SSCP Exam Dumps | A central authority determines what subjects can have access to certain objects based on the organizational

Valid SSCP Dumps shared by EduDump.com for Helping Passing SSCP Exam! EduDump.com now offer the newest SSCP exam dumps, the EduDump.com SSCP exam questions have been updated and answers have been corrected get the newest EduDump.com SSCP dumps with Test Engine here:

Access SSCP Dumps Premium Version
(1338 Q&As Dumps, 35%OFF Special Discount Code: freecram)

<< Prev Question Next Question >>

Question 744/999

A central authority determines what subjects can have access to certain objects based on the organizational security policy is called:

A. Mandatory Access Control

B. Discretionary Access Control

C. Non-Discretionary Access Control

D. Rule-based Access control

Correct Answer: C

Section: Access Control
Explanation/Reference:
A central authority determines what subjects can have access to certain objects based on the organizational security policy.
The key focal point of this question is the 'central authority' that determines access rights.
Cecilia one of the quiz user has sent me feedback informing me that NIST defines MAC as: "MAC Policy means that Access Control Policy Decisions are made by a CENTRAL AUTHORITY. Which seems to indicate there could be two good answers to this question.
However if you read the NISTR document mentioned in the references below, it is also mentioned that: MAC is the most mentioned NDAC policy. So MAC is a form of NDAC policy.
Within the same document it is also mentioned: "In general, all access control policies other than DAC are grouped in the category of non- discretionary access control (NDAC). As the name implies, policies in this category have rules that are not established at the discretion of the user. Non-discretionary policies establish controls that cannot be changed by users, but only through administrative action." Under NDAC you have two choices:
Rule Based Access control and Role Base Access Control
MAC is implemented using RULES which makes it fall under RBAC which is a form of NDAC. It is a subset of NDAC.
This question is representative of what you can expect on the real exam where you have more than once choice that seems to be right. However, you have to look closely if one of the choices would be higher level or if one of the choice falls under one of the other choice. In this case NDAC is a better choice because MAC is falling under NDAC through the use of Rule Based Access Control.
The following are incorrect answers:
MANDATORY ACCESS CONTROL
In Mandatory Access Control the labels of the object and the clearance of the subject determines access rights, not a central authority. Although a central authority (Better known as the Data Owner) assigns the label to the object, the system does the determination of access rights automatically by comparing the Object label with the Subject clearance. The subject clearance MUST dominate (be equal or higher) than the object being accessed.
The need for a MAC mechanism arises when the security policy of a system dictates that:
1. Protection decisions must not be decided by the object owner.
2. The system must enforce the protection decisions (i.e., the system enforces the security policy over the wishes or intentions of the object owner).
Usually a labeling mechanism and a set of interfaces are used to determine access based on the MAC policy; for example, a user who is running a process at the Secret classification should not be allowed to read a file with a label of Top Secret. This is known as the "simple security rule," or "no read up." Conversely, a user who is running a process with a label of Secret should not be allowed to write to a file with a label of Confidential. This rule is called the "*-property" (pronounced "star property") or "no write down." The *- property is required to maintain system security in an automated environment.
DISCRETIONARY ACCESS CONTROL
In Discretionary Access Control the rights are determined by many different entities, each of the persons who have created files and they are the owner of that file, not one central authority.
DAC leaves a certain amount of access control to the discretion of the object's owner or anyone else who is authorized to control the object's access. For example, it is generally used to limit a user's access to a file; it is the owner of the file who controls other users' accesses to the file. Only those users specified by the owner may have some combination of read, write, execute, and other permissions to the file.
DAC policy tends to be very flexible and is widely used in the commercial and government sectors. However, DAC is known to be inherently weak for two reasons:
First, granting read access is transitive; for example, when Ann grants Bob read access to a file, nothing stops Bob from copying the contents of Ann's file to an object that Bob controls. Bob may now grant any other user access to the copy of Ann's file without Ann's knowledge.
Second, DAC policy is vulnerable to Trojan horse attacks. Because programs inherit the identity of the invoking user, Bob may, for example, write a program for Ann that, on the surface, performs some useful function, while at the same time destroys the contents of Ann's files. When investigating the problem, the audit files would indicate that Ann destroyed her own files. Thus, formally, the drawbacks of DAC are as follows:
Discretionary Access Control (DAC) Information can be copied from one object to another; therefore, there is no real assurance on the flow of information in a system.
No restrictions apply to the usage of information when the user has received it.
The privileges for accessing objects are decided by the owner of the object, rather than through a system-wide policy that reflects the organization's security requirements.
ACLs and owner/group/other access control mechanisms are by far the most common mechanism for implementing DAC policies. Other mechanisms, even though not designed with DAC in mind, may have the capabilities to implement a DAC policy.
RULE BASED ACCESS CONTROL
In Rule-based Access Control a central authority could in fact determine what subjects can have access when assigning the rules for access. However, the rules actually determine the access and so this is not the most correct answer.
RuBAC (as opposed to RBAC, role-based access control) allow users to access systems and information based on pre determined and configured rules. It is important to note that there is no commonly understood definition or formally defined standard for rule-based access control as there is for DAC, MAC, and RBAC.
"Rule-based access" is a generic term applied to systems that allow some form of organization-defined rules, and therefore rule-based access control encompasses a broad range of systems. RuBAC may in fact be combined with other models, particularly RBAC or DAC. A RuBAC system intercepts every access request and compares the rules with the rights of the user to make an access decision. Most of the rule-based access control relies on a security label system, which dynamically composes a set of rules defined by a security policy. Security labels are attached to all objects, including files, directories, and devices. Sometime roles to subjects (based on their attributes) are assigned as well. RuBAC meets the business needs as well as the technical needs of controlling service access. It allows business rules to be applied to access control-for example, customers who have overdue balances may be denied service access. As a mechanism for MAC, rules of RuBAC cannot be changed by users. The rules can be established by any attributes of a system related to the users such as domain, host, protocol, network, or IP addresses. For example, suppose that a user wants to access an object in another network on the other side of a router. The router employs RuBAC with the rule composed by the network addresses, domain, and protocol to decide whether or not the user can be granted access. If employees change their roles within the organization, their existing authentication credentials remain in effect and do not need to be re configured. Using rules in conjunction with roles adds greater flexibility because rules can be applied to people as well as to devices. Rule-based access control can be combined with role-based access control, such that the role of a user is one of the attributes in rule setting.
Some provisions of access control systems have rule- based policy engines in addition to a role-based policy engine and certain implemented dynamic policies [Des03]. For example, suppose that two of the primary types of software users are product engineers and quality engineers. Both groups usually have access to the same data, but they have different roles to perform in relation to the data and the application's function. In addition, individuals within each group have different job responsibilities that may be identified using several types of attributes such as developing programs and testing areas. Thus, the access decisions can be made in real time by a scripted policy that regulates the access between the groups of product engineers and quality engineers, and each individual within these groups. Rules can either replace or complement role-based access control. However, the creation of rules and security policies is also a complex process, so each organization will need to strike the appropriate balance.
References used for this question:
http://csrc.nist.gov/publications/nistir/7316/NISTIR-7316.pdf
and
AIO v3 p162-167 and OIG (2007) p.186-191
also
KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 33.

