Which type of analysis involves comparing the cost of implementing a safeguard to the impact of a possible threat?
risk analysis
threat analysis
exposure analysis
vulnerability analysis
Answer:
risk analysis
Explanation:
Risk analysis is the process of identifying information assets and their associated threats, vulnerabilities, and potential risks, and justifying the cost of countermeasures deployed to mitigate the loss. Risk analysis
Which technique attempts to predict the likelihood a threat will occur and assigns monetary values in the event a loss occurs?
Delphi technique
Vulnerability assessment
Quantitative risk analysis
Qualitative risk analysis
Answer:
Quantitative risk analysis
Explanation:
Quantitative risk analysis attempts to predict the likelihood a threat will occur and assigns a monetary value in the event a loss occurs.
The Delphi technique is a type of qualitative risk analysis in whi
What is a physical barrier that acts as the first line of defense against an intruder?
a lock
a fence
a turnstile
a mantrap
a bollard
Answer:
a fence
Explanation:
Fencing acts as the first line of defense against casual trespassers and potential intruders, but fencing should be complemented with other physical security controls, such as guards and dogs, to maintain the security of the
As part of a new security initiative, your organization has decided that all employees must undergo security awareness training. What is the aim of this training?
All employees in the IT department should be able to handle security incidents.
All employe
Answer:
All employees must understand their security responsibilities.
Explanation:
The primary aim of security awareness training is to ensure that all employees understand their security responsibilities, the ethical conduct expected from them, and th
As your organization's security officer, you are currently completing audits to ensure that your security settings meet the established baselines. In which phase of the security management life cycle are you engaged?
Plan and Organize
Implement
Operate a
Answer:
Operate and Maintain
Explanation:
You are engaged in the Operate and Maintain phase of the security management life cycle. This phase includes the following components:
Ensure that all baselines are met.
Complete internal and external audits.
Co
You identify a security risk that you do not have in-house skills to address. You decide to procure contract resources. This contractor will be responsible for handling and managing this security risk. Which type of risk response strategy are you demonst
Answer:
transference
Explanation:
You are demonstrating a risk response strategy of transference. Transference involves transferring the risk and its consequences to a third party. The third party is then responsible for owning and managing the risk.
Yo
As a consultant, you have created a new security structure for a company that requires that passwords be issued to all employees. The company's IT department has made several password distribution recommendations. Which method is the most secure?
Instruc
Answer:
Instruct users to report to the IT department with proper identification for password setup.
Explanation:
You should instruct users to report to the IT department with proper identification for password setup. This will ensure that users access
What is typically part of a company's personnel human resources management policies?
information classification
authentication
acceptable use
employee termination
Answer:
employee termination
Explanation:
Employee termination procedures are typically part of a company's personnel human resources management policies, which also include procedures for dealing with new employees and transferred employees.
Classifica
Which audit events could be monitored to improve user accountability? (Choose all that apply.)
file creation
logon attempts
file modification
account modification
Answer:
logon attempts
file modification
account modification
Explanation:
You should monitor logon attempts, file modification events, and account modification events to improve user accountability. According to the principle of accountability, signific
The new security plan for your organization states that all data on your servers must be classified to ensure appropriate access controls are implemented. Which statements are true of information classification? (Choose three.)
A data owner must determin
Answer:
A data owner must determine the information classification of an asset.
Data classification refers to assigning security labels to information assets.
The two primary classes of data classification deal with military institutions and commercial
Which operation must you undertake to avoid mishandling of tapes, CDs, DVDs, and printed material?
degaussing
zeroization
labeling
offsite storage
Answer:
labeling
Explanation:
Proper labeling is required to avoid mishandling of the information on storage media, such as tapes and DVDs. Compact discs are used to store small data sets while backup tapes and DVDs are used to store large numbers of da
Which option is an example of antivirus software running with old antivirus definitions?
