In terms of supporting a forensic investigation, it is now imperative that managers, first-responders, etc., accomplish the following actions to the computer under investigation:
Your organization provides open guest wireless access with no captive portals. What can you do to assist with law enforcement investigations if one of your guests is suspected of committing an illegal act using your network?
Your incident handling manager detects a virus attack in the network of your company. You develop a signature based on the characteristics of the detected virus. Which of the following phases in the incident handling process will utilize the signature to resolve this incident?
What type of attack requires the least amount of technical equipment and has the highest success rate?
Network Forensics is the prerequisite for any successful legal action after attacks on your Enterprise Network. Which is the single most important factor to introducing digital evidence into a court of law?
While designing a secondary data center for your company what document needs to be analyzed to determine to how much should be spent on building the data center?
As a CISO you need to understand the steps that are used to perform an attack against a network. Put each step into the correct order.
1.Covering tracks
2.Scanning and enumeration
3.Maintaining Access
4.Reconnaissance
5.Gaining Access
SQL injection is a very popular and successful injection attack method. Identify the basic SQL injection text:
A customer of a bank has placed a dispute on a payment for a credit card account. The banking system uses digital signatures to safeguard the integrity of their transactions. The bank claims that the system shows proof that the customer in fact made the payment. What is this system capability commonly known as?
What is the term describing the act of inspecting all real-time Internet traffic (i.e., packets) traversing a major Internet backbone without introducing any apparent latency?
The process for identifying, collecting, and producing digital information in support of legal proceedings is called
An access point (AP) is discovered using Wireless Equivalent Protocol (WEP). The ciphertext sent by the AP is encrypted with the same key and cipher used by its stations. What authentication method is being used?
The process of creating a system which divides documents based on their security level to manage access to private data is known as
Which of the following statements about Encapsulating Security Payload (ESP) is true?
You are having a penetration test done on your company network and the leader of the team says they discovered all the network devices because no one had changed the Simple Network Management Protocol (SNMP) community strings from the defaults. Which of the following is a default community string?
The ability to hold intruders accountable in a court of law is important. Which of the following activities are needed to ensure the highest possibility for successful prosecution?
Physical security measures typically include which of the following components?
The general ledger setup function in an enterprise resource package allows for setting accounting periods. Access to this function has been permitted to users in finance, the shipping department, and production scheduling. What is the most likely reason for such broad access?
Who should be involved in the development of an internal campaign to address email phishing?
When evaluating a Managed Security Services Provider (MSSP), which service(s) is/are most important:
Which of the following is the MOST effective method to counter phishing attacks?
As the Risk Manager of an organization, you are task with managing vendor risk assessments. During the assessment, you identified that the vendor is engaged with high profiled clients, and bad publicity can jeopardize your own brand.
Which is the BEST type of risk that defines this event?
You have been hired as the Information System Security Officer (ISSO) for a US federal government agency. Your role is to ensure the security posture of the system is maintained. One of your tasks is to develop and maintain the system security plan (SSP) and supporting documentation.
Which of the following is NOT documented in the SSP?
Which of the following statements below regarding Key Performance indicators (KPIs) are true?
Of the following types of SOCs (Security Operations Centers), which one would be MOST likely used if the CISO has decided to outsource the infrastructure and administration of it?
A CISO must conduct risk assessments using a method where the Chief Financial Officer (CFO) receives impact data in financial terms to use as input to select the proper level of coverage in a new cybersecurity insurance policy.
What is the MOST effective method of risk analysis to provide the CFO with the information required?
The primary responsibility for assigning entitlements to a network share lies with which role?
An organization recently acquired a Data Loss Prevention (DLP) solution, and two months after the implementation, it was found that sensitive data was posted to numerous Dark Web sites. The DLP application was checked, and there are no apparent malfunctions and no errors.
What is the MOST likely reason why the sensitive data was posted?
As the CISO, you are the project sponsor for a highly visible log management project. The objective of the project is to centralize all the enterprise logs into a security information and event management (SIEM) system. You requested the results of the performance quality audits activity.
The performance quality audit activity is done in what project management process group?
In defining a strategic security plan for an organization, what should a CISO first analyze?
When performing a forensic investigation, what are the two MOST common data sources for obtaining evidence from a computer and mobile devices?
You have been promoted to the CISO of a big-box retail store chain reporting to the Chief Information Officer (CIO). The CIO’s first mandate to you is to develop a cybersecurity compliance framework that will meet all the store’s compliance requirements.
Which of the following compliance standard is the MOST important to the organization?
Which of the following is considered the MOST effective tool against social engineering?
XYZ is a publicly-traded software development company.
Who is ultimately accountable to the shareholders in the event of a cybersecurity breach?