Question List (999q): Question 1: Why would anomaly detection IDSs often generate a large numb...; Question 2: Who is ultimately responsible for the security of computer b...; Question 3: What key size is used by the Clipper Chip?...; Question 4: Which of the following is the FIRST step in protecting data'...; Question 5: Which of the following describes a logical form of separatio...; Question 6: Within the context of the CBK, which of the following provid...; Question 7: When we encrypt or decrypt data there is a basic operation i...; Question 8: Which of the following is NOT a fundamental component of an ...; Question 9: What can best be defined as the sum of protection mechanisms...; Question 10: Which of the following prevents, detects, and corrects error...; Question 11: What can be defined as the maximum acceptable length of time...; Question 12: Which of the following should NOT be performed by an operato...; Question 13: Which of the following does NOT concern itself with key mana...; Question 14: What can be defined as a data structure that enumerates digi...; Question 15: Which of the following best describes signature-based detect...; Question 16: Organizations should not view disaster recovery as which of ...; Question 17: What algorithm has been selected as the AES algorithm, repla...; Question 18: Which of the following is an extension to Network Address Tr...; Question 19: How many bits is the effective length of the key of the Data...; Question 20: How often should a Business Continuity Plan be reviewed?...; Question 21: Which of the following security models does NOT concern itse...; Question 22: The IP header contains a protocol field. If this field conta...; Question 23: Which of the following statements pertaining to biometrics i...; Question 24: Which of the following statements is most accurate regarding...; Question 25: Which of the following would be an example of the best passw...; Question 26: ______________ is a Unix security scanning tool developed at...; Question 27: Information security policies are a ___________________....; Question 28: CORRECT TEXT An attempt to break an encryption algorithm is ...; Question 29: Which of the following computer crime is MORE often associat...; Question 30: Which of the following is defined as a key establishment pro...; Question 31: Which of the following backup methods is most appropriate fo...; Question 32: The standard of __________ states that a certain level of in...; Question 33: Which of the following would be true about Static password t...; Question 34: A Business Continuity Plan should be tested:...; Question 35: Which of the following refers to the data left on the media ...; Question 36: Which of the following algorithms is a stream cipher?...; Question 37: Which of the following is NOT a technique used to perform a ...; Question 38: Which of the following is true about link encryption?...; Question 39: A Security Kernel is defined as a strict implementation of a...; Question 40: This type of attack is generally most applicable to public-k...; Question 41: Why do buffer overflows happen? What is the main cause?...; Question 42: Which of the following backup methods is primarily run when ...; Question 43: Secure Sockets Layer (SSL) is very heavily used for protecti...; Question 44: IT security measures should:; Question 45: Which division of the Orange Book deals with discretionary p...; Question 46: Proxies works by transferring a copy of each accepted data p...; Question 47: What does it mean to say that sensitivity labels are "incomp...; Question 48: When a station communicates on the network for the first tim...; Question 49: A good password policy uses which of the following guideline...; Question 50: What protocol is used on the Local Area Network (LAN) to obt...; Question 51: According to the annual CSI/FBI Computer Crime report, which...; Question 52: Which of the following statements pertaining to packet switc...; Question 53: Which type of encryption is considered to be unbreakable if ...; Question 54: Which of the following is the primary reason why a user woul...; Question 55: Which of the following protocols does not operate at the dat...; Question 56: Which of the following describes a technique in which a numb...; Question 57: Controls like guards and general steps to maintain building ...; Question 58: How many bits of a MAC address uniquely identify a vendor, a...; Question 59: Which of the following statements pertaining to PPTP (Point-...; Question 60: Who is responsible for initiating corrective measures and ca...; Question 61: In an online transaction processing system (OLTP), which of ...; Question 62: Which of the following would be used to implement Mandatory ...; Question 63: You work in a police department forensics lab where you exam...; Question 64: Which of the following would constitute the best example of ...; Question 65: Only law enforcement personnel are qualified to do computer ...; Question 66: Which backup type run at regular intervals would take the le...; Question 67: What is the main focus of the Bell-LaPadula security model?...; Question 68: When backing up an applications system's data, which of the ...; Question 69: Which of the following are NT Audit events? (Choose all that...; Question 70: Which of the following statements relating to the Bell-LaPad...; Question 71: What are the three FUNDAMENTAL principles of security?...; Question 72: What is NOT true about a one-way hashing function?...; Question 73: Which of the following is true of network security?...; Question 74: Which of the following would be used to implement Mandatory ...; Question 75: Which of the following would best describe secondary evidenc...; Question 76: Making sure that only those who are supposed to access the d...; Question 77: Which of the following is a device that is used to regenerat...; Question 78: The following is NOT a security characteristic we need to co...; Question 79: Which OSI/ISO layer does a SOCKS server operate at?...; Question 80: Which of the following does not address Database Management ...; Question 81: ___________________ viruses change the code order of the str...; Question 82: Which of the following protects Kerberos against replay atta...; Question 83: What is Kerberos?; Question 84: Which of the following security mode of operation does NOT r...; Question 85: Which of the following biometric devices has the lowest user...; Question 86: Who developed one of the first mathematical models of a mult...; Question 87: Controls are implemented to:; Question 88: Which of the following exemplifies proper separation of duti...; Question 89: Which of the following phases of a software development life...; Question 90: Which of the following is NOT a common backup method?...; Question 91: The first step in the implementation of the contingency plan...; Question 92: Which of the following was developed by the National Compute...; Question 93: What is the Maximum Tolerable Downtime (MTD)?...; Question 94: What can best be defined as the detailed examination and tes...; Question 95: Which of the following protocols operates at the session lay...; Question 96: How is Annualized Loss Expectancy (ALE) derived from a threa...; Question 97: What can be defined as a batch process dumping backup data t...; Question 98: What is defined as the rules for communicating between compu...; Question 99: Which of the following Operation Security controls is intend...; Question 100: What does the simple security (ss) property mean in the Bell...; Question 101: Which of the following is related to physical security and i...; Question 102: Which of the following is NOT true about IPSec Tunnel mode?...; Question 103: What would be the name of a Logical or Virtual Table dynamic...; Question 104: Which of the following is true of two-factor authentication?...; Question 105: The Terminal Access Controller Access Control System (TACACS...; Question 106: What is the act of obtaining information of a higher sensiti...; Question 107: What does the simple security (ss) property mean in the Bell...; Question 108: Which TCSEC class specifies discretionary protection?...; Question 109: Which one of the following authentication mechanisms creates...; Question 110: The DES algorithm is an example of what type of cryptography...; Question 111: When two or more separate entities (usually persons) operati...; Question 112: Pin, Password, Passphrases, Tokens, smart cards, and biometr...; Question 113: Which of the following protection devices is used for spot p...; Question 114: Which of the following statements pertaining to software tes...; Question 115: What is called the percentage at which the False Rejection R...; Question 116: In the context of network enumeration by an outside attacker...; Question 117: Cryptography does not concern itself with which of the follo...; Question 118: The property of a system or a system resource being accessib...; Question 119: Which type of password provides maximum security because a n...; Question 120: If an operating system permits shared resources such as memo...; Question 121: Which of the following BEST describes a function relying on ...; Question 122: What is the maximum key size for the RC5 algorithm?...; Question 123: As a result of a risk assessment, your security manager has ...; Question 124: Which of the following is true about Kerberos?...; Question 125: Of the following, which is NOT a specific loss criteria that...; Question 126: What mechanism automatically causes an alarm originating in ...; Question 127: Which of the following is not a component of a Operations Se...; Question 128: The general philosophy for DMZ's is that:...; Question 129: A DMZ is also known as a; Question 130: Which of the following is true related to network sniffing?...; Question 131: Which of the following service is a distributed database tha...; Question 132: In stateful inspection firewalls, packets are:...; Question 133: Which of the following is a tool often used to reduce the ri...; Question 134: What is the main issue with media reuse?...; Question 135: If your property Insurance has Replacement Cost Valuation (R...; Question 136: What would BEST define risk management?...; Question 137: What security model is dependent on security labels?...; Question 138: What is called the formal acceptance of the adequacy of a sy...; Question 139: Which of the following is not a logical control when impleme...; Question 140: Which of the following was developed in order to protect aga...; Question 141: Memory management in TCSEC levels B3 and A1 operating system...; Question 142: Which of the following is the MOST important aspect relating...; Question 143: The fact that a network-based IDS reviews packets payload an...; Question 144: Which of the following assertions is NOT true about pattern ...; Question 145: Which of the following is not a