Chapter 9 ■ Practice Test 1 217
- Lisa wants to integrate with a cloud identity provider that uses OAuth 2.0, and she wants
to select an appropriate authentication framework. Which of the following best suits her
needs?
A. OpenID Connect
B. SAML
C. RADIUS
D. Kerberos - Owen recently designed a security access control structure that prevents a single user from
simultaneously holding the role required to create a new vendor and the role required to
issue a check. What principle is Owen enforcing?
A. Two-person control
B. Least privilege
C. Separation of duties
D. Job rotation - Denise is preparing for a trial relating to a contract dispute between her company and
a software vendor. The vendor is claiming that Denise made a verbal agreement that
amended their written contract. What rule of evidence should Denise raise in her defense?
A. Real evidence rule
B. Best evidence rule
C. Parol evidence rule
D. Testimonial evidence rule - While Lauren is monitoring traffic on two ends of a network connection, she sees traffic
that is inbound to a public IP address show up inside the production network bound for an
internal host that uses an RFC 1918 reserved address. What technology should she expect
is in use at the network border?
A. NAT
B. VLANs
C. S/ NAT
D. BGP - Which of the following statements about SSAE-18 is not true?
A. It mandates a specific control set.
B. It is an attestation standard.
C. It is used for external audits.
D. It uses a framework, including SOC 1, SOC 2, and SOC 3 reports.