Unlock document.
This document is partially blurred.
Unlock all pages and 1 million more documents.
Get Access
If a PC fails its initial NAC health assessment, it may be ________.
A) refused access
B) allowed to go to a remediation server and other nonsensitive resources
C) Either A or B
D) Neither A nor B
Answer:
________ is the destruction of hardware, software, or data.
A) Sabotage
B) Hacking
C) Extortion
D) Denial of Service
Answer:
Which of the following is not one of the three elements in the fraud and abuse triangle?
A) Opportunity
B) Resistance
C) Rationalization
D) Pressure
Answer:
TCP messages are called ________.
A) packets
B) frames
C) datagrams
D) segments
Answer:
Which of the following is true?
A) Human password resets are dangerous.
B) Automated password resets are dangerous.
C) Both A and B
D) Neither A nor B
Answer:
In TCP, if a receiver receives a damaged TCP segment, it ________.
A) sends a negative acknowledgement
B) sends the segment back to the original sender
C) does nothing
D) None of the above.
Answer:
Giving a user permissions to use a certain resource is ________.
A) authentication
B) authorization
C) Both A and B
D) Neither A nor B
Answer:
The party that is ultimately held accountable for a resource or control is ________.
A) the owner
B) the trustee
C) the accredited security officer
D) the certified security officer
Answer:
________ examines IT processes for efficiency, effectiveness, and adequate controls.
A) Internal auditing
B) Financial auditing
C) IT auditing
D) None of the above
Answer:
________ often get their authentication information from ________.
A) Directory servers, central authentication servers
B) Central authentication servers, metadirectory servers
C) Central authentication servers, directory servers
D) Metadirectory servers, central authentication servers
Answer:
________ are check lists of what should be done in a specific procedure.
A) Baselines
B) Guidelines
C) Standards
D) Procedures
Answer:
WEP typically takes ________ to crack today.
A) minutes
B) hours
C) days
D) weeks
Answer:
The TCP ________ field is designed to control the other party's transmission rate.
A) segment
B) flow
C) window
D) maximum
Answer:
Another name for RAID 0 is ________.
A) Mirroring
B) Distributed Parity
C) Striping
D) None of the above
Answer:
A(n) ________ is the set of attributes about a person or resource that must be revealed
in a particular context.
A) template
B) subtemplate
C) identity
D) None of the above
Answer:
A commonly SSL/TLS-aware application is ________.
A) webservice
B) database
C) Both A and B
D) Neither A nor B
Answer:
Iris recognition technology is ________ and ________.
A) expensive, has low FARs
B) expensive, has high FARs
C) inexpensive, has low FARs
D) inexpensive, has high FARs
Answer:
A network that runs on the customer premises is a ________.
A) LAN
B) WAN
C) Both A and B
D) Neither A nor B
Answer:
________ is a VoIP service that currently offers free calling among its customers over
the Internet and reduced-cost calling to and from Public Switched Telephone Network
customers.
A) Skype
B) SIP
C) SPIT
D) IM
Answer:
________ are sets of specific actions to be taken to harden all hosts of a particular type
and of particular versions within each type.
A) Processes
B) Security baselines
C) Procedures
D) None of the above
Answer:
Which of the following sends passwords in the clear?
A) FTP
B) SSH
C) Both A and B
D) Neither A nor B
Answer:
________ is a single countermeasure composed of multiple interdependent components
in series that require all components to succeed if the countermeasure is to succeed.
A) Defense in depth
B) Weakest link
C) Both A and B
D) Neither A nor B
Answer:
________ attacks take advantage of flawed human judgment by convincing the victim
to take actions that are counter to security policies. (Choose the best answer.)
A) Social engineering
B) Spam
C) E-mail attachment
D) Mobile code
Answer:
The book recommends that passwords be at least ________ characters long.
A) 6
B) 8
C) 20
D) 100
Answer:
Which of the following fields are contained on a digital certificate?
A) Public key
B) Digital signature
C) Serial number
D) All of the above
Answer:
________ detection looks at traffic patterns for deviations from set norms.
A) Signature
B) Anomaly
C) Both A and B
D) Neither A nor B
Answer:
Stateful packet inspection firewalls ________.
A) always do application content filtering
B) have the slow speed of relay operation
C) Both A and B
D) Neither A nor B
Answer:
________ deals with the violation of criminal statutes.
A) Criminal law
B) Civil law
C) Both A and B
D) Neither A nor B
Answer:
The verifier itself determines the identity of the supplicant in ________.
A) verification
B) identification
C) Both A and B
D) Neither A nor B
Answer:
Integrated log files are ________ event logs from multiple IDSs.
A) filtered
B) correlated
C) aggregated
D) All of the above
Answer:
DLL triggers are used to ________.
A) maliciously attack databases
B) produce automatic responses if the data of the database has been altered.
C) Both A and B
D) Neither A nor B
Answer:
SSL/TLS provides security ________.
A) between the sender and his or her e-mail server
B) all the way between the sender and the receiver
C) Both A and B
D) Neither A nor B
Answer:
