SSCP Exam Dumps | In an organization, an Information Technology security function should:

<< Prev Question Next Question >>

Question 466/999

In an organization, an Information Technology security function should:

A. Be a function within the information systems function of an organization.

B. Report directly to a specialized business unit such as legal, corporate security or insurance.

C. Be lead by a Chief Security Officer and report directly to the CEO.

D. Be independent but report to the Information Systems function.

Question List (999q): Question 1: Why would anomaly detection IDSs often generate a large numb...; Question 2: Who is ultimately responsible for the security of computer b...; Question 3: What key size is used by the Clipper Chip?...; Question 4: Which of the following is the FIRST step in protecting data'...; Question 5: Which of the following describes a logical form of separatio...; Question 6: Within the context of the CBK, which of the following provid...; Question 7: When we encrypt or decrypt data there is a basic operation i...; Question 8: Which of the following is NOT a fundamental component of an ...; Question 9: What can best be defined as the sum of protection mechanisms...; Question 10: Which of the following prevents, detects, and corrects error...; Question 11: What can be defined as the maximum acceptable length of time...; Question 12: Which of the following should NOT be performed by an operato...; Question 13: Which of the following does NOT concern itself with key mana...; Question 14: What can be defined as a data structure that enumerates digi...; Question 15: Which of the following best describes signature-based detect...; Question 16: Organizations should not view disaster recovery as which of ...; Question 17: What algorithm has been selected as the AES algorithm, repla...; Question 18: Which of the following is an extension to Network Address Tr...; Question 19: How many bits is the effective length of the key of the Data...; Question 20: How often should a Business Continuity Plan be reviewed?...; Question 21: Which of the following security models does NOT concern itse...; Question 22: The IP header contains a protocol field. If this field conta...; Question 23: Which of the following statements pertaining to biometrics i...; Question 24: Which of the following statements is most accurate regarding...; Question 25: Which of the following would be an example of the best passw...; Question 26: ______________ is a Unix security scanning tool developed at...; Question 27: Information security policies are a ___________________....; Question 28: CORRECT TEXT An attempt to break an encryption algorithm is ...; Question 29: Which of the following computer crime is MORE often associat...; Question 30: Which of the following is defined as a key establishment pro...; Question 31: Which of the following backup methods is most appropriate fo...; Question 32: The standard of __________ states that a certain level of in...; Question 33: Which of the following would be true about Static password t...; Question 34: A Business Continuity Plan should be tested:...; Question 35: Which of the following refers to the data left on the media ...; Question 36: Which of the following algorithms is a stream cipher?...; Question 37: Which of the following is NOT a technique used to perform a ...; Question 38: Which of the following is true about link encryption?...; Question 39: A Security Kernel is defined as a strict implementation of a...; Question 40: This type of attack is generally most applicable to public-k...; Question 41: Why do buffer overflows happen? What is the main cause?...; Question 42: Which of the following backup methods is primarily run when ...; Question 43: Secure Sockets Layer (SSL) is very heavily used for protecti...; Question 44: IT security measures should:; Question 45: Which division of the Orange Book deals with discretionary p...; Question 46: Proxies works by transferring a copy of each accepted data p...; Question 47: What does it mean to say that sensitivity labels are "incomp...; Question 48: When a station communicates on the network for the first tim...; Question 49: A good password policy uses which of the following guideline...; Question 50: What protocol is used on the Local Area Network (LAN) to obt...; Question 51: According to the annual CSI/FBI Computer Crime report, which...; Question 52: Which of the following statements pertaining to packet switc...; Question 53: Which type of encryption is considered to be unbreakable if ...; Question 54: Which of the following is the primary reason why a user woul...; Question 55: Which of the following protocols does not operate at the dat...; Question 56: Which of the following describes a technique in which a numb...; Question 57: Controls like guards and general steps to maintain building ...; Question 58: How many bits of a MAC address uniquely identify a vendor, a...; Question 59: Which of the following statements pertaining to PPTP (Point-...; Question 60: Who is responsible for initiating corrective measures and ca...; Question 61: In an online transaction processing system (OLTP), which of ...; Question 62: Which of the following would be used to implement Mandatory ...; Question 63: You work in a police department forensics lab where you exam...; Question 64: Which of the following would constitute the best example of ...; Question 65: Only law enforcement personnel are qualified to do computer ...; Question 66: Which backup type run at regular intervals would take the le...; Question 67: What is the main focus of the Bell-LaPadula security model?...; Question 68: When backing up an applications system's data, which of the ...; Question 69: Which of the following are NT Audit events? (Choose all that...; Question 70: Which of the following statements relating to the Bell-LaPad...; Question 71: What are the three FUNDAMENTAL principles of security?...; Question 72: What is NOT true about a one-way hashing function?...; Question 73: Which of the following is true of network security?...; Question 74: Which of the following would be used to implement Mandatory ...; Question 75: Which of the following would best describe secondary evidenc...; Question 76: Making sure that only those who are supposed to access the d...; Question 77: Which of the following is a device that is used to regenerat...; Question 78: The following is NOT a security characteristic we need to co...; Question 79: Which OSI/ISO layer does a SOCKS server operate at?...; Question 80: Which of the following does not address Database Management ...; Question 81: ___________________ viruses change the code order of the str...; Question 82: Which of the following protects Kerberos against replay atta...; Question 83: What is Kerberos?; Question 84: Which of the following security mode of operation does NOT r...; Question 85: Which of the following biometric devices has the lowest user...; Question 86: Who developed one of the first mathematical models of a mult...; Question 87: Controls are implemented to:; Question 88: Which of the following exemplifies proper separation of duti...; Question 89: Which of the following phases of a software development life...; Question 90: Which of the following is NOT a common backup method?...; Question 91: The first step in the implementation of the contingency plan...; Question 92: Which of the following