<< Prev Question Next Question >>

Question 77/300

Which layer handle packet fragmentation and reassembly in the Open system interconnection (OSI) Reference model?

LEAVE A REPLY

Your email address will not be published. Required fields are marked *

Question List (300q)
Question 1: Which of the following would an internal technical security ...
Question 2: When network management is outsourced to third parties, whic...
Question 3: Logical access control programs are MOST effective when they...
Question 4: A mobile device application that restricts the storage of us...
Question 5: Which of the following management process allows ONLY those ...
Question 6: What is one way to mitigate the risk of security flaws in cu...
Question 7: Which one of the following operates at the session, transpor...
Question 8: A software scanner identifies a region within a binary image...
Question 9: Change management policies and procedures belong to which of...
Question 10: Which of the following is a limitation of the Common Vulnera...
Question 11: An organization has decided to contract with a cloud-based s...
1 commentQuestion 12: What does a Synchronous (SYN) flood attack do?...
Question 13: Company A is evaluating new software to replace an in-house ...
Question 14: Which of the following is the BEST method to reduce the effe...
Question 15: Which of the following techniques is effective to detect tap...
1 commentQuestion 16: Which of the following is considered the last line defense i...
Question 17: Match the name of access control model with its associated r...
Question 18: An Intrusion Detection System (IDS) is based on the general ...
Question 19: Which of the following is an attacker MOST likely to target ...
Question 20: Which of the following actions MUST be taken if a vulnerabil...
Question 21: Which of the following is a PRIMARY challenge when running a...
Question 22: A network scan found 50% of the systems with one or more cri...
Question 23: Which of the following are Systems Engineering Life Cycle (S...
Question 24: Application of which of the following Institute of Electrica...
Question 25: Which of the following threats exists with an implementation...
Question 26: A security professional determines that a number of outsourc...
Question 27: For an organization considering two-factor authentication fo...
Question 28: What testing technique enables the designer to develop mitig...
Question 29: What operations role is responsible for protecting the enter...
1 commentQuestion 30: A Virtual Machine (VM) environment has five guest Operating ...
Question 31: Which of the following is the PRIMARY reason to perform regu...
Question 32: Which of the following is a strategy of grouping requirement...
Question 33: Which one of the following security mechanisms provides the ...
Question 34: Which of the following BEST describes how access to a system...
Question 35: Limiting the processor, memory, and Input/output (I/O) capab...
Question 36: Which of the following MUST be part of a contract to support...
Question 37: Which of the following is the MOST important consideration w...
Question 38: An input validation and exception handling vulnerability has...
Question 39: What technique used for spoofing the origin of an email can ...
Question 40: What type of attack sends Internet Control Message Protocol ...
Question 41: What is the BEST approach for maintaining ethics when a secu...
Question 42: Which of the following is MOST important when determining ap...
Question 43: Once the types of information have been identified, who shou...
Question 44: Which of the following is the FIRST action that a system adm...
Question 45: Which of the following is the MOST effective countermeasure ...
Question 46: The application of a security patch to a product previously ...
Question 47: The adoption of an enterprise-wide business continuity progr...
Question 48: When defining a set of security controls to mitigate a risk,...
Question 49: Which of the following is the MOST difficult to enforce when...
Question 50: Which of the following is the MAIN goal of a data retention ...
Question 51: Refer to the information below to answer the question. A new...
Question 52: Why are mobile devices something difficult to investigate in...
Question 53: Which of the following is the key requirement for test resul...
Question 54: What is the purpose of an Internet Protocol (IP) spoofing at...
Question 55: Individual access to a network is BEST determined based on...
Question 56: A company whose Information Technology (IT) services are bei...
Question 57: When deploying en Intrusion Detection System (IDS) on a high...
Question 58: Which of the following is a characteristic of the initializa...
Question 59: Which of the following prevents improper aggregation of priv...
Question 60: Which is the second phase of public key Infrastructure (pk1)...
Question 61: Which of the following is the MAIN reason for using configur...
Question 62: How does an organization verify that an information system's...
Question 63: An Internet software application requires authentication bef...
Question 64: Which of the following secure startup mechanisms are PRIMARI...
Question 65: Which of the following BEST provides for non-repudiation od ...
Question 66: When designing on Occupent Emergency plan (OEP) for United s...
Question 67: Which security modes is MOST commonly used in a commercial e...
Question 68: What is the PRIMARY goal for using Domain Name System Securi...
Question 69: When conducting a forensic criminal investigation on a compu...
Question 70: Which of the following is MOST important when assigning owne...
Question 71: By carefully aligning the pins in the lock, which of the fol...
