Q1. From a security perspective, which of the following is a best practice to configure a Domain Name Service (DNS) system?
A. Configure secondary servers to use the primary server as a zone forwarder.
B. Block all Transmission Control Protocol (TCP) connections.
C. Disable all recursive queries on the name servers.
D. Limit zone transfers to authorized devices.
Answer: D
Q2. Changes to a Trusted Computing Base (TCB) system that could impact the security posture of that system and trigger a recertification activity are documented in the
A. security impact analysis.
B. structured code review.
C. routine self assessment.
D. cost benefit analysis.
Answer: A
Q3. The FIRST step in building a firewall is to
A. assign the roles and responsibilities of the firewall administrators.
B. define the intended audience who will read the firewall policy.
C. identify mechanisms to encourage compliance with the policy.
D. perform a risk analysis to identify issues to be addressed.
Answer: D
Q4. Which of the following provides the MOST protection against data theft of sensitive information when a laptop is stolen?
A. Set up a BIOS and operating system password
B. Encrypt the virtual drive where confidential files can be stored
C. Implement a mandatory policy in which sensitive data cannot be stored on laptops, but only on the corporate network
D. Encrypt the entire disk and delete contents after a set number of failed access attempts
Answer: D
Q5. A security professional has been asked to evaluate the options for the location of a new data center within a multifloor.building. Concerns for the data center include emanations and physical access controls.
Which of the following is the BEST location?
A. On the top floor
B. In the basement
C. In the core of the building
D. In an exterior room with windows
Answer: C
Q6. Which one of these risk factors would be the LEAST important consideration in choosing a building site for a new computer facility?
A. Vulnerability to crime
B. Adjacent buildings and businesses
C. Proximity to an airline flight path
D. Vulnerability to natural disasters
Answer: C
Q7. Which of the following is the BEST approach to take in order to effectively incorporate the concepts of business continuity into the organization?
A. Ensure end users are aware of the planning activities
B. Validate all regulatory requirements are known and fully documented
C. Develop training and awareness programs that involve all stakeholders
D. Ensure plans do not violate the organization's cultural objectives and goals
Answer: C
Q8. What does an organization FIRST review to assure compliance with privacy requirements?
A. Best practices
B. Business objectives
C. Legal and regulatory mandates
D. Employee's compliance to policies and standards
Answer: C
Q9. The PRIMARY characteristic of a Distributed Denial of Service (DDoS) attack is that it
A. exploits weak authentication to penetrate networks.
B. can be detected with signature analysis.
C. looks like normal network activity.
D. is commonly confused with viruses or worms.
Answer: C
Q10. Which of the following methods can be used to achieve confidentiality.and integrity.for data in transit?
A. Multiprotocol Label Switching (MPLS)
B. Internet Protocol Security (IPSec)
C. Federated identity management
D. Multi-factor authentication
Answer: B