a risk
a threat
an exposure
a vulnerability
Answer:
a vulnerability
Explanation:
Antivirus software without the latest antivirus definitions is an example of a vulnerability. A vulnerability is defined as the flaw, loophole, or weakness in the system, software, or hardware. A vulnerability can be
A risk assessment team has identified several risks to your company's security. You need to ensure that you provide as much protection against these risks as possible. Which of the listed risks will have the least effect on the organization's confidentia
Answer:
a damaged hard drive
Explanation:
A damaged hard drive will have the least effect on the organization's confidentiality, integrity, and availability because the data inside the damaged hard disk is rendered unusable and cannot be retrieved by any
You must deploy the appropriate control to a section of the network shown in the exhibit. Because of budget constraints, you can only deploy one of each of the following controls:
Cable locks
Mantrap
Biometric readers
NAC policies
You need to deploy each
The mantrap will control access to the data center. The cable locks will provide security for the laptops used in the office. The NAC policies will provide a means to ensure that customer devices have the appropriate security technologies configured on t
Which type of assessment examines whether network security practices follow the company security policy?
security audit
network risk assessment
organizational risk assessment
penetration test
Answer:
security audit
Explanation:
Administrators use a security audit to examine specific security measures and the extent to which a security measure adheres to a company security policy.
A penetration test is used to determine whether network securit
You are the incident investigator for your organization performing a routine incident investigation. The next step you must perform is network analysis. Which of the following examples is considered this type of analysis?
reverse engineering
content anal
Answer:
log analysis
Explanation:
Log analysis is an example of a network analysis. Network analysis includes communications analysis, log analysis, and path tracing.
The other options are not examples of network analysis.
Reverse engineering is an exam
What is DLP?
a technology that allows organizations to use the Internet to host services and data remotely instead of locally
an application that protects against malware
a chip that implements hardware-based encryption
a network system that monitors dat
Answer:
a network system that monitors data on computers to ensure the data is not deleted or removed
Explanation:
Data Loss Prevention (DLP) is a network system that monitors data on computers to ensure the data is not deleted or removed. If your organi
When calculating risks by using the quantitative method, what is the result of multiplying the asset values by the exposure factor (EF)?
risk elimination
ACV
SLE
ALE
Answer:
SLE
Explanation:
The result of multiplying the asset values by the exposure factor (EF) is the single loss expectancy (SLE) value. SLE refers to the quantitative amount of loss incurred by a single event when a threat takes places. The formula fo
Which RAID level provides only performance enhancements and does not provide fault tolerance?
disk striping
disk mirroring
RAID 3
RAID 5
clustering
Answer:
disk striping
Explanation:
Disk striping provides only performance enhancements and does not provide fault tolerance. RAID 0 is known as disk striping. Data is striped over the number of hard drives in the array. If a single drive fails, the ent
What is typically part of an information policy?
classification of information
authentication
acceptable use
employee termination procedure
Answer:
classification of information
Explanation:
Classification of information is typically part of an information policy. A company usually has at least two information classifications: public and proprietary. Public information can be revealed to the
Match each access control type with the example that best fits with that type.
Missing Image
Explanation:
The access control types should be matched with the examples in the following manner:
Technical - encryption protocols
Administrative - security policies
Physical - locks
Which two suppression methods are recommended when paper, laminates, and wooden furniture are the elements of a fire in the facility? (Choose two.)
Halon
Water
Soda acid
Dry powder
Answer:
Water
Soda acid
Explanation:
Water or soda acid should be used to suppress a fire that has wood products, laminates, and paper as its elements. The suppression method should be based on the type of fire in the facility. The suppression substance
What is another term for technical controls?
logical controls
access controls
detective controls
preventative controls
Answer:
logical controls
Explanation:
Another term for technical controls is logical controls. Technical controls are used to restrict data access and operating system components, security applications, network devices, protocols, and encryption techniqu
Which events should be considered as part of the business continuity plan? (Choose all that apply.)
