Q1. A Physical Security Manager is ready to replace all 50 analog surveillance cameras with IP cameras with built-in web management. The Security Manager has several security guard desks on different networks that must be able to view the cameras without unauthorized people viewing the video as well. The selected IP camera vendor does not have the ability to authenticate users at the camera level. Which of the following should the Security Manager suggest to BEST secure this environment?

A. Create an IP camera network and deploy NIPS to prevent unauthorized access.

B. Create an IP camera network and only allow SSL access to the cameras.

C. Create an IP camera network and deploy a proxy to authenticate users prior to accessing the cameras.

D. Create an IP camera network and restrict access to cameras from a single management host.

View Answer

Q2. An administrator attempts to install the package "named.9.3.6-12-x86_64.rpm" on a server. Even though the package was downloaded from the official repository, the server states the package cannot be installed because no GPG key is found. Which of the following should the administrator perform to allow the program to be installed?

A. Download the file from the program publisher's website.

B. Generate RSA and DSA keys using GPG.

C. Import the repository's public key.

D. Run sha1sum and verify the hash.

View Answer

Q3. A new IDS device is generating a very large number of irrelevant events. Which of the following would BEST remedy this problem?

A. Change the IDS to use a heuristic anomaly filter.

B. Adjust IDS filters to decrease the number of false positives.

C. Change the IDS filter to data mine the false positives for statistical trending data.

D. Adjust IDS filters to increase the number of false negatives.

View Answer

Q4. Company XYZ provides cable television service to several regional areas. They are currently installing fiber-to-the-home in many areas with hopes of also providing telephone and Internet services. The telephone and Internet services portions of the company will each be separate subsidiaries of the parent company. The board of directors wishes to keep the subsidiaries separate from the parent company. However all three companies must share customer data for the purposes of accounting, billing, and customer authentication. The solution must use open standards, and be simple and seamless for customers, while only sharing minimal data between the companies. Which of the following solutions is BEST suited for this scenario?

A. The companies should federate, with the parent becoming the SP, and the subsidiaries becoming an IdP.

B. The companies should federate, with the parent becoming the IdP, and the subsidiaries becoming an SSP.

C. The companies should federate, with the parent becoming the IdP, and the subsidiaries becoming an SP.

D. The companies should federate, with the parent becoming the ASP, and the subsidiaries becoming an IdP.

View Answer

Q5. After being informed that the company DNS is unresponsive, the system administrator issues the following command from a Linux workstation:

Once at the command prompt, the administrator issues the below commanD. Which of the following is true about the above situation?

A. The administrator must use the sudo command in order to restart the service.

B. The administrator used the wrong SSH port to restart the DNS server.

C. The service was restarted correctly, but it failed to bind to the network interface.

D. The service did not restart because the bind command is privileged.

View Answer

Q6. A medium-sized company has recently launched an online product catalog. It has decided to keep the credit card purchasing in-house as a secondary potential income stream has been identified in relation to sales leads. The company has decided to undertake a PCI assessment in order to determine the amount of effort required to meet the business objectives. Which compliance category would this task be part of?

A. Government regulation

B. Industry standard

C. Company guideline

D. Company policy

View Answer

Q7. A bank provides single sign on services between its internally hosted applications and externally hosted CRM. The following sequence of events occurs:

1. The banker accesses the CRM system, a redirect is performed back to the organizationu2021s internal systems.

2. A lookup is performed of the identity and a token is generated, signed and encrypted.

3. A redirect is performed back to the CRM system with the token.

4. The CRM system validates the integrity of the payload, extracts the identity and performs a lookup.

5. If the banker is not in the system and automated provisioning request occurs.

6. The banker is authenticated and authorized and can access the system. This is an example of which of the following?

A. Service provider initiated SAML 2.0

B. Identity provider initiated SAML 1.0

C. OpenID federated single sign on

D. Service provider initiated SAML 1.1

View Answer

Q8. A trucking company delivers products all over the country. The executives at the company would like to have better insight into the location of their drivers to ensure the shipments are following secure routes. Which of the following would BEST help the executives meet this goal?

A. Install GSM tracking on each product for end-to-end delivery visibility.

B. Implement geo-fencing to track products.

C. Require drivers to geo-tag documentation at each delivery location.

D. Equip each truck with an RFID tag for location services.

View Answer

Q9. Which of the following is the BEST place to contractually document security priorities, responsibilities, guarantees, and warranties when dealing with outsourcing providers?

A. NDA

B. OLA

C. MOU

D. SLA

View Answer

Q10. The internal audit department is investigating a possible breach of security. One of the auditors is sent to interview the following employees:

Employee A. Works in the accounts receivable office and is in charge of entering data into the finance system.

Employee B. Works in the accounts payable office and is in charge of approving purchase orders.

Employee C. Is the manager of the finance department, supervises Employee A and Employee B, and can perform the functions of both Employee A and Employee B.

Which of the following should the auditor suggest be done to avoid future security breaches?

A. All employees should have the same access level to be able to check on each others.

B. The manager should only be able to review the data and approve purchase orders.

C. Employee A and Employee B should rotate jobs at a set interval and cross-train.

D. The manager should be able to both enter and approve information.

View Answer