Which of the following is a client-server program that opens a secure, encrypted command-line shell
session from the Internet for remote logon?
C
Explanation:
The correct answer is C. SSH.
SSH stands for Secure Shell, a client-server program that opens a secure, encrypted command-line
shell session from the Internet for remote logon. SSH allows users to remotely access and execute
commands on a server without exposing their credentials or data to eavesdropping, tampering or
replay attacks.
SSH also supports secure file transfer protocols such as SFTP and SCP1
.
VPN stands for Virtual Private Network, a technology that creates a secure, encrypted tunnel
between two or more devices over a public network such as the Internet.
VPN allows users to access
resources on a remote network as if they were physically connected to it, while protecting their
privacy and identity2
.
IPsec stands for Internet Protocol Security, a set of protocols that provides security at the network
layer of the Internet. IPsec supports two modes: transport mode and tunnel mode. Transport mode
encrypts only the payload of each packet, while tunnel mode encrypts the entire packet, including
the header.
IPsec can be used to secure VPN connections, as well as other applications that require
data confidentiality, integrity and authentication3
.
SFTP stands for Secure File Transfer Protocol, a protocol that uses SSH to securely transfer files
between a client and a server over a network. SFTP provides encryption, authentication and
compression features to ensure the security and reliability of file transfers.
:
SSH (Secure Shell) 2
:
What is a VPN? How It Works, Types of VPN | Kaspersky 3
:
IPsec - Wikipedia
:
[SFTP - Wikipedia]
What is the FIRST phase of the ISACA framework for auditors reviewing cryptographic environments?
D
Explanation:
The FIRST phase of the ISACA framework for auditors reviewing cryptographic environments is
inventory and discovery. This is because the inventory and discovery phase helps auditors to identify
and document the scope, objectives, and approach of the audit, as well as the cryptographic assets,
systems, processes, and stakeholders involved in the cryptographic environment. The inventory and
discovery phase also helps auditors to assess the maturity and effectiveness of the cryptographic
governance and management within the organization. The other phases are not the first phase of the
ISACA framework for auditors reviewing cryptographic environments, but rather follow after the
inventory and discovery phase, such as evaluation of implementation details (A), hands-on testing
(B), or risk-based shakeout C.
Which of the following is the BEST indication of mature third-party vendor risk management for an
organization?
B
Explanation:
The BEST indication of mature third-party vendor risk management for an organization is that the
organization maintains vendor security assessment checklists. This is because vendor security
assessment checklists help the organization to evaluate and monitor the security posture and
performance of their third-party vendors, based on predefined criteria and standards. Vendor
security assessment checklists also help the organization to identify and mitigate any gaps or issues
in the vendor’s security controls or processes. The other options are not as indicative of mature
third-party vendor risk management for an organization, because they either involve following or
mimicking the security program of either party without considering their own needs or risks (A, D),
or relying on the vendor’s self-assessment without independent verification or validation C.
What is the FIRST phase of the ISACA framework for auditors reviewing cryptographic environments?
D
Explanation:
The FIRST phase of the ISACA framework for auditors reviewing cryptographic environments is
inventory and discovery. This is because the inventory and discovery phase helps auditors to identify
and document the scope, objectives, and approach of the audit, as well as the cryptographic assets,
systems, processes, and stakeholders involved in the cryptographic environment. The inventory and
discovery phase also helps auditors to assess the maturity and effectiveness of the cryptographic
governance and management within the organization. The other phases are not the first phase of the
ISACA framework for auditors reviewing cryptographic environments, but rather follow after the
inventory and discovery phase, such as evaluation of implementation details (A), hands-on testing
(B), or risk-based shakeout C.
Which of the following describes specific, mandatory controls or rules to support and comply with a
policy?
D
Explanation:
Specific, mandatory controls or rules to support and comply with a policy are known as standards.
This is because standards define the minimum level of performance or behavior that is expected
from an organization or its employees in order to achieve a policy objective or requirement.
Standards also provide clear and measurable criteria for auditing and monitoring compliance with
policies. The other options are not specific, mandatory controls or rules to support and comply with a
policy, but rather different types of documents or tools that provide guidance or recommendations
for implementing policies or controls, such as frameworks (A), guidelines (B), or baselines C.
Which of the following is the MOST important step to determine the risks posed to an organization
by social media?
D
Explanation:
The MOST important step to determine the risks posed to an organization by social media is to
review access control processes for the organization’s social media accounts. This is because access
control processes help to ensure that only authorized users can access, modify, or share the
organization’s social media accounts and content, and prevent unauthorized or malicious access or
disclosure of sensitive or confidential information. Access control processes also help to protect the
organization’s reputation and brand image from being compromised or damaged by unauthorized or
inappropriate social media posts. The other options are not as important as reviewing access control
processes for the organization’s social media accounts, because they either relate to costs (A),
insurance (B), or recovery C aspects that are not directly related to the risks posed by social media.
The protection of information from unauthorized access or disclosure is known as:
D
Explanation:
The protection of information from unauthorized access or disclosure is known as confidentiality.
This is because confidentiality is one of the three main objectives of information security, along with
integrity and availability. Confidentiality ensures that information is accessible and readable only by
those who are authorized and intended to do so, and prevents unauthorized or accidental exposure
of information to unauthorized parties. The other options are not the protection of information from
unauthorized access or disclosure, but rather different concepts or techniques that are related to
information security, such as access control (A), cryptography (B), or media protection C.
Security awareness training is MOST effective against which type of threat?
C
Explanation:
Security awareness training is MOST effective against social engineering threats. This is because
social engineering is a type of attack that exploits human psychology and behavior to manipulate or
trick users into revealing sensitive or confidential information, or performing actions that
compromise security. Security awareness training helps to educate users about the common types
and techniques of social engineering attacks, such as phishing, vishing, baiting, etc., and how to
recognize and avoid them. Security awareness training also helps to foster a culture of security within
the organization and empower users to report any suspicious or malicious activities. The other
options are not types of threats that security awareness training is most effective against, but rather
types of attacks that exploit technical vulnerabilities or flaws in systems or applications, such as
command injection (A), denial of service (B), or SQL injection (D).
A cloud service provider is used to perform analytics on an organization's sensitive dat
a. A data leakage incident occurs in the service providers network from a regulatory perspective, who
is responsible for the data breach?
D
Explanation:
A cloud service provider is used to perform analytics on an organization’s sensitive data. A data
leakage incident occurs in the service provider’s network. From a regulatory perspective, the
organization is responsible for the data breach. This is because the organization is the data owner
and has the ultimate accountability and liability for the security and privacy of its data, regardless of
where it is stored or processed. The organization cannot transfer or delegate its responsibility to the
service provider, even if there is a contractual agreement or service level agreement that specifies
the security obligations of the service provider. The other options are not correct, because they
either imply that the service provider is responsible (A), or that the responsibility depends on the
nature of breach (B) or specific regulatory requirements C, which are not relevant factors.
One way to control the integrity of digital assets is through the use of:
D
Explanation:
One way to control the integrity of digital assets is through the use of hashing. This is because
hashing is a technique that applies a mathematical function to a digital asset, such as a file or a
message, and produces a unique and fixed-length value, known as a hash or a digest. Hashing helps
to verify the integrity of digital assets, by comparing the hash values before and after transmission or
storage, and detecting any changes or modifications to the original asset. The other options are not
ways to control the integrity of digital assets, but rather different concepts or techniques that are
related to information security, such as policies (A), frameworks (B), or caching C.