

    • $8,000

    • $12,000

    • $32,000

    Correct Answer
    A. $8,000
  • 20. 

    The helpdesk manager wants to find a solution that will enable the helpdesk staff to better serve company employees who call with computer-related problems. Thehelpdesk staff is currently unable to perform effective troubleshooting and relies on callers to describe their technology problems. Given that the helpdesk staff is locatedwithin the company headquarters and 90% of the callers are telecommuters, which of the· following tools should the helpdesk manager use to make the staff more effectiveat troubleshooting while at the same time reducing company costs? (Select TWO).

    • Web cameras

    • Email

    • Instant messaging

    • BYOD

    • Desktop sharing

    • Presence

    Correct Answer(s)
    A. Instant messaging
    A. Desktop sharing
  • 21. 

    The helpdesk department desires to roll out a remote support application for internal use on all company computers. This tool should allow remote desktop sharing, systemlog gathering, chat, hardware logging, inventory management, and remote registry access. The risk management team has been asked to review vendor responses to theRFQ. Which of the following questions is the MOST important?

    • What are the protections against MITM?

    • What accountability is built into the remote support application?

    • What encryption standards are used in tracking database?

    • What snapshot or "undo" features are present in the application?

    • What encryption standa1ds are used in remote desktop and file transfer functionality?

    Correct Answer
    A. What accountability is built into the remote support application?
  • 22. 

    An IT manager is concerned about the cost of implementing a web filtering solution in an effort to mitigate the risks associated with malware and resulting data leakage .Given that the ARO is twice per year, the ALE resulting from a data leak is $25,000 and the ALE after implementing the web filter is $15,000. The web filtering solution willcost the· organization $10,000 per year. Which of the following values is the single loss expectancy of a data leakage event after implementing the web filtering solution?

    • $0

    • $7,500

    • $10,000

    • $12,500

    • $15,000

    Correct Answer
    A. $7,500
  • 23. 

    A company is trying to decide how to manage hosts in a branch location connected via a slow WAN link. The company desires to provide the same level of performanceand functionality to the branch office as it provides to the main campus. The company uses Active Directory for its directory service and host configuration management.The branch location does not have a datacenter, and the physical security posture of the building is weak. Which of the following designs is MOST appropriate for thisscenario?

    • Deploy a branch location Read-Only Domain Controller in the DMZ at the main campus with a two-way trust.

    • Deploy a corporate Read-Only Domain Controller to the branch location.

    • Deploy a corporate Domain Controller in the DMZ at the maim campus.

    • Deploy a branch location Read-Only Domain Controller to the branch office location with a one-way trust.

    • Deploy a corporate Domain Controller to the branch location.

    • Deploy a branch location Domain Controller to the branch location with a one-way trust.

    Correct Answer
    A. Deploy a corporate Read-Only Domain Controller to the branch location.
  • 24. 

    The Information Security Officer (ISO) believes that the company has been targeted by cybercriminals and it is under a cyber attack. Internal services that are normallyavailable to the public via the Internet are inaccessible, and employees in the office are unable to browse the Internet. The senior security engineer starts by reviewing thebandwidth at the border router, and notices that the incoming bandwidth on the route(s external interface is maxed out. The security engineer then inspects the followingpiece of log to try and determine the reason for the downtime, focusing on the company's external routers IP which is 128.20.176.19:11:16:22.110343 IP 90237.31.27.19 > 128.20.176.19.19: UDP, length 140011:16:22.110351IP23.27. 112.200.19 > 128.20.176.19.19: UDP, length 140011:16:22.110358 IP 192.200.132.213.19 > 128.20.176.19.19: UDP, length 140011:16:22. 110402 IP 70.192.2.55.19 > 128.20.176.19.19: UDP, length 140011:16:22.110406 IP 112.201.7.39.19 > 128.20.176.19.19: UDP, length 1400Which of the following describes the findings the senior security engineer should report to the ISO and the BEST solution for service restoration?

    • After the senior engineer used a network analyzer to identify an active Fraggle attack, the company's ISP should be contacted and instructed to block the malicious packets packets.

    • After the senior engineer used the above IPS logs to detect the ongoing DDOS attack, an IPS filter should be enabled to block the attack and restore communication.

    • After the senior engineer used a mirror port to capture the ongoing amplification attack. a BGP sinkhole should be configured to drop traffic at the source networks

    • After the senior engineer used a packet capture to identify an active Smurf attack, an ACL should be placed on the company's external router to block incoming UDP port 19 traffic.

