Quix14 - 125Q

What type of access control is intended to discover unwanted or
unauthorized activity by providing information after the event has
occurred?

Which one of the following presents the most complex decoy
environment for an attacker to explore during an intrusion attempt?

Ed is tasked with protecting information about his organization’s
customers, including their name, Social Security number, birthdate,
and place of birth, as well as a variety of other information. What is
this information known as?

Encapsulation is the core concept that enables what type of protocol?

Which one of the following is not a key principle of the COBIT
framework for IT security control objectives?

Roscommon Enterprises is an Irish company that handles personal
information. They exchange information with many other countries.
Which of the following countries would trigger the onward transfer
provisions of the EU-U.S. Privacy Shield?

Susan provides a public RESTful API for her organization’s data but
wants to limit its use to trusted partners. She intends to use API keys.
What other recommendation would you give Susan to limit the
potential abuse of the service?

NIST Special Publication 800-53A describes four types of objects that
can be assessed. If Ben is reviewing a password standard, which of the
four types of objects is he assessing?

What process is typically used to ensure data security for workstations
that are being removed from service but that will be resold or
otherwise reused?

Colleen is conducting a software test that is evaluating code for both
security flaws and usability issues. She is working with the application
from an end-user perspective and referencing the source code as she
works her way through the product. What type of testing is Colleen
conducting?

Harold is looking for a software development methodology that will
help with a major issue he is seeing in his organization. Currently,
developers and operations staff do not work together and are often
seen as taking problems and “throwing them over the fence” to the
other team. What technology management approach is designed to
alleviate this problem?

NIST Special Publication 800-92, the Guide to Computer Security Log
Management, describes four types of common challenges to log
management:
Many log sources
Inconsistent log content
Inconsistent timestamps
Inconsistent log formats
Which of the following solutions is best suited to solving these issues?

Mike has a flash memory card that he would like to reuse. The card
contains sensitive information. What technique can he use to securely
remove data from the card and allow its reuse?

Carlos is investigating the compromise of sensitive information in his
organization. He believes that attackers managed to retrieve personnel
information on all employees from the database and finds the
following user-supplied input in a log entry for a web-based personnel
management system:
Collins’&1=1;––
What type of attack took place?

Which one of the following is a detailed, step-by-step document that
describes the exact actions that individuals must complete?

What principle of relational databases ensures the permanency of
transactions that have successfully completed?

Bryan has a set of sensitive documents that he would like to protect
from public disclosure. He would like to use a control that, if the
documents appear in a public forum, may be used to trace the leak
back to the person who was originally given the document copy. What security control would best fulfill this purpose?

Carlos is planning a design for a data center that will be constructed
within a new four-story corporate headquarters. The building consists of a basement and three above-ground floors. What is the best location
for the data center?

Chris is an information security professional for a major corporation
and, as he is walking into the building, he notices that the door to a
secure area has been left ajar. Physical security does not fall under his responsibility, but he takes immediate action by closing the door and informing the physical security team of his action. What principle is Chris demonstrating?

Which one of the following investigation types always uses the
beyond-a-reasonable-doubt standard of proof?

Which one of the following backup types does not alter the status of
the archive bit on a file?

What type of alternate processing facility contains the hardware
necessary to restore operations but does not have a current copy of
data?

Which one of the following terms describes a period of momentary
high voltage?

A web application accesses information in a database to retrieve user
information. What is the web application acting as?

The Open Shortest Path First (OSPF) protocol is a routing protocol
that keeps a map of all connected remote networks and uses that map to select the shortest path to a remote destination. What type of
routing protocol is OSPF?

Which one of the following categories consists of first-generation
programming languages?

Concho Controls is a midsized business focusing on building
automation systems. They host a set of local file servers in their onpremises
data center that store customer proposals, building plans,
product information, and other data that is critical to their
business operations.
Tara works in the Concho Controls IT department and is
responsible for designing and implementing the organization’s
backup strategy, among other tasks. She currently conducts full
backups every Sunday evening at 8 p.m. and differential backups
on Monday through Friday at noon.
Concho experiences a server failure at 3 p.m. on Wednesday. Tara
rebuilds the server and wants to restore data from the backups.

What backup should Tara apply to the server first?

Concho Controls is a midsized business focusing on building
automation systems. They host a set of local file servers in their onpremises
data center that store customer proposals, building plans,
product information, and other data that is critical to their
business operations.
Tara works in the Concho Controls IT department and is
responsible for designing and implementing the organization’s
backup strategy, among other tasks. She currently conducts full
backups every Sunday evening at 8 p.m. and differential backups
on Monday through Friday at noon.
Concho experiences a server failure at 3 p.m. on Wednesday. Tara
rebuilds the server and wants to restore data from the backups.

