446 Appendix ■ Answers
10. A. The onward transfer principle requires that organizations only exchange personal
information with other organizations bound by the EU General Data Protection
Regulation (GDPR) privacy principles. France, Italy, and Germany, as EU member states,
are all bound by those principles. The United States does not have a comprehensive privacy
law codifying those principles, so the onward transfer requirement applies.- The protocols match with the descriptions as follows:
- TCP: C. Transports data over a network in a connection-oriented fashion.
- UDP: D. Transports data over a network in a connectionless fashion.
- DNS: B. Performs translations between FQDNs and IP addresses.
- ARP: A. Performs translations between MAC addresses and IP addresses.
The Domain Name System (DNS) translates human-friendly fully qualified domain
names (FQDNs) into IP addresses, making it possible to easily remember websites and
hostnames. ARP is used to resolve IP addresses into MAC addresses. TCP and UDP
are used to control the network traffic that travels between systems. TCP does so in a
connection-oriented fashion using the three-way handshake, while UDP uses connec-
tionless “best effort” delivery.
- B. Ben is assessing a specification. Specifications are document-based artifacts like policies
or designs. Activities are actions that support an information system that involves people.
Mechanisms are the hardware-, software-, or firmware-based controls or systems in an
information system, and an individual is one or more people applying specifications,
mechanisms, or activities. - C. When done properly, a sanitization process fully ensures that data is not remnant
on the system before it is reused. Clearing and erasing can both be failure prone, and of
course destruction wouldn’t leave a machine or device to reuse. - C. In a gray box test, the tester evaluates the software from a user perspective but has
access to the source code as the test is conducted. White box tests also have access to the
source code but perform testing from a developer’s perspective. Black box tests work from
a user’s perspective but do not have access to source code. Blue boxes are a telephone
hacking tool and not a software testing technique. - D. The DevOps approach to technology management seeks to integrate software
development, operations, and quality assurance in a cohesive effort. It specifically attempts
to eliminate the issue of “throwing problems over the fence” by building collaborative
relationships between members of the IT team. - B. A Security Information and Event Management (SIEM) tool is designed to centralize
logs from many locations in many formats and to ensure that logs are read and analyzed
despite differences between different systems and devices. The Simple Network
Management Protocol (SNMP) is used for some log messaging but is not a solution that
solves all of these problems. Most non-Windows devices, including network devices
among others, are not designed to use the Windows event log format, although using NTP
for time synchronization is a good idea. Finally, local logging is useful, but setting clocks
individually will result in drift over time and won’t solve the issue with many log sources.