Spring Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

GIAC G2700 - GIAC Certified ISO-2700 Specialist Practice Test

GIAC G2700 Premium Access     Download Demo    
Page: 10 / 14
Total 453 questions

Which of the following is used to shift the impact of a threat to a third party, together with the ownership of the response?

A.

Risk mitigation

B.

Risk avoidance

C.

Risk transference

D.

Risk acceptance

You work as an Information Security Manager for uCertify Inc. You need to create the documentation on information security management system (ISMS). Which of the following elements are included in ISMS?

Each correct answer represents a complete solution. Choose all that apply.

A.

Implement

B.

Plan

C.

Evaluation

D.

Encrypt

Sam works as the Network Administrator for uCertify Inc. The information of a sensitive nature is processed. The highest-level security measures are to be implemented by management. What is this kind of risk strategy called?

A.

Risk compensating

B.

Risk avoiding

C.

Risk bearing

D.

Risk neutral

What is the order of the steps in the incident cycle?

A.

Incident, Threat, Damage, Recovery

B.

Incident, Recovery, Damage, Threat

C.

Threat, Damage, Incident, Recovery

D.

Threat, Incident, Damage, Recovery

You work as a Security Administrator for uCertify Inc. You are responsible for securing the network of the organization. While checking your network log files, you find that someone is sending too many data packets over a long period of time. These data packets are difficult to be detected by IDS. Which of the following types of attacks is this?

A.

Blind spoofing

B.

Session hijacking

C.

Session splicing

D.

Nonblind spoofing

As per a password policy, which of the following rules should be followed by a user while creating a password?

Each correct answer represents a complete solution. Choose all that apply.

A.

Inclusion of one or more numerical digits

B.

Inclusion of words found in a dictionary or the user's personal information

C.

Use of both upper- and lower-case letters (case sensitivity)

D.

Inclusion of special characters

Which of the following is a technique for a threat, which creates changes to the project management plan?

A.

Risk transference

B.

Risk avoidance

C.

Risk mitigation

D.

Risk acceptance

Mark is the project manager of the HAR Project. The project is scheduled to last for eighteen months and six months already passed. Management asks Mark that how often the project team is participating in the risk reassessment of this project. What should Mark tell management if he is following the best practices for risk management?

A.

Project risk management happens at every milestone.

B.

Project risk management has been concluded with the project planning.

C.

At every status meeting of the project team, project risk management is an agenda item.

D.

Project risk management is scheduled for every month in the 18-month project.

What are the basic steps involved in Continuity Management?

1. Prioritizing the businesses to be recovered by conducting a Business Impact Analysis (BIA).

2. Performing a Risk Assessment (aka Risk Analysis) for each of the IT Services to identify the assets, threats, vulnerabilities, and countermeasures for each service.

3. Evaluating the options for recovery.

4. Producing the Contingency Plan.

5. Testing, reviewing, and revising the plan on a regular basis.

Each correct answer represents a complete solution. Choose two.

A.

1, 3, and 5 only

B.

1, 2, 3, 4, and 5

C.

3, 4, and 5 only

D.

1, 2, and 5 only

E.

2, 3, and 4

You work as a Network Auditor for Net Perfect Inc. The company has a Windows-based network. You need to audit the network of the company. You need to plan the audit process to minimize the audit risk.

What steps will you take to minimize the possibility of audit risk?

A.