was developed by the National Compute...; Question 93: What is the Maximum Tolerable Downtime (MTD)?...; Question 94: What can best be defined as the detailed examination and tes...; Question 95: Which of the following protocols operates at the session lay...; Question 96: How is Annualized Loss Expectancy (ALE) derived from a threa...; Question 97: What can be defined as a batch process dumping backup data t...; Question 98: What is defined as the rules for communicating between compu...; Question 99: Which of the following Operation Security controls is intend...; Question 100: What does the simple security (ss) property mean in the Bell...; Question 101: Which of the following is related to physical security and i...; Question 102: Which of the following is NOT true about IPSec Tunnel mode?...; Question 103: What would be the name of a Logical or Virtual Table dynamic...; Question 104: Which of the following is true of two-factor authentication?...; Question 105: The Terminal Access Controller Access Control System (TACACS...; Question 106: What is the act of obtaining information of a higher sensiti...; Question 107: What does the simple security (ss) property mean in the Bell...; Question 108: Which TCSEC class specifies discretionary protection?...; Question 109: Which one of the following authentication mechanisms creates...; Question 110: The DES algorithm is an example of what type of cryptography...; Question 111: When two or more separate entities (usually persons) operati...; Question 112: Pin, Password, Passphrases, Tokens, smart cards, and biometr...; Question 113: Which of the following protection devices is used for spot p...; Question 114: Which of the following statements pertaining to software tes...; Question 115: What is called the percentage at which the False Rejection R...; Question 116: In the context of network enumeration by an outside attacker...; Question 117: Cryptography does not concern itself with which of the follo...; Question 118: The property of a system or a system resource being accessib...; Question 119: Which type of password provides maximum security because a n...; Question 120: If an operating system permits shared resources such as memo...; Question 121: Which of the following BEST describes a function relying on ...; Question 122: What is the maximum key size for the RC5 algorithm?...; Question 123: As a result of a risk assessment, your security manager has ...; Question 124: Which of the following is true about Kerberos?...; Question 125: Of the following, which is NOT a specific loss criteria that...; Question 126: What mechanism automatically causes an alarm originating in ...; Question 127: Which of the following is not a component of a Operations Se...; Question 128: The general philosophy for DMZ's is that:...; Question 129: A DMZ is also known as a; Question 130: Which of the following is true related to network sniffing?...; Question 131: Which of the following service is a distributed database tha...; Question 132: In stateful inspection firewalls, packets are:...; Question 133: Which of the following is a tool often used to reduce the ri...; Question 134: What is the main issue with media reuse?...; Question 135: If your property Insurance has Replacement Cost Valuation (R...; Question 136: What would BEST define risk management?...; Question 137: What security model is dependent on security labels?...; Question 138: What is called the formal acceptance of the adequacy of a sy...; Question 139: Which of the following is not a logical control when impleme...; Question 140: Which of the following was developed in order to protect aga...; Question 141: Memory management in TCSEC levels B3 and A1 operating system...; Question 142: Which of the following is the MOST important aspect relating...; Question 143: The fact that a network-based IDS reviews packets payload an...; Question 144: Which of the following assertions is NOT true about pattern ...; Question 145: Which of the following is not a physical control for physica...; Question 146: Who can best decide what are the adequate technical security...; Question 147: Which of the following access control models requires defini...; Question 148: What is the difference between Advisory and Regulatory secur...; Question 149: Which of the following is a device that is used to regenerat...; Question 150: How is Annualized Loss Expectancy (ALE) derived from a threa...; Question 151: Which of the following centralized access control mechanisms...; Question 152: Which of the following statements pertaining to a security p...; Question 153: Passwords can be required to change monthly, quarterly, or a...; Question 154: Transport Layer Security (TLS) is a two-layered socket layer...; Question 155: Each of the following is a valid step in handling incidents ...; Question 156: Which access control model provides upper and lower bounds o...; Question 157: Which of the following is not one of the three goals of Inte...; Question 158: What security principle is based on the division of job resp...; Question 159: Which protocol makes USE of an electronic wallet on a custom...; Question 160: The Orange Book states that "Hardware and software features ...; Question 161: Which port does the Post Office Protocol Version 3 (POP3) ma...; Question 162: Which of the following is the FIRST step in protecting data'...; Question 163: What is the primary goal of setting up a honeypot?...; Question 164: One of the following statements about the differences betwee...; Question 165: In which of the following phases of system development life ...; Question 166: There are ______ available service ports...; Question 167: Which of the following describes a computer processing archi...; Question 168: Which of the following can best be defined as a key distribu...; Question 169: A security policy is a rigid set of rules that must be follo...; Question 170: Which of the following is the most critical item from a disa...; Question 171: What is the PRIMARY goal of incident handling?...; Question 172: In which layer of the OSI Model are connection-oriented prot...; Question 173: Which of the following transmission media would NOT be affec...; Question 174: Which of the following access control techniques best gives ...; Question 175: Which of the following services relies on UDP?...; Question 176: A variation of the application layer firewall is called a:...; Question 177: Before the advent of classless addressing, the address 128.1...; Question 178: What is the PRIMARY use of a password?...; Question 179: Kerberos is vulnerable to replay in which of the following c...; Question 180: For which areas of the enterprise are business continuity pl...; Question 181: The Logical Link Control sub-layer is a part of which of the...; Question 182: Which one of these formulas is used in Quantitative risk ana...; Question 183: The primary purpose for using one-way hashing of user passwo...; Question 184: Which of the following statements is NOT true of IPSec Trans...; Question 185: Which of the following is a trusted, third party authenticat...; Question 186: What is the name of the third party authority that vouches f...; Question 187: What type of cable is used with 100Base-TX Fast Ethernet?...; Question 188: Which of the following is NOT a common category/classificati...; Question 189: Which of the following security controls might force an oper...; Question 190: Which of the following are the steps usually followed in the...; Question 191: Which of the following is true related to network sniffing?...; Question 192: Which of the following is best defined as a circumstance in ...; Question 193: Which of the following categories of hackers poses the great...; Question 194: Which of the following is an example of a connectionless com...; Question 195: Kerberos depends upon what encryption method?...; Question 196: Which of the following statements pertaining to firewalls is...; Question 197: Is the person who is attempting to log on really who they sa...; Question 198: Which of the following is NOT a VPN communications protocol ...; Question 199: Which of the following is TRUE regarding Transmission Contro...; Question 200: What assesses potential loss that could be caused by a disas...; Question 201: Which xDSL flavour delivers both downstream and upstream spe...; Question 202: Which of the following is considered the MOST secure?...; Question 203: What key size is used by the Clipper Chip?...; Question 204: Business Continuity and Disaster Recovery Planning (Primaril...; Question 205: The session layer provides a logical persistent connection b...; Question 206: In an organization where there are frequent personnel change...; Question 207: Which of the following standards is concerned with message h...; Question 208: Which of the following is a CHARACTERISTIC of a decision sup...; Question 209: Public Key Infrastructure (PKI) uses asymmetric key encrypti...; Question 210: Which of the following encryption methods is known to be unb...; Question 211: Like the Kerberos protocol, SESAME is also subject to which ...; Question 212: How long are IPv4 addresses?; Question 213: Which one of the following is used to provide authentication...; Question 214: The MOST common threat that impacts a business's ability to ...; Question 215: Where parties do not have a shared secret and large quantiti...; Question 216: Knowledge-based Intrusion Detection Systems (IDS) are more c...; Question 217: What is called an automated means of identifying or authenti...; Question 218: Which of the following would provide the BEST stress testing...; Question 219: A one way hash converts a string of random length into a ___...; Question 220: What protocol is used to match an IP address to the appropri...; Question 221: The general philosophy for DMZ's is that:...; Question 222: As per RFC 1122, which of the following is not a defined lay...; Question 223: Controls like guards and general steps to maintain building ...; Question 224: Which of the following backup methods makes a complete backu...; Question 225: Which of the following is the best reason for the use of an ...; Question 226: Which of the following is less likely to be included in the ...; Question 227: Secure Sockets Layer (SSL) is very heavily used for protecti...; Question 228: What type of software can be used to prevent, detect (and po...; Question 229: Which of the following is true about Kerberos?...; Question 230: Ensuring least privilege does not require:...; Question 231: Computer-generated evidence is considered:...; Question 232: What is a limitation of TCP Wrappers?...; Question 233: Which of the following backup sites is the most effective fo...; Question 234: What does "residual risk" mean?...; Question 235: Which of the following biometric devices has the lowest user...; Question 236: The criteria for evaluating the legal requirements for imple...; Question 237: Which backup method is used if backup time is critical and t...; Question 238: What are the components of an object's sensitivity label?...; Question 239: Which of the following does NOT concern itself with key mana...; Question 240: Why would a memory dump be admissible as evidence in court?...; Question 241: A DMZ is located:; Question 242: Making sure that the data has not been changed unintentional...; Question 243: What is the effective key size of DES?...; Question 244: In biometrics, "one-to-many" search against database of stor...; Question 245: Knowledge-based Intrusion Detection Systems (IDS) are more c...; Question 246: What can best be defined as the sum of protection mechanisms...; Question 247: Which of the following is not a DES mode of operation?...; Question 248: One of these statements about the key elements of a good con...; Question 249: Which of the following protocols' primary function is to sen...; Question 250: Which of the following protocols is not implemented at the I...; Question 251: Which is the last line of defense in a physical security sen...; Question 252: The throughput rate is the rate at which individuals, once e...; Question 253: Which of the following best defines source routing?...; Question 254: Which of the following services is NOT provided by the digit...; Question 255: What mechanism does a system use to compare the security lab...; Question 256: Failure of a contingency plan is usually:...; Question 257: What is the Biba security model concerned with?...; Question 258: Sensitivity labels are an example of what application contro...; Question 259: Which of the following is needed for System Accountability?...; Question 260: Which layer of the OSI model handles encryption?...; Question 261: Companies can now be sued for privacy violations just as eas...; Question 262: What protocol is used to match an IP address to the appropri...; Question 263: Within the legal domain what rule is concerned with the lega...; Question 264: The type of discretionary access control (DAC) that is based...; Question 265: Which of the following devices enables more than one signal ...; Question 266: The ___________ protocol converts IP addresses (logical) to ...; Question 267: In the context of network enumeration by an outside attacker...; Question 268: Which backup method only copies files that have been recentl...; Question 269: The following is NOT a security characteristic we need to co...; Question 270: Java is not:; Question 271: What can be described as an imaginary line that separates th...; Question 272: When considering an IT System Development Life-cycle, securi...; Question 273: During the salvage of the Local Area Network and Servers, wh...; Question 274: CORRECT TEXT The two categories of threats are natural and _...; Question 275: An area of the Telecommunications and Network Security domai...; Question 276: The following is NOT a security characteristic we need to co...; Question 277: In the context of Biometric authentication, what is a quick ...; Question 278: Because all the secret keys are held and authentication is p...; Question 279: Which of the following protocols that provide integrity and ...; Question 280: CORRECT TEXT ______________ is a high speed data routing tec...; Question 281: Which type of attack consists of modifying the length and fr...; Question 282: Which of the following is used to interrupt the opportunity ...; Question 283: What are the two most critical aspects of risk analysis? (Ch...; Question 284: Degaussing is used to clear data from all of the following m...; Question 285: What is called the use of technologies such as fingerprint, ...; Question 286: Which of the following is the act of performing tests and ev...; Question 287: Who first described the DoD multilevel military security pol...; Question 288: Which of the following protocol was used by the INITIAL vers...; Question 289: This is a common security