Q71. Which of the following is an essential element of a privileged identity lifecycle management? 

A. Regularly perform account re-validation and approval 

B. Account provisioning based on multi-factor authentication 

C. Frequently review performed activities and request justification 

D. Account information to be provided by supervisor or line manager 

Answer:


Q72. What is the GREATEST.challenge of.an agent-based patch management solution? 

A. Time to gather vulnerability information about the computers in the program 

B. Requires that software be installed, running, and managed on all participating computers 

C. The significant amount of network bandwidth while scanning computers 

D. The consistency of distributing patches to each participating computer 

Answer:


Q73. Changes to a Trusted Computing Base (TCB) system that could impact the security posture of that system and trigger a recertification activity are documented in the 

A. security impact analysis. 

B. structured code review. 

C. routine self assessment. 

D. cost benefit analysis. 

Answer:


Q74. A system is developed so that its business users can perform business functions but not user administration functions. Application administrators can perform administration functions but not user business functions. These capabilities are BEST described as 

A. least privilege. 

B. rule based access controls. 

C. Mandatory Access Control (MAC). 

D. separation of duties. 

Answer:


Q75. HOTSPOT 

Identify the component that MOST likely lacks digital accountability related to.information access. 

Click on the correct device in the image below. 

Answer: 


Q76. Which of the following BEST describes a Protection Profile (PP)? 

A. A document that expresses an implementation independent set of security requirements for an IT product that meets specific consumer needs. 

B. A document that is used to develop an IT security product from its security requirements definition. 

C. A document that expresses an implementation dependent set of security requirements which contains only the security functional requirements. 

D. A document that represents evaluated products where there is a one-to-one correspondence between a PP and a Security Target (ST). 

Answer:


Q77. Which of the following is the PRIMARY benefit of a formalized information classification program? 

A. It drives audit processes. 

B. It supports risk assessment. 

C. It reduces asset vulnerabilities. 

D. It minimizes system logging requirements. 

Answer:


Q78. What security management control is MOST often broken by collusion? 

A. Job rotation 

B. Separation of duties 

C. Least privilege model 

D. Increased monitoring 

Answer:


Q79. Which of the following is the BEST mitigation from phishing attacks? 

A. Network activity monitoring 

B. Security awareness training 

C. Corporate policy and procedures 

D. Strong file and directory permissions 

Answer:


Q80. Logical access control programs are MOST effective when they are 

A. approved by external auditors. 

B. combined with security token technology. 

C. maintained by computer security officers. 

D. made part of the operating system. 

Answer: