- All Exams Instant Download
When is a Business Continuity Plan (BCP) considered to be valid?
When is a Business Continuity Plan (BCP) considered to be valid?A . When it has been validated by the Business Continuity (BC) managerB . When it has been validated by the board of directorsC . When it has been validated by all threat scenariosD . When it has been validated...
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions thatA . determine the risk of a business interruption occurringB . determine the technological dependence of the business processesC . Identify the operational impacts of a business interruptionD . Identify the financial impacts...
Which of the following is the BEST network defense against unknown types of attacks or stealth attacks in progress?
Which of the following is the BEST network defense against unknown types of attacks or stealth attacks in progress?A . Intrusion Prevention Systems (IPS)B . Intrusion Detection Systems (IDS)C . Stateful firewallsD . Network Behavior Analysis (NBA) toolsView AnswerAnswer: D
Which of the following is the MOST effective layer of security the organization could have implemented to mitigate the attacker's ability to gain further information?
An external attacker has compromised an organization's network security perimeter and installed a sniffer onto an inside computer. Which of the following is the MOST effective layer of security the organization could have implemented to mitigate the attacker's ability to gain further information?A . Implement packet filtering on the network...
Which security service is served by the process of encryption plaintext with the sender’s private key and decrypting cipher text with the sender’s public key?
Which security service is served by the process of encryption plaintext with the sender’s private key and decrypting cipher text with the sender’s public key?A . ConfidentialityB . IntegrityC . IdentificationD . AvailabilityView AnswerAnswer: A
What kind of reading material is MOST relevant to this project?
A security consultant has been asked to research an organization's legal obligations to protect privacy-related information. What kind of reading material is MOST relevant to this project?A . The organization's current security policies concerning privacy issuesB . Privacy-related regulations enforced by governing bodies applicable to the organizationC . Privacy best...
Which of the following is the BEST way to verify the integrity of a software patch?
Which of the following is the BEST way to verify the integrity of a software patch?A . Cryptographic checksumsB . Version numberingC . Automatic updatesD . Vendor assuranceView AnswerAnswer: A
What is the BEST approach to addressing security issues in legacy web applications?
What is the BEST approach to addressing security issues in legacy web applications?A . Debug the security issuesB . Migrate to newer, supported applications where possibleC . Conduct a security assessmentD . Protect the legacy application with a web application firewallView AnswerAnswer: D
What should be the FIRST action to protect the chain of evidence when a desktop computer is involved?
What should be the FIRST action to protect the chain of evidence when a desktop computer is involved?A . Take the computer to a forensic labB . Make a copy of the hard driveC . Start documentingD . Turn off the computerView AnswerAnswer: C
Which one of the following affects the classification of data?
Which one of the following affects the classification of data?A . Assigned security labelB . Multilevel Security (MLS) architectureC . Minimum query sizeD . Passage of timeView AnswerAnswer: D