issue that is extremely hard to co...; Question 290: Cable modems are less secure than DSL connections because ca...; Question 291: Encapsulating Security Payload (ESP) provides some of the se...; Question 292: Recovery Site Strategies for the technology environment depe...; Question 293: In order to be able to successfully prosecute an intruder:...; Question 294: Which of the following is true about Kerberos?...; Question 295: What can be defined as an instance of two different keys gen...; Question 296: Which of the following is the primary security feature of a ...; Question 297: Which of the following statements pertaining to block cipher...; Question 298: Which of the following statements pertaining to biometrics i...; Question 299: Which of the following is not an example of a block cipher?...; Question 300: In biometric identification systems, at the beginning, it wa...; Question 301: Which of the following technologies has been developed to su...; Question 302: What attack involves the perpetrator sending spoofed packet(...; Question 303: Which of the following Kerberos components holds all users' ...; Question 304: Which of the following is the most critical item from a disa...; Question 305: Words appearing in the English dictionary are not considered...; Question 306: When you update records in multiple locations or you make a ...; Question 307: In an online transaction processing system (OLTP), which of ...; Question 308: ICMP and IGMP belong to which layer of the OSI model?...; Question 309: Which of the following choices describe a Challenge-response...; Question 310: Which of the following is not a physical control for physica...; Question 311: The Data Encryption Algorithm performs how many rounds of su...; Question 312: To protect and/or restore lost, corrupted, or deleted inform...; Question 313: What is called an event or activity that has the potential t...; Question 314: Which of the following is less likely to accompany a conting...; Question 315: Which of the following is an Internet IPsec protocol to nego...; Question 316: Which of the following types of Intrusion Detection Systems ...; Question 317: Which encryption algorithm is BEST suited for communication ...; Question 318: Which conceptual approach to intrusion detection system is t...; Question 319: Which of the following is an example of a passive attack?...; Question 320: A public key algorithm that does both encryption and digital...; Question 321: In a SSL session between a client and a server, who is respo...; Question 322: Which of the following is a CHARACTERISTIC of a decision sup...; Question 323: Penetration testing involves three steps. At which step shou...; Question 324: Which of the following are additional terms used to describe...; Question 325: What layer of the OSI/ISO model does Point-to-point tunnelli...; Question 326: Which of the following would be the MOST serious risk where ...; Question 327: Which of the following would best classify as a management c...; Question 328: What is also known as 10Base5?; Question 329: Which of the following access control techniques best gives ...; Question 330: Which integrity model defines a constrained data item, an in...; Question 331: Which access control type has a central authority that deter...; Question 332: Which of the following outlined how senior management are re...; Question 333: Which of the following Kerberos components holds all users' ...; Question 334: Which backup method does not reset the archive bit on files ...; Question 335: Why is traffic across a packet switched network difficult to...; Question 336: What is it called when a computer uses more than one CPU in ...; Question 337: In biometric identification systems, the parts of the body c...; Question 338: This is a common security issue that is extremely hard to co...; Question 339: Which of the following is an example of discretionary access...; Question 340: What would be the Annualized Rate of Occurrence (ARO) of the...; Question 341: What is the difference between Access Control Lists (ACLs) a...; Question 342: Digital Certificates use which protocol?...; Question 343: Which of the following statements pertaining to IPSec is inc...; Question 344: This type of supporting evidence is used to help prove an id...; Question 345: Which of the following issues is not addressed by digital si...; Question 346: Controls like guards and general steps to maintain building ...; Question 347: What is the greatest danger from DHCP?...; Question 348: Which of the following concerning the Rijndael block cipher ...; Question 349: When a station communicates on the network for the first tim...; Question 350: Who of the following is responsible for ensuring that proper...; Question 351: Which of the following is an IP address that is private (i.e...; Question 352: Business Continuity Planning (BCP) is not defined as a prepa...; Question 353: In the course of responding to and handling an incident, you...; Question 354: One purpose of a security awareness program is to modify:...; Question 355: Which device acting as a translator is used to connect two n...; Question 356: Which of the following statements pertaining to the security...; Question 357: Which of the following is the WEAKEST authentication mechani...; Question 358: Which of the following statements pertaining to Secure Socke...; Question 359: What is electronic vaulting?; Question 360: Which of the following networking devices allows the connect...; Question 361: Which of the following type of cryptography is used when bot...; Question 362: In a stateful inspection firewall, data packets are captured...; Question 363: What refers to legitimate users accessing networked services...; Question 364: How would an IP spoofing attack be best classified?...; Question 365: As a result of a risk assessment, your security manager has ...; Question 366: Which of the following is addressed by Kerberos?...; Question 367: A group of independent servers, which are managed as a singl...; Question 368: Which of the following is NOT a property of the Rijndael blo...; Question 369: To control access by a subject (an active entity such as ind...; Question 370: In the context of access control, locks, gates, guards are e...; Question 371: Which of the following is NOT true of the Kerberos protocol?...; Question 372: The Diffie-Hellman algorithm is used for:...; Question 373: Which of the following is NOT true about IPSec Tunnel mode?...; Question 374: In response to Access-request from a client such as a Networ...; Question 375: A _________ is an information path that is not normally used...; Question 376: Which of the following is a token-passing scheme like token ...; Question 377: Which of the following classes is the first level (lower) de...; Question 378: Authentication Headers (AH) and Encapsulating Security Paylo...; Question 379: What is the main difference between computer abuse and compu...; Question 380: Why would a memory dump be admissible as evidence in court?...; Question 381: The concept of best effort delivery is best associated with?...; Question 382: Which of the following protocol was used by the INITIAL vers...; Question 383: A server cluster looks like a:; Question 384: What enables a workstation to boot without requiring a hard ...; Question 385: Which of the following is the WEAKEST authentication mechani...; Question 386: The end result of implementing the principle