- (Exam Topic 2)
Creating a secondary authentication process for network access would be an example of?

1. A. An administrator with too much time on their hands.
2. B. Putting undue time commitment on the system administrator.
3. C. Supporting the concept of layered security
4. D. Network segmentation.

Correct Answer: C

- (Exam Topic 3)
Which of the following is a major benefit of applying risk levels?

1. A. Risk management governance becomes easier since most risks remain low once mitigated
2. B. Resources are not wasted on risks that are already managed to an acceptable level
3. C. Risk budgets are more easily managed due to fewer identified risks as a result of using a methodology
4. D. Risk appetite can increase within the organization once the levels are understood

Correct Answer: B

- (Exam Topic 4)
Which of the following is a countermeasure to prevent unauthorized database access from web applications?

1. A. Session encryption
2. B. Removing all stored procedures
3. C. Input sanitization
4. D. Library control

Correct Answer: C

- (Exam Topic 2)
In MOST organizations which group periodically reviews network intrusion detection system logs for all systems as part of their daily tasks?

1. A. Internal Audit
2. B. Database Administration
3. C. Information Security
4. D. Compliance

Correct Answer: C

- (Exam Topic 5)
A digital signature addresses which of the following concerns?

1. A. Message alteration
2. B. Message copying
3. C. Message theft
4. D. Unauthorized reading

Correct Answer: A
Reference: https://www.entrust.com/resources/certificate-solutions/learn/digital-signatures