Chapter 12 ■ Practice Test 4 291
- What process is typically used to ensure data security for workstations that are being
removed from service but that will be resold or otherwise reused?
A. Destruction
B. Erasing
C. Sanitization
D. Clearing - Colleen is conducting a software test that is evaluating code for both security flaws and
usability issues. She is working with the application from an end-user perspective and ref-
erencing the source code as she works her way through the product. What type of testing
is Colleen conducting?
A. White box
B. Blue box
C. Gray box
D. Black box - Harold is looking for a software development methodology that will help with a major
issue he is seeing in his organization. Currently, developers and operations staff do not
work together and are often seen as taking problems and “throwing them over the fence”
to the other team. What technology management approach is designed to alleviate this
problem?
A. ITIL
B. Lean
C. ITSM
D. DevOps - NIST Special Publication 800-92, the Guide to Computer Security Log Management,
describes four types of common challenges to log management:
■ (^) Many log sources
■ (^) Inconsistent log content
■ (^) Inconsistent timestamps
■ (^) Inconsistent log formats
Which of the following solutions is best suited to solving these issues?
A. Implement SNMP for all logging devices.
B. Implement a SIEM.
C. Standardize on the Windows event log format for all devices and use NTP.
D. Ensure that logging is enabled on all endpoints using their native logging formats and
set their local time correctly.