Question 72: Which of the following is a method of attacking internet (IP...
Question 73: When dealing with shared, privilaged accounts, especially th...
Question 74: What is the PRIMARY purpose of auditing, as it relates to th...
Question 75: What is the MOST common component of a vulnerability managem...
Question 76: When can a security program be considered effective?...
Question 77: Which layer handle packet fragmentation and reassembly in th...
Question 78: Which of the following is the MAIN reason that system re-cer...
Question 79: Which of the following is the MOST beneficial to review when...
Question 80: What is the correct order of steps in an information securit...
Question 81: Which of the following is the BEST method to assess the effe...
Question 82: What Is the FIRST step in establishing an information securi...
Question 83: Refer to the information below to answer the question. A new...
Question 84: Which of the following is used to detect steganography?...
Question 85: Which of the following is a security weakness in the evaluat...
Question 86: Which of the following actions will reduce risk to a laptop ...
Question 87: Which of the following is the PRIMARY issue when analyzing d...
Question 88: An organization allows ping traffic into and out of their ne...
Question 89: Which of the following is the MOST important consideration w...
Question 90: Which of the following is the MOST effective practice in man...
Question 91: Which of the following is the MOST significant benefit to im...
Question 92: Which of the following is the BEST technique to facilitate s...
Question 93: Refer to the information below to answer the question. A lar...
Question 94: Which of the following is the PRIMARY reason a sniffer opera...
Question 95: A Simple Power Analysis (SPA) attack against a device direct...
Question 96: Secure real-time transport protocol (SRTP) provides security...
Question 97: What is the best way for mutual authentication of devices be...
Question 98: Assessing a third party's risk by counting bugs in the code ...
Question 99: When planning a penetration test, the tester will be MOST in...
Question 100: Which security approach will BEST minimize Personally Identi...
Question 101: Which of the following is an appropriate source for test dat...
Question 102: What are the roles within a scrum methodoligy?...
Question 103: During an audit of system management, auditors find that the...
Question 104: An employee receives a promotion that entities them to acces...
Question 105: Which of the following is an essential step before performin...
Question 106: What does the Maximum Tolerable Downtime (MTD) determine?...
Question 107: Discretionary Access Control (DAC) restricts access accordin...
Question 108: As part of the security assessment plan, the security profes...
Question 109: Which of the following is applicable to a publicly held comp...
Question 110: What does an organization FIRST review to assure compliance ...
Question 111: Refer to the information below to answer the question. An or...
Question 112: An employee of a retail company has been granted an extended...
Question 113: Organization A is adding a large collection of confidential ...
Question 114: An organization is designing a large enterprise-wide documen...
Question 115: Given the various means to protect physical and logical asse...
Question 116: What is the MOST efficient way to secure a production progra...
Question 117: What is the BEST approach for controlling access to highly s...
Question 118: To prevent inadvertent disclosure of restricted information,...
Question 119: An organization has hired a security services firm to conduc...
Question 120: What is the MAIN reason for testing a Disaster Recovery Plan...
Question 121: In a basic SYN flood attack, what is the attacker attempting...
Question 122: Due to system constraints, a group of system administrators ...
Question 123: A security analyst for a large financial institution is revi...
Question 124: Drag the following Security Engineering terms on the left to...
Question 125: Which of the following is the PRIMARY security consideration...
Question 126: Which of the following could be considered the MOST signific...
Question 127: A financial company has decided to move its main business ap...
Question 128: Two companies wish to share electronic inventory and purchas...
Question 129: Which of the following is MOST critical in a contract in a c...
Question 130: Refer to the information below to answer the question. A lar...
Question 131: What is the FIRST step required in establishing a records re...
Question 132: Which of the following is the BEST Identity-as-a-Service (ID...
Question 133: Functional security testing is MOST critical during which ph...
Question 134: A company receives an email threat informing of an Imminent ...
Question 135: Which of the following is critical if an employee is dismiss...
Question 136: Which of the following command line tools can be used in the...
Question 137: Which of the following BEST describes the standard used to e...
Question 138: A continuous information security monitoring program can BES...
Question 139: Which of the following is BEST achieved through the use of e...
Question 140: When is security personnel involvement in the Systems Develo...
Question 141: Which of the following is the MOST important reason for time...
Question 142: During an audit, the auditor finds evidence of potentially i...
Question 143: An international medical organization with headquarters in t...
Question 144: What is the ultimate objective of information classification...
Question 145: Which of the following is an important requirement when desi...
Question 146: When building a data classification scheme, which of the fol...
Question 147: What should be the INITIAL response to Intrusion Detection S...