How many backups in total must Tara apply to the system to make the data it contains as current as possible?

Concho Controls is a midsized business focusing on building
automation systems. They host a set of local file servers in their onpremises
data center that store customer proposals, building plans,
product information, and other data that is critical to their
business operations.
Tara works in the Concho Controls IT department and is
responsible for designing and implementing the organization’s
backup strategy, among other tasks. She currently conducts full
backups every Sunday evening at 8 p.m. and differential backups
on Monday through Friday at noon.
Concho experiences a server failure at 3 p.m. on Wednesday. Tara
rebuilds the server and wants to restore data from the backups.

In this backup approach, some data may be irretrievably lost. How
long is the time period where any changes made will have been lost?

Concho Controls is a midsized business focusing on building
automation systems. They host a set of local file servers in their onpremises
data center that store customer proposals, building plans,
product information, and other data that is critical to their
business operations.
Tara works in the Concho Controls IT department and is
responsible for designing and implementing the organization’s
backup strategy, among other tasks. She currently conducts full
backups every Sunday evening at 8 p.m. and differential backups
on Monday through Friday at noon.
Concho experiences a server failure at 3 p.m. on Wednesday. Tara
rebuilds the server and wants to restore data from the backups.

If Tara followed the same schedule but switched the differential
backups to incremental backups, how many backups in total would
she need to apply to the system to make the data it contains as current as possible?

Concho Controls is a midsized business focusing on building
automation systems. They host a set of local file servers in their onpremises
data center that store customer proposals, building plans,
product information, and other data that is critical to their
business operations.
Tara works in the Concho Controls IT department and is
responsible for designing and implementing the organization’s
backup strategy, among other tasks. She currently conducts full
backups every Sunday evening at 8 p.m. and differential backups
on Monday through Friday at noon.
Concho experiences a server failure at 3 p.m. on Wednesday. Tara
rebuilds the server and wants to restore data from the backups.

If Tara made the change from differential to incremental backups and
we assume that the same amount of information changes each day,
which one of the following files would be the largest?

Susan is conducting a STRIDE threat assessment by placing threats
into one or more of the following categories: Spoofing, Tampering,
Repudiation, Information Disclosure, Denial of Service, and Elevation
of Privilege. As part of her assessment, she has discovered an issue
that allows transactions to be modified between a web browser and the application server that it accesses. What STRIDE categorization(s)
best fit this issue?

Bob has been tasked with writing a policy that describes how long data
should be kept and when it should be purged. What concept does this
policy deal with?

Which component of IPsec provides authentication, integrity, and
nonrepudiation?

Renee notices that a system on her network recently received
connection attempts on all 65,536 TCP ports from a single system
during a short period of time. What type of attack did Renee most
likely experience?

What type of Windows audit record describes events like an OS
shutdown or a service being stopped?

What level of RAID is also known as disk striping?

Jacob executes an attack against a system using a valid but lowprivilege user account by accessing a file pointer that the account has access to. After the access check, but before the file is opened, he
quickly switches the file pointer to point to a file that the user account
does not have access to. What type of attack is this?

What is the minimum number of disks required to implement RAID
level 0?

Fred’s company wants to ensure the integrity of email messages sent
via their central email servers. If the confidentiality of the messages is
not critical, what solution should Fred suggest?

The leadership at Susan’s company has asked her to implement an
access control system that can support rule declarations like “Only
allow access to salespeople from managed devices on the wireless
network between 8 a.m. and 6 p.m.” What type of access control
system would be Susan’s best choice?

What type of communications rely on a timing mechanism using
either an independent clock or a time stamp embedded in the
communications?

Chris is deploying a gigabit Ethernet network using Category 6 cable
between two buildings. What is the maximum distance he can run the
cable according to the Category 6 standard?

Howard is a security analyst working with an experienced computer
forensics investigator. The investigator asks him to retrieve a forensic
drive controller, but Howard cannot locate a device in the storage
room with this name. What is another name for a forensic drive
controller?

The web application that Saria’s development team is working on
needs to provide secure session management that can prevent
hijacking of sessions using the cookies that the application relies on.
Which of the following techniques would be the best for her to
recommend to prevent this?

Ben’s company has recently retired their fleet of multifunction
printers. Their information security team has expressed concerns that
the printers contain hard drives and that they may still have data from
scans and print jobs. What is the technical term for this issue?

What access control scheme labels subjects and objects, and allows
subjects to access objects when the labels match?

A cloud-based service that provides account provisioning,
management, authentication, authorization, reporting, and
monitoring capabilities is known as what type of service?

Sally wants to secure her organization’s VoIP systems. Which of the
following attacks is one that she shouldn’t have to worry about?

Marty discovers that the access restrictions in his organization allow
any user to log into the workstation assigned to any other user, even if
they are from completely different departments. This type of access
most directly violates which information security principle?

Fred needs to transfer files between two servers on an untrusted
network. Since he knows the network isn’t trusted, he needs to select
an encrypted protocol that can ensure that his data remains secure.
What protocol should he choose?

Chris uses a packet sniffer to capture traffic from a TACACS+ server.
What protocol should he monitor, and what data should he expect to
be readable?

What does a service ticket (ST) provide in Kerberos authentication?

A password that requires users to answer a series of questions like
“What is your mother’s maiden name?” or “What is your favorite
color?” is known as what type of password?

CDMA, GSM, and IDEN are all examples of what generation of cellular
technology?

Which one of the following fire suppression systems poses the greatest
risk of accidental discharge that damages equipment in a data center?

Lauren’s healthcare provider maintains such data as details about her
health, treatments, and medical billing. What type of data is this?

What type of code review is best suited to identifying business logic
flaws?

Something you know is an example of what type of authentication
factor?

Saria is the system owner for a healthcare organization. What
responsibilities does she have related to the data that resides on or is
processed by the systems she owns?

During software testing, Jack diagrams how a hacker might approach
the application he is reviewing and determines what requirements the
hacker might have. He then tests how the system would respond to the
attacker’s likely behavior. What type of testing is Jack conducting?

When a vendor develops a product that they wish to submit for
Common Criteria evaluation, what do they complete to describe the
claims of security for their product?

Chris has been assigned to scan a system on all of its possible TCP and
UDP ports. How many ports of each type must he scan to complete his
assignment?

CVE and the NVD both provide information about what?

What is the highest level of the military classification scheme?

In what type of trusted recovery process does the system recover
against one or more failure types without administrator intervention
while protecting itself against data loss?

What three important items should be considered if you are
attempting to control the strength of signal for a wireless network as
well as where it is accessible?

What is the best way to ensure that data is unrecoverable from a SSD?

Alice sends a message to Bob and wants to ensure that Mal, a third
party, does not read the contents of the message while in transit. What
goal of cryptography is Alice attempting to achieve?

Which one of the following metrics specifies the amount of time that
business continuity planners find acceptable for the restoration of
service after a disaster?

Gary would like to examine the text of a criminal law on computer
fraud to determine whether it applies to a recent act of hacking against
his company. Where should he go to read the text of the law?

James has opted to implement a NAC solution that uses a postadmission
philosophy for its control of network connectivity. What
type of issues can’t a strictly post-admission policy handle?

Ben has built an access control list that lists the objects that his users
are allowed to access. When users attempt to access an object that they
don’t have rights to, they are denied access, even though there isn’t a
specific rule that prevents it. What access control principle is key to
this behavior?

Mary is a security risk analyst for an insurance company. She is
currently examining a scenario where a hacker might use a SQL
injection attack to deface a web server due to a missing patch in the
company’s web application. In this scenario, what is the risk?

Val is attempting to review security logs but is overwhelmed by the
sheer volume of records maintained in her organization’s central log
repository. What technique can she use to select a representative set of
records for further review?

In Jen’s job as the network administrator for an industrial production
facility, she is tasked with ensuring that the network is not susceptible
to electromagnetic interference due to the large motors and other
devices running on the production floor. What type of network cabling
should she choose if this concern is more important than cost and
difficulty of installation?

Jasper Diamonds is a jewelry manufacturer that markets and sells
custom jewelry through their website. Bethany is the manager of
Jasper’s software development organization, and she is working to
bring the company into line with industry standard practices. She
is developing a new change management process for the
organization and wishes to follow commonly accepted approaches.

Bethany would like to put in place controls that provide an organized
framework for company employees to suggest new website features
that her team will develop. What change management process
facilitates this?

Jasper Diamonds is a jewelry manufacturer that markets and sells
custom jewelry through their website. Bethany is the manager of
Jasper’s software development organization, and she is working to
bring the company into line with industry standard practices. She
is developing a new change management process for the
organization and wishes to follow commonly accepted approaches.

Bethany would also like to create a process that helps multiple
developers work on code at the same time. What change management
process facilitates this?

Jasper Diamonds is a jewelry manufacturer that markets and sells
custom jewelry through their website. Bethany is the manager of
Jasper’s software development organization, and she is working to
bring the company into line with industry standard practices. She
is developing a new change management process for the
organization and wishes to follow commonly accepted approaches.

Bethany is working with her colleagues to conduct user acceptance
testing. What change management process includes this task?

Jasper Diamonds is a jewelry manufacturer that markets and sells
custom jewelry through their website. Bethany is the manager of
Jasper’s software development organization, and she is working to
bring the company into line with industry standard practices. She
is developing a new change management process for the
organization and wishes to follow commonly accepted approaches.

Bethany noticed that some problems arise when system
administrators update libraries without informing developers. What
change management process can assist with this problem?

Ben has written the password hashing system for the web application
he is building. His hashing code function for passwords results in the
following process for a series of passwords:
hash (password1 + 07C98BFE4CF67B0BFE2643B5B22E2D7D) =
10B222970537B97919DB36EC757370D2
hash (password2 + 07C98BFE4CF67B0BFE2643B5B22E2D7D) =
F1F16683F3E0208131B46D37A79C8921
What flaw has Ben introduced with his hashing implementation?

Which one of the following is an example of risk transference?

What protocol takes the place of certificate revocation lists and adds
real-time status verification?

Jim performs lexical analysis on a program and produces control flow
graphs. What type of software testing is he performing?

What process makes TCP a connection-oriented protocol?

What LDAP operation includes authentication to the LDAP server?

You are conducting a qualitative risk assessment for your
organization. The two important risk elements that should weigh most
heavily in your analysis of risk are probability and
________________.

Using the OSI model, what format does the Data Link layer use to
format messages received from higher up the stack?

What is the maximum penalty that may be imposed by an (ISC)2 peer
review board when considering a potential ethics violation?

Which one of the following statements about the SDLC is correct?

Susan is setting up the network for a local coffee house and wants to
ensure that users have to authenticate using an email address and
agree to the coffee house’s acceptable use policy before being allowed
on the network. What technology should she use to do this?

What is another term for active monitoring?

The TCP header is made up of elements such as the source port,
destination port, sequence number, and others. How many bytes long
is the TCP header?

The company that Fred works for is reviewing the security of their
company-issued cell phones. They issue 4G-capable smartphones
running Android and iOS and use a mobile device management
solution to deploy company software to the phones. The mobile
device management software also allows the company to remotely
wipe the phones if they are lost.

What security considerations should Fred’s company require for
sending sensitive data over the cellular network?

The company that Fred works for is reviewing the security of their
company-issued cell phones. They issue 4G-capable smartphones
running Android and iOS and use a mobile device management
solution to deploy company software to the phones. The mobile
device management software also allows the company to remotely
wipe the phones if they are lost.

Fred intends to attend a major hacker conference this year. What
should he do when connecting to his cellular provider’s 4G network
while at the conference?

The company that Fred works for is reviewing the security of their
company-issued cell phones. They issue 4G-capable smartphones
running Android and iOS and use a mobile device management
solution to deploy company software to the phones. The mobile
device management software also allows the company to remotely
wipe the phones if they are lost.

What are the most likely circumstances that would cause a remote
wipe of a mobile phone to fail?

Elaine is developing a business continuity plan for her organization.
What value should she seek to minimize?

NIST Special Publication 800-53, revision 4, describes two measures
of assurance. Which measure of developmental assurance is best
described as measuring “the rigor, level of detail, and formality of the
artifacts produced during the design and development of the
hardware, software, and firmware components of information systems
(e.g., functional specifications, high-level design, low-level design,
source code)”?

Chris is experiencing issues with the quality of network service on his
organization’s network. The primary symptom is that packets are
becoming corrupted as they travel from their source to their
destination. What term describes the issue Chris is facing?

Kathleen has been asked to choose a highly formalized code review
process for her software quality assurance team to use. Which of the
following software testing processes is the most rigorous and formal?

Frank is attempting to protect his web application against cross-site
scripting attacks. Users do not need to provide input containing
scripts, so he decided the most effective way to filter would be to write
a filter on the server that watches for the <SCRIPT> tag and removes it.
What is the issue with Frank’s approach?

Which one of the following is not an object-oriented programming
language?

Uptown Records Management recently entered into a contract with a
hospital for the secure storage of medical records. The hospital is a
HIPAA-covered entity. What type of agreement must the two
organizations sign to remain compliant with HIPAA?

Norm would like to conduct a disaster recovery test for his
organization and wants to choose the most thorough type of test,
recognizing that it may be quite disruptive. What type of test should
Norm choose?

Ed is building a network that supports IPv6 but needs to connect it to
an IPv4 network. What type of device should Ed place between the
networks?

What encryption standard won the competition for certification as the
Advanced Encryption Standard?

Which one of the following actions is not required under the EU
General Data Protection Regulation?

Tammy is selecting a disaster recovery facility for her organization.
She would like to choose a facility that balances the time required to
recover operations with the cost involved. What type of facility should
she choose?

What layer of the OSI model is associated with datagrams?

Which one of the following is not a valid key length for the Advanced
Encryption Standard?

Which one of the following technologies provides a function interface
that allows developers to directly interact with systems without
knowing the implementation details of that system?