    Correct Answer
    A. After the senior engineer used a network analyzer to identify an active Fraggle attack, the company's ISP should be contacted and instructed to block the malicious packets packets.
  • 25. 

    A multi-national company has a highly mobile workforce and minimal IT infrastructure. The company utilizes a BYOD and social media policy to integrate presencetechnology into global collaboration tools by individuals and teams. As a result of the dispersed employees and frequent international travel, the company is concernedabout the safety of employees and their families when moving in and out of certain countries. Which of the following could the company view as a downside of usingpresence technology?

    • Insider threat

    • Network reconnaissance

    • Physical security

    • Industrial espionage

    Correct Answer
    A. Physical security
  • 26. 

    The helpdesk is receiving multiple calls about slow and intermittent Internet access from the finance department. The following information is compiled:Caller 1, IP 172.16.35.217, NETMASK 255.255.254.0Caller 2, IP 172.16.35.53, NETMASK 255.255.254.0Caller 3, IP 172.16.35.173, NETMASK 255.255.254.0All callers are connected to the same switch and are routed by a router with five built~n interfaces. The upstream router interface's MAC is 00-01-42-32·ab-1aA packet capture shows the following:09:05:15.934840 arp reply 172.16.34.1 is-at 00:01:42:32:ab:1a (00:01:42:32:ab:1a)09:06:16.124850 arp reply 172.16.34.1 is-at 00:01:42:32:ab: 1a (00:01:42:32:ab:1a)09:07:25.439811 arp reply 172.16.34.1 is-at 00:01:42:32:ab:1a (00:01:42:32:ab:1a)09:08:10.937590 IP172.16.35.1 > 172.16.35.255: ICMP echo request, id 2305, seq 1, length 6553409:08:10.937591 IP 172.16.35.1 > 172.16.35.255: ICMP echo request, id 2306, seq 2, length 6553409:08:10.937592 IP172.16.35.1 > 172.16.35.255: ICMP echo request, id 2307, seq 3, length 65534Which of the following is occurring on the network?

    • A man-in-the-middle attack is underway on the network

    • An ARP flood attack is targeting at the router.

    • The default gateway is being spoofed on the network.

    • A denial of service attack is targeting at the router.

    Correct Answer
    A. A denial of service attack is targeting at the router.
  • 27. 

    A security administrator is performing VDI traffic data collection on a virtual server which migrates from one host to another. While reviewing the data collected by theprotocol analyzer, the security administrator notices that sensitive data is present in the packet capture. Which of the following should the security administratorrecommend to ensure the confidentiality of sensitive information during live VM migration, while minimizing latency issues?

    • A separate physical interface placed on a private VLAN should be configured for live host operations.

    • Database record encryption should be used when storing sensitive information on virtual servers.

    • Full disk encryption should be enabled across the enterprise to ensure the confidentiality of sensitive data.

    • Sensitive data should be stored on a backend SAN which uses an isolated fiber channel network.

    Correct Answer
    A. A separate physical interface placed on a private VLAN should be configured for live host operations.
  • 28. 

    Which of the following activities is commonly deemed "OUT OF SCOPE" when undertaking a penetration test?

    • Test password complexity of all login fields and input validation of form fields

    • Reverse engineering any thick client software that has been provided for the test

    • Undertaking network-based denial of service attacks in production environment

    • Attempting to perform blind SOL injection and reflected cross-site scripting attacks

    • Running a vulnerability scanning tool to assess network and host weaknesses

    Correct Answer
    A. Undertaking network-based denial of service attacks in production environment
  • 29. 

    A security auditor suspects two employees of having devised a scheme to steal money from the company. While one employee submits purchase orders for personalitems, the other employee approves these purchase orders. The auditor has contacted the human resources director with suggestions on how to detect such illegalactivities. Which of the following should the human resource director implement to identify the employees involved in these activities and reduce the risk of this activityoccurring in the future?

    • Background checks

    • Job rotation

    • Least privilege

    • Employee termination procedures

    Correct Answer
    A. Job rotation
  • 30. 

    A member of the software development team has requested advice from the security team to implement a new secure lab for testing malware. Which of the following is theNEXT step that the security team should take?

    • Purchase new hardware to keep the malware isolated.

    • Develop a policy to outline what will be required in the secure lab

    • Construct a series of VMs to host the malware environment.

    • Create a proposal and present it to management for approval.

    Correct Answer
    A. Create a proposal and present it to management for approval.
  • 31. 

    A pentester must attempt to crack passwords on a windows domain that enforces strong complex passwords. Which of the following would crack the MOST passwords inthe shortest time period?

