NEW QUESTION 1
A security administrator wants to deploy a dedicated storage solution which is inexpensive, can natively integrate with AD, allows files to be selectively encrypted and is suitable for a small number of users at a satellite office. Which of the following would BEST meet the requirement?

• A. SAN
• B. NAS
• C. Virtual SAN
• D. Virtual storage

Answer: B

NEW QUESTION 2
A multi-national company has a highly mobile workforce and minimal IT infrastructure. The company utilizes a BYOD and social media policy to integrate presence technology into global collaboration tools by individuals and teams. As a result of the dispersed employees and frequent international travel, the company is concerned about the safety of employees and their families when moving in and out of certain countries. Which of the following could the company view as a downside of using presence technology?

• A. Insider threat
• B. Network reconnaissance
• C. Physical security
• D. Industrial espionage

Answer: C

NEW QUESTION 3
A mature organization with legacy information systems has incorporated numerous new processes and dependencies to manage security as its networks and infrastructure are modernized. The Chief Information Office has become increasingly frustrated with frequent releases, stating that the organization needs everything to work completely, and the vendor should already have those desires built into the software product. The vendor has been in constant communication with personnel and groups within the organization to understand its business process and capture new software requirements from users. Which of the following methods of software development is this organization’s configuration management process using?

• A. Agile
• B. SDL
• C. Waterfall
• D. Joint application development

Answer: A

NEW QUESTION 4
A security manager has received the following email from the Chief Financial Officer (CFO):
“While I am concerned about the security of the proprietary financial data in our ERP application, we have had a lot of turnover in the accounting group and I am having a difficult time meeting our monthly performance targets. As things currently stand, we do not allow employees to work from home but this is something I am willing to allow so we can get back on track. What should we do first to securely enable this capability for my group?”
Based on the information provided, which of the following would be the MOST appropriate response to the CFO?

• A. Remote access to the ERP tool introduces additional security vulnerabilities and should not be allowed.
• B. Allow VNC access to corporate desktops from personal computers for the users working from home.
• C. Allow terminal services access from personal computers after the CFO provides a list of the users working from home.
• D. Work with the executive management team to revise policies before allowing any remote access.

Answer: D

NEW QUESTION 5
Joe is a security architect who is tasked with choosing a new NIPS platform that has the ability to perform SSL inspection, analyze up to 10Gbps of traffic, can be centrally managed and only reveals inspected application payload data to specified internal security employees. Which of the following steps should Joe take to reach the desired outcome?

• A. Research new technology vendors to look for potential product
• B. Contribute to an RFP and then evaluate RFP responses to ensure that the vendor product meets all mandatory requirement
• C. Test the product and make a product recommendation.
• D. Evaluate relevant RFC and ISO standards to choose an appropriate vendor produc
• E. Research industry surveys, interview existing customers of the product and then recommend that the product be purchased.
• F. Consider outsourcing the product evaluation and ongoing management to an outsourced provider on the basis that each of the requirements are met and a lower total cost of ownership (TCO) is achieved.
• G. Choose a popular NIPS product and then consider outsourcing the ongoing device management to a cloud provide
• H. Give access to internal security employees so that they can inspect the application payload data.
• I. Ensure that the NIPS platform can also deal with recent technological advancements, such as threats emerging from social media, BYOD and cloud storage prior to purchasing the product.

Answer: A

NEW QUESTION 6
An intrusion detection system logged an attack attempt from a remote IP address. One week later, the attacker successfully compromised the network. Which of the following MOST likely occurred?

• A. The IDS generated too many false negatives.
• B. The attack occurred after hours.
• C. The IDS generated too many false positives.
• D. No one was reviewing the IDS event logs.

Answer: D

NEW QUESTION 7
In an effort to minimize costs, the management of a small candy company wishes to explore a cloud service option for the development of its online applications. The company does not wish to invest heavily in IT infrastructure. Which of the following solutions should be recommended?

• A. A public IaaS
• B. A public PaaS
• C. A public SaaS
• D. A private SaaS
• E. A private IaaS
• F. A private PaaS

Answer: B

NEW QUESTION 8
A security engineer at a software development company has identified several vulnerabilities in a product late in the development cycle. This causes a huge delay for the release of the product. Which of the following should the administrator do to prevent these issues from occurring in the future?

• A. Recommend switching to an SDLC methodology and perform security testing during each maintenance iteration
• B. Recommend switching to a spiral software development model and perform security testing during the requirements gathering
• C. Recommend switching to a waterfall development methodology and perform security testing during the testing phase
• D. Recommend switching to an agile development methodology and perform security testing during iterations

Answer: D

NEW QUESTION 9
A bank has decided to outsource some existing IT functions and systems to a third party service provider. The third party service provider will manage the outsourced systems on their own premises and will continue to directly interface with the bank’s other systems through dedicated encrypted links. Which of the following is critical to ensure the successful management of system security concerns between the two organizations?

• A. ISA
• B. BIA
• C. MOU
• D. SOA
• E. BPA

Answer: A

NEW QUESTION 10
ABC Company must achieve compliance for PCI and SOX. Which of the following would BEST allow the organization to achieve compliance and ensure security? (Select THREE).

• A. Establish a list of users that must work with each regulation
• B. Establish a list of devices that must meet each regulation
• C. Centralize management of all devices on the network
• D. Compartmentalize the network
• E. Establish a company framework
• F. Apply technical controls to meet compliance with the regulation

Answer: BDF

NEW QUESTION 11
Company XYZ has just purchased Company ABC through a new acquisition. A business decision has been made to integrate the two company’s networks, application, and several basic services.
The initial integration of the two companies has specified the following requirements: Which of the following network security solutions will BEST meet the above requirements?

• A. Place a Company ABC managed firewall in Company XYZ’s hub site; then place Company ABC’s file, print, authentication, and secure FTP servers in a zone off the firewal
• B. Ensure that Company ABC’s business partner firewalls are opened up for web intranet access and other required services.
• C. Require Company XYZ to manage the router ACLs, controlling access to Company ABC resources, but with Company ABC approving the change control to the ACL
• D. Open up Company ABC’s business partner firewall to permit access to Company ABC’s file, print, secure FTP server, authentication servers and web intranet access.
• E. Place no restrictions on internal network connectivity between Company XYZ and Company AB
• F. Open up Company ABC’s business partner firewall to permit access to Company ABC’s file, print, secure FTP server, authentication servers and web intranet access.
• G. Place file, print, secure FTP server and authentication domain servers at Company XYZ’s hub sit
• H. Open up Company ABC’s business partner firewall to permit access to ABC’s web intranet access and other required services.

Answer: A

NEW QUESTION 12
ODBC access to a database on a network-connected host is required. The host does not have a security mechanism to authenticate the incoming ODBC connection, and the application requires that the connection have read/write permissions. In order to further secure the data, a nonstandard configuration would need to be implemented. The information in the database is not sensitive, but was not readily accessible prior to the implementation of the ODBC connection. Which of the following actions should be taken by the security analyst?

• A. Accept the risk in order to keep the system within the company’s standard security configuration.
• B. Explain the risks to the data owner and aid in the decision to accept the risk versus choosing a nonstandard solution.
• C. Secure the data despite the need to use a security control or solution that is not within company standards.
• D. Do not allow the connection to be made to avoid unnecessary risk and avoid deviating from the standard security configuration.

Answer: B

NEW QUESTION 13
In order to reduce costs and improve employee satisfaction, a large corporation is creating a BYOD policy. It will allow access to email and remote connections to the corporate enterprise from personal devices; provided they are on an approved device list. Which of the following security measures would be MOST effective in securing the enterprise under the new policy? (Select TWO).

• A. Provide free email software for personal devices.
• B. Encrypt data in transit for remote access.
• C. Require smart card authentication for all devices.
• D. Implement NAC to limit insecure devices access.
• E. Enable time of day restrictions for personal devices.

