Question 1

Which of the following is a network of the national standards institutes of more than 160 countries?&#10;A) ISO&#10;B) NIST&#10;C) FIPS&#10;D) IEC

Accepted Answer

ISO (International Organization for Standardization) is a network of the national standards institutes of more than 160 countries, with one member per country.

Question 2

Which of the following is the official publication series for NIST standards and guidelines?&#10;A) ITL bulletins&#10;B) FIPS&#10;C) Special Publication 800 series&#10;D) NIST Internal or Interagency reports

Accepted Answer

FIPS&#10;

Question 3

Which of the following key information security principles traces actions to their source?&#10;A) Accountability&#10;B) Assurance&#10;C) Authorization&#10;D) Accounting

Accepted Answer

Accountability in information security ensures that actions can be traced back to the individual who performed them, allowing for proper attribution and responsibility.

Question 4

Which of the following key information security principles grants users and systems a predetermined level of access to information resources?&#10;A) Assurance&#10;B) Authentication&#10;C) Authorization&#10;D) Accountability

Accepted Answer

Authorization is the principle that defines the access and privileges a user or system has to resources, ensuring they can only access what they are permitted to.

Question 5

Which of the following is a behavioral control that can be used to safeguard against the loss of integrity?&#10;A) Rotation of duties&#10;B) Log analysis&#10;C) Code testing&#10;D) Digital signatures

Accepted Answer

Rotation of duties is a behavioral control that helps prevent fraud and errors, thus safeguarding the integrity of processes and data by ensuring that no single individual has control over all aspects of any critical task.

Question 6

Which of the following is a monitoring control that safeguards against the loss of integrity?&#10;A) File integrity monitoring&#10;B) Separation of duties&#10;C) Encryption&#10;D) Digital signatures

Accepted Answer

File integrity monitoring is a control that detects unauthorized changes to files, ensuring their integrity is maintained.

Question 7

Which of the following are the three elements of the CIA triad?&#10;A) Authentication, integrity, confidentiality&#10;B) Availability, integrity, confidentiality&#10;C) Access, integrity, confidentiality&#10;D) Authorization, integrity, confidentiality

Accepted Answer

The CIA triad stands for Confidentiality, Integrity, and Availability, which are key principles designed to guide information security policies within an organization.

Question 8

Which of the following refers to a computer used in a DDoS attack?&#10;A) Botnet&#10;B) Victim&#10;C) Bot&#10;D) Handler

Accepted Answer

A "Bot" refers to an individual computer that has been compromised and is used in a DDoS attack as part of a larger network called a botnet.

Question 9

Which of the following statements best describes NIST?&#10;A) A regulatory government organization that enforces standards&#10;B) A coalition of over 160 countries that creates standards&#10;C) A nonregulatory federal agency that develops and promotes standards&#10;D) A nongovernment organization that develops and promotes standards

Accepted Answer

NIST, the National Institute of Standards and Technology, is a nonregulatory federal agency within the U.S. Department of Commerce. It develops and promotes measurement, standards, and technology to enhance productivity, facilitate trade, and improve the quality of life.

Question 10

Which of the following best describes the accounting key information security principle?&#10;A) The logging of access and usage of information resources&#10;B) The configuring of the Security log to record events&#10;C) The process of tracing actions to their source&#10;D) The process of identifying users who seek access to secure information

Accepted Answer

The accounting key information security principle refers to the logging of access and usage of information resources.

Question 11

Which of the following best describes the accountability key information security principle?&#10;A) The logging of access and usage of information resources&#10;B) The configuring of the Security log to record events&#10;C) The process of tracing actions to their source&#10;D) The process of identifying users who seek access to secure information

Accepted Answer

The answer of Which of the following best describes the...

Question 12

Which of the following can achieve authentication in information security?&#10;A) Intrusion detection systems&#10;B) Log files&#10;C) Auditing&#10;D) Tokens

Accepted Answer

The answer of Which of the following can achieve authentication...

Question 13

Which of the following refers to the requirement that private or confidential information not be disclosed to unauthorized individuals?&#10;A) Availability&#10;B) Confidentiality&#10;C) Integrity&#10;D) Control

Accepted Answer

The answer of Which of the following refers to the...

Question 14

Which of the following is an example of a security mechanism designed to preserve confidentiality?&#10;A) Controlled traffic routing&#10;B) Logical and physical access controls&#10;C) Database views&#10;D) All of the above

Accepted Answer

The answer of Which of the following is an example...

Question 15

CVSS is short for which of the following?&#10;A) Confidential Vulnerability Secure System&#10;B) Common Vulnerability Secure System&#10;C) Common Vulnerability Scoring System&#10;D) Confidential Vulnerability Scoring System

Accepted Answer

The answer of CVSS is short for which of the...

Question 16

Which of the following is not one of the &#34;Five A's&#34; of information security?&#10;A) Availability&#10;B) Assurance&#10;C) Authorization&#10;D) Authentication

Accepted Answer

The answer of Which of the following is not one...

Question 17

Which of the following is a collective term given to guidance on topics related to information systems security, predominantly regarding the planning, implementing, managing, and auditing of overall information security practices?

A) Service level agreements
B) Security framework
C) "Five A's" of information security
D) CIA security model

Accepted Answer

The answer of Which of the following is a collective...

Question 18

The ISO 27002 standard has its origins in which of the following countries?&#10;A) France&#10;B) United States&#10;C) Germany&#10;D) Great Britain

Accepted Answer

The answer of The ISO 27002 standard has its origins...

Question 19

Which of the following NIST publications focuses on cybersecurity practices and guidelines?&#10;A) Special Publication 1800 series&#10;B) FIPS&#10;C) ITL bulletins&#10;D) NIST Internal or Interagency reports

Accepted Answer

The answer of Which of the following NIST publications focuses...

Question 20

Which of the following refers to those responsible for implementing, maintaining, and monitoring safeguards and systems?&#10;A) Network engineers&#10;B) System administrators&#10;C) Webmasters&#10;D) All of the above

Accepted Answer

The answer of Which of the following refers to those...

Deck 3: Cybersecurity Framework