physical control for physica...; Question 146: Who can best decide what are the adequate technical security...; Question 147: Which of the following access control models requires defini...; Question 148: What is the difference between Advisory and Regulatory secur...; Question 149: Which of the following is a device that is used to regenerat...; Question 150: How is Annualized Loss Expectancy (ALE) derived from a threa...; Question 151: Which of the following centralized access control mechanisms...; Question 152: Which of the following statements pertaining to a security p...; Question 153: Passwords can be required to change monthly, quarterly, or a...; Question 154: Transport Layer Security (TLS) is a two-layered socket layer...; Question 155: Each of the following is a valid step in handling incidents ...; Question 156: Which access control model provides upper and lower bounds o...; Question 157: Which of the following is not one of the three goals of Inte...; Question 158: What security principle is based on the division of job resp...; Question 159: Which protocol makes USE of an electronic wallet on a custom...; Question 160: The Orange Book states that "Hardware and software features ...; Question 161: Which port does the Post Office Protocol Version 3 (POP3) ma...; Question 162: Which of the following is the FIRST step in protecting data'...; Question 163: What is the primary goal of setting up a honeypot?...; Question 164: One of the following statements about the differences betwee...; Question 165: In which of the following phases of system development life ...; Question 166: There are ______ available service ports...; Question 167: Which of the following describes a computer processing archi...; Question 168: Which of the following can best be defined as a key distribu...; Question 169: A security policy is a rigid set of rules that must be follo...; Question 170: Which of the following is the most critical item from a disa...; Question 171: What is the PRIMARY goal of incident handling?...; Question 172: In which layer of the OSI Model are connection-oriented prot...; Question 173: Which of the following transmission media would NOT be affec...; Question 174: Which of the following access control techniques best gives ...; Question 175: Which of the following services relies on UDP?...; Question 176: A variation of the application layer firewall is called a:...; Question 177: Before the advent of classless addressing, the address 128.1...; Question 178: What is the PRIMARY use of a password?...; Question 179: Kerberos is vulnerable to replay in which of the following c...; Question 180: For which areas of the enterprise are business continuity pl...; Question 181: The Logical Link Control sub-layer is a part of which of the...; Question 182: Which one of these formulas is used in Quantitative risk ana...; Question 183: The primary purpose for using one-way hashing of user passwo...; Question 184: Which of the following statements is NOT true of IPSec Trans...; Question 185: Which of the following is a trusted, third party authenticat...; Question 186: What is the name of the third party authority that vouches f...; Question 187: What type of cable is used with 100Base-TX Fast Ethernet?...; Question 188: Which of the following is NOT a common category/classificati...; Question 189: Which of the following security controls might force an oper...; Question 190: Which of the following are the steps usually followed in the...; Question 191: Which of the following is true related to network sniffing?...; Question 192: Which of the following is best defined as a circumstance in ...; Question 193: Which of the following categories of hackers poses the great...; Question 194: Which of the following is an example of a connectionless com...; Question 195: Kerberos depends upon what encryption method?...; Question 196: Which of the following statements pertaining to firewalls is...; Question 197: Is the person who is attempting to log on really who they sa...; Question 198: Which of the following is NOT a VPN communications protocol ...; Question 199: Which of the following is TRUE regarding Transmission Contro...; Question 200: What assesses potential loss that could be caused by a disas...; Question 201: Which xDSL flavour delivers both downstream and upstream spe...; Question 202: Which of the following is considered the MOST secure?...; Question 203: What key size is used by the Clipper Chip?...; Question 204: Business Continuity and Disaster Recovery Planning (Primaril...; Question 205: The session layer provides a logical persistent connection b...; Question 206: In an organization where there are frequent personnel change...; Question 207: Which of the following standards is concerned with message h...; Question 208: Which of the following is a CHARACTERISTIC of a decision sup...; Question 209: Public Key Infrastructure (PKI) uses asymmetric key encrypti...; Question 210: Which of the following encryption methods is known to be unb...; Question 211: Like the Kerberos protocol, SESAME is also subject to which ...; Question 212: How long are IPv4 addresses?; Question 213: Which one of the following is used to provide authentication...; Question 214: The MOST common threat that impacts a business's ability to ...; Question 215: Where parties do not have a shared secret and large quantiti...; Question 216: Knowledge-based Intrusion Detection Systems (IDS) are more c...; Question 217: What is called an automated means of identifying or authenti...; Question 218: Which of the following would provide the BEST stress testing...; Question 219: A one way hash converts a string of random length into a ___...; Question 220: What protocol is used to match an IP address to the appropri...; Question 221: The general philosophy for DMZ's is that:...; Question 222: As per RFC 1122, which of the following is not a defined lay...; Question 223: Controls like guards and general steps to maintain building ...; Question 224: Which of the following backup methods makes a complete backu...; Question 225: Which of the following is the best reason for the use of an ...; Question 226: Which of the following is less likely to be included in the ...; Question 227: Secure Sockets Layer (SSL) is very heavily used for protecti...; Question 228: What type of software can be used to prevent, detect (and po...; Question 229: Which of the following is true about Kerberos?...; Question 230: Ensuring least privilege does not require:...; Question 231: Computer-generated evidence is considered:...; Question 232: What is a limitation of TCP Wrappers?...; Question 233: Which of the following backup sites is the most effective fo...; Question 234: What does "residual risk" mean?...; Question 235: Which of the following biometric devices has the lowest user...; Question 236: The criteria for evaluating the legal requirements for imple...; Question 237: Which backup method is used if backup time is critical and t...; Question 238: What are the components of an object's sensitivity label?...; Question 239: Which of the following does NOT concern itself with key mana...; Question 240: Why would a memory dump be admissible as evidence in court?...; Question 241: A DMZ is located:; Question 242: Making sure that the data has not been changed unintentional...; Question 243: What is the effective key size of DES?...; Question 244: In biometrics, "one-to-many" search against database of stor...; Question 245: Knowledge-based Intrusion Detection Systems (IDS) are more c...; Question 246: What can best be defined as the sum of protection mechanisms...; Question 247: Which of the following is not a DES mode of operation?...; Question 248: One of these statements about the key elements of a good con...; Question 249: Which of the following protocols' primary function is to sen...; Question 250: Which of the following protocols is not implemented at the I...; Question 251: Which is the last line of defense in a physical security sen...; Question 252: The throughput rate is the rate at which individuals, once e...; Question 253: Which of the following best defines source routing?...; Question 254: Which of the following services is NOT provided by the digit...; Question 255: What mechanism does a system use to compare the security lab...; Question 256: Failure of a contingency plan is usually:...; Question 257: What is the Biba security model concerned with?...; Question 258: Sensitivity labels are an example of what application contro...; Question 259: Which of the following is needed for System Accountability?...; Question 260: Which layer of the OSI model handles encryption?...; Question 261: Companies can now be sued for privacy violations just as eas...; Question 262: What protocol is used to match an IP address to the appropri...; Question 263: Within the legal domain what rule is concerned with the lega...; Question 264: The type of discretionary access control (DAC) that is based...; Question 265: Which of the following devices enables more than one signal ...; Question 266: The ___________ protocol converts IP addresses (logical) to ...; Question 267: In the context of network enumeration by an outside attacker...; Question 268: Which backup method only copies files that have been recentl...; Question 269: The following is NOT a security characteristic we need to co...; Question 270: Java is not:; Question 271: What can be described as an imaginary line that separates th...; Question 272: When considering an IT System Development Life-cycle, securi...; Question 273: During the salvage of the Local Area Network and Servers, wh...; Question 274: CORRECT TEXT The two categories of threats are natural and _...; Question 275: An area of the Telecommunications and Network Security domai...; Question 276: The following is NOT a security characteristic we need to co...; Question 277: In the context of Biometric authentication, what is a quick ...; Question 278: Because all the secret keys are held and authentication is p...; Question 279: Which of the following protocols that provide integrity and ...; Question 280: CORRECT TEXT ______________ is a high speed data routing tec...; Question 281: Which type of attack consists of modifying the length and fr...; Question 282: Which of the following is used to interrupt the opportunity ...; Question 283: What are the two most critical aspects of risk analysis? (Ch...; Question 284: Degaussing is used to clear data from all of the following m...; Question 285: What is called the use of technologies such as fingerprint, ...; Question 286: Which of the following is the act of performing tests and ev...; Question 287: Who first described the DoD multilevel military security pol...; Question 288: Which of the following protocol was used by the INITIAL vers...; Question 289: This is a common security issue that is extremely hard to co...; Question 