A CISO decides to analyze the IT infrastructure to ensure security solutions adhere to organizational implementation and management requirements. Which of the following principles does this BEST demonstrate?
Which of the following is the MOST important to share with an Information Security Steering Committee:
During a cyber incident, which non-security personnel might be needed to assist the security team?
Which of the following set of processes is considered to be one of the cornerstone cycles of the International Organization for Standardization (ISO) 27001 standard?
A missing/ineffective security control is identified. Which of the following should be the NEXT step?
A new CISO just started with a company and on the CISO's desk is the last complete Information Security Management audit report. The audit report is over two years old. After reading it, what should be the CISO's FIRST priority?
Which of the following reports should you as an IT auditor use to check on compliance with a service level agreement’s requirement for uptime?
Creating a secondary authentication process for network access would be an example of?
An organization has implemented a change management process for all changes to the IT production environment. This change management process follows best practices and is expected to help stabilize the availability and integrity of the organization’s IT environment. Which of the following can be used to measure the effectiveness of this newly implemented process:
Which of the following is the MOST effective way to measure the effectiveness of security controls on a perimeter network?
Which of the following is a benefit of a risk-based approach to audit planning?
The patching and monitoring of systems on a consistent schedule is required by?
Which of the following are necessary to formulate responses to external audit findings?
Which of the following best describes the purpose of the International Organization for Standardization (ISO) 27002 standard?
Which of the following activities must be completed BEFORE you can calculate risk?
The CIO of an organization has decided to assign the responsibility of internal IT audit to the IT team. This is consider a bad practice MAINLY because
You are the Chief Information Security Officer of a large, multinational bank and you suspect there is a flaw in a two factor authentication token management process. Which of the following represents your BEST course of action?
Which of the following tests is an IS auditor performing when a sample of programs is selected to determine if the source and object versions are the same?
The executive board has requested that the CISO of an organization define and Key Performance Indicators (KPI) to measure the effectiveness of the security awareness program provided to call center employees. Which of the following can be used as a KPI?
Which of the following organizations is typically in charge of validating the implementation and effectiveness of security controls?
The BEST organization to provide a comprehensive, independent and certifiable perspective on established security controls in an environment is
Which of the following is the MOST important for a CISO to understand when identifying threats?
An organization’s firewall technology needs replaced. A specific technology has been selected that is less costly than others and lacking in some important capabilities. The security officer has voiced concerns about sensitive data breaches but the decision is made to purchase. What does this selection indicate?
The framework that helps to define a minimum standard of protection that business stakeholders must attempt to achieve is referred to as a standard of:
Which of the following represents the HIGHEST negative impact resulting from an ineffective security governance program?
You have a system with 2 identified risks. You determine the probability of one risk occurring is higher than the
What is the relationship between information protection and regulatory compliance?
When would it be more desirable to develop a set of decentralized security policies and procedures within an enterprise environment?
Which of the following is the MOST important benefit of an effective security governance process?
If your organization operates under a model of "assumption of breach", you should:
A security manager regualrly checks work areas after buisness hours for security violations; such as unsecured files or unattended computers with active sessions. This activity BEST demonstrates what part of a security program?
The single most important consideration to make when developing your security program, policies, and processes is:
Which of the following is the MAIN reason to follow a formal risk management process in an organization that hosts and uses privately identifiable information (PII) as part of their business models and processes?
What is the SECOND step to creating a risk management methodology according to the National Institute of Standards and Technology (NIST) SP 800-30 standard?
What is a difference from the list below between quantitative and qualitative Risk Assessment?
Acceptable levels of information security risk tolerance in an organization should be determined by?
A newly-hired CISO needs to understand the organization’s financial management standards for business units
and operations. Which of the following would be the best source of this information?
If a competitor wants to cause damage to your organization, steal critical secrets, or put you out of business,
they just have to find a job opening, prepare someone to pass the interview, have that person hired, and they
will be in the organization. How would you prevent such type of attacks?
Which of the following best describes the sensors designed to project and detect a light beam across an area?
John is the project manager for a large project in his organization. A new change request has been proposed that will affect several areas of the project. One area of the project change impact is on work that a vendor has already completed. The vendor is refusing to make the changes as they’ve already completed the project work they were contracted to do. What can John do in this instance?
Scenario: Your organization employs single sign-on (user name and password only) as a convenience to your employees to access organizational systems and data. Permission to individual systems and databases is vetted and approved through supervisors and data owners to ensure that only approved personnel can use particular applications or retrieve information. All employees have access to their own human resource information, including the ability to change their bank routing and account information and other personal details through the Employee Self-Service application. All employees have access to the organizational VPN.
