Which of the following is a known potential risk of using a software defined perimeter (SDP) controller?

• A.Unauthorized access may jeopardize data confidentiality, integrity, or availability.
• B.Operations may be adversely affected if data cannot be recovered and restored timely.
• C.Unauthorized use of valid credentials may compromise encrypted data at rest.
• D.An ineffective firewall may fail to identify and block unwanted network traffic.

Comment: *

Name: *

Email: *

Verification: *

Which of the following injects malicious scripts into a trusted website to infect a target?

• A.Malicious code
• B.Cross-site scripting
• C.Denial-of-service attack
• D.Structure query language attack

Comment: *

Name: *

Email: *

Verification: *

Which type of tools look for anomalies in user behavior?

• A.Rootkit detection tools
• B.Trend/variance-detection tools
• C.Audit reduction tools
• D.Attack-signature-detection tools

Comment: *

Name: *

Email: *

Verification: *

Which of the following is EASIEST for a malicious attacker to detect?

• A.Use of insufficient cryptography
• B.Insecure storage of sensitive data
• C.Susceptibility to reverse engineering
• D.Ability to tamper with mobile code

Comment: *

Name: *

Email: *

Verification: *

What would be an IS auditor's BEST response to an IT managers statement that the risk associated with the use of mobile devices in an organizational setting is the same as for any other device?

• A.Replication of privileged access and the greater likelihood of physical loss increases risk levels.
• B.The risk associated with mobile devices is less than that of other devices and systems.
• C.The risk associated with mobile devices cannot be mitigated with similar controls for workstations.
• D.The ability to wipe mobile devices and disable connectivity adequately mitigates additional

Comment: *

Name: *

Email: *

Verification: *