of least privil...; Question 387: Physical security is accomplished through proper facility co...; Question 388: A contingency plan should address:...; Question 389: What is called the percentage of valid subjects that are fal...; Question 390: Which of the following categories of hackers poses the great...; Question 391: What can be defined as a data structure that enumerates digi...; Question 392: The controls that usually require a human to evaluate the in...; Question 393: Which of the following would best describe a Concealment cip...; Question 394: Which of the following is a disadvantage of a statistical an...; Question 395: Which of the following protects Kerberos against replay atta...; Question 396: A channel within a computer system or network that is design...; Question 397: If your property Insurance has Actual Cash Valuation (ACV) c...; Question 398: Which of the following elements of telecommunications is not...; Question 399: Kerberos depends upon what encryption method?...; Question 400: An alternative to using passwords for authentication in logi...; Question 401: What type of attack involves IP spoofing, ICMP ECHO and a bo...; Question 402: Which type of password token involves time synchronization?...; Question 403: Who should direct short-term recovery actions immediately fo...; Question 404: In telephony different types of connections are being used. ...; Question 405: Risk analysis is MOST useful when applied during which phase...; Question 406: This baseline sets certain thresholds for specific errors or...; Question 407: The change control process:; Question 408: Which of the following is not a property of the Rijndael blo...; Question 409: When preparing a business continuity plan, who of the follow...; Question 410: A confidential number used as an authentication factor to ve...; Question 411: What is NOT an authentication method within IKE and IPsec?...; Question 412: During the salvage of the Local Area Network and Servers, wh...; Question 413: Which of the following is NOT true about IPSec Tunnel mode?...; Question 414: Which one of the following authentication mechanisms creates...; Question 415: Which of the following is a method of multiplexing data wher...; Question 416: Under the Business Exemption Rule to the hearsay evidence, w...; Question 417: What security problem is most likely to exist if an operatin...; Question 418: Which of the following is a symmetric encryption algorithm?...; Question 419: Which encryption algorithm is BEST suited for communication ...; Question 420: Which of the following encryption algorithms does not deal w...; Question 421: Which of the following is NOT a technique used to perform a ...; Question 422: Which security model is based on the military classification...; Question 423: A weakness or lack of a safeguard, which may be exploited by...; Question 424: Which of the following standards concerns digital certificat...; Question 425: Which of the following packets should NOT be dropped at a fi...; Question 426: Which of the following Kerberos components holds all users' ...; Question 427: What is the main concern with single sign-on?...; Question 428: EDI (Electronic Data Interchange) differs from e-Commerce in...; Question 429: The Telecommunications Security Domain of information securi...; Question 430: Out of the steps listed below, which one is not one of the s...; Question 431: The Computer Security Policy Model the Orange Book is based ...; Question 432: The Data Encryption Algorithm performs how many rounds of su...; Question 433: What is the greatest danger from DHCP?...; Question 434: Which of the following item would best help an organization ...; Question 435: A Business Continuity Plan should be tested:...; Question 436: ____________ is a file system that was poorly designed and h...; Question 437: Which backup method is used if backup time is critical and t...; Question 438: Devices that supply power when the commercial utility power ...; Question 439: Which of the following is NOT a technical control?...; Question 440: What level of assurance for a digital certificate verifies a...; Question 441: This type of supporting evidence is used to help prove an id...; Question 442: Which of the following was developed to address some of the ...; Question 443: What is the difference between Access Control Lists (ACLs) a...; Question 444: Which of the following keys has the SHORTEST lifespan?...; Question 445: Which of the following was designed as a more fault-tolerant...; Question 446: ____________ is used in mission critical systems and applica...; Question 447: Which of the following is not appropriate in addressing obje...; Question 448: A public key algorithm that does both encryption and digital...; Question 449: PGP & PEM are programs that allow users to send encrypte...; Question 450: Which of the following elements of telecommunications is not...; Question 451: The IP header contains a protocol field. If this field conta...; Question 452: What is the PRIMARY reason to maintain the chain of custody ...; Question 453: Sending an ICMP packet greater than 64Kb is an example of wh...; Question 454: What would be the name of a Logical or Virtual Table dynamic...; Question 455: Which of the following would be used to detect and correct e...; Question 456: Which of the following ports does NOT normally need to be op...; Question 457: A prolonged power supply that is below normal voltage is a:...; Question 458: This baseline sets certain thresholds for specific errors or...; Question 459: What is defined as the hardware, firmware and software eleme...; Question 460: Qualitative loss resulting from the business interruption do...; Question 461: Which of the following would best describe the difference be...; Question 462: Within the OSI model, at what layer are some of the SLIP, CS...; Question 463: In SSL/TLS protocol, what kind of authentication is supporte...; Question 464: Which of the following is not a logical control when impleme...; Question 465: Password management falls into which control category?...; Question 466: In an organization, an Information Technology security funct...; Question 467: What does "System Integrity" mean?...; Question 468: What is called the percentage of valid subjects that are fal...; Question 469: Which of the following is a problem regarding computer inves...; Question 470: CORRECT TEXT Public keys are used for ___________ messages a...; Question 471: Which of the following remote access authentication systems ...; Question 472: Which of the following is used to find the Media Access Cont...; Question 473: In Discretionary Access Control the subject has authority, w...; Question 474: Which of the following are additional access control objecti...; Question 475: Which of the following computer design approaches is based o...; Question 476: What is a common problem when using vibration detection devi...; Question 477: Under United States law, an investigator's notebook may be u...; Question 478: Which of the following biometric parameters are better suite...; Question 479: What is called the probability that a threat to an informati...; Question 480: Which of the following was not designed to be a proprietary ...; Question 481: In a SSL session between a client and a server, who is respo...; Question 482: Which of the following technologies has been developed to su...; Question 483: The typical computer fraudsters