natural disaster
hardware failure
non-emergency server relocation
employee resignation
Answer:
natural disaster
hardware failure
Explanation:
As part of the business continuity plan, natural disasters should be considered. Natural disasters include tornadoes, floods, hurricanes, and earthquakes. Continuity of operations should be a primar
Which principle stipulates that multiple changes to a computer system should NOT be made at the same time?
due diligence
due care
change management
acceptable use
Answer:
change management
Explanation:
Change management stipulates that multiple changes to a computer system should NOT be made at the same time. This makes tracking any problems that can occur much simpler. Change management includes the following ru
Which policy defines the sensitivity of a company's data?
a backup policy
an information policy
a security policy
a use policy
Answer:
an information policy
Explanation:
An information policy defines the sensitivity of a company's data and the proper procedures for storage, transmission, disposal, and marking of a company's data. The cornerstone practice of a company's informat
Which two alternate data center facilities are the easiest to test? (Choose two.)
hot site
warm site
cold site
redundant site
Answer:
hot site
redundant site
Explanation:
The hot site and the redundant site are the easiest to test because they both contain all of the alternate computer and telecommunication equipment needed in a disaster. Usually, testing either of these envir
Recently, an employee used the computer assigned to him by your organization to carry out an attack against the organization. You have been asked to collect all system-related evidence. You need to collect the evidence using the order of volatility to pr
Explanation:
Using the order of volatility to preserve the evidence, the evidence should be preserved in the following order:
Memory (MOST volatile)
Network processes
System processes
Hard drive
Backup tapes
DVDs (LEAST volatile)
What does an incremental backup do?
It backs up all files.
It backs up all files in a compressed format.
It backs up all new files and any files that have changed since the last full or incremental backup, and resets the archive bit.
It backs up all new
Answer:
It backs up all new files and any files that have changed since the last full or incremental backup, and resets the archive bit.
Explanation:
An incremental backup backs up all new files and files that have changed since the last full or increme
Which component of a computer use policy should state that the data stored on a company computer is not guaranteed to remain confidential?
computer ownership
information ownership
acceptable use
no expectation of privacy
Answer:
no expectation of privacy
Explanation:
A no expectation of privacy policy is the component of a computer use policy that should indicate that data stored on a company computer is not guaranteed to remain confidential. A no expectation of privacy
Your company has recently implemented several physical access controls to increase the security of the company's data processing center. The physical access controls that were implemented include surveillance devices, fences, closed-circuit television (C
Answer:
Surveillance devices offer more protection than fences in the facility.
Explanation:
Surveillance devices offer more protection than fences in the facility because they actually record activity for traffic areas. This provides a mechanism whereb
According to your organization's data backup policy, you must keep track of the number and location of backup versions of the organization's data. What is the main purpose of this activity?
to restrict access to the backup versions
to create an audit tra
Answer:
to ensure proper disposal of information
Explanation:
The main purpose of keeping track of the number and location of backup versions is to ensure proper disposal of information.
To restrict access to the backup version, you should implement the
During which step of incident response does root cause analysis occur?
Prepare
Detect
Contain
Remediate
Resolve
Review and Close
Answer:
Review and Close
Explanation:
You should perform root cause analysis during the review and close step. This is the final step in incident response.
There are six steps in incident response:
Prepare - Ensure that the organization is ready for an
What concept is being illustrated when user accounts are created by one employee and user permissions are configured by another employee?
collusion
two-man control
separation of duties
rotation of duties
Answer:
separation of duties
Explanation:
Separation of duties is employed when user accounts are created by one employee and user permissions are configured be another employee. An administrator who is responsible for creating a user account should not
Your company has a backup solution that performs a full backup each Saturday evening and a differential backup all other evenings. A vital system crashes on Tuesday morning. How many backups will need to be restored?
one
two
three
four
Answer:
two
Explanation:
You would need to restore two backups if the system crashes on Tuesday morning. The two backups that should be restored are the Saturday evening full backup and the Monday evening differential backup. When you use differential ba
What is meant by MTBF?