290: Cable modems are less secure than DSL connections because ca...; Question 291: Encapsulating Security Payload (ESP) provides some of the se...; Question 292: Recovery Site Strategies for the technology environment depe...; Question 293: In order to be able to successfully prosecute an intruder:...; Question 294: Which of the following is true about Kerberos?...; Question 295: What can be defined as an instance of two different keys gen...; Question 296: Which of the following is the primary security feature of a ...; Question 297: Which of the following statements pertaining to block cipher...; Question 298: Which of the following statements pertaining to biometrics i...; Question 299: Which of the following is not an example of a block cipher?...; Question 300: In biometric identification systems, at the beginning, it wa...; Question 301: Which of the following technologies has been developed to su...; Question 302: What attack involves the perpetrator sending spoofed packet(...; Question 303: Which of the following Kerberos components holds all users' ...; Question 304: Which of the following is the most critical item from a disa...; Question 305: Words appearing in the English dictionary are not considered...; Question 306: When you update records in multiple locations or you make a ...; Question 307: In an online transaction processing system (OLTP), which of ...; Question 308: ICMP and IGMP belong to which layer of the OSI model?...; Question 309: Which of the following choices describe a Challenge-response...; Question 310: Which of the following is not a physical control for physica...; Question 311: The Data Encryption Algorithm performs how many rounds of su...; Question 312: To protect and/or restore lost, corrupted, or deleted inform...; Question 313: What is called an event or activity that has the potential t...; Question 314: Which of the following is less likely to accompany a conting...; Question 315: Which of the following is an Internet IPsec protocol to nego...; Question 316: Which of the following types of Intrusion Detection Systems ...; Question 317: Which encryption algorithm is BEST suited for communication ...; Question 318: Which conceptual approach to intrusion detection system is t...; Question 319: Which of the following is an example of a passive attack?...; Question 320: A public key algorithm that does both encryption and digital...; Question 321: In a SSL session between a client and a server, who is respo...; Question 322: Which of the following is a CHARACTERISTIC of a decision sup...; Question 323: Penetration testing involves three steps. At which step shou...; Question 324: Which of the following are additional terms used to describe...; Question 325: What layer of the OSI/ISO model does Point-to-point tunnelli...; Question 326: Which of the following would be the MOST serious risk where ...; Question 327: Which of the following would best classify as a management c...; Question 328: What is also known as 10Base5?; Question 329: Which of the following access control techniques best gives ...; Question 330: Which integrity model defines a constrained data item, an in...; Question 331: Which access control type has a central authority that deter...; Question 332: Which of the following outlined how senior management are re...; Question 333: Which of the following Kerberos components holds all users' ...; Question 334: Which backup method does not reset the archive bit on files ...; Question 335: Why is traffic across a packet switched network difficult to...; Question 336: What is it called when a computer uses more than one CPU in ...; Question 337: In biometric identification systems, the parts of the body c...; Question 338: This is a common security issue that is extremely hard to co...; Question 339: Which of the following is an example of discretionary access...; Question 340: What would be the Annualized Rate of Occurrence (ARO) of the...; Question 341: What is the difference between Access Control Lists (ACLs) a...; Question 342: Digital Certificates use which protocol?...; Question 343: Which of the following statements pertaining to IPSec is inc...; Question 344: This type of supporting evidence is used to help prove an id...; Question 345: Which of the following issues is not addressed by digital si...; Question 346: Controls like guards and general steps to maintain building ...; Question 347: What is the greatest danger from DHCP?...; Question 348: Which of the following concerning the Rijndael block cipher ...; Question 349: When a station communicates on the network for the first tim...; Question 350: Who of the following is responsible for ensuring that proper...; Question 351: Which of the following is an IP address that is private (i.e...; Question 352: Business Continuity Planning (BCP) is not defined as a prepa...; Question 353: In the course of responding to and handling an incident, you...; Question 354: One purpose of a security awareness program is to modify:...; Question 355: Which device acting as a translator is used to connect two n...; Question 356: Which of the following statements pertaining to the security...; Question 357: Which of the following is the WEAKEST authentication mechani...; Question 358: Which of the following statements pertaining to Secure Socke...; Question 359: What is electronic vaulting?; Question 360: Which of the following networking devices allows the connect...; Question 361: Which of the following type of cryptography is used when bot...; Question 362: In a stateful inspection firewall, data packets are captured...; Question 363: What refers to legitimate users accessing networked services...; Question 364: How would an IP spoofing attack be best classified?...; Question 365: As a result of a risk assessment, your security manager has ...; Question 366: Which of the following is addressed by Kerberos?...; Question 367: A group of independent servers, which are managed as a singl...; Question 368: Which of the following is NOT a property of the Rijndael blo...; Question 369: To control access by a subject (an active entity such as ind...; Question 370: In the context of access control, locks, gates, guards are e...; Question 371: Which of the following is NOT true of the Kerberos protocol?...; Question 372: The Diffie-Hellman algorithm is used for:...; Question 373: Which of the following is NOT true about IPSec Tunnel mode?...; Question 374: In response to Access-request from a client such as a Networ...; Question 375: A _________ is an information path that is not normally used...; Question 376: Which of the following is a token-passing scheme like token ...; Question 377: Which of the following classes is the first level (lower) de...; Question 378: Authentication Headers (AH) and Encapsulating Security Paylo...; Question 379: What is the main difference between computer abuse and compu...; Question 380: Why would a memory dump be admissible as evidence in court?...; Question 381: The concept of best effort delivery is best associated with?...; Question 382: Which of the following protocol was used by the INITIAL vers...; Question 383: A server cluster looks like a:; Question 384: What enables a workstation to boot without requiring a hard ...; Question 385: Which of the following is the WEAKEST authentication mechani...; Question 386: The end result of implementing the principle of least privil...; Question 387: Physical security is accomplished through proper facility co...; Question 388: A contingency plan should address:...; Question 389: What is called the percentage of valid subjects that are fal...; Question 390: Which of the following categories of hackers poses the great...; Question 391: What can be defined as a data structure that enumerates digi...; Question 392: The controls that usually require a human to evaluate the in...; Question 393: Which of the following would best describe a Concealment cip...; Question 394: Which of the following is a disadvantage of a statistical an...; Question 395: Which of the following protects Kerberos against replay atta...; Question 396: A channel within a computer system or network that is design...; Question 397: If your property Insurance has Actual Cash Valuation (ACV) c...; Question 398: Which of the following elements of telecommunications is not...; Question 399: Kerberos depends upon what encryption method?...; Question 400: An alternative to using passwords for authentication in logi...; Question 401: What type of attack involves IP spoofing, ICMP ECHO and a bo...; Question 402: Which type of password token involves time synchronization?...; Question 403: Who should direct short-term recovery actions immediately fo...; Question 404: In telephony different types of connections are being used. ...; Question 405: Risk analysis is MOST useful when applied during which phase...; Question 406: This baseline sets certain thresholds for specific errors or...; Question 407: The change control process:; Question 408: Which of the following is not a property of the Rijndael blo...; Question 409: When preparing a business continuity plan, who of the follow...; Question 410: A confidential number used as an authentication factor to ve...; Question 411: What is NOT an authentication method within IKE and IPsec?...; Question 412: During the salvage of the Local Area Network and Servers, wh...; Question 413: Which of the following is NOT true about IPSec Tunnel mode?...; Question 414: Which one of the following authentication mechanisms creates...; Question 415: Which of the following is a method of multiplexing data wher...; Question 416: Under the Business Exemption Rule to the hearsay evidence, w...; Question 417: What security problem is most likely to exist if an operatin...; Question 418: Which of the following is a symmetric encryption algorithm?...; Question 419: Which encryption algorithm is BEST suited for communication ...; Question 420: Which of the following encryption algorithms does not deal w...; Question 421: Which of the following is NOT a technique used to perform a ...; Question 422: Which security model is based on the military classification...; Question 423: A weakness or lack of a safeguard, which may be exploited by...; Question 424: Which of the following standards concerns digital certificat...; Question 425: Which of the following packets should NOT be dropped at a fi...; Question 426: Which of the following Kerberos components holds all users' ...; Question 427: What is the main concern with single sign-on?...; Question 428: EDI (Electronic Data Interchange) differs from e-Commerce in...; Question 429: The Telecommunications Security Domain of information securi...; Question 430: Out of the steps listed below, which one is not one of the s...; Question 431: The Computer Security Policy Model the Orange Book is based ...; Question 432: The Data Encryption Algorithm