Q1. Refer.to the information below to answer the question. 

An organization experiencing a negative financial impact is forced to reduce budgets and the number of Information Technology (IT) operations staff performing basic logical access security administration functions. Security processes have been tightly integrated into normal IT operations and are not separate and distinct roles. 

Which of the following will be the PRIMARY security concern as staff is released from the organization? 

A. Inadequate IT support 

B. Loss of data and separation of duties 

C. Undocumented security controls 

D. Additional.responsibilities for remaining staff 

View Answer

Q2. At a MINIMUM, a formal review of any Disaster Recovery Plan (DRP) should be conducted 

A. monthly. 

B. quarterly. 

C. annually. 

D. bi-annually. 

View Answer

Q3. Which of the following is a process within a Systems Engineering Life Cycle (SELC) stage? 

A. Requirements Analysis 

B. Development and Deployment 

C. Production Operations 

D. Utilization Support 

View Answer

Q4. Refer.to the information below to answer the question. 

In a Multilevel Security (MLS) system, the following sensitivity labels are used in increasing levels of sensitivity: restricted, confidential, secret, top secret. Table A lists the clearance levels for four users, while Table B lists the security classes of four different files. 

In a Bell-LaPadula system, which user cannot write to File 3? 

A. User A 

B. User B 

C. User C 

D. User D 

View Answer

Q5. Disaster Recovery Plan (DRP) training material should be 

A. consistent so that all audiences receive the same training. 

B. stored in a fire proof safe to ensure availability when needed. 

C. only delivered in paper format. 

D. presented in a professional looking manner. 

View Answer

Q6. An external attacker has compromised an organization's network security perimeter and installed a sniffer onto an inside computer. Which of the following is the MOST effective layer of security the organization could have implemented to mitigate the attacker's ability to gain further information? 

A. Implement packet filtering on the network firewalls 

B. Require strong authentication for administrators 

C. Install Host Based Intrusion Detection Systems (HIDS) 

D. Implement logical network segmentation at the switches 

View Answer

Q7. The PRIMARY purpose of a security awareness program is to 

A. ensure that everyone understands the organization's policies and procedures. 

B. communicate that access to information will be granted on a need-to-know basis. 

C. warn all users that access to all systems will be monitored on a daily basis. 

D. comply with regulations related to data and information protection. 

View Answer

Q8. Refer.to the information below to answer the question. 

An organization has hired an information security officer to lead their security department. The officer has adequate people resources but is lacking the other necessary components to have an effective security program. There are numerous initiatives requiring security involvement. 

Which of the following is considered the MOST important priority for the information security officer? 

A. Formal acceptance of the security strategy 

B. Disciplinary actions taken against unethical behavior 

C. Development of an awareness program for new employees 

D. Audit of all organization system configurations for faults 

View Answer

Q9. Which of the following is the PRIMARY.security.concern associated with the implementation of smart cards? 

A. The cards have limited memory 

B. Vendor application compatibility 

C. The cards can be misplaced 

D. Mobile code can be embedded in the card 

View Answer

Q10. Which of the following is a BEST practice when traveling internationally with laptops containing Personally Identifiable Information (PII)? 

A. Use a thumb drive to transfer information from a foreign computer. 

B. Do not take.unnecessary.information, including sensitive information. 

C. Connect the laptop only to well-known networks like the hotel or public Internet cafes. 

D. Request international points of contact help scan the laptop on arrival to ensure it is protected..

View Answer