are usually persons with whi...; Question 484: Which authentication technique best protects against hijacki...; Question 485: Which of the following is a disadvantage of a statistical an...; Question 486: What is the Biba security model concerned with?...; Question 487: All hosts on an IP network have a logical ID called a(n):...; Question 488: Which of the following category of UTP cables is specified t...; Question 489: Attributes that characterize an attack are stored for refere...; Question 490: Which of the following are NOT a countermeasure to traffic a...; Question 491: Which of the following can prevent hijacking of a web sessio...; Question 492: At what stage of the applications development process should...; Question 493: The Information Technology Security Evaluation Criteria (ITS...; Question 494: ________ ___________ refers to the act of requiring more tha...; Question 495: Which of the following is the most secure form of triple-DES...; Question 496: Which of the following is a symmetric encryption algorithm?...; Question 497: Which of the following statements pertaining to disk mirrori...; Question 498: Which of the concepts best describes Availability in relatio...; Question 499: What mechanism automatically causes an alarm originating in ...; Question 500: The Information Technology Security Evaluation Criteria (ITS...; Question 501: Which xDSL flavour can deliver up to 52 Mbps downstream over...; Question 502: Who first described the DoD multilevel military security pol...; Question 503: Which of the following is NOT a part of a risk analysis?...; Question 504: Which of the following best defines source routing?...; Question 505: Which one of the following statements about the advantages a...; Question 506: What is Kerberos?; Question 507: Identification and authentication are the keystones of most ...; Question 508: The scope and focus of the Business continuity plan developm...; Question 509: A Security Kernel is defined as a strict implementation of a...; Question 510: In Discretionary Access Control the subject has authority, w...; Question 511: A contingency plan should address:...; Question 512: Which of the following is NOT a form of detective administra...; Question 513: Similar to Secure Shell (SSH-2), Secure Sockets Layer (SSL) ...; Question 514: What can be described as a measure of the magnitude of loss ...; Question 515: Which xDSL flavour, appropriate for home or small offices, d...; Question 516: Which of the following is the primary reason why a user woul...; Question 517: A momentary high voltage is a:; Question 518: The Trusted Computer Security Evaluation Criteria book (TCSE...; Question 519: Which of the following is NOT a characteristic of a host-bas...; Question 520: What is the goal of the Maintenance phase in a common develo...; Question 521: Brute force attacks against encryption keys have increased i...; Question 522: What can best be defined as high-level statements, beliefs, ...; Question 523: Secure Sockets Layer (SSL) is very heavily used for protecti...; Question 524: What is the primary goal of setting up a honeypot?...; Question 525: Which of the following is the biggest concern with firewall ...; Question 526: Which of the following focuses on sustaining an organization...; Question 527: When submitting a passphrase for authentication, the passphr...; Question 528: There are parallels between the trust models in Kerberos and...; Question 529: Passwords can be required to change monthly, quarterly, or a...; Question 530: What is the main purpose of Corporate Security Policy?...; Question 531: The Data Encryption Standard (DES) encryption algorithm has ...; Question 532: Kerberos is vulnerable to replay in which of the following c...; Question 533: Which of the following is an Internet IPsec protocol to nego...; Question 534: How should a risk be HANDLED when the cost of the countermea...; Question 535: Which protocol is used to send email?...; Question 536: What can be defined as secret communications where the very ...; Question 537: A true network security audit does include an audit for mode...; Question 538: Which of the following is the act of performing tests and ev...; Question 539: Why is infrared generally considered to be more secure to ea...; Question 540: Which of the following monitors network traffic in real time...; Question 541: PGP allows which of the following to be encrypted?...; Question 542: Remote Procedure Call (RPC) is a protocol that one program c...; Question 543: What Orange Book security rating is reserved for systems tha...; Question 544: The standard server port number for HTTP is which of the fol...; Question 545: Controls provide accountability for individuals who are acce...; Question 546: Which of the following is best defined as a circumstance in ...; Question 547: A potential problem related to the physical installation of ...; Question 548: Secure Shell (SSH-2) supports authentication, compression, c...; Question 549: IT security measures should:; Question 550: Which of the following is often the greatest challenge of di...; Question 551: Which of the following is the most secure form of triple-DES...; Question 552: Which of the following is a cryptographic protocol and infra...; Question 553: What is the maximum number of different keys that can be use...; Question 554: An effective information security policy should not have whi...; Question 555: External consistency ensures that the data stored in the dat...; Question 556: Degaussing is used to clear data from all of the following m...; Question 557: Why is Network File System (NFS) used?...; Question 558: Which of the following statements pertaining to disaster rec...; Question 559: Which of the following will a Business Impact Analysis NOT i...; Question 560: Which of the following is NOT a compensating measure for acc...; Question 561: Which of the following is immune to the effects of electroma...; Question 562: CORRECT TEXT A type of virus that resides in a Word or Excel...; Question 563: SMTP can best be described as:; Question 564: Each data packet is assigned the IP address of the sender an...; Question 565: Which of the following is NOT a task normally performed by a...; Question 566: Which of the following is not a responsibility of an informa...; Question 567: What type of attack involves IP spoofing, ICMP ECHO and a bo...; Question 568: Making sure that the data has not been changed unintentional...; Question 569: Which of the following is most concerned with personnel secu...; Question 570: Which of the following statements pertaining to the Bell-LaP...; Question 571: In non-discretionary access control using Role Based Access ...; Question 572: Which of the following statements pertaining to ethical hack...; Question 573: Which type of attack involves the alteration of a packet at ...; Question 574: The standard server port number for HTTP is which of the fol...; Question 575: At which OSI/ISO layer is an encrypted authentication betwee...; Question 576: The information security staff's participation in which of t...; Question 577: In addition to the Legal Department, with what company funct...; Question 578: Which of following is not a service provided by AAA servers ...; Question 579: Which of the following biometric characteristics cannot be u...; Question 580: A prolonged power supply that is below normal voltage is a:...; Question 581: Which of the following would