208 Chapter 9 ■ Practice Test 1
- What problem drives the recommendation to physically destroy SSD drives to prevent data
leaks when they are retired?
A. Degaussing only partially wipes the data on SSDs.
B. SSDs don’t have data remanence.
C. SSDs are unable to perform a zero fill.
D. The built-in erase commands are not completely effective on some SSDs. - GAD Systems is concerned about the risk of hackers stealing sensitive information stored
on a file server. They choose to pursue a risk mitigation strategy. Which one of the follow-
ing actions would support that strategy?
A. Encrypting the files
B. Deleting the files
C. Purchasing cyber-liability insurance
D. Taking no action - How should samples be generated when assessing account management practices?
A. They should be generated by administrators.
B. The last 180 days of accounts should be validated.
C. Sampling should be conducted randomly.
D. Sampling is not effective, and all accounts should be audited. - The EU-U.S. Privacy Shield Framework relies on seven principles. Which of the following
correctly lists all seven?
A. Awareness, selection, control, security, data integrity, access, recourse and
enforcement
B. Notice, choice, accountability for onward transfer, security, data integrity and
purpose limitation, access, recourse and enforcement
C. Privacy, security, control, notification, data integrity and purpose, access,
enforcement
D. Submission, editing, updates, confidential, integrity, security, access - Match the following numbered types of testing methodologies with the lettered correct
level of knowledge:
Testing methodologies- Black box
- White box
- Gray box
Level of knowledge
A. Full knowledge of the system
B. Partial or incomplete knowledge
C. No prior knowledge of the system