The sales division within a large organization purchased touch screen tablet computers for all 250 sales representatives in an effort to showcase the use of technology to its customers and increase productivity. This includes the development of a new product tracking application that works with the new platform. The security manager attempted to stop the deployment because the equipment and application are non-standard and unsupported within the organization. However, upper management decided to continue the deployment. Which of the following provides the BEST method for evaluating the potential threats?

A. Conduct a vulnerability assessment to determine the security posture of the new devices and the application.

B. Benchmark other organization’s that already encountered this type of situation and apply all relevant learning’s and industry best practices.

C. Work with the business to understand and classify the risk associated with the full lifecycle of the hardware and software deployment.

D. Develop a standard image for the new devices and migrate to a web application to eliminate locally resident data.


Answer: C




Based on the results of a recent audit, a company rolled out a standard computer image in an effort to provide consistent security configurations across all computers. Which of the following controls provides the GREATEST level of certainty that unauthorized changes are not occurring?

A. Schedule weekly vulnerability assessments

B. Implement continuous log monitoring

C. Scan computers weekly against the baseline

D. Require monthly reports showing compliance with configuration and updates


Answer: C





Due to a new regulation, a company has to increase active monitoring of security-related events to 24 hours a day. The security staff only has three full time employees that work during normal business hours. Instead of hiring new security analysts to cover the remaining shifts necessary to meet the monitoring requirement, the Chief Information Officer (CIO) has hired a Managed Security Service (MSS) to monitor events. Which of the following should the company do to ensure that the chosen MSS meets expectations?

A. Develop a memorandum of understanding on what the MSS is responsible to provide.

B. Create internal metrics to track MSS performance.

C. Establish a mutually agreed upon service level agreement.

D. Issue a RFP to ensure the MSS follows guidelines.


Answer: C




The company’s marketing department needs to provide more real-time interaction with its partners and consumers and decides to move forward with a presence on multiple social networking sites for sharing information. Which of the following minimizes the potential exposure of proprietary information?

A. Require each person joining the company’s social networking initiative to accept a non- disclosure agreement.

B. Establish a specific set of trained people that can release information on the organization’s behalf.

C. Require a confidential statement be attached to all information released to the social networking sites.

D. Establish a social media usage policy and provide training to all marketing employees.


Answer: B




Company Z is merging with Company A to expand its global presence and consumer base. This purchase includes several offices in different countries. To maintain strict internal security and compliance requirements, all employee activity may be monitored and reviewed. Which of the following would be the MOST likely cause for a change in this practice?


A. The excessive time it will take to merge the company’s information systems.

B. Countries may have different legal or regulatory requirements.

C. Company A might not have adequate staffing to conduct these reviews.

D. The companies must consolidate security policies during the merger.


Answer: B




An administrator wants to virtualize the company’s web servers, application servers, and database servers. Which of the following should be done to secure the virtual host machines? (Select TWO).

A. Establish VLANs for each virtual guest’s NIC on the virtual switch.

B. Enable virtual switch layer 2 security precautions.

C. Only access hosts through a secure management interface.

D. Distribute guests to hosts by application role or trust zone.

E. Restrict physical and network access to the host console.


Answer: C,E




A security incident happens three times a year on a company’s web server costing the company

$1,500 in downtime, per occurrence. The web server is only for archival access and is scheduled to be decommissioned in five years. The cost of implementing software to prevent this incident would be $15,000 initially, plus $1,000 a year for maintenance. Which of the following is the MOST cost-effective manner to deal with this risk?

A. Avoid the risk

B. Transfer the risk

C. Accept the risk

D. Mitigate the risk


Answer: D





An administrator is assessing the potential risk impact on an accounting system and categorizes it as follows:

Administrative Files = {(Confidentiality, Moderate), (Integrity, Moderate), (Availability, Low)} Vendor Information = {(Confidentiality, Moderate), (Integrity, Low), (Availability, Low)} Payroll Data = {(Confidentiality, High), (Integrity, Moderate), (Availability, Low)}

Which of the following is the aggregate risk impact on the accounting system?

A. {(Confidentiality, Moderate), (Integrity, Moderate), (Availability, Moderate)}

B. {(Confidentiality, High), (Integrity, Low), (Availability, Low)}

C. {(Confidentiality, High), (Integrity, Moderate), (Availability, Low)}

D. {(Confidentiality, Moderate), (Integrity, Moderate), (Availability, Low)}


Answer: C




An administrator is reviewing a recent security audit and determines that two users in finance also have access to the human resource data. One of those users fills in for any HR employees on vacation, the other user only works in finance. Which of the following policies is being violated by the finance user according to the audit results?

A. Mandatory vacation

B. Non-disclosure

C. Job rotation

D. Least privilege


Answer: D




After a security incident, an administrator revokes the SSL certificate for their web server www.company.com. Later, users begin to inform the help desk that a few other servers are generating certificate errors: ftp.company.com, mail.company.com, and partners.company.com.

 Which of the following is MOST likely the reason for this?

A. Each of the servers used the same EV certificate.

B. The servers used a wildcard certificate.

C. The web server was the CA for the domain.

D. Revoking a certificate can only be done at the domain level.


Answer: B

Comments are closed.