Q1. A thorough review of an organization's audit logs finds that a disgruntled network administrator has intercepted emails meant for the.Chief.Executive Officer.(CEO).and changed them before forwarding them to their intended recipient. What type of attack has MOST likely occurred? 

A. Spoofing 

B. Eavesdropping 

C. Man-in-the-middle 

D. Denial of service 

Answer:


Q2. Software Code signing is used as a method of verifying what security concept?.

A. Integrity 

B. Confidentiality.

C. Availability.

D. Access Control 

Answer:


Q3. An organization is found lacking the ability to properly establish performance indicators for its Web hosting solution during an audit. What would be the MOST probable cause? 

A. Improper deployment of the Service-Oriented Architecture.(SOA) 

B. Absence of a Business Intelligence.(BI) solution 

C. Inadequate cost modeling 

D. Insufficient Service Level Agreement.(SLA).

Answer:


Q4. A Business Continuity Plan (BCP) is based on 

A. the policy and procedures manual. 

B. an existing BCP from a similar organization. 

C. a review of the business processes and procedures. 

D. a standard checklist of required items and objectives. 

Answer:


Q5. When implementing a secure wireless network, which of the following supports authentication and authorization for individual client endpoints? 

A. Temporal Key Integrity Protocol (TKIP) 

B. Wi-Fi Protected Access (WPA) Pre-Shared Key (PSK) 

C. Wi-Fi Protected Access 2 (WPA2) Enterprise 

D. Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) 

Answer:


Q6. Which of the following assessment metrics is BEST used to understand a system's vulnerability to potential exploits? 

A. Determining the probability that the system functions safely during any time period 

B. Quantifying the system's available services 

C. Identifying the number of security flaws within the system 

D. Measuring the system's integrity in the presence of failure 

Answer:


Q7. DRAG DROP 

Given the various means to protect physical and logical assets, match the access management area to the technology. 

Answer: 


Q8. Which of the following MUST be part of a contract to support electronic discovery of data stored in a cloud environment? 

A. Integration with organizational directory services for authentication 

B. Tokenization of data 

C. Accommodation of hybrid deployment models 

D. Identification of data location 

Answer:


Q9. Which of the following methods protects.Personally Identifiable.Information (PII).by use of a full replacement of the data element? 

A. Transparent Database Encryption (TDE) 

B. Column level database encryption 

C. Volume encryption 

D. Data tokenization 

Answer:


Q10. Which of the following is the MOST important element of change management documentation? 

A. List of components involved 

B. Number of changes being made 

C. Business case justification 

D. A stakeholder communication 

Answer: