Question 1

Which attack defines a piece of code that is inserted into software to trigger a malicious function?

Accepted Answer

A logic bomb is a piece of code inserted into software that is set to trigger a malicious function when certain conditions are met.

Question 2

Which of the following mechanisms will BEST prevent a Cross-Site Request Forgery (CSRF) attack?

Accepted Answer

Synchronized session tokens are used to ensure that requests made to a server are from authenticated users, effectively preventing CSRF attacks by requiring a unique token for each request.

Question 3

Configuring a Wireless Access Point (WAP) with the same Service Set Identifier (SSID) as another WAP in order to have users unknowingly connect is referred to as which of the following?

Accepted Answer

This scenario describes a Man-in-the-Middle (MITM) attack, where an attacker sets up a rogue WAP with the same SSID to intercept and manipulate communications.

Question 4

Which of the following is the BEST method to prevent malware from being introduced into a production environment?

Accepted Answer

Testing all new software in a segregated environment ensures that any potential malware is identified and mitigated before the software is introduced into the production environment.

Question 5

Which of the following actions MUST be performed when using Secure/Multipurpose Internet Mail Extensions (S/MIME) before sending an encrypted message to a recipient?

Accepted Answer

The answer of Which of the following actions MUST be...

Question 6

Which of the following management process allows ONLY those services required for users to accomplish their tasks, change default user passwords, and set servers to retrieve antivirus updates?

Accepted Answer

Configuration management involves setting up systems to meet specific requirements, including enabling necessary services, changing default passwords, and configuring servers for updates.

Question 7

What capability would typically be included in a commercially available software package designed for access control?

Accepted Answer

Password encryption is a common feature in access control software to protect user credentials.

Question 8

Which of the following is the BEST reason for writing an information security policy?

Accepted Answer

The answer of Which of the following is the BEST...

Question 9

An audit of an application reveals that the current configuration does not match the configuration of the originally implemented application. Which of the following is the FIRST action to be taken?

Accepted Answer

The answer of An audit of an application reveals that...

Question 10

Which of the following statements is TRUE regarding state-based analysis as a functional software testing technique?

Accepted Answer

State-based analysis is useful for testing systems where the output depends on the sequence of previous inputs, such as communications protocols and graphical user interfaces.

Question 11

What operations role is responsible for protecting the enterprise from corrupt or contaminated media?

Accepted Answer

The information librarian is responsible for managing and protecting media, ensuring that it is not corrupt or contaminated.

Question 12

To prevent inadvertent disclosure of restricted information, which of the following would be the LEAST effective process for eliminating data prior to the media being discarded?

Accepted Answer

High-level formatting is the least effective method for eliminating data because it does not actually erase the data; it only removes the pointers to the data, making it potentially recoverable.

Question 13

What should an auditor do when conducting a periodic audit on media retention?

Accepted Answer

An auditor should verify that electronic storage media do not retain records beyond their scheduled destruction date to ensure compliance with retention policies and regulations.

Question 14

A chemical plan wants to upgrade the Industrial Control System (ICS) to transmit data using Ethernet instead of RS422. The project manager wants to simplify administration and maintenance by utilizing the office network infrastructure and staff to implement this upgrade. Which of the following is the GREATEST impact on security for the network?

Accepted Answer

Integrating the ICS with the office network increases the risk of unauthorized access, as it becomes accessible from the broader office network, potentially exposing it to threats and vulnerabilities present in the office environment.

Question 15

Which one of the following is an advantage of an effective release control strategy form a configuration control standpoint?

Accepted Answer

An effective release control strategy ensures that all changes and deliverables are documented and traceable, which is crucial for maintaining an auditable configuration control system.

Question 16

An organization is found lacking the ability to properly establish performance indicators for its Web hosting solution during an audit. What would be the MOST probable cause?

Accepted Answer

Insufficient Service Level Agreement (SLA) is the most probable cause because SLAs typically define performance metrics and indicators for services, including web hosting solutions. Without a well-defined SLA, it would be difficult to establish and measure performance indicators.

Question 17

When defining a set of security controls to mitigate a risk, which of the following actions MUST occur?

Accepted Answer

The control set must adequately mitigate the risk, meaning that collectively, the controls should reduce the risk to an acceptable level, rather than requiring each control to completely mitigate the risk on its own.

Question 18

Which of the following is a process in the access provisioning lifecycle that will MOST likely identify access aggregation issues?

Accepted Answer

Review processes are designed to evaluate and ensure that access rights are appropriate, which can help identify access aggregation issues.

Question 19

Which of the following actions should be taken by a security professional when a mission critical computer network attack is suspected?

Accepted Answer

The answer of Which of the following actions should be...

Question 20

An Information Technology (IT) professional attends a cybersecurity seminar on current incident response methodologies. What code of ethics canon is being observed?

Accepted Answer

Attending a seminar to learn about current methodologies helps the IT professional stay updated and competent, thereby advancing and protecting the profession.

Exam 3: Certified Information Systems Security Professional