    • Online password testing

    • Rainbow tables attack

    • Dictionary attack

    • Brute force attack

    Correct Answer
    A. Rainbow tables attack
  • 32. 

    VPN users cannot access the active FTP server through the router but can access any server in the data center.Additional network information:DMZ network 192.168.5.0/24 (FTP server is 192.168.5. 11) VPN network 192.168.1.0/24Datacenter 192.168.2.0/24User network - 192.168.3.0/24HR network 192.168.4 .0/24\Traffic shaper configuration:VLAN Bandwidth Limit (Mbps)VPN 50User 175HR 250Finance 250Guest 0Router ACL:Action Source DestinationPermit 192.168.1.0/24 192.168.2.0/24Permit 192.168.1.0/24 192.168.3.0/24Permit 192.168.1.0/24 192.168.5.0/24Permit 192.168.2.0/24 192.168.1.0/24Permit 192.168.3.0/24 192.168.1.0/24Permit 192.168.5.1/32 192.168.1.0/24Deny 192.168.4 .0/24 192.168.1.0/24Deny 192.168.1.0/24 192.168.4 .0/24Deny any anyWhich of the following solutions would allow the users to access the active FTP server?

    • Add a permit statement to allow traffic from 192.168.5.0/24 to the VPN network

    • Add a permit statement to allow traffic to 192.168.5.1 from the VPN network

    • IPS is blocking traffic and needs to be reconfigured

    • Configure the traffic shaper to limit DMZ traffic

    • Increase bandwidth limit on the VPN network

    Correct Answer
    A. Add a permit statement to allow traffic from 192.168.5.0/24 to the VPN network
  • 33. 

    Ann, a systems engineer, is working to identify an unknown node on the corporate network. To begin her investigative work, she runs the following nmap command string:user@hostname:-$ sudo nmap 0 192.168.1.54Based on the output, nmap is unable to identify the OS running on the node, but the following ports are open on the device:TCP/22TCP/ 111TCP/512-514TCP/2049TCP/32778Based on this information, which of the following operating systems is MOST likely running on the unknown node?

    • Linux

    • Windows

    • Solaris

    • OSX

    Correct Answer
    A. Solaris
  • 34. 

    Executive management is asking for a new manufacturing control and workflow automation solution. This application will facilitate management of proprietary informationand closely guarded corporate trade secrets.The information security team has been a part of the department meetings and come away with the following notes:-Human resources would like complete access to employee data stored in the application. They would like automated data interchange with the employee managementapplication, a cloud- based Saas application.-Sales is asking for easy order tracking to facilitate feedback to customers. -Legal is asking for adequate safeguards to protect trade secrets. They are also concerned withdata ownership questions and legal jurisdiction.-Manufacturing is asking for ease of use. Employees working the assembly line cannot be bothered with additional steps or overhead. System interaction needs to bequick and easy. -Quality assurance is concerned about managing the end product and tracking overall performance of the product being produced. They would like read-onlyaccess to the entire workflow process for monitoring and baselining.The favored solution is a user friendly software application that would be hosted onsite. It has extensive ACL functionality, but also has readily available APls forextensibility. It supports read-only access, kiosk automation, custom fields, and data encryption.Which of the following departments' request is in contrast to the favored solution?

    • Manufacturing

    • Legal

    • Sales

    • Quality assurance

    • Human resources

    Correct Answer
    A. Human resources
  • 35. 

    A company sales manager received a memo from the company's financial department which stated that the company would not be putting its software products throughthe same security testing as previous years to reduce the research and development cost by 20 percent for the upcoming year. The memo also stated that the marketingmaterial and service level agreement for each product would remain unchanged. The sales manager has reviewed the sales goals for the upcoming year and identified anincreased target across the software products that will be affected by the financial department's change. All software products will continue to go through new developmentin the coming year. Which oft.he following should the sales manager do to ensure the company stays out of trouble?

    • Discuss the issue with the software product's user groups

    • Consult the company's legal department on practices and law

    • Contact senior finance management and provide background information

    • Seek industry outreach for software practices and law

    Correct Answer
    A. Consult the company's legal department on practices and law
  • 36. 

    A firm's Chief Executive Officer (CEO) is concerned that IT staff lacks the knowledge to identify complex vulnerabilities that may exist in a payment system being internallydeveloped . The payment system being developed will be sold to a number of organizations and is in direct competition with another leading product. The CEO highlighted that code base confidentiality is of critical importance to allow the company to exceed the competition in terms of the product's reliability, stability , and performance.Which of the following would provide the MOST thorough testing and satisfy the CE O's requirements?

