Complete Exam |Already Graded A+ (Just Released)
Which security principle uses countermeasures such as encryption and data classification?
Integrity
Confidentiality
Availability
Accountability ✔Correct Answer-Confidentiality
A company is concerned about unauthorized alteration of data in a customer database.
Which security principle is implicated?
Accountability
Confidentiality
Availability
Integrity ✔Correct Answer-Integrity
Which integrity measure should be applied to enforce nonrepudiation of emails sent from
internal users?
Ensure emails contain accurate data
Use digital signatures on emails
Hold users accountable for emails
Scan attachments for viruses ✔Correct Answer-Use digital signatures on emails
A company is headquartered in a region that has frequent internet connectivity issues due to
inclement weather. The company's primary reporting servers are located in this office and are
critical to the sales team in the field for accurate product pricing. Employees require 24/7 access
to the most up-to-date information, as the data frequently changes.
Which solution will ensure a higher availability of these servers outside this company?
Develop a mechanism to publish the necessary pricing information to a cloud location for sales
teams to access anytime
Open a direct virtual private network (VPN) access connection between the servers and the
sales team's computers
Implement a secondary internet connectivity solution at headquarters, which fails over when
the primary connection is unavailable
,Create a cloud-based web service that queries a cloud database and replicates the product
pricing data periodically ✔Correct Answer-Implement a secondary internet connectivity
solution at headquarters, which fails over when the primary connection is unavailable
Research department members encrypt their Office 365 files by using keys residing in an on-
premises key store. Due to a failure of on-premises network connectivity, the files cannot be
decrypted.
What should be done to maintain the availability of these files without compromising their
confidentiality and integrity?
Copy files to an on-premises file server
Set up redundant internet connectivity
Maintain files in an unencrypted format
Maintain keys with Office 365 files ✔Correct Answer-Set up redundant internet connectivity
The management team of an organization creates a document stating employees who access
the company's enterprise resource planning (ERP) system must use a certain browser and are
required to have antivirus installed on their machines.
Which type of document is this?
Policy
Procedure
Standard
Guideline ✔Correct Answer-Standard
Which type of security documentation offers recommendations and suggestions on creating a
strong password?
Standards
Procedures
Policies
Guidelines ✔Correct Answer-Guidelines
Which security concept includes the process of reviewing the activities of an identity?
Authentication
Authorization
Identification
Accountability ✔Correct Answer-Accountability
Which security concept includes comparing a user's fingerprint against authorized fingerprints
stored in a database?
, Accountability
Identification
Authentication
Authorization ✔Correct Answer-Authentication
An information security manager has been asked to develop security policies and to deploy
security solutions for an organization.
Which security principles must be considered in addition to CIA triad principles?
Encryption
AAA
Abstraction
Layering ✔Correct Answer-AAA
A company plans to implement a new authentication system for customers accessing the
company website. When customers log on, the website indicates that it sent a text message
that includes a code to the customer's mobile phone. To complete the log-on process, the
customer is required to enter the appropriate code within five minutes.
Which authentication mechanism is this system based on?
Time-based one-time password
Hash-based one-time password
Synchronous dynamic password tokens
Asynchronous dynamic password tokens ✔Correct Answer-Time-based one-time password
Which security concept controls access to the network?
Create audit logs that will monitor successful and failed log-in attempts
Provide individuals access after they supply a username and password
Allow individuals to perform tasks based on assigned rights and permissions
Create audit trails to manage and track user access to network resources ✔Correct Answer-
Provide individuals access after they supply a username and password
On an employee's first day of work, she notices a large number of file shares available, most of
which do not pertain to her position. The employee went to her manager about the level of
access. The employee's manager said she has the same level of access as her predecessor.
Which principle does this level of access violate?
Role-based access
Job rotation
Rule-based access
Least privilege ✔Correct Answer-Least privilege