Once supervisors and data owners have approved requests, information system administrators will implement
Scenario: An organization has recently appointed a CISO. This is a new role in the organization and it signals the increasing need to address security consistently at the enterprise level. This new CISO, while confident with skills and experience, is constantly on the defensive and is unable to advance the IT security centric agenda.
From an Information Security Leadership perspective, which of the following is a MAJOR concern about the CISO’s approach to security?
An organization has a number of Local Area Networks (LANs) linked to form a single Wide Area Network
(WAN). Which of the following would BEST ensure network continuity?
Which of the following would negatively impact a log analysis of a multinational organization?
Which of the following is a primary method of applying consistent configurations to IT systems?
When analyzing and forecasting a capital expense budget what are not included?
The process for management approval of the security certification process which states the risks and mitigation of such risks of a given IT system is called
A system is designed to dynamically block offending Internet IP-addresses from requesting services from a secure website. This type of control is considered
If the result of an NPV is positive, then the project should be selected. The net present value shows the present
value of the project, based on the decisions taken for its selection. What is the net present value equal to?
When updating the security strategic planning document what two items must be included?
SCENARIO: Critical servers show signs of erratic behavior within your organization’s intranet. Initial information indicates the systems are under attack from an outside entity. As the Chief Information Security Officer (CISO), you decide to deploy the Incident Response Team (IRT) to determine the details of this incident and take action according to the information available to the team.
In what phase of the response will the team extract information from the affected systems without altering original data?
Which of the following is MOST useful when developing a business case for security initiatives?
When considering using a vendor to help support your security devices remotely, what is the BEST choice for allowing access?
A system was hardened at the Operating System level and placed into the production environment. Months later an audit was performed and it identified insecure configuration different from the original hardened state. Which of the following security issues is the MOST likely reason leading to the audit findings?
Which of the following methodologies references the recommended industry standard that Information security project managers should follow?
To get an Information Security project back on schedule, which of the following will provide the MOST help?
Which of the following represents the best method of ensuring business unit alignment with security program requirements?
Knowing the potential financial loss an organization is willing to suffer if a system fails is a determination of which of the following?
How often should the Statements of Standards for Attestation Engagements-16 (SSAE16)/International Standard on Assurance Engagements 3402 (ISAE3402) report of your vendors be reviewed?
The security team has investigated the theft/loss of several unencrypted laptop computers containing sensitive corporate information. To prevent the loss of any additional corporate data it is unilaterally decided by the CISO that all existing and future laptop computers will be encrypted. Soon, the help desk is flooded with complaints about the slow performance of the laptops and users are upset. What did the CISO do wrong? (choose the BEST answer):
An application vulnerability assessment has identified a security flaw in an application. This is a flaw that was previously identified and remediated on a prior release of the application. Which of the following is MOST likely the reason for this recurring issue?
Which of the following methods are used to define contractual obligations that force a vendor to meet customer expectations?
A CISO decides to analyze the IT infrastructure to ensure security solutions adhere to the concepts of how hardware and software is implemented and managed within the organization. Which of the following principles does this best demonstrate?
The Security Operations Center (SOC) just purchased a new intrusion prevention system (IPS) that needs to be deployed in-line for best defense. The IT group is concerned about putting the new IPS in-line because it might negatively impact network availability. What would be the BEST approach for the CISO to reassure the IT group?
Which one of the following BEST describes which member of the management team is accountable for the day-to-day operation of the information security program?
Which of the following represents the BEST method for obtaining business unit acceptance of security controls within an organization?
You are the CISO of a commercial social media organization. The leadership wants to rapidly create new methods of sharing customer data through creative linkages with mobile devices. You have voiced concern about privacy regulations but the velocity of the business is given priority. Which of the following BEST describes this organization?
A CISO decides to analyze the IT infrastructure to ensure security solutions adhere to the concepts of how hardware and software is implemented and managed within the organization. Which of the following principles does this best demonstrate?
Which of the following functions evaluates patches used to close software vulnerabilities of new systems to assure compliance with policy when implementing an information security program?
Which of the following can the company implement in order to avoid this type of security issue in the future?
A newly appointed security officer finds data leakage software licenses that had never been used. The officer decides to implement a project to ensure it gets installed, but the project gets a great deal of resistance across the organization. Which of the following represents the MOST likely reason for this situation?
When operating under severe budget constraints a CISO will have to be creative to maintain a strong security organization. Which example below is the MOST creative way to maintain a strong security posture during these difficult times?
Which of the following functions evaluates risk present in IT initiatives and/or systems when implementing an information security program?
DumpsMate's team of experts is always available to respond your queries on exam preparation. Get professional answers on any topic of the certification syllabus. Our experts will thoroughly satisfy you.
TESTED 04 Dec 2024
