Question 1

Acceptable levels of information security risk tolerance in an organization should be determined by?

Accepted Answer

The CEO and board of directors are ultimately responsible for setting the organization's risk tolerance, as they are responsible for the overall direction and strategy of the organization.

Question 2

A system is designed to dynamically block offending Internet IP-addresses from requesting services from a secure website. This type of control is considered______________________.

Accepted Answer

This type of control is considered a corrective security control because it responds to and mitigates the effects of an attack by blocking offending IP addresses after they have been identified as a threat.

Question 3

While designing a secondary data center for your company what document needs to be analyzed to determine to how much should be spent on building the data center?

Accepted Answer

The answer of While designing a secondary data center for...

Question 4

What is the primary reason for performing vendor management?

Accepted Answer

The answer of What is the primary reason for performing...

Question 5

The newly appointed CISO of an organization is reviewing the IT security strategic plan. Which of the following is the MOST important component of the strategic plan?

Accepted Answer

A clear definition of the IT security mission and vision is crucial as it sets the direction and purpose of the security initiatives, aligning them with the organization's overall goals and ensuring all efforts are focused and coherent.

Question 6

One of your executives needs to send an important and confidential email. You want to ensure that the message cannot be read by anyone but the recipient. Which of the following keys should be used to encrypt the message?

Accepted Answer

The recipient's public key is used to encrypt the message so that only the recipient's private key can decrypt it, ensuring confidentiality.

Question 7

Annual Loss Expectancy is derived from the function of which two factors?

Accepted Answer

Annual Loss Expectancy (ALE) is calculated by multiplying the Annual Rate of Occurrence (ARO) by the Single Loss Expectancy (SLE).

Question 8

What is the BEST reason for having a formal request for proposal process?

Accepted Answer

A formal request for proposal process helps in clearly identifying risks and benefits before any funding is spent, ensuring informed decision-making and efficient allocation of resources.

Question 9

The process for management approval of the security certification process which states the risks and mitigation of such risks of a given IT system is called___________________.

Accepted Answer

Security accreditation is the process where management formally accepts the risks and mitigation strategies associated with an IT system, following the security certification process.

Question 10

Which of the following is MOST important when tuning an Intrusion Detection System (IDS)?

Accepted Answer

Understanding trusted and untrusted networks is crucial for tuning an IDS, as it helps in setting appropriate rules and thresholds to effectively monitor and detect potential threats.

Question 11

What is the primary reason for performing a return on investment analysis?

Accepted Answer

Return on investment (ROI) analysis is primarily used to evaluate whether the cost of a solution is justified by the benefits it provides, particularly in terms of mitigating risks or achieving desired outcomes.

Question 12

The rate of change in technology increases the importance of:

Accepted Answer

The answer of The rate of change in technology increases...

Question 13

Human resource planning for security professionals in your organization is a:

Accepted Answer

Human resource planning for security professionals is an ongoing and evolving process due to the constantly changing nature of security threats, requiring continuous training and adaptation.

Question 14

John is the project manager for a large project in his organization. A new change request has been proposed that will affect several areas of the project. One area of the project change impact is on work that a vendor has already completed. The vendor is refusing to make the changes as they've already completed the project work they were contracted to do. What can John do in this instance?

Accepted Answer

The contract agreement will provide direction on how to handle changes to the project scope and the vendor's obligations.

Question 15

Network Forensics is the prerequisite for any successful legal action after attacks on your Enterprise Network. Which is the single most important factor to introducing digital evidence into a court of law?

Accepted Answer

The uninterrupted chain of custody is crucial to ensure that digital evidence is admissible in court, as it demonstrates that the evidence has been collected, preserved, and handled properly without tampering.

Question 16

As the CISO you need to write the IT security strategic plan. Which of the following is the MOST important to review before you start writing the plan?

Accepted Answer

The company business plan is the most important to review because the IT security strategic plan must align with the overall business objectives and goals to ensure that security measures support the company's mission and vision.

Question 17

Which of the following is a countermeasure to prevent unauthorized database access from web applications?

Accepted Answer

Input sanitization is a countermeasure that helps prevent unauthorized database access by ensuring that user inputs are checked and cleaned to prevent SQL injection attacks.

Question 18

Your penetration testing team installs an in-line hardware key logger onto one of your network machines. Which of the following is of major concern to the security organization?

Accepted Answer

In-line hardware keyloggers are undetectable by software, which poses a significant security risk as they can capture sensitive information without being detected by traditional security measures.

Question 19

The total cost of security controls should:

Accepted Answer

The cost of security controls should be less than the value of the information resource being protected to ensure that the protection is cost-effective and does not exceed the value of what is being protected.

Question 20

The formal certification and accreditation process has four primary steps, what are they?

Accepted Answer

The formal certification and accreditation process involves evaluating the system, describing its security posture, testing its security controls, and authorizing its operation.

Exam 2: Certified Network Defender