performs how many rounds of su...; Question 433: What is the greatest danger from DHCP?...; Question 434: Which of the following item would best help an organization ...; Question 435: A Business Continuity Plan should be tested:...; Question 436: ____________ is a file system that was poorly designed and h...; Question 437: Which backup method is used if backup time is critical and t...; Question 438: Devices that supply power when the commercial utility power ...; Question 439: Which of the following is NOT a technical control?...; Question 440: What level of assurance for a digital certificate verifies a...; Question 441: This type of supporting evidence is used to help prove an id...; Question 442: Which of the following was developed to address some of the ...; Question 443: What is the difference between Access Control Lists (ACLs) a...; Question 444: Which of the following keys has the SHORTEST lifespan?...; Question 445: Which of the following was designed as a more fault-tolerant...; Question 446: ____________ is used in mission critical systems and applica...; Question 447: Which of the following is not appropriate in addressing obje...; Question 448: A public key algorithm that does both encryption and digital...; Question 449: PGP & PEM are programs that allow users to send encrypte...; Question 450: Which of the following elements of telecommunications is not...; Question 451: The IP header contains a protocol field. If this field conta...; Question 452: What is the PRIMARY reason to maintain the chain of custody ...; Question 453: Sending an ICMP packet greater than 64Kb is an example of wh...; Question 454: What would be the name of a Logical or Virtual Table dynamic...; Question 455: Which of the following would be used to detect and correct e...; Question 456: Which of the following ports does NOT normally need to be op...; Question 457: A prolonged power supply that is below normal voltage is a:...; Question 458: This baseline sets certain thresholds for specific errors or...; Question 459: What is defined as the hardware, firmware and software eleme...; Question 460: Qualitative loss resulting from the business interruption do...; Question 461: Which of the following would best describe the difference be...; Question 462: Within the OSI model, at what layer are some of the SLIP, CS...; Question 463: In SSL/TLS protocol, what kind of authentication is supporte...; Question 464: Which of the following is not a logical control when impleme...; Question 465: Password management falls into which control category?...; Question 466: In an organization, an Information Technology security funct...; Question 467: What does "System Integrity" mean?...; Question 468: What is called the percentage of valid subjects that are fal...; Question 469: Which of the following is a problem regarding computer inves...; Question 470: CORRECT TEXT Public keys are used for ___________ messages a...; Question 471: Which of the following remote access authentication systems ...; Question 472: Which of the following is used to find the Media Access Cont...; Question 473: In Discretionary Access Control the subject has authority, w...; Question 474: Which of the following are additional access control objecti...; Question 475: Which of the following computer design approaches is based o...; Question 476: What is a common problem when using vibration detection devi...; Question 477: Under United States law, an investigator's notebook may be u...; Question 478: Which of the following biometric parameters are better suite...; Question 479: What is called the probability that a threat to an informati...; Question 480: Which of the following was not designed to be a proprietary ...; Question 481: In a SSL session between a client and a server, who is respo...; Question 482: Which of the following technologies has been developed to su...; Question 483: The typical computer fraudsters are usually persons with whi...; Question 484: Which authentication technique best protects against hijacki...; Question 485: Which of the following is a disadvantage of a statistical an...; Question 486: What is the Biba security model concerned with?...; Question 487: All hosts on an IP network have a logical ID called a(n):...; Question 488: Which of the following category of UTP cables is specified t...; Question 489: Attributes that characterize an attack are stored for refere...; Question 490: Which of the following are NOT a countermeasure to traffic a...; Question 491: Which of the following can prevent hijacking of a web sessio...; Question 492: At what stage of the applications development process should...; Question 493: The Information Technology Security Evaluation Criteria (ITS...; Question 494: ________ ___________ refers to the act of requiring more tha...; Question 495: Which of the following is the most secure form of triple-DES...; Question 496: Which of the following is a symmetric encryption algorithm?...; Question 497: Which of the following statements pertaining to disk mirrori...; Question 498: Which of the concepts best describes Availability in relatio...; Question 499: What mechanism automatically causes an alarm originating in ...; Question 500: The Information Technology Security Evaluation Criteria (ITS...; Question 501: Which xDSL flavour can deliver up to 52 Mbps downstream over...; Question 502: Who first described the DoD multilevel military security pol...; Question 503: Which of the following is NOT a part of a risk analysis?...; Question 504: Which of the following best defines source routing?...; Question 505: Which one of the following statements about the advantages a...; Question 506: What is Kerberos?; Question 507: Identification and authentication are the keystones of most ...; Question 508: The scope and focus of the Business continuity plan developm...; Question 509: A Security Kernel is defined as a strict implementation of a...; Question 510: In Discretionary Access Control the subject has authority, w...; Question 511: A contingency plan should address:...; Question 512: Which of the following is NOT a form of detective administra...; Question 513: Similar to Secure Shell (SSH-2), Secure Sockets Layer (SSL) ...; Question 514: What can be described as a measure of the magnitude of loss ...; Question 515: Which xDSL flavour, appropriate for home or small offices, d...; Question 516: Which of the following is the primary reason why a user woul...; Question 517: A momentary high voltage is a:; Question 518: The Trusted Computer Security Evaluation Criteria book (TCSE...; Question 519: Which of the following is NOT a characteristic of a host-bas...; Question 520: What is the goal of the Maintenance phase in a common develo...; Question 521: Brute force attacks against encryption keys have increased i...; Question 522: What can best be defined as high-level statements, beliefs, ...; Question 523: Secure Sockets Layer (SSL) is very heavily used for protecti...; Question 524: What is the primary goal of setting up a honeypot?...; Question 525: Which of the following is the biggest concern with firewall ...; Question 526: Which of the following focuses on sustaining an organization...; Question 527: When submitting a passphrase for authentication, the passphr...; Question 528: There are parallels between the trust models in Kerberos and...; Question 529: Passwords can be required to change monthly, quarterly, or a...; Question 530: What is the main purpose of Corporate Security Policy?...; Question 531: The Data Encryption Standard (DES) encryption algorithm has ...; Question 532: Kerberos is vulnerable to replay in which of the following c...; Question 533: Which of the following is an Internet IPsec protocol to nego...; Question 534: How should a risk be HANDLED when the cost of the countermea...; Question 535: Which protocol is used to send email?...; Question 536: What can be defined as secret communications where the very ...; Question 537: A true network security audit does include an audit for mode...; Question 538: Which of the following is the act of performing tests and ev...; Question 539: Why is infrared generally considered to be more secure to ea...; Question 540: Which of the following monitors network traffic in real time...; Question 541: PGP allows which of the following to be encrypted?...; Question 542: Remote Procedure Call (RPC) is a protocol that one program c...; Question 543: What Orange Book security rating is reserved for systems tha...; Question 544: The standard server port number for HTTP is which of the fol...; Question 545: Controls provide accountability for individuals who are acce...; Question 546: Which of the following is best defined as a circumstance in ...; Question 547: A potential problem related to the physical installation of ...; Question 548: Secure Shell (SSH-2) supports authentication, compression, c...; Question 549: IT security measures should:; Question 550: Which of the following is often the greatest challenge of di...; Question 551: Which of the following is the most secure form of triple-DES...; Question 552: Which of the following is a cryptographic protocol and infra...; Question 553: What is the maximum number of different keys that can be use...; Question 554: An effective information security policy should not have whi...; Question 555: External consistency ensures that the data stored in the dat...; Question 556: Degaussing is used to clear data from all of the following m...; Question 557: Why is Network File System (NFS) used?...; Question 558: Which of the following statements pertaining to disaster rec...; Question 559: Which of the following will a Business Impact Analysis NOT i...; Question 560: Which of the following is NOT a compensating measure for acc...; Question 561: Which of the following is immune to the effects of electroma...; Question 562: CORRECT TEXT A type of virus that resides in a Word or Excel...; Question 563: SMTP can best be described as:; Question 564: Each data packet is assigned the IP address of the sender an...; Question 565: Which of the following is NOT a task normally performed by a...; Question 566: Which of the following is not a responsibility of an informa...; Question 567: What type of attack involves IP spoofing, ICMP ECHO and a bo...; Question 568: Making sure that the data has not been changed unintentional...; Question 569: Which of the following is most concerned with personnel secu...; Question 570: Which of the following statements pertaining to the Bell-LaP...; Question 571: In non-discretionary access control using Role Based Access ...; Question 572: Which of the following statements pertaining to ethical hack...; Question 573: Which type of attack involves the alteration of a packet at ...; Question 574: The standard server port number for HTTP is which of the fol...; Question 575: At which OSI/ISO layer is an encrypted authentication