the estimated amount of time that a piece of equipment will be used before it should be replaced
the estimated amount of time that it will take to repair a piece of equipment when failure occurs
the estimated amount of time that a
Answer:
the estimated amount of time that a piece of equipment should remain operational before failure
Explanation:
The mean time between failures (MTBF) is the estimated amount of time that a piece of equipment should remain operational before failure
You must deploy the appropriate control to a section of the network shown in the exhibit. Because of budget constraints, you can only deploy one of each of the following controls:
Proximity badges
Device encryption
Safe
CCTV
You need to deploy each of th
The proximity badges will control access to the data center and limit access to approved employees. The safe will provide a location in the office to store the laptops and tablets when they are not in use. The CCTV will provide a means to monitor activi
Your company's security policy includes system testing and security awareness training guidelines. Which control type is this considered?
detective technical control
detective administrative control
preventative technical control
preventative administrat
Answer:
preventative administrative control
Explanation:
Testing and training are considered preventative administrative controls. Administrative controls dictate how security policies are implemented to fulfill the company's security goals. Preventative
Your organization has recently been the victim of several well-known attacks. These attacks could have been prevented with certain identified measures. Management has asked you to identify, analyze, and correct any security issues so that these issues wi
Answer:
incident management
Explanation:
When you identify, analyze, and correct any security issues, you are implementing incident management.
Change management involves identifying, analyzing, implementing, and documenting any changes to your systems
What is the process of ensuring the corporate security policies are carried out consistently?
social engineering
auditing
footprinting
scanning
Answer:
auditing
Explanation:
Auditing is the process of ensuring the corporate security policies are carried out consistently.
Social engineering is an attack that deceives others to obtain legitimate information about networks and computer systems. Fo
Which disk systems protect against data loss if a single drive fails? (Choose all that apply.)
disk striping
disk mirroring
disk striping with parity
failure resistant disk system (FRDS)
Answer:
disk mirroring
disk striping with parity
failure resistant disk system (FRDS)
Explanation:
Disk mirroring, disk striping with parity, and failure resistant disk system (FRDS) protect against data loss if a single drive fails. Disk mirroring prov
Which factor does NOT minimize the security breach incidents committed by internal employees?
rotation of duties
separation of duties
mandatory vacations
nondisclosure agreements signed by employees
Answer:
nondisclosure agreements signed by employees
Explanation:
Nondisclosure agreements (NDAs) do not minimize the security breach incidents committed by internal employees. NDAs are signed by an employee at the time of hiring, and impose a contractua
Which access control principle ensures that a particular role has more than one person trained to perform its duties?
job rotation
separation of duties
least privilege
implicit deny
Answer:
job rotation
Explanation:
Job rotation ensures that a particular role has more than one person trained to perform its duties. Personnel should be periodically rotated, particularly in important positions. Job rotation and separation of duties als
What protects data on computer networks from loss due to power outages?
an air conditioner
a door lock
a sprinkler
a UPS
Answer:
a UPS
Explanation:
An uninterruptible power supply (UPS) protects data on computer networks from loss due to power outages. A UPS contains a battery that keeps a computer running during a power sag or power outage. A UPS gives a user time to sav
Match each description with the appropriate risk management method.
Explanation:
The risk management methods should be matched with the descriptions in the following manner:
Acceptance - Deciding to bear the cost of a potential risk
Avoidance - Deciding to no longer employ the actions associated with a particular risk
D
Which three statements regarding an audit trail are NOT true? (Choose three.)
An audit trail is a preventive control.
An audit trail assists in intrusion detection.
An audit trail does not record successful login attempts.
An audit trail establishes acco
Answer:
An audit trail is a preventive control.
An audit trail does not record successful login attempts.
An audit trail is reviewed only when an intrusion is detected.
Explanation:
An audit trail is not a preventive control. It is a detective control th
Your company has recently started adopting formal security policies to comply with several state regulations. One of the security policies states that certain hardware is vital to the organization. As part of this security policy, you must ensure that yo
Answer:
fault tolerance
Explanation:
Fault tolerance ensures that you have the required number of components plus one extra to plug into any system in case of failure.