    • Sign a MOU with a marketing firm to preserve the company reputation and use in-house resources for random testing.

    • Sign a SPA with a small software consulting firm and use the firm to perform Black box testing and address all findings.

    • Sign a NDA with a large security consulting firm and use the firm to perform Grey box testing and address all findings.

    • Use the most qualified and senior developers on the project to perform a variety of White box testing and code reviews.

    Correct Answer
    A. Sign a NDA with a large security consulting firm and use the firm to perform Grey box testing and address all findings.
  • 37. 

    Company XYZ provides hosting services for hundreds of companies across multiple industries including healthcare, education, and manufacturing. The security architect forcompany XYZ is reviewing a vendor proposal to reduce company XYZ's hardware costs by combining multiple physical hosts through the use of virtualization technologies.The security architect notes concerns about data separation, confidentiality, regulatory requirements concerning Pll, and administrative complexity on the proposal. Whichof the following BEST describes the core concerns of the security architect?

    • Most of company XYZ's customers are willing to accept the risks of unauthorized disclosure and access to information by outside users.

    • The availability requirements in SLAs with each hosted customer would have to be re-written to account for the transfer of virtual machines between physical platforms for regular maintenance.

    • Company XYZ could be liable for disclosure of sensitive data from one hosted customer when accessed by a malicious user who has gained access to the virtual machine of another hosted customer.

    • Not all of company XYZs customers require the same level of security and the administrative complexity of maintaining multiple security postures on a single hypervisor negates hardware cost savings.

    Correct Answer
    A. Company XYZ could be liable for disclosure of sensitive data from one hosted customer when accessed by a malicious user who has gained access to the virtual machine of another hosted customer.
  • 38. 

    The Information Security Officer (ISO) is reviewing a summary of the findings from the last COOP tabletop exercise. The Chief Information Officer (CIO) wants to determinewhich additional controls must be implemented to reduce the risk of an extended customer service outage due to the VoIP system being unavailable. Which of the followingBEST describes the scenario presented and the document the ISO is reviewing?

    • The ISO is evaluating the business implications of a recent telephone system failure within the BIA.

    • The ISO is investigating the impact of a possible downtime of the messaging system within the RA.

    • The ISO is calculating the budget adjustment needed to ensure audio/video system redundancy within the RFQ.

    • The ISO is assessing the effect of a simulated downtime involving the telecommunication system within the AAR.

    Correct Answer
    A. The ISO is assessing the effect of a simulated downtime involving the telecommunication system within the AAR.
  • 39. 

    An administrator believes that the web servers are being flooded with excessive traffic from time to time. The administrator suspects that these traffic floods correspond towhen a competitor makes major announcements. Which of the following should the administrator do to prove this theory?

    • Implement data analytics to try and correlate the occurrence times.

    • Implement a honey pot to capture traffic during the next attack.

    • Configure the servers for high availability to handle the addition al bandwidth.

    • Log all traffic coming from the competitor's public IP addresses.

    Correct Answer
    A. Implement data analytics to try and correlate the occurrence times.
  • 40. 

    Select id, firstname, lastname from authorsUser input= firstname= Hack;manlastname=JohnsonWhich of the following types of attacks is the user attempting?

    • XML injection

    • Command injection

    • Cross-site scripting

    • SQL injection

    Correct Answer
    A. SQL injection
  • 41. 

    A company provides on-demand cloud computing resources for a sensitive project. The company implements a fully virtualized datacenter and terminal server access withtwo-factor authentication for customer access to the administrative website. The security administrator at the company has uncovered a breach in data confidentiality.Sensitive data from customer A was found on a hidden directory within the VM of company B. Company B is not in the same industry as company A and the two are notcompetitors. Which of the following has MOST likely occurred?

    • Both VMs were left unsecured and an attacker was able to exploit network vulnerabilities to access each and move the data.

    • A stolen two factor token was used to move data from one virtual guest to another host on the same network segment.

    • A hypervisor server was left un-patched and an attacker was able to use a resource exhaustion attack to gain unauthorized access.

    • An employee with administrative access t o the virtual guests was able to dump the guest memory onto a mapped disk.

    Correct Answer
    A. Both VMs were left unsecured and an attacker was able to exploit network vulnerabilities to access each and move the data.
  • 42. 

    A company has received the contract to begin developing a new suite of software tools to replace an aging collaboration solution. The original collaboration solution hasbeen in place for nine years, contains over a million lines of code, and took over two years to develop originally. The SDLC has been broken up into eight primary stages,with each stage requiring an in-depth risk .analysis before moving on to the next phase. Which of the following software development methods is MOST applicable?