Question 148: Which of the following is the weakest form of protection for...
Question 149: From a security perspective, which of the following assumpti...
Question 150: A security architect is responsible for the protection of a ...
Question 151: The PRIMARY security concern for handheld devices is the...
Question 152: Which of the following is the MOST efficient mechanism to ac...
Question 153: During the risk assessment phase of the project the CISO dis...
Question 154: When implementing a data classification program, why is it i...
Question 155: Alternate encoding such as hexadecimal representations is MO...
Question 156: What is the MOST important purpose of testing the Disaster R...
Question 157: Which of the following MUST be scalable to address security ...
Question 158: Why must all users be positively identified prior to using m...
Question 159: The process of mutual authentication involves a computer sys...
Question 160: Which of the following roles has the obligation to ensure th...
Question 161: Which of the following is the FIRST step during digital iden...
Question 162: Refer to the information below to answer the question. A new...
Question 163: Which of the following activities is MOST likely to be perfo...
Question 164: When implementing controls in a heterogeneous end-point netw...
Question 165: Rank the Hypertext Transfer protocol (HTTP) authentication t...
Question 166: Which of the following methods MOST efficiently manages user...
Question 167: The security team has been tasked with performing an interfa...
Question 168: Which of the following encryption types is used in Hash Mess...
Question 169: Which of the following is the GREATEST security risk associa...
Question 170: In order for a security policy to be effective within an org...
Question 171: When is a Business Continuity Plan (BCP) considered to be va...
Question 172: Which of the following methods provides the MOST protection ...
Question 173: What type of test assesses a Disaster Recovery (DR) plan usi...
Question 174: Which of the following BEST describes an access control meth...
Question 175: A large bank deploys hardware tokens to all customers that u...
Question 176: What is the difference between media marking and media label...
Question 177: Which security architecture strategy could be applied to sec...
Question 178: What should an auditor do when conducting a periodic audit o...
Question 179: Which of the following needs to be included in order for Hig...
Question 180: Which of the following is the BEST approach for a forensic e...
Question 181: What is an effective practice when returning electronic stor...
Question 182: When transmitting information over public networks, the deci...
Question 183: Which of the following types of business continuity tests in...
Question 184: Which of the following controls is the most for a system ide...
Question 185: Drag the following Security Engineering terms on the left to...
Question 186: Which of the following is the PRIMARY consideration when det...
Question 187: An organization's information security strategic plan MUST b...
Question 188: A health care provider is considering Internet access for th...
Question 189: Which layer of the Open system Interconnect (OSI) model is r...
Question 190: A global organization wants to implement hardware tokens as ...
Question 191: Without proper signal protection, embedded systems may be pr...
Question 192: Which of the following is the MOST crucial for a successful ...
Question 193: Copyright provides protection for which of the following?...
Question 194: Which of the following is included in the Global System for ...
Question 195: The Structured Query Language (SQL) implements Discretionary...
Question 196: Reciprocal backup site agreements are considered to be...
Question 197: Which of the following System and Organization Controls (SOC...
Question 198: An organization is found lacking the ability to properly est...
Question 199: The PRIMARY purpose of a security awareness program is to...
Question 200: Which of the following will accomplish Multi-Factor Authenti...
Question 201: A large university needs to enable student access to univers...
Question 202: Which of the following disaster recovery test plans will be ...
Question 203: Refer to the information below to answer the question. In a ...
Question 204: Are companies legally required to report all data breaches?...
Question 205: A security consultant has been asked to research an organiza...
Question 206: Vulnerability scanners may allow for the administrator to as...
Question 207: Passive Infrared Sensors (PIR) used in a non-climate control...
Question 208: An organization implements a Remote Access Server (RAS). Onc...
Question 209: Which of the following provides the minimum set of privilege...
Question 210: The BEST method to mitigate the risk of a dictionary attack ...
Question 211: A security architect plans to reference a Mandatory Access C...
Question 212: Which of the following analyses is performed to protect info...
Question 213: Which one of the following is a common risk with network con...
Question 214: Refer to the information below to answer the question. An or...
Question 215: If compromised, which of the following would lead to the exp...
Question 216: Which of the following is the BEST way to protect against st...
Question 217: Which of the following is a common measure within a Local Ar...
Question 218: Which technology is a prerequisite for populating the cloud-...
Question 219: What is the process of removing sensitive data from a system...
Question 220: Which of the following is the MOST common method of memory p...
Question 221: Which of the following steps should be conducted during the ...
Question 222: Which Identity and Access Management (IAM) process can be us...
Question 223: What access control scheme uses fine-grained rules to specif...
