GIAC Certified ISO-2700 Specialist Practice Test (G2700) Free Practice Test
Question 1
CORRECT TEXT
Sam uses Monte Carlo simulation to quantitatively assess cost and schedule risks of his project during planning processes. During risk monitoring and control, Sam repeats the technique, but it leads to different results. Which of the following cannot be the reason for the difference in results?
Sam uses Monte Carlo simulation to quantitatively assess cost and schedule risks of his project during planning processes. During risk monitoring and control, Sam repeats the technique, but it leads to different results. Which of the following cannot be the reason for the difference in results?
Correct Answer: C
Question 2
Which of the following types of attack can be used to break the best physical and logical security mechanism to gain access to a system?
Correct Answer: D
Question 3
Victor wants to send an encrypted message to his friend. He is using a steganography technique to accomplish his task. He takes a cover object and changes it accordingly to hide information.
This secret information is recovered only when the algorithm compares the changed cover with the original cover. Which of the following steganography methods is Victor using to accomplish his task?
This secret information is recovered only when the algorithm compares the changed cover with the original cover. Which of the following steganography methods is Victor using to accomplish his task?
Correct Answer: A
Question 4
Which of the following paragraphs of the Turnbull Guidance stated that the board of directors is responsible for the company's system of internal control?
Correct Answer: C
Question 5
Which of the following honeypots is a low-interaction honeypot and is used by companies or corporations for capturing limited information about malicious hackers?
Correct Answer: D
Question 6
Mark works as a Software Developer for TechNet Inc. He has recently been fired, as he was caught doing some illegal work in the organization. Before leaving the organization, he decided to retaliate against the organization. He deleted some of the system files and made some changes in the registry files created by him. Which of the following types of attacks has Mark performed?
Correct Answer: C
Question 7
Qualitative risk analysis includes judgment, intuition, and experience. Which of the following methods are used to perform qualitative risk analysis?
Each correct answer represents a complete solution. Choose all that apply.
Each correct answer represents a complete solution. Choose all that apply.
Correct Answer: B,C,D
Question 8
John works as a Security Administrator for uCertify Inc. As per his past experience, he wants to make a policy stating that any hardware devices containing information about the organization should be destroyed properly before they are thrown. After applying this policy, John will be able to ensure that the information on the devices will not fall into the hands of unauthorized persons after properly discarding the devices. Which of the following types of policies is John going to create?
Correct Answer: C
Question 9
Mark is the project manager of the HAR Project. The project is scheduled to last for eighteen months and six months already passed. Management asks Mark that how often the project team is participating in the risk reassessment of this project. What should Mark tell management if he is following the best practices for risk management?
Correct Answer: A