Q1. Which of the following is a MAJOR consideration in implementing a Voice over IP (VoIP) network? 

A. Use of a unified messaging. 

B. Use of separation for the voice network. 

C. Use of Network Access Control (NAC) on switches. 

D. Use of Request for Comments (RFC) 1918 addressing. 

View Answer

Q2. A network scan found 50% of the systems with one or more critical vulnerabilities. Which of the following represents the BEST action? 

A. Assess vulnerability risk and program effectiveness. 

B. Assess vulnerability risk and business impact. 

C. Disconnect all systems with critical vulnerabilities. 

D. Disconnect systems with the most number of vulnerabilities. 

View Answer

Q3. The World Trade Organization's (WTO) agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPS) requires authors of computer software to be given the 

A. right to refuse or permit commercial rentals. 

B. right to disguise the software's geographic origin. 

C. ability to tailor security parameters based on location. 

D. ability to confirm license authenticity of.their works. 

View Answer

Q4. For an organization considering two-factor authentication for secure network access, which of the following is MOST secure? 

A. Challenge response and private key 

B. Digital certificates and Single Sign-On (SSO) 

C. Tokens and passphrase 

D. Smart card and biometrics 

View Answer

Q5. What maintenance activity is responsible for defining, implementing, and testing updates to application systems? 

A. Program change control 

B. Regression testing 

C. Export exception control 

D. User acceptance testing 

View Answer

Q6. Which of the following is the FIRST step of a penetration test plan? 

A. Analyzing a network diagram of the target network 

B. Notifying the company's customers 

C. Obtaining the approval of the company's management 

D. Scheduling the penetration test during a period of least impact 

View Answer

Q7. What is the GREATEST challenge to identifying data leaks? 

A. Available technical tools that enable user activity monitoring. 

B. Documented asset classification policy and clear labeling of assets. 

C. Senior management cooperation in investigating suspicious behavior. 

D. Law enforcement participation to apprehend and interrogate suspects. 

View Answer

Q8. Which of the following statements is TRUE of black box testing? 

A. Only the functional specifications are known to the test planner. 

B. Only the source code and the design documents are known to the test planner. 

C. Only the source code and functional specifications are known to the test planner. 

D. Only the design documents and the functional specifications are known to the test planner. 

View Answer

Q9. Which of the following are required components for implementing software configuration management systems? 

A. Audit control and signoff 

B. User training and acceptance 

C. Rollback and recovery processes 

D. Regression testing and evaluation 

View Answer

Q10. Which of the following violates identity and access management best practices? 

A. User accounts 

B. System accounts 

C. Generic accounts 

D. Privileged accounts 

View Answer