    • Spiral model

    • Incremental model

    • Waterfall model

    • Agile model

    Correct Answer
    A. Waterfall model
  • 43. 

    A security administrator was recently hired in a start -up company to represent the interest of security and to assist the network team in improving security in the company.The programmers are not on good terms with the security team and do not want to be distracted with security issues while they are working on a major project. Which ofthe following is the BEST time to make them address security issues in the project?

    • In the middle of the project

    • At the end of the project

    • At the inception of the project

    • At the time they request

    Correct Answer
    A. At the inception of the project
  • 44. 

    During a new desktop refresh, all hosts are hardened at the OS level before deployment to comply with policy. Six months later, the company is audited for compliance toregulations. The audit discovers that 40 percent of the desktops do not meet requirements. Which of the following is the MOST likely cause of the noncompliance?

    • The devices are being modified and settings are being overridden in production.

    • The patch management system is causing the devices to be noncompliant after issuing the latest patches.

    • The desktop applications were configured with the default username and password.

    • 40 percent of the devices use full disk encryption.

    Correct Answer
    A. The devices are being modified and settings are being overridden in production.
  • 45. 

    An administrator wishes to replace a legacy clinical software product as it has become a security risk. The legacy product generates $10,000 in revenue a month. The newsoftware product has an initial cost of $180,000 and a yearly maintenance of $2,000 after the first year. However, it will generate $15,000 in revenue per month and be moresecure. How many years until there is a return on investment for this new package?

    • 1

    • 2

    • 3

    • 4

    Correct Answer
    A. 4
  • 46. 

    Which of the following technologies prevents an unauthorized HBA from viewing iSCSI target information?

    • Deduplication

    • Data snapshots

    • LUN masking

    • Storage multipaths

    Correct Answer
    A. LUN masking
  • 47. 

    A company has a difficult time communicating between the security engineers, application developers, and sales staff. The sales staff tends to overpromise the applicationdeliverables. The security engineers and application developers are falling behind schedule. Which of the following should be done to solve this?

    • Allow the sales staff to shadow the developers and engineers to see how their sales impact the deliverables.

    • Allow the security engineering team to do application development so they understand why rt takes so long.

    • Allow the application developers to attend a sales conference so they understand how business is done.

    • Allow the sales staff to learn application programming and security engineering so they understand the whole lifecycle.

    Correct Answer
    A. Allow the sales staff to shadow the developers and engineers to see how their sales impact the deliverables.
  • 48. 

    A trucking company delivers products all over the country. The executives at the company would like to have better insight into the location of their drivers to ensure theshipments are following secure routes. Which of the following would BEST help the executives meet this goal?

    • Install GSM tracking on each product for end-to-end delivery visibility.

    • Implement geo-fencing to track products.

    • Require drivers to geo-tag documentation at each delivery location.

    • Equip each truck with an RFID tag for location seMces.

    Correct Answer
    A. Implement geo-fencing to track products.
  • 49. 

    Since the implementation of IPv6 on the company network, the security administrator has been unable to identify the users associated with certain devices utilizing IPv6addresses, even when the devices are centrally managed.en1: flags=8863<UP,BROAOCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500 ether 18: 1e:af:ab: 10:a3inet6 fw80::fa1e :dfff:fee6:9d8%en1 prefixlen 64 scopeid Ox5 inet 192.168.1.14 netmask OxffffffOO broadcast 192.168.1.255 inet6 2001:200:5:922:1035:dfff:fee6:9dfe prefixlen64 autoconf inet6 2001:200:5:922:10ab:5e21:aa9a:6393 prefixlen 64 autoconf temporary nd6 options=1<PERFORMNUD>media: autoselectstatus: .activeGiven this output, which of the following protocols is in use by the company and w'hat can the system administrator do to positively map users with 1Pv6 addresses in thefuture? (Select TWO).

    • The devices use EUl-64 format

    • The routers implement NDP

    • The network implements 6to4 tunneling

    • The router IPv6 advertisement has been disabled

    • The administrator must disable IPv6 tunneling

    • The administrator must disable the mobile IPv6 router flag

    • The administrator must disable the IPv6 privacy extensions

    • The administrator must disable OHCPv6 option code 1

    Correct Answer(s)
    A. The routers implement NDP
    A. The administrator must disable the IPv6 privacy extensions

Quiz Review Timeline (Updated): Mar 20, 2022 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 20, 2022
    Quiz Edited by
    ProProfs Editorial Team
  • Sep 06, 2016
    Quiz Created by
    Catherine Halcomb
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.