Clustering is the process of providing failover capabilities for servers by using mul
You are the security administrator for your company. You identify a security risk. You decide to continue with the current security plan. However, you develop a contingency plan for if the security risk occurs.
Which type of risk response strategy are yo
Answer:
acceptance
Explanation:
You are demonstrating a risk response strategy of acceptance. Acceptance involves accepting the risk and leaving the security plan unchanged. Examples of acceptance would include taking no action at all or leaving the pla
What is defined in an acceptable use policy?
which method administrators should use to back up network data
the sensitivity of company data
which users require access to certain company data
how users are allowed to employ company hardware
Answer:
how users are allowed to employ company hardware
Explanation:
An acceptable use policy defines how users are allowed to employ company hardware. For example, an acceptable use policy, which is sometimes referred to as a use policy, might answer t
Move the items in the list from the left column to the right column, and place them in the correct order in which the forensic analyst should preserve them, starting with the first item at the top.
Explanation:
The correct order in which items should be preserved for forensic analysis is as follows:
Cache
RAM
Running processes
Hard drives
Backup media
Which type of incident is not usually addressed in a contingency plan?
a power outage
a T1 connection failure
a hurricane
a server crash
Answer:
a hurricane
Explanation:
A hurricane is not usually addressed in a contingency plan. All natural disasters are part of the business continuity plan, not the contingency plan.
The contingency plan addresses how to deal with small incidents, such
Which RAID level requires at least three hard disks and writes both parity and data across all disks in the array?
Level 0
Level 1
Level 3
Level 5
Answer:
Level 5
Explanation:
Redundant Array of Independent Disks (RAID) Level 5, which provides disk striping with parity across multiple disks, writes both parity and data across all disks in the array. The parity information is stored on a drive sepa
Your organization is concerned that network users are violating software and music piracy policies. You need to ensure that these violations are not happening. Which Internet communication model often results in software piracy?
client/server model
peer-
Answer:
peer-to-peer (P2P) model
Explanation:
The peer-to-peer (P2P) communication model can result in organizations being found guilty of software piracy. Recent legislation has been passed that requires organizations to crack down on P2P Internet comm
In the context of backup media, what is meant by the term retention time?
the amount of time a tape takes to back up the data
the amount of time a tape is stored before its data is overwritten
the amount of time a tape is used before being destroyed
the
Answer:
the amount of time a tape is stored before its data is overwritten
Explanation:
The retention time is the amount of time a tape is stored before its data is overwritten. The longer the retention time, the more media sets will be needed for backup
As the security administrator for you company, you are primarily concerned with protecting corporate assets. Currently, you are working to ensure confidentiality for corporate data. Which activity is NOT covered under this objective?
treason
dumpster div
Answer:
treason
Explanation:
Treason or subversion is not an activity that amounts to a breach of confidentiality. Therefore, treason cannot be defined in the confidentiality objective of the confidentiality, integrity, and availability (CIA) triad.
Tre
According to the business continuity plan, this week your team must complete a test of specific systems to ensure their operation at alternate facilities. The results of the test must be compared with the live environment. Which test are you completing?
Answer:
parallel test
Explanation:
A parallel test tests specific systems to ensure operation at alternate facilities. Results of this test should be compared with the original system's test results to ensure operation as close to normal as possible. Wi
Management has asked you to ensure that voltage is kept clean and steady at your facility. Which component is MOST appropriate for this purpose?