betwee...; Question 576: The information security staff's participation in which of t...; Question 577: In addition to the Legal Department, with what company funct...; Question 578: Which of following is not a service provided by AAA servers ...; Question 579: Which of the following biometric characteristics cannot be u...; Question 580: A prolonged power supply that is below normal voltage is a:...; Question 581: Which of the following would be an example of the best passw...; Question 582: An effective information security policy should not have whi...; Question 583: Passwords can be required to change monthly, quarterly, or a...; Question 584: Which of the following is a trusted, third party authenticat...; Question 585: How often should a Business Continuity Plan be reviewed?...; Question 586: Which authentication technique best protects against hijacki...; Question 587: What is called the act of a user professing an identity to a...; Question 588: As per the Orange Book, what are two types of system assuran...; Question 589: Which protocol of the TCP/IP suite addresses reliable data t...; Question 590: What kind of encryption is realized in the S/MIME-standard?...; Question 591: Which of the following can be used as a covert channel?...; Question 592: What is the name of a one way transformation of a string of ...; Question 593: Kerberos can prevent which one of the following attacks?...; Question 594: What uses a key of the same length as the message where each...; Question 595: Which of the following centralized access control mechanisms...; Question 596: Secure Shell (SSH-2) supports authentication, compression, c...; Question 597: The control of communications test equipment should be clear...; Question 598: What is called the access protection system that limits conn...; Question 599: Which of the following algorithms is used today for encrypti...; Question 600: Which of the following Kerberos components holds all users' ...; Question 601: Brute force attacks against encryption keys have increased i...; Question 602: The RSA algorithm is an example of what type of cryptography...; Question 603: The preliminary steps to security planning include all of th...; Question 604: Which of the following computer design approaches is based o...; Question 605: Another example of Computer Incident Response Team (CIRT) ac...; Question 606: Which of the following assertions is NOT true about pattern ...; Question 607: Which of the following describes the major disadvantage of m...; Question 608: Which of the following is NOT a characteristic of a host-bas...; Question 609: The act of intercepting the first message in a public key ex...; Question 610: Which of the following classes is defined in the TCSEC (Oran...; Question 611: The basic language of modems and dial-up remote access syste...; Question 612: Which of the following is NOT a fundamental component of an ...; Question 613: Which of the following is defined as the most recent point i...; Question 614: Which of the following LAN topologies offers the highest ava...; Question 615: What kind of encryption is realized in the S/MIME-standard?...; Question 616: What is called the type of access control where there are pa...; Question 617: Degaussing is used to clear data from all of the following m...; Question 618: Good security is built on which of the following concept?...; Question 619: CORRECT TEXT ______________ relates to the concept of protec...; Question 620: Virus scanning and content inspection of SMIME encrypted e-m...; Question 621: Which of the following BEST explains why computerized inform...; Question 622: A standardized list of the most common security weaknesses a...; Question 623: Which of the following questions are least likely to help in...; Question 624: What is the primary reason why some sites choose not to impl...; Question 625: Which of the following transmission media would NOT be affec...; Question 626: What does "System Integrity" mean?...; Question 627: Secure Shell (SSH-2) provides all the following services exc...; Question 628: Which of the following networking devices allows the connect...; Question 629: What is the primary difference between FTP and TFTP?...; Question 630: Telnet and rlogin use which protocol?...; Question 631: Which of the following steps are involved in a basic risk as...; Question 632: What can be described as a measure of the magnitude of loss ...; Question 633: Computer security should be first and foremost which of the ...; Question 634: After a company is out of an emergency state, what should be...; Question 635: Which of the following access control models requires securi...; Question 636: What setup should an administrator use for regularly testing...; Question 637: Which of the following usually provides reliable, real-time ...; Question 638: Which of the following specifically addresses cyber attacks ...; Question 639: If a sender is unable to deny having sent an electronic tran...; Question 640: In what way can violation clipping levels assist in violatio...; Question 641: What is considered the most important type of error to avoid...; Question 642: Which of the following is NOT an example of an operational c...; Question 643: Which of the following should be emphasized during the Busin...; Question 644: To protect and/or restore lost, corrupted, or deleted inform...; Question 645: Which of the following is NOT a task normally performed by a...; Question 646: Which Network Address Translation (NAT) is the most convenie...; Question 647: Which of the following proves or disproves a specific act th...; Question 648: If an organization were to monitor their employees' e-mail, ...; Question 649: A department manager has read access to the salaries of the ...; Question 650: Which of the following service is a distributed database tha...; Question 651: Which of the following is NOT and encryption algorithm?...; Question 652: Which of the following is most affected by denial-of-service...; Question 653: Which of the following can best define the "revocation reque...; Question 654: Which of the following is NOT an advantage that TACACS+ has ...; Question 655: Which of the following best describes what would be expected...; Question 656: Once evidence is seized, a law enforcement officer should em...; Question 657: Which one of the following factors is NOT one on which Authe...; Question 658: What is NOT true about a one-way hashing function?...; Question 659: Which of the following is NOT a property of a one-way hash f...; Question 660: CORRECT TEXT Symmetric = private key = secret ________ = pub...; Question 661: Which of the following are suitable protocols for securing V...; Question 662: Several analysis methods can be employed by an IDS, each wit...; Question 663: Which protocol of the TCP/IP suite addresses reliable data t...; Question 664: CORRECT TEXT Unlike like viruses and worm, __________ are bo...; Question 665: Which of the following keys has the SHORTEST lifespan?...; Question 666: What algorithm has been selected as the AES algorithm, repla...; Question 667: Access Control techniques do not include which of the follow...; Question 668: Which type of algorithm is considered to have the highest st...; Question 669: Which of the following is an IP address that is private (i.e...; Question 670: What physical characteristic does a retinal scan biometric d...; Question 671: The IP header contains a protocol field. If this field conta...; Question 672: Which of the following access control models introduces user...; Question 673: Rule-Based Access Control (RuBAC) access is determined by ru...; Question 674: Which of the following is defined as an Internet, IPsec, key...; Question 675: What can be best defined as the examination of threat source...; Question 676: Which of the following Intrusion Detection Systems (IDS) use...; Question 677: What setup should an administrator use for regularly testing...; Question 678: What is called an exception to the search warrant requiremen...; Question 679: Which of the following is not a security goal for remote acc...; Question 680: In the statement below, fill in the blank: Law enforcement a...; Question 681: Which of the following BEST explains why computerized inform...; Question 682: Which of the following results in the most devastating busin...; Question 683: Which one of the following statements about the advantages a...; Question 684: Which type of attack is based on the probability of two diff...; Question 685: Which of the following is an example of discretionary access...; Question 686: ________, _________, and __________ are required to successf...; Question 687: In the UTP category rating, the tighter the wind:...; Question 688: A business continuity plan is an example of which of the fol...; Question 689: What does the (star) property mean in the Bell-LaPadula mode...; Question 690: Which type of attack consists of modifying the length and fr...; Question 691: Which of the following is a telecommunication device that tr...; Question 692: Knowledge-based Intrusion Detection Systems (IDS) are more c...; Question 693: Which of the following Intrusion Detection Systems (IDS) use...; Question 694: What is the name of the third party authority that vouches f...; Question 695: This is a common security issue that is extremely hard to co...; Question 696: What can be described as an imaginary line that separates th...; Question 697: What security model implies a central authority that define ...; Question 698: Kerberos can prevent which one of the following attacks?...; Question 699: Which of the following can be defined as the process of reru...; Question 700: Which of the following pairings uses technology to enforce a...; Question 701: In computing what is the name of a non-self-replicating type...; Question 702: Which of the following access control models requires securi...; Question 703: Which of the following NAT firewall translation modes offers...; Question 704: In the Bell-LaPadula model, the Star-property is also called...; Question 705: Virus scanning and content inspection of SMIME encrypted e-m...; Question 706: Which of the following statements pertaining to stream ciphe...; Question 707: In biometric identification systems, at the beginning, it wa...; Question 708: Which of the following is a method of multiplexing data wher...; Question 709: How often should tests and disaster recovery drills be perfo...; Question 710: Which OSI/ISO layers are TCP and UDP implemented at?...; Question 711: Which of the following results in the most devastating busin...; Question 712: Which of the following is NOT an administrative control?...; Question 713: Which of the following is most affected by denial-of-service...; Question 714: Which of the following BEST explains why computerized inform...; Question 715: Which of the following is based on the premise that the