The Bell and Lapaluda Access Control model is a form of:
- MAC
- DAC
- RBAC
- ABAC
MAC
In which cloud model does the cloud customer have LESS responsibility over the infrastructure?
- PaaS
- FaaS
- IaaS
- SaaS
SaaS
Which of these tools is commonly used to crack passwords?
- Wireshark
- John The Ripper
- NSlookup
- Burp Suite
John The Ripper
Which type of attack will most effectively provide privileged access (root access in Unix/Linux platforms) to a computer while hiding its presence?
- Phishing
- Rootkits
- Cross-Site Scripting
- Trojans
Rootkits
Which devices would be more effective in detecting an intrusion into a network?
- Routers
- Firewalls
- HIDS
- NIDS
NIDS
Which of these would be the best option if a network administrator needs to control access to a network?
- NAC
- IDS
- HIDS
- SIEM
NAC
In which of the following phases of an Incident Recovery Plan are incident responses prioritized?
- Post-incident Activity
- Contentment, Eradication and Recovery
- Detection and Analysis
- Preparation
Detection and Analysis
Which of the following are NOT types of security controls?
- Storage Controls
- System-specific controls
- Hybrid controls
- Common controls
Storage Controls
According to the canon “Provide diligent and competent service to principals”, (ISC)² professionals are to:
- Promote the understanding and acceptance of prudent information security measures
- Avoid apparent or actual conflicts of interest
- Take care not to tarnish the reputation of other professionals through malice or indifference
- Treat all members fairly and when resolving conflicts consider public safety and duties to principals, individuals and the profession in that order
Avoid apparent or actual conflicts of interest
Which of the following is NOT a protocol of the OSI Level 3?
- IP
- ICMP
- SNMP
- IGMP
SNMP
Which of the following is a public IP?
- 10.221.123.1
- 192.168.123.1
- 13.16.123.1
- 172.16.123.1
13.16.123.1
Which port is used to secure communication over the web (HTTPS)?
- 443
- 69
- 25
- 80
443
The SMTP protocol operates at OSI Level:
- 3
- 25
- 23
- 7
7
The address 8be2:4382:8d84:7ce2:ec0f:3908:d29a:903a is an:
- MAC address
- Web address
- IPv4 address
- IPv6 address
IPv6 address
Which of these is NOT a change management component?
- RFC
- Approval
- Governance
- Rollback
Governance
Which of these is the PRIMARY objective of a Disaster Recovery Plan?
- Restore company operation to the last-known reliable operation state
- Outline a safe escape procedure for the organization’s personnel
- Communicate to the responsible entities the damage caused to operations in the event of a disaster
- Maintain crucial company operations in the event of a disaster
- Restore company operation to the last-known reliable operation state
What is an effective way of hardening a system?
- Run a vulnerability scan
- Patch the system
- Have an IDS in place
- Create a DMZ for web application services
Patch the system
Which access control model can grant access to a given object based on complex rules?
- MAC
- DAC
- ABAC
- RBAC
ABAC
What type of security control is the biometric reader that grants access to the data center building?
- Physical control
- authorization control
- administrative control
- Technical control
Physical Control