UPS
HVAC
line conditioners
concentric circle
Answer:
line conditioners
Explanation:
Fluctuations in voltage supply, such as spike and surges, can damage electronic circuits and components. A line conditioner ensures clean and steady voltage supply by filtering the incoming power and eliminating fl
Recently, corporate data that was sent over the Internet has been intercepted and read by hackers. This has resulted in a loss of reputation with your customers. You have been asked to implement policies that will protect against these attacks. Which two
Answer:
confidentiality and integrity
Explanation:
Sending data across an insecure network, such as the Internet, affects confidentiality and integrity. It is the responsibility of the sender to ensure that proper security controls are in place. For exa
You discover that an investigator made some mistakes during a recent forensic investigation. You need to ensure that the investigator follows the appropriate process for the collection, analysis, and preservation of evidence. Which term should you use f
Answer:
chain of custody
Explanation:
Chain of custody refers to strict and organized formal procedures in accordance with the law and the legal regulations governing the collection, analysis, and preservation of the evidence before the evidence is prod
You assessed the physical security of your company's data processing center. As part of this assessment, you documented all of the locks on both internal and external doors. You have identified several traditional door locks that you want to replace with
Answer:
raking
shimming
Explanation:
Both raking and shimming are techniques to circumvent locks. Raking is a technique used by intruders to circumvent a lock. For example, a pick is used to circumvent a pin tumbler lock. Shimming is a technique in whic
Which element is created to ensure that your company is able to resume operation after unplanned downtime in a timely manner?
vulnerability analysis
disaster recovery plan
business continuity plan
business impact analysis (BIA)
Answer:
disaster recovery plan
Explanation:
The disaster recovery plan is created to ensure that your company is able to resume operation in a timely manner. As part of the business continuity plan, it mainly focuses on alternative procedures for process
Which plan ensures that a vital corporate position is filled in the event it is vacated during a disaster?
occupant emergency plan (OEP)
continuity of operations plan (COOP)
executive succession plan
reciprocal agreement
Answer:
executive succession plan
Explanation:
An executive succession plan ensures that a vital corporate position is filled in the event it is vacated during a disaster. This plan could be carried out in the event of the death, resignation, or retireme
Which procedure is an example of an operational control?
a backup control
a business continuity plan
a database management system
identification and authentication
Answer:
a backup control
Explanation:
Backup controls, software testing, and anti-virus management are components of operational software controls. Operational software controls check the software to find whether the software is compromising security or
What are some disadvantages to using a cold site? (Choose all that apply.)
expense
recovery time
administration time
testing availability
Answer:
recovery time
testing availability
Explanation:
Cold sites take a long time to bring online for disaster recovery. They also are not as available for testing as other alternatives. Therefore, recovery time and testing availability are two disadva
During a forensic investigation, you are asked to make a copy of the contents of a hard drive. You need to ensure that this evidence can be used in court if needed. Which statement is true of disk imaging in this investigation?
The original copy of the d
Answer:
A bit-level copy of the disk assists in the forensic investigation.
Explanation:
A bit-level copy of the original disk proves helpful in the forensic investigation. A bit-level copy of a hard disk refers to making a copy at the sector level to c
Your organization has decided to outsource its e-mail service. The company chosen for this purpose has provided a document that details the e-mail functions that will be provided for a specified period, along with guaranteed performance metrics. What is
Answer:
SLA
Explanation:
A service level agreement (SLA) is an agreement between a company and a vendor in which the vendor agrees to provide certain functions for a specified period.
A business partners agreement (BPA) is an agreement between two compan
You administer a small corporate network. On Friday evening, after close of business, you performed a full backup of the hard disk of one of the company's servers. On Monday evening, you performed a differential backup of the same server's hard disk, and
Answer:
all of the files on the hard disk that were changed or created since the incremental backup on Wednesday
Explanation:
On Thursday, you performed an incremental backup of the hard disk. An incremental backup backs up files that have been created
You are explaining to a new employee the proper process of evidence collection. As part of this explanation, you need to ensure that the new employee understands the evidence life cycle. Move the steps in the evidence life cycle from the left column to t
Explanation:
The correct order for the evidence life cycle is as follows:
Collect
Analyze
Store
Present
Return
What is covered by the last step of a business continuity plan?
testing the plan
analyzing risks
updating the plan
training personnel
Answer:
updating the plan
Explanation:
The last step of a business continuity plan is concerned with updating the plan. A business continuity plan is a living document that requires regular updates. If the plan is not maintained properly, the organizatio
You have been asked to implement a plan whereby the server room for your company will remain online for three hours after a power failure. This will give your IT department enough time to implement the alternate site. Which technology would be best in th
Answer:
backup generator
Explanation:
You should implement a backup generator. A backup generator will provide power for a limited time. It runs on gasoline or diesel to generate electricity. Backup generators provide redundant power.
