An employee in an organization is requesting access to more information than is required. This request should be denied on the basis of which principle:
Separation of duties
Least privilege
Need to know
Job rotation
Two separate employees are required to open a safe containing sensitive information. One employee has part of the safe combination, and a second employee has another part of the safe combination. This arrangement follows the principle of:
Split custody
Segregation of duties
The information security officer in an organization has assigned various accounting department employees to various roles in the organization’s financial system, taking care to assign roles with the fewest possible functions. Roles have been assigned according to the principle of:
An organization has in its possession many types of business records that vary in sensitivity and handling requirements. No policy exists that defines how any of these records should be protected. This organization lacks:
Storage and handling procedures
Data classification policy
Information security policy
The purpose of a periodic review of user access rights is:
To check whether employees have logged in to the system
To check for active accounts that belong to terminated employees
To determine password quality and expiration
To determine whether access control systems still function properly
The purpose of a password policy that requires a minimum number of days between password changes is:
To prevent a brute force attack against a password
To prevent an intruder from carrying out a dictionary attack against a password
To prevent someone from quickly cycling back to their familiar password
To prevent a second user from changing the password
The purpose of a password policy that locks an account after five unsuccessful login attempts is:
To prevent other individuals from logging in to the account
The purpose of backups includes all of the following EXCEPT:
Software malfunctions
Human error
Hardware malfunctions
Cluster failovers
The most effective way to confirm whether backups function properly is:
Confirming the presence of error messages in backup logs
Confirming the absence of error messages in backup logs
Testing the ability to backup data onto backup media
Testing the ability to restore data from backup media
An organization’s data classification policy includes handling procedures for data at each level of sensitivity. The IT department backs up all data onto magnetic tape, resulting in tapes that contain data at all levels of sensitivity. How should these backup tapes be handled?
According to procedures for the lowest sensitivity level
According to procedures for the highest sensitivity level
According to procedures in between the lowest and highest sensitivity levels
Data handling procedures do not apply to backup media, only original media
All of the following methods for destroying data on hard disk drives are sufficient EXCEPT:
Reformatting
Degaussing
Shredding
Drilling
All of the following are valid reasons for backing up data EXCEPT:
Disaster
Software bugs that corrupt data
Replication
Sabotage
An organization’s IT manager is establishing a business relationship with an off-site media storage company, for storage of backup media. The storage company has a location 5 miles away from the organization’s data center, and another location that is 70 miles away. Why should one location be preferred over the other?
It makes no difference which facility is chosen
The closer location should be chosen, to facilitate periodic on-site inspections
The closer location should be chosen, to facilitate faster recovery
The farther location should be chosen, because it will not be affected by a regional disaster
An organization’s IT manager wants to discontinue the business relationship with an off-site media storage company, and instead store the organization’s backup tapes at his residence, which is closer to the organization’s data center. Should this plan be considered, and why:
This should not be considered because the media will have fewer physical safeguards
This should be considered because it will save money
This should be considered because it is closer to the organization’s data center
This should not be chosen because it is too closer to the organization’s data center
Why do the actions of system administrators need to be monitored more closely than other personnel?
Administrator actions can be more harmful and have a larger impact on the organization
Administrators are more likely to make mistakes
Administrators have access to all other users’ passwords
Administrative interfaces have fewer safeguards
Which of the following is NOT a risk associated with remote access:
Risk associated with sensitive information is stored on a non-company-owned computer, out of the organization’s control
A non-company-owned computer with inadequate anti-malware protection can introduce an infection through remote access
Anti-virus software on the remote computer will not be able to download virus definition updates
If a split tunnel is used, the remote computer may be more vulnerable to attack
A workstation that can remotely access the organization’s network through a VPN and access the local LAN, all through the same physical network connection, is using:
Split tunneling
Split gateways
IPsec VPN software
SSL VPN software
What is the difference between split tunneling and inverse split tunneling:
Only inverse split tunneling can utilize a firewall
Only split tunneling can utilize a firewall
Split tunneling uses IPsec and SSL, while inverse split tunneling uses L2TP
In split tunneling, the default network is the LAN; in inverse split tunneling, the default network is the VPN
The primary advantage of the use of a central management console for anti-virus is:
Centralized virus detection
Centralized reporting
Consolidation of reporting and centralized signature file distribution
Centralized signature file distribution
The process of erasing magnetic media through the use of a strong magnetic field is known as:
Delousing
Wiping
A security manager has instructed a system administrator to wipe files on a hard disk. This means that the administrator needs to:
Perform a low-level format on the hard disk
Use a degausser to re-align the magnetic storage material on the hard disk
Use a tool to overwrite files multiple times
Perform a high-level format on the hard disk
An organization has received notice of a lawsuit related to activities in its operations department. How should the organization respond:
Cease all purging activities until further notice
Alter retention schedules and begin purging the oldest information
Purge all information older than timelines specified in its retention schedule
Hire an outside organization to perform all purging activities
An organization has experienced several virus infections on its desktop workstations. Which of the following remedies would NOT be effective to reduce virus infections?
Install an anti-virus gateway web proxy server
Install anti-virus on its e-mail servers
Install anti-virus central management console
Install anti-virus on its web servers
An organization has been made a party in a civil lawsuit. The organization is required to search its electronic records for specific memoranda. This process is known as:
Subpoena
Search and seizure
Discovery
Electronic discovery
An organization’s critical application is required to be continuously available, with only a few minutes’ per month of downtime allowed. What measure should the organization implement to assure this level of availability?
Server clustering
Server clustering and data replication
Hot standby site
Data replication