Question 224: Refer to the information below to answer the question. A sec...
Question 225: Which of the following authorization standards is built to h...
Question 226: What is the PRIMARY goal of fault tolerance?...
Question 227: Which one of these risk factors would be the LEAST important...
Question 228: Which of the following is the PRIMARY security concern assoc...
Question 229: Which of the following is the PRIMARY reason for employing p...
Question 230: Which of the following is the BIGGEST weakness when using na...
Question 231: During which of the following processes is least privilege i...
Question 232: An Information Technology (IT) professional attends a cybers...
Question 233: A chemical plan wants to upgrade the Industrial Control Syst...
Question 234: When using Security Assertion markup language (SAML), it is ...
Question 235: A development operations team would like to start building n...
Question 236: A security professional is assessing the risk in an applicat...
Question 237: What does secure authentication with logging provide?...
Question 238: Network-based logging has which advantage over host-based lo...
Question 239: A database administrator is asked by a high-ranking member o...
Question 240: An organization has outsourced its financial transaction pro...
Question 241: Which of the following is a peor entity authentication metho...
Question 242: Single Sign-On (SSO) is PRIMARILY designed to address which ...
Question 243: Mandatory Access Controls (MAC) are based on:...
Question 244: Which of the following processes has the PRIMARY purpose of ...
Question 245: Determining outage costs caused by a disaster can BEST be me...
Question 246: Which of the following is the MOST appropriate action when r...
Question 247: Which of the following is true of Service Organization Contr...
Question 248: Which is the RECOMMENDED configuration mode for sensors for ...
Question 249: At a MINIMUM, audits of permissions to individual or group a...
Question 250: Data leakage of sensitive information is MOST often conceale...
Question 251: Which type of fire alarm system sensor is intended to detect...
Question 252: Which of the following is most helpful in applying the princ...
Question 253: How can lessons learned from business continuity training an...
Question 254: During a recent assessment an organization has discovered th...
Question 255: It is MOST important to perform which of the following to mi...
Question 256: What is the expected outcome of security awareness in suppor...
Question 257: A security practitioner is tasked with securing the organiza...
Question 258: What component of a web application that stores the session ...
Question 259: Which of the following is a responsibility of a data steward...
Question 260: Which of the following is an effective control in preventing...
Question 261: A disadvantage of an application filtering firewall is that ...
Question 262: Although code using a specific program language may not be s...
Question 263: Which of the following is used to support the of defense in ...
Question 264: Which of the following is the BEST network defense against u...
Question 265: For the purpose of classification, which of the following is...
Question 266: During examination of Internet history records, the followin...
Question 267: With data labeling, which of the following MUST be the key d...
Question 268: Information security metrics provide the GREATEST value tp m...
Question 269: What is the MOST effective method for gaining unauthorized a...
Question 270: Which of the following is a characteristic of convert securi...
Question 271: Which of the following is a reason to use manual patch insta...
Question 272: Which of the following findings would MOST likely indicate a...
Question 273: The organization would like to deploy an authorization mecha...
Question 274: Which open standard could l large corporation deploy for aut...
Question 275: Transport Layer Security (TLS) provides which of the followi...
Question 276: Which of the following is a PRIMARY benefit of using a forma...
Question 277: Refer to the information below to answer the question. An or...
Question 278: The 802.1x standard provides a framework for what?...
Question 279: An external attacker has compromised an organization's netwo...
Question 280: Which of the following MUST be in place to recognize a syste...
Question 281: Data remanence is the biggest threat in which of the followi...
Question 282: When in the Software Development Life Cycle (SDLC) MUST soft...
Question 283: When conducting a security assessment of access controls, wh...
Question 284: Which Web Services Security (WS-Security) specification nego...
Question 285: Which of the following initiates the systems recovery phase ...
Question 286: Which of the following steps is performed during the forensi...
Question 287: A large corporation is locking for a solution to automate ac...
Question 288: When should an application invoke re-authentication in addit...
Question 289: Which of the following are effective countermeasures against...
Question 290: Changes to a Trusted Computing Base (TCB) system that could ...
Question 291: Which one of the following affects the classification of dat...
Question 292: Which of the following is a remote access protocol that uses...
Question 293: From an asset security perspective, what is the BEST counter...
Question 294: When assessing an organization's security policy according t...
Question 295: What is the foundation of cryptographic functions?...
Question 296: Refer to the information below to answer the question. A sec...
Question 297: During the Security Assessment and Authorization process, wh...
Question 298: The BEST way to check for good security programming practice...
Question 299: Which type of control recognizes that a transaction amount i...
Question 300: The overall goal of a penetration test is to determine a sys...