qual...; Question 716: Which of the following is less likely to be used today in cr...; Question 717: Which of the following ports does NOT normally need to be op...; Question 718: What is the 802.11 standard related to?...; Question 719: Which of the following is NOT true of the Kerberos protocol?...; Question 720: Which access model is most appropriate for companies with a ...; Question 721: In telephony different types of connections are being used. ...; Question 722: Which of the following protects a password from eavesdropper...; Question 723: Java is not:; Question 724: Which of the following statements pertaining to software tes...; Question 725: What are called user interfaces that limit the functions tha...; Question 726: A prolonged power supply that is below normal voltage is a:...; Question 727: Which of the following would NOT violate the Due Diligence c...; Question 728: Which of the following statements pertaining to disaster rec...; Question 729: The IP header contains a protocol field. If this field conta...; Question 730: Which of the following identifies the encryption algorithm s...; Question 731: What attribute is included in a X.509-certificate?...; Question 732: Which of the following would best describe certificate path ...; Question 733: Today, privacy violations are almost as serious as security ...; Question 734: What is the most critical characteristic of a biometric iden...; Question 735: Which of the following biometric devices offers the LOWEST C...; Question 736: What Orange Book security rating is reserved for systems tha...; Question 737: Which of the following is true related to network sniffing?...; Question 738: Which of the following is NOT a common category/classificati...; Question 739: ___________ programs decrease the number of security inciden...; Question 740: Which of the following best ensures accountability of users ...; Question 741: Which of the following is NOT a common backup method?...; Question 742: Which of the following best describes the purpose of debuggi...; Question 743: Which of the following should NOT normally be allowed throug...; Question 744: A central authority determines what subjects can have access...; Question 745: Which of the following would be true about Static password t...; Question 746: Why are coaxial cables called "coaxial"?...; Question 747: Which of the following is a not a preventative control?...; Question 748: Which of the following services is NOT provided by the digit...; Question 749: When a biometric system is used, which error type deals with...; Question 750: What ISO/OSI layer do switches primarily operate at? Do take...; Question 751: Under the Business Exemption Rule to the hearsay evidence, w...; Question 752: Macintosh computers are not at risk for receiving viruses....; Question 753: Which of the following is based on the premise that the qual...; Question 754: Which of the following is a method of multiplexing data wher...; Question 755: Which of the following items is NOT a benefit of cold sites?...; Question 756: While there are many different models for IT system life cyc...; Question 757: After a company is out of an emergency state, what should be...; Question 758: Which of the following choice is NOT normally part of the qu...; Question 759: Which of the following statements pertaining to access contr...; Question 760: What can best be defined as high-level statements, beliefs, ...; Question 761: What is NOT an authentication method within IKE and IPsec?...; Question 762: Which access control model achieves data integrity through w...; Question 763: Which of the following protection devices is used for spot p...; Question 764: Controls are implemented to:; Question 765: Which of the following is NOT a characteristic or shortcomin...; Question 766: Which xDSL flavour delivers both downstream and upstream spe...; Question 767: Organizations should consider which of the following first b...; Question 768: In order to use L0pht, the ___________ must be exported from...; Question 769: What is the maximum key size for the RC5 algorithm?...; Question 770: Which of the following statements pertaining to packet filte...; Question 771: Masquerading is synonymous with __________....; Question 772: Which of the following statements pertaining to block cipher...; Question 773: Which of the following is related to physical security and i...; Question 774: Which must bear the primary responsibility for determining t...; Question 775: The information security staff's participation in which of t...; Question 776: Which of the following is not a responsibility of an informa...; Question 777: Which of the following answers is described as a random valu...; Question 778: Which of the following statements is most accurate regarding...; Question 779: Which of the following best defines add-on security?...; Question 780: Which of the following is a problem regarding computer inves...; Question 781: Which of the following is used to find the Media Access Cont...; Question 782: Diffie Hellman, RSA, and ___________ are all examples of Pub...; Question 783: Which disaster recovery plan test involves functional repres...; Question 784: Which of the following tools is NOT likely to be used by a h...; Question 785: Which of the following is best at defeating frequency analys...; Question 786: Which access control type has a central authority that deter...; Question 787: A periodic review of user account management should not dete...; Question 788: Application Layer Firewalls operate at the:...; Question 789: HTTP, FTP, SMTP reside at which layer of the OSI model?...; Question 790: Which of the following can best eliminate dial-up access thr...; Question 791: How many bits of a MAC address uniquely identify a vendor, a...; Question 792: Failure of a contingency plan is usually:...; Question 793: Which of the following is a token-passing scheme like token ...; Question 794: Which of the following steps should be one of the first step...; Question 795: What is the effective key size of DES?...; Question 796: What is the role of IKE within the IPsec protocol?...; Question 797: Which of the following binds a subject name to a public key ...; Question 798: The Information Technology Security Evaluation Criteria (ITS...; Question 799: Which of the following is used to interrupt the opportunity ...; Question 800: The Secure Hash Algorithm (SHA-1) creates:...; Question 801: Which of the following is the BEST way to detect software li...; Question 802: What IDS approach relies on a database of known attacks?...; Question 803: Controls to keep password sniffing attacks from compromising...; Question 804: Which software development model is actually a meta-model th...; Question 805: Which of the following statements pertaining to ethical hack...; Question 806: If an employee's computer has been used by a fraudulent empl...; Question 807: Which of the following statements pertaining to RADIUS is in...; Question 808: Of the reasons why a Disaster Recovery plan gets outdated, w...; Question 809: Several analysis methods can be employed by an IDS, each wit...; Question 810: Which of the following questions is less likely to help in a...; Question 811: A confidential number used as an authentication factor to ve...; Question 812: CORRECT TEXT EICAR is an example of a _____________ used to ...; Question 813: Which of the following is a trusted, third party authenticat...; Question 814: What term describes the amount of risk that remains after th...; Question 815: RADIUS incorporates which of the following services?...; Question 816: What is malware that can spread itself over open network con...; Question 817: Which type of control is concerned with restoring controls?...; Question 818: What are the three performance measurements used in biometri...; Question 819: Which of the following is a cryptographic protocol and infra...; Question 820: Which of the following is immune to the effects of electroma...; Question 821: Which of the following statements pertaining to software tes...; Question 822: Which of the following does not address Database Management ...; Question 823: Volatile memory is referred to as ROM....; Question 824: Which of the following does not address Database Management ...; Question 825: Complete the blanks. When using PKI, I digitally sign a mess...; Question 826: In biometrics, "one-to-many" search against database of stor...; Question 827: Which of the following is an IP address that is private (i.e...; Question 828: Which of the following would be an example of the best passw...; Question 829: Which of the following questions are least likely to help in...; Question 830: Which of the following can be used as a covert channel?...; Question 831: What enables a workstation to boot without requiring a hard ...; Question 832: Which of the following is not a component of a Operations Se...; Question 833: What is the main objective of proper separation of duties?...; Question 834: Which of the following is the most reliable, secure means of...; Question 835: DES - Data Encryption standard has a 128 bit key and is very...; Question 836: Which of the following statements pertaining to disaster rec...; Question 837: Which type of firewall can be used to track connectionless p...; Question 838: Which of the following best allows risk management results t...; Question 839: Which of the following security models does NOT concern itse...; Question 840: Like the Kerberos protocol, SESAME is also subject to which ...; Question 841: Which of the following groups represents the leading source ...; Question 842: In order to enable users to perform tasks and duties without...; Question 843: What physical characteristic does a retinal scan biometric d...; Question 844: All hosts on an IP network have a logical ID called a(n):...; Question 845: Which of the following statements pertaining to key manageme...; Question 846: Related to information security, confidentiality is the oppo...; Question 847: Which of the following is NOT a basic component of security ...; Question 848: A ______________ is a means, method, or program to neutraliz...; Question 849: Why should batch files and scripts be stored in a protected ...; Question 850: Which of the following is considered the weakest link in a s...; Question 851: CORRECT TEXT SATAN is a _____________ based tool and COPS is...; Question 852: In the course of responding to and handling an incident, you...; Question 853: __________ attacks capitalize on programming errors and can ...; Question 854: To control access by a subject (an active entity such as ind...; Question 855: The RSA Algorithm uses which mathematical concept as the bas...; Question 856: Which xDSL flavour can deliver up to 52 Mbps downstream over...; Question 857: Which of the following is not one of the three goals of Inte...; Question 858: Under the principle of culpable