312-50v12 Free Practice Test

- (Exam Topic 1)
Which regulation defines security and privacy controls for Federal information systems and organizations?

1. A. HIPAA
2. B. EU Safe Harbor
3. C. PCI-DSS
4. D. NIST-800-53

Correct Answer: D
NIST Special Publication 800-53 provides a catalog of security and privacy controls for all U.S. federal information systems except those related to national security. It is published by the National Institute of Standards and Technology, which is a non-regulatory agency of the United States Department of Commerce.
NIST develops and issues standards, guidelines, and other publications to assist federal agencies in implementing the Federal Information Security Modernization Act of 2014 (FISMA) and to help with managing cost-effective programs to protect their information and information systems.

- (Exam Topic 1)
Which of the following programs is usually targeted at Microsoft Office products?

1. A. Polymorphic virus
2. B. Multipart virus
3. C. Macro virus
4. D. Stealth virus

Correct Answer: C
A macro virus is a virus that is written in a macro language: a programming language which is embedded inside a software application (e.g., word processors and spreadsheet applications). Some applications, such as Microsoft Office, allow macro programs to be embedded in documents such that the macros are run automatically when the document is opened, and this provides a distinct mechanism by which malicious computer instructions can spread. (Wikipedia)
NB: The virus Melissa is a well-known macro virus we could find attached to word documents.

- (Exam Topic 2)
What does the following command in netcat do? nc -l -u -p55555 < /etc/passwd

1. A. logs the incoming connections to /etc/passwd file
2. B. loads the /etc/passwd file to the UDP port 55555
3. C. grabs the /etc/passwd file when connected to UDP port 55555
4. D. deletes the /etc/passwd file when connected to the UDP port 55555

Correct Answer: C

- (Exam Topic 2)
Why containers are less secure that virtual machines?

1. A. Host OS on containers has a larger surface attack.
2. B. Containers may full fill disk space of the host.
3. C. A compromise container may cause a CPU starvation of the host.
4. D. Containers are attached to the same virtual network.

Correct Answer: A

- (Exam Topic 1)
Todd has been asked by the security officer to purchase a counter-based authentication system. Which of the following best describes this type of system?

1. A. A biometric system that bases authentication decisions on behavioral attributes.
2. B. A biometric system that bases authentication decisions on physical attributes.
3. C. An authentication system that creates one-time passwords that are encrypted with secret keys.
4. D. An authentication system that uses passphrases that are converted into virtual passwords.

Correct Answer: C