Answer: BD

NEW QUESTION 14
The VoIP administrator starts receiving reports that users are having problems placing phone calls. The VoIP administrator cannot determine the issue, and asks the security administrator for help. The security administrator reviews the switch interfaces and does not see an excessive amount of network traffic on the voice network. Using a protocol analyzer, the security administrator does see an excessive number of SIP INVITE packets destined for the SIP proxy. Based on the information given, which of the following types of attacks is underway and how can it be remediated?

• A. Man in the middle attack; install an IPS in front of SIP proxy.
• B. Man in the middle attack; use 802.1x to secure voice VLAN.
• C. Denial of Service; switch to more secure H.323 protocol.
• D. Denial of Service; use rate limiting to limit traffic.

Answer: D

NEW QUESTION 15
A systems administrator establishes a CIFS share on a Unix device to share data to windows systems. The security authentication on the windows domain is set to the highest level. Windows users are stating that they cannot authenticate to the Unix share. Which of the following settings on the Unix server is the cause of this problem?

• A. Refuse LM and only accept NTLMv2
• B. Accept only LM
• C. Refuse NTLMv2 and accept LM
• D. Accept only NTLM

Answer: A

NEW QUESTION 16
A security engineer has inherited an authentication project which integrates 1024-bit PKI certificates into the company infrastructure and now has a new requirement to integrate 2048-bit PKI certificates so that the entire company will be interoperable with its vendors when the project is completed. The project is now 25% complete, with 15% of the company staff being issued 1024-bit certificates. The provisioning of network based accounts has not occurred yet due to other project delays. The project is now expected to be over budget and behind its original schedule. Termination of the existing project and beginning a new project is a consideration because of the change in scope. Which of the following is the security engineer’s MOST serious concern with implementing this solution?

• A. Succession planning
• B. Performance
• C. Maintainability
• D. Availability

Answer: C

NEW QUESTION 17
The Information Security Officer (ISO) is reviewing a summary of the findings from the last COOP tabletop exercise. The Chief Information Officer (CIO) wants to determine which additional controls must be implemented to reduce the risk of an extended customer service outage due to the VoIP system being unavailable. Which of the following BEST describes the scenario presented and the document the ISO is reviewing?

• A. The ISO is evaluating the business implications of a recent telephone system failure within the BIA.
• B. The ISO is investigating the impact of a possible downtime of the messaging system within the RA.
• C. The ISO is calculating the budget adjustment needed to ensure audio/video system redundancy within the RFQ.
• D. The ISO is assessing the effect of a simulated downtime involving the telecommunication system within the AAR.

Answer: D

NEW QUESTION 18
During a software development project review, the cryptographic engineer advises the project manager that security can be greatly improved by significantly slowing down the runtime of a hashing algorithm and increasing the entropy by passing the input and salt back during each iteration. Which of the following BEST describes what the engineer is trying to achieve?

• A. Monoalphabetic cipher
• B. Confusion
• C. Root of trust
• D. Key stretching
• E. Diffusion

Answer: D

NEW QUESTION 19
Which of the following BEST constitutes the basis for protecting VMs from attacks from other VMs hosted on the same physical platform?

• A. Aggressive patch management on the host and guest OSs.
• B. Host based IDS sensors on all guest OSs.
• C. Different antivirus solutions between the host and guest OSs.
• D. Unique Network Interface Card (NIC) assignment per guest OS.

Answer: A

NEW QUESTION 20
Which of the following is an example of single sign-on?

• A. An administrator manages multiple platforms with the same username and hardware toke
• B. The same username and token is used across all the platforms.
• C. Multiple applications have been integrated with a centralized LDAP directory for authentication and authorizatio
• D. A user has to authenticate each time the user accesses an application.
• E. A password is synchronized between multiple platforms and the user is required to authenticate with the same password across each platform.
• F. A web access control infrastructure performs authentication and passes attributes in a HTTP header to multiple applications.

Answer: D