negligence, executives can b...; Question 859: Which of the following is NOT a VPN communications protocol ...; Question 860: Which of the following statements pertaining to VPN protocol...; Question 861: Which of the following best defines a Computer Security Inci...; Question 862: Which of the following should NOT normally be allowed throug...; Question 863: What can best be described as a domain of trust that shares ...; Question 864: Which of the following is the most reliable, secure means of...; Question 865: You have been tasked to develop an effective information cla...; Question 866: What is defined as the manner in which the network devices a...; Question 867: Which of the following was developed by the National Compute...; Question 868: Which of the following is needed for System Accountability?...; Question 869: Which of the following was designed as a more fault-tolerant...; Question 870: Insiders have a clear advantage in committing computer crime...; Question 871: What is the primary role of smartcards in a PKI?...; Question 872: Which of the following is given the responsibility of the ma...; Question 873: Preservation of confidentiality within information systems r...; Question 874: Which of the following is NOT a proper component of Media Vi...; Question 875: Which cable technology refers to the CAT3 and CAT5 categorie...; Question 876: In SSL/TLS protocol, what kind of authentication is supporte...; Question 877: Which of the following was not designed to be a proprietary ...; Question 878: What are called user interfaces that limit the functions tha...; Question 879: Which of the following cannot be undertaken in conjunction o...; Question 880: Preservation of confidentiality within information systems r...; Question 881: In order to be able to successfully prosecute an intruder:...; Question 882: Which of the following is an advantage in using a bottom-up ...; Question 883: What can best be described as a domain of trust that shares ...; Question 884: What is the proper term to refer to a single unit of Etherne...; Question 885: What is NOT true with pre shared key authentication within I...; Question 886: Who of the following is responsible for ensuring that proper...; Question 887: Which of the following is used to monitor network traffic or...; Question 888: Which of the following classes is the first level (lower) de...; Question 889: Which of the following is addressed by Kerberos?...; Question 890: What is the appropriate role of the security analyst in the ...; Question 891: In the UTP category rating, the tighter the wind:...; Question 892: Which of the following is the most reliable authentication m...; Question 893: Which of the following would MOST likely ensure that a syste...; Question 894: Which of the following is NOT a common backup method?...; Question 895: A circuit level proxy is ___________________ when compared t...; Question 896: What can be defined as an instance of two different keys gen...; Question 897: Which of the following types of Intrusion Detection Systems ...; Question 898: Which of the following biometric characteristics cannot be u...; Question 899: Which of the following is not a two-factor authentication me...; Question 900: What can be defined as an instance of two different keys gen...; Question 901: The typical computer fraudsters are usually persons with whi...; Question 902: Which of the following are WELL KNOWN PORTS assigned by the ...; Question 903: Which of the following control pairing places emphasis on "s...; Question 904: The three classic ways of authenticating yourself to the com...; Question 905: When it comes to magnetic media sanitization, what differenc...; Question 906: Which of the following results in the most devastating busin...; Question 907: Which of the following backup method must be made regardless...; Question 908: Which of the following is a tool often used to reduce the ri...; Question 909: Which of the following would best classify as a management c...; Question 910: Which of the following would best define a digital envelope?...; Question 911: Asynchronous Communication transfers data by sending:...; Question 912: In biometrics, the "one-to-one" search used to verify claim ...; Question 913: During which phase of an IT system life cycle are security r...; Question 914: CORRECT TEXT :A _________ refers to hidden code or instructi...; Question 915: Transport Layer Security (TLS) is a two-layered socket layer...; Question 916: Which of the following protocols is designed to send individ...; Question 917: What attribute is included in a X.509-certificate?...; Question 918: What does it mean to say that sensitivity labels are "incomp...; Question 919: In SSL/TLS protocol, what kind of authentication is supporte...; Question 920: Unclassified, Private, Confidential, Secret, Top Secret, and...; Question 921: In response to Access-request from a client such as a Networ...; Question 922: The communications products and services, which ensure that ...; Question 923: Which of the following rules is least likely to support the ...; Question 924: Which of the following is biggest factor that makes Computer...; Question 925: How should a risk be HANDLED when the cost of the countermea...; Question 926: Which of the following is used to find the Media Access Cont...; Question 927: CORRECT TEXT ______________ is a major component of an overa...; Question 928: Which of the following would be used to detect and correct e...; Question 929: Which of the following tape formats can be used to backup da...; Question 930: Which of the following algorithms is a stream cipher?...; Question 931: Which of the following encryption algorithms does not deal w...; Question 932: Which of the following type of traffic can easily be filtere...; Question 933: Which of the following is the core of fiber optic cables mad...; Question 934: To be admissible in court, computer evidence must be which o...; Question 935: In non-discretionary access control using Role Based Access ...; Question 936: Your ATM card is a form of two-factor authentication for wha...; Question 937: How do you distinguish between a bridge and a router?...; Question 938: Which is NOT a suitable method for distributing certificate ...; Question 939: Which of the following is an example of discretionary access...; Question 940: A deviation from an organization-wide security policy requir...; Question 941: Which of the following control pairing places emphasis on "s...; Question 942: Which of the following is an example of an active attack?...; Question 943: Which of the following is an IDS that acquires data and defi...; Question 944: A server cluster looks like a:; Question 945: Physical security is accomplished through proper facility co...; Question 946: Which of the following is an advantage that UDP has over TCP...; Question 947: The control of communications test equipment should be clear...; Question 948: Which of the following is defined as a key establishment pro...; Question 949: Which of the following would NOT violate the Due Diligence c...; Question 950: Define the term tuple.; Question 951: When should a post-mortem review meeting be held after an in...; Question 952: A business continuity plan should list and prioritize the se...; Question 953: Which of the following is related to physical security and i...; Question 954: The basic language of modems and dial-up remote access syste...; Question 955: Which of the following would assist the most in Host Based i...; Question 956: At which layer of ISO/OSI does the fiber optics work?...; Question 957: Which of the following is NOT a transaction redundancy imple...; Question 958: Which OSI/ISO layers are TCP and UDP implemented at?...; Question 959: In discretionary access environments, which of the following...; Question 960: What algorithm was DES derived from?...; Question 961: As telnet is widely know to be insecure, one time passwords ...; Question 962: To protect and/or restore lost, corrupted, or deleted inform...; Question 963: Which of the following item would best help an organization ...; Question 964: Which of the following statements pertaining to using Kerber...; Question 965: How should a risk be HANDLED when the cost of the countermea...; Question 966: Which of the following is implemented through scripts or sma...; Question 967: Sandra has used Ethereal, a packet sniffer, to listen in on ...; Question 968: How do you distinguish between a bridge and a router?...; Question 969: Each data packet is assigned the IP address of the sender an...; Question 970: When preparing a business continuity plan, who of the follow...; Question 971: What can be described as an imaginary line that separates th...; Question 972: What is NOT true with pre shared key authentication within I...; Question 973: Application Layer Firewalls operate at the:...; Question 974: Which of the following are WELL KNOWN PORTS assigned by the ...; Question 975: In what way can violation clipping levels assist in violatio...; Question 976: In the context of network enumeration by an outside attacker...; Question 977: What is the primary reason why some sites choose not to impl...; Question 978: Which backup method copies only files that have changed sinc...; Question 979: What is a TFTP server most useful for?...; Question 980: Which of the following computer recovery sites is only parti...; Question 981: What is the framing specification used for transmitting digi...; Question 982: What mechanism does a system use to compare the security lab...; Question 983: Guards are appropriate whenever the function required by the...; Question 984: Which of the following prevents, detects, and corrects error...; Question 985: CORRECT TEXT NIPC stands for _____ _____ _____ ______ and is...; Question 986: Which of the following security modes of operation involves ...; Question 987: Which of the following was developed as a simple mechanism f...; Question 988: Which of the following is not an example of a block cipher?...; Question 989: Which of the following would be MOST important to guarantee ...; Question 990: Although they are accused of being one in the same, hackers ...; Question 991: The IP header contains a protocol field. If this field conta...; Question 992: Which of the following access control models is based on sen...; Question 993: Telnet and rlogin use which protocol?...; Question 994: Which of the following statements pertaining to key manageme...; Question 995: Which of the following standards is concerned with message h...; Question 996: Decentralized access control allows ______________________....; Question 997: What security control provides a method to insure that a tra...; Question 998: Risk mitigation and risk reduction controls for providing in...; Question 999: Which of the following is most likely to be useful in detect...

Question 744/999

LEAVE A REPLY

Download PDF File