Q1. - (Topic 1) 

Two separate companies are in the process of integrating their authentication infrastructure into a unified single sign-on system. Currently, both companies use an AD backend and two factor authentication using TOTP. The system administrators have configured a trust relationship between the authentication backend to ensure proper process flow. How should the employees request access to shared resources before the authentication integration is complete? 

A. They should logon to the system using the username concatenated with the 6-digit code and their original password. 

B. They should logon to the system using the newly assigned global username: first.lastname#### where #### is the second factor code. 

C. They should use the username format: LAN\first.lastname together with their original password and the next 6-digit code displayed when the token button is depressed. 

D. They should use the username format: first.lastname@company.com, together with a password and their 6-digit code. 

View Answer

Q2. - (Topic 2) 

After the install process, a software application executed an online activation process. After a few months, the system experienced a hardware failure. A backup image of the system was restored on a newer revision of the same brand and model device. After the restore, the specialized application no longer works. Which of the following is the MOST likely cause of the problem? 

A. The binary files used by the application have been modified by malware. 

B. The application is unable to perform remote attestation due to blocked ports. 

C. The restored image backup was encrypted with the wrong key. 

D. The hash key summary of hardware and installed software no longer match. 

View Answer

Q3. - (Topic 1) 

Which of the following activities is commonly deemed “OUT OF SCOPE” when undertaking a penetration test? 

A. Test password complexity of all login fields and input validation of form fields 

B. Reverse engineering any thick client software that has been provided for the test 

C. Undertaking network-based denial of service attacks in production environment 

D. Attempting to perform blind SQL injection and reflected cross-site scripting attacks 

E. Running a vulnerability scanning tool to assess network and host weaknesses 

View Answer

Q4. - (Topic 4) 

A security administrator is tasked with securing a company's headquarters and branch offices move to unified communications. The Chief Information Officer (CIO) wants to integrate the corporate users' email, voice mail, telephony, presence and corporate messaging to internal computers, mobile users, and devices. Which of the following actions would BEST meet the CIO's goals while providing maximum unified communications security? 

A. Create presence groups, restrict IM protocols to the internal networks, encrypt remote devices, and restrict access to services to local network and VPN clients. 

B. Enable discretionary email forwarding restrictions, utilize QoS and Secure RTP, allow external IM protocols only over TLS, and allow port 2000 incoming to the internal firewall interface for secure SIP 

C. Set presence to invisible by default, restrict IM to invite only, implement QoS on SIP and RTP traffic, discretionary email forwarding, and full disk encryption. 

D. Establish presence privacy groups, restrict all IM protocols, allow secure RTP on session border gateways, enable full disk encryptions, and transport encryption for email security. 

View Answer

Q5. - (Topic 1) 

A security engineer on a large enterprise network needs to schedule maintenance within a fixed window of time. A total outage period of four hours is permitted for servers. Workstations can undergo maintenance from 8:00 pm to 6:00 am daily. Which of the following can specify parameters for the maintenance work? (Select TWO). 

A. Managed security service 

B. Memorandum of understanding 

C. Quality of service 

D. Network service provider 

E. Operating level agreement 

View Answer

Q6. - (Topic 4) 

When generating a new key pair, a security application asks the user to move the mouse and type random characters on the keyboard. Which of the following BEST describes why this is necessary? 

A. The user needs a non-repudiation data source in order for the application to generate the key pair. 

B. The user is providing entropy so the application can use random data to create the key pair. 

C. The user is providing a diffusion point to the application to aid in creating the key pair. 

D. The application is requesting perfect forward secrecy from the user in order to create the key pair. 

View Answer

Q7. - (Topic 1) 

The Chief Executive Officer (CEO) of a large prestigious enterprise has decided to reduce business costs by outsourcing to a third party company in another country. Functions to be outsourced include: business analysts, testing, software development and back office functions that deal with the processing of customer data. The Chief Risk Officer (CRO) is concerned about the outsourcing plans. Which of the following risks are MOST likely to occur if adequate controls are not implemented? 

A. Geographical regulation issues, loss of intellectual property and interoperability agreement issues 

B. Improper handling of client data, interoperability agreement issues and regulatory issues 

C. Cultural differences, increased cost of doing business and divestiture issues 

D. Improper handling of customer data, loss of intellectual property and reputation damage 

View Answer

Q8. - (Topic 4) 

In developing a new computing lifecycle process for a large corporation, the security team is developing the process for decommissioning computing equipment. In order to reduce the potential for data leakage, which of the following should the team consider? (Select TWO). 

A. Erase all files on drive 

B. Install of standard image 

C. Remove and hold all drives 

D. Physical destruction 

E. Drive wipe 

View Answer

Q9. - (Topic 4) 

Company XYZ recently acquired a manufacturing plant from Company ABC which uses a different manufacturing ICS platform. Company XYZ has strict ICS security regulations while Company ABC does not. Which of the following approaches would the network security administrator for Company XYZ MOST likely proceed with to integrate the new manufacturing plant? 

A. Conduct a network vulnerability assessment of acquired plant ICS platform and correct all identified flaws during integration. 

B. Convert the acquired plant ICS platform to the Company XYZ standard ICS platform solely to eliminate potential regulatory conflicts. 

C. Conduct a risk assessment of the acquired plant ICS platform and implement any necessary or required controls during integration. 

D. Require Company ABC to bring their ICS platform into regulatory compliance prior to integrating the new plant into Company XYZ’s network. 

View Answer

Q10. - (Topic 5) 

A company has migrated its data and application hosting to a cloud service provider (CSP). 

To meet its future needs, the company considers an IdP. Why might the company want to select an IdP that is separate from its CSP? (Select TWO). 

A. A circle of trust can be formed with all domains authorized to delegate trust to an IdP 

B. Identity verification can occur outside the circle of trust if specified or delegated 

C. Replication of data occurs between the CSP and IdP before a verification occurs 

D. Greater security can be provided if the circle of trust is formed within multiple CSP domains 

E. Faster connections can occur between the CSP and IdP without the use of SAML 

View Answer