Redundant Array of
You need to view events that are generated based on your auditing settings. Which log in Event Viewer should you view?
Application
Security
System
DNS
Answer:
Security
Explanation:
You should view the Security log in Event Viewer to view events that are generated based on your auditing settings. As part of the routine audit review, you should ensure that you perform a user rights and permissions review
Which hardware contingency solutions offer high availability? (Choose two.)
RAID
tape backups
vaulting
disk replication
Answer:
RAID
disk replication
Explanation:
Both RAID and disk replication offer high availability. Redundant array of independent disks (RAID) provides redundancy for hard drives. A RAID volume that includes multiple drives is seen as one drive to applic
Your company has recently adopted a new security policy that states that all confidential e-mails must be signed using a digital signature. Which three elements are provided by implementation of technology? (Choose three.)
integrity
availability
encrypti
Answer:
integrity
authentication
non-repudiation
Explanation:
A digital signature provides integrity, authentication, and non-repudiation in electronic mail. The public key of the signer is used to verify a digital signature.
Non-repudiation ensures tha
During a meeting, you present management with a list of the access controls used on your network. You explain that these controls include preventative, detective, and corrective controls. Which control is an example of a corrective control?
router
intrus
Answer:
antivirus software
Explanation:
Antivirus software is an example of a corrective technical control because it attempts to correct any damage that was inflicted during a security breach. Antivirus software can also be considered a compensative tec
All of the following are security risks associated with cloud computing, EXCEPT:
false positives
regulatory compliance
data location
data recovery
Answer:
false positives
Explanation:
False positives are NOT security risks associated with cloud computing. False positive is a risk management term that refers to when you mistakenly identify something as a security vulnerability. Often spam filters h
What is the purpose of hot and cold aisles?
to provide an alternate location for IT services in case of disaster
to protect against electromagnetic interferences (EMI)
to control airflow in the data center
to ensure that humidity remains at a certain lev
Answer:
to control airflow in the data center
Explanation:
Hot and cold aisles control airflow in the data center. Using environmental controls, hot air is expelled from equipment cabinets as cold air is pulled into the cabinets.
Hot, warm, and cold sit
Your company has a backup solution that performs a full backup each Saturday evening and an incremental backup all other evenings. A vital system crashes on Monday morning. How many backups will need to be restored?
one
two
three
four
Answer:
two
Explanation:
Because the system crashes on Monday morning, you will need to restore two backups: the full backup from Saturday evening and the incremental backup from Sunday evening. When incremental backups are included in your backup plan,
As your organization's security administrator, you are reviewing the audit results to assess if your organization's security baselines are maintained. In which phase of the security management life cycle are you engaged?
Plan and Organize
Implement
Oper
Answer:
Monitor and Evaluate
Explanation:
You are engaged in the Monitor and Evaluate phase of the security management life cycle. This phase includes the following components:
Review logs, audit results, metrics, and service level agreements.
Assess ac
You collect evidence after an attack has occurred. You need to ensure that the evidence collected follows chain of custody procedures. Which stage is NOT a part of the life cycle of evidence?
storage
collection
accreditation
presentation in court
Answer:
accreditation
Explanation:
Accreditation is not a part of the life cycle of evidence. Accreditation is the process in which the management accepts a system's functionality and assurance. Accreditation represents the satisfaction of management reg
You have recently been hired to serve as your company's security administrator. You are currently working to ensure that all information assets are protected. What are the core security objectives you should address?
risks, liabilities, and vulnerabiliti
Answer:
confidentiality, integrity, and availability
Explanation:
Confidentiality, integrity, and availability are the core security objectives for protecting the information assets of an organization. These three objectives are also referred to as the C