Q1. - (Topic 5) 

A security manager is collecting RFQ, RFP, and RFI publications to help identify the technology trends which a government will be moving towards in the future. This information is available to the public. By consolidating the information, the security manager will be able to combine several perspectives into a broader view of technology trends. This is an example of which of the following? (Select TWO). 

A. Supervisory control and data acquisition 

B. Espionage 

C. Hacktivism 

D. Data aggregation 

E. Universal description discovery and integration 

F. Open source intelligence gathering 

View Answer

Q2. - (Topic 3) 

A WAF without customization will protect the infrastructure from which of the following attack combinations? 

A. DDoS, DNS poisoning, Boink, Teardrop 

B. Reflective XSS, HTTP exhaustion, Teardrop 

C. SQL Injection, DOM based XSS, HTTP exhaustion 

D. SQL Injection, CSRF, Clickjacking 

View Answer

Q3. - (Topic 1) 

Three companies want to allow their employees to seamlessly connect to each other’s wireless corporate networks while keeping one consistent wireless client configuration. Each company wants to maintain its own authentication infrastructure and wants to ensure that an employee who is visiting the other two companies is authenticated by the home office when connecting to the other companies’ wireless network. All three companies have agreed to standardize on 802.1x EAP-PEAP-MSCHAPv2 for client configuration. Which of the following should the three companies implement? 

A. The three companies should agree on a single SSID and configure a hierarchical RADIUS system which implements trust delegation. 

B. The three companies should implement federated authentication through Shibboleth connected to an LDAP backend and agree on a single SSID. 

C. The three companies should implement a central portal-based single sign-on and agree to use the same CA when issuing client certificates. 

D. All three companies should use the same wireless vendor to facilitate the use of a shared cloud based wireless controller. 

View Answer

Q4. - (Topic 2) 

An administrator is implementing a new network-based storage device. In selecting a storage protocol, the administrator would like the data in transit's integrity to be the most important concern. Which of the following protocols meets these needs by implementing either AES-CMAC or HMAC-SHA256 to sign data? 

A. SMB 

B. NFS 

C. FCoE 

D. iSCSI 

View Answer

Q5. - (Topic 5) 

A system administrator has a responsibility to maintain the security of the video teleconferencing system. During a self-audit of the video teleconferencing room, the administrator notices that speakers and microphones are hard-wired and wireless enabled. Which of the following security concerns should the system administrator have about the existing technology in the room? 

A. Wired transmissions could be intercepted by remote users. 

B. Bluetooth speakers could cause RF emanation concerns. 

C. Bluetooth is an unsecure communication channel. 

D. Wireless transmission causes interference with the video signal. 

View Answer

Q6. - (Topic 2) 

A recently hired security administrator is advising developers about the secure integration of a legacy in-house application with a new cloud based processing system. The systems must exchange large amounts of fixed format data such as names, addresses, and phone numbers, as well as occasional chunks of data in unpredictable formats. The developers want to construct a new data format and create custom tools to parse and process the data. The security administrator instead suggests that the developers: 

A. Create a custom standard to define the data. 

B. Use well formed standard compliant XML and strict schemas. 

C. Only document the data format in the parsing application code. 

D. Implement a de facto corporate standard for all analyzed data. 

View Answer

Q7. - (Topic 2) 

A security administrator is tasked with increasing the availability of the storage networks while enhancing the performance of existing applications. Which of the following technologies should the administrator implement to meet these goals? (Select TWO). 

A. LUN masking 

B. Snapshots 

C. vSAN 

D. Dynamic disk pools 

E. Multipath 

F. Deduplication 

View Answer

Q8. - (Topic 2) 

A company Chief Information Officer (CIO) is unsure which set of standards should govern the company’s IT policy. The CIO has hired consultants to develop use cases to test against various government and industry security standards. The CIO is convinced that there is large overlap between the configuration checks and security controls governing each set of standards. Which of the following selections represent the BEST option for the CIO? 

A. Issue a RFQ for vendors to quote a complete vulnerability and risk management solution to the company. 

B. Issue a policy that requires only the most stringent security standards be implemented throughout the company. 

C. Issue a policy specifying best practice security standards and a baseline to be implemented across the company. 

D. Issue a RFI for vendors to determine which set of security standards is best for the company. 

View Answer

Q9. - (Topic 1) 

After being notified of an issue with the online shopping cart, where customers are able to arbitrarily change the price of listed items, a programmer analyzes the following piece of code used by a web based shopping cart. 

SELECT ITEM FROM CART WHERE ITEM=ADDSLASHES($USERINPUT); 

The programmer found that every time a user adds an item to the cart, a temporary file is created on the web server /tmp directory. The temporary file has a name which is generated by concatenating the content of the $USERINPUT variable and a timestamp in the form of MM-DD-YYYY, (e.g. smartphone-12-25-2013.tmp) containing the price of the item being purchased. Which of the following is MOST likely being exploited to manipulate the price of a shopping cart’s items? 

A. Input validation 

B. SQL injection 

C. TOCTOU 

D. Session hijacking 

View Answer

Q10. - (Topic 3) 

Several business units have requested the ability to use collaborative web-based meeting places with third party vendors. Generally these require user registration, installation of client-based ActiveX or Java applets, and also the ability for the user to share their desktop in read-only or read-write mode. In order to ensure that information security is not compromised, which of the following controls is BEST suited to this situation? 

A. Disallow the use of web-based meetings as this could lead to vulnerable client-side components being installed, or a malicious third party gaining read-write control over an internal workstation. 

B. Hire an outside consultant firm to perform both a quantitative and a qualitative risk-based assessment. Based on the outcomes, if any risks are identified then do not allow web-based meetings. If no risks are identified then go forward and allow for these meetings to occur. 

C. Allow the use of web-based meetings, but put controls in place to ensure that the use of these meetings is logged and tracked. 

D. Evaluate several meeting providers. Ensure that client-side components do not introduce undue security risks. Ensure that the read-write desktop mode can either be prevented or strongly audited. 

View Answer