Which of the following is MOST likely to be spoofed in an email transmission?

A. The identity of the sender
B. The identity of the receiving host
C. The path the message traveled through the Internet
D. The identity of the sending host

Which of the following is the MOST effective control to restrict the use of instant messaging (IM) within an organization?

A. Intrusion detection system (IDS)
B. Antivirus software
C. Application-based firewall
D. Packet filtering firewall

Which of the following would be considered a corrective control when designing the security of a data center?

A. Perimeter fence
B. Closed-circuit television (CCTV)
C. Fire extinguisher
D. Security guards

An IS auditor suspects an organization's computer may have been used to commit a crime. Which of the following is the auditor's BEST course of action?

A. Examine the computer to search for evidence supporting the suspicions.
B. Notify local law enforcement of the potential crime before further investigation.
C. Contact the incident response team to conduct an investigation.
D. Advise management of the crime after the investigation.

Which of the following is the MAIN advantage of using one-time passwords?

A. They are suitable for e-commerce authentication.
B. Passwords are hardware/software generated.
C. An intercepted password would be of no use.
D. The user does not need to remember passwords.

An IS auditor finds an organization has a significant number of systems developed by end-users. Which of the following is the BEST recommendation to help mitigate the associated risks?

A. Storing systems on a shared drive managed by IT
B. Storing developed source code in a centralized repository
C. Centralizing information technology procurement
D. Using a formal development methodology

Which of the following would BEST enable an organization to provide indirect access to web applications?

A. Web application proxy
B. Web application programming interface (API)
C. Web application server
D. Web authentication services

Which of the following controls BEST mitigates the impact of a distributed denial of service (DDoS) attack against the controller in a software-defined network (SDN)?

A. Implementing multiple physical SDN controllers
B. Relocating virtualized network functions to physical infrastructure
C. Hardening the operating system that hosts the SDN controller
D. Implementing configuration management for SDN controllers

Which of the following is MOST important when creating a forensic image of a hard drive?

A. Generating a content hash of the hard drive
B. Requiring an independent third-party be present while imaging
C. Securing a backup copy of the hard drive
D. Choosing an industry-leading forensics software tool

Data anonymization helps to prevent which types of attacks in a big data environment?

A. Man-in-the-middle
B. Denial-of-service
C. Correlation
D. Spoofing