be an example of the best passw...; Question 582: An effective information security policy should not have whi...; Question 583: Passwords can be required to change monthly, quarterly, or a...; Question 584: Which of the following is a trusted, third party authenticat...; Question 585: How often should a Business Continuity Plan be reviewed?...; Question 586: Which authentication technique best protects against hijacki...; Question 587: What is called the act of a user professing an identity to a...; Question 588: As per the Orange Book, what are two types of system assuran...; Question 589: Which protocol of the TCP/IP suite addresses reliable data t...; Question 590: What kind of encryption is realized in the S/MIME-standard?...; Question 591: Which of the following can be used as a covert channel?...; Question 592: What is the name of a one way transformation of a string of ...; Question 593: Kerberos can prevent which one of the following attacks?...; Question 594: What uses a key of the same length as the message where each...; Question 595: Which of the following centralized access control mechanisms...; Question 596: Secure Shell (SSH-2) supports authentication, compression, c...; Question 597: The control of communications test equipment should be clear...; Question 598: What is called the access protection system that limits conn...; Question 599: Which of the following algorithms is used today for encrypti...; Question 600: Which of the following Kerberos components holds all users' ...; Question 601: Brute force attacks against encryption keys have increased i...; Question 602: The RSA algorithm is an example of what type of cryptography...; Question 603: The preliminary steps to security planning include all of th...; Question 604: Which of the following computer design approaches is based o...; Question 605: Another example of Computer Incident Response Team (CIRT) ac...; Question 606: Which of the following assertions is NOT true about pattern ...; Question 607: Which of the following describes the major disadvantage of m...; Question 608: Which of the following is NOT a characteristic of a host-bas...; Question 609: The act of intercepting the first message in a public key ex...; Question 610: Which of the following classes is defined in the TCSEC (Oran...; Question 611: The basic language of modems and dial-up remote access syste...; Question 612: Which of the following is NOT a fundamental component of an ...; Question 613: Which of the following is defined as the most recent point i...; Question 614: Which of the following LAN topologies offers the highest ava...; Question 615: What kind of encryption is realized in the S/MIME-standard?...; Question 616: What is called the type of access control where there are pa...; Question 617: Degaussing is used to clear data from all of the following m...; Question 618: Good security is built on which of the following concept?...; Question 619: CORRECT TEXT ______________ relates to the concept of protec...; Question 620: Virus scanning and content inspection of SMIME encrypted e-m...; Question 621: Which of the following BEST explains why computerized inform...; Question 622: A standardized list of the most common security weaknesses a...; Question 623: Which of the following questions are least likely to help in...; Question 624: What is the primary reason why some sites choose not to impl...; Question 625: Which of the following transmission media would NOT be affec...; Question 626: What does "System Integrity" mean?...; Question 627: Secure Shell (SSH-2) provides all the following services exc...; Question 628: Which of the following networking devices allows the connect...; Question 629: What is the primary difference between FTP and TFTP?...; Question 630: Telnet and rlogin use which protocol?...; Question 631: Which of the following steps are involved in a basic risk as...; Question 632: What can be described as a measure of the magnitude of loss ...; Question 633: Computer security should be first and foremost which of the ...; Question 634: After a company is out of an emergency state, what should be...; Question 635: Which of the following access control models requires securi...; Question 636: What setup should an administrator use for regularly testing...; Question 637: Which of the following usually provides reliable, real-time ...; Question 638: Which of the following specifically addresses cyber attacks ...; Question 639: If a sender is unable to deny having sent an electronic tran...; Question 640: In what way can violation clipping levels assist in violatio...; Question 641: What is considered the most important type of error to avoid...; Question 642: Which of the following is NOT an example of an operational c...; Question 643: Which of the following should be emphasized during the Busin...; Question 644: To protect and/or restore lost, corrupted, or deleted inform...; Question 645: Which of the following is NOT a task normally performed by a...; Question 646: Which Network Address Translation (NAT) is the most convenie...; Question 647: Which of the following proves or disproves a specific act th...; Question 648: If an organization were to monitor their employees' e-mail, ...; Question 649: A department manager has read access to the salaries of the ...; Question 650: Which of the following service is a distributed database tha...; Question 651: Which of the following is NOT and encryption algorithm?...; Question 652: Which of the following is most affected by denial-of-service...; Question 653: Which of the following can best define the "revocation reque...; Question 654: Which of the following is NOT an advantage that TACACS+ has ...; Question 655: Which of the following best describes what would be expected...; Question 656: Once evidence is seized, a law enforcement officer should em...; Question 657: Which one of the following factors is NOT one on which Authe...; Question 658: What is NOT true about a one-way hashing function?...; Question 659: Which of the following is NOT a property of a one-way hash f...; Question 660: CORRECT TEXT Symmetric = private key = secret ________ = pub...; Question 661: Which of the following are suitable protocols for securing V...; Question 662: Several analysis methods can be employed by an IDS, each wit...; Question 663: Which protocol of the TCP/IP suite addresses reliable data t...; Question 664: CORRECT TEXT Unlike like viruses and worm, __________ are bo...; Question 665: Which of the following keys has the SHORTEST lifespan?...; Question 666: What algorithm has been selected as the AES algorithm, repla...; Question 667: Access Control techniques do not include which of the follow...; Question 668: Which type of algorithm is considered to have the highest st...; Question 669: Which of the following is an IP address that is private (i.e...; Question 670: What physical characteristic does a retinal scan biometric d...; Question 671: The IP header contains a protocol field. If this field conta...; Question 672: Which of the following access control models introduces user...; Question 673: Rule-Based Access Control (RuBAC) access is determined by ru...; Question 674: Which of the following is defined as an Internet, IPsec, key...; Question 675: What can be best defined as the examination of threat source...; Question 676: Which of the following Intrusion Detection Systems (IDS) use...; Question 677: What setup should an administrator use for regularly testing...; Question 678: What is called an exception to the search warrant requiremen...; Question 679: Which of the following is not a security goal for remote acc...; Question 680: In the statement below, fill in the blank: Law enforcement a...; Question 681: Which of the following BEST explains why computerized inform...; Question 682: Which of the following results in the most devastating busin...; Question 683: Which one of the following statements about the advantages a...; Question 684: Which type of attack is based on the probability of two diff...; Question 685: Which of the following is an example of discretionary access...; Question 686: ________, _________, and __________ are required to successf...; Question 687: In the UTP category rating, the tighter the wind:...; Question 688: A business continuity plan is an example of which of the fol...; Question 689: What does the (star) property mean in the Bell-LaPadula mode...; Question 690: Which type of attack consists of modifying the length and fr...; Question 691: Which of the following is a telecommunication device that tr...; Question 692: Knowledge-based Intrusion Detection Systems (IDS) are more c...; Question 693: Which of the following Intrusion Detection Systems (IDS) use...; Question 694: What is the name of the third party authority that vouches f...; Question 695: This is a common security issue that is extremely hard to co...; Question 696: What can be described as an imaginary line that separates th...; Question 697: What security model implies a central authority that define ...; Question 698: Kerberos can prevent which one of the following attacks?...; Question 699: Which of the following can be defined as the process of reru...; Question 700: Which of the following pairings uses technology to enforce a...; Question 701: In computing what is the name of a non-self-replicating type...; Question 702: Which of the following access control models requires securi...; Question 703: Which of the following NAT firewall translation modes offers...; Question 704: In the Bell-LaPadula model, the Star-property is also called...; Question 705: Virus scanning and content inspection of SMIME encrypted e-m...; Question 706: Which of the following statements pertaining to stream ciphe...; Question 707: In biometric identification systems, at the beginning, it wa...; Question 708: Which of the following is a method of multiplexing data wher...; Question 709: How often should tests and disaster recovery drills be perfo...; Question 710: Which OSI/ISO layers are TCP and UDP implemented at?...; Question 711: Which of the following results in the most devastating busin...; Question 712: Which of the following is NOT an administrative control?...; Question 713: Which of the following is most affected by denial-of-service...; Question 714: Which of the following BEST explains why computerized inform...; Question 715: Which of the following is based on the premise that the qual...; Question 716: Which of the following is less likely to be used today in cr...; Question 717: Which of the following ports does NOT normally need to be op...; Question 718: What is the 802.11 standard related to?...; Question 719: Which of the following is NOT true of the Kerberos protocol?...; Question 720: Which access model is most appropriate for companies with a ...; Question 721: In telephony different types of connections are being used. ...; Question 722: Which of the following protects a password from eavesdropper...; Question 723: Java is not:; Question 724: Which of the following statements pertaining to software tes...; Question 725: What are called user interfaces that limit the functions tha...; Question 726: A prolonged power supply that is below normal voltage is a:...; Question 727: Which of the following would NOT violate the Due Diligence c...; Question 728: Which of the following statements pertaining to disaster rec...; Question 729: The IP header contains a protocol field. If this field conta...; Question 730: Which of the following identifies the encryption algorithm s...; Question 731: What attribute is included in a X.509-certificate?...; Question 732: Which of the following would best describe certificate path ...; Question 733: Today, privacy violations are almost as serious as security ...; Question 734: What is the most critical characteristic of a biometric iden...; Question 735: Which of the following biometric devices offers the LOWEST C...; Question 736: What Orange Book security rating is reserved for systems tha...; Question 737: Which of the following is true related to network sniffing?...; Question 738: Which of the following is NOT a common category/classificati...; Question 739: ___________ programs decrease the number of security inciden...; Question 740: Which of the following best ensures accountability of users ...; Question 741: Which of the following is NOT a common backup method?...; Question 742: Which of the following best describes the purpose of debuggi...; Question 743: Which of the following should NOT normally be allowed throug...; Question 744: A central authority determines what subjects can have access...; Question 745: Which of the following would be true about Static password t...; Question 746: Why are coaxial cables called "coaxial"?...; Question 747: Which of the following is a not a preventative control?...; Question 748: Which of the following services is NOT provided by the digit...; Question 749: When a biometric system is used, which error type deals with...; Question 750: What ISO/OSI layer do switches primarily operate at? Do take...; Question 751: Under the Business Exemption Rule to the hearsay evidence, w...; Question 752: Macintosh computers are not at risk for receiving viruses....; Question 753: Which of the following is based on the premise that the qual...; Question 754: Which of the following is a method of multiplexing data wher...; Question 755: Which of the following items is NOT a benefit of cold sites?...; Question 756: While there are many different models for IT system life cyc...; Question 757: After a company is out of an emergency state, what should be...; Question 758: Which of the following choice is NOT normally part of the qu...; Question 759: Which of the following statements pertaining to access contr...; Question 760: What can best be defined as high-level statements, beliefs, ...; Question 761: What is NOT an authentication method within IKE and IPsec?...; Question 762: Which access control model achieves data integrity through w...; Question 763: Which of the following protection devices is used for spot p...; Question 764: Controls are implemented to:; Question 765: Which of the following is NOT a characteristic or shortcomin...; Question 766: Which xDSL flavour delivers both downstream and upstream spe...; Question 767: Organizations should consider which of the following first b...; Question 768: In order to use L0pht, the ___________ must be exported from...; Question 769: What is the maximum key size for the RC5 algorithm?...; Question 770: Which of the following statements pertaining to packet filte...; Question 771: Masquerading is synonymous with __________....; Question 772: Which of the following statements pertaining to block cipher...; Question 773: Which of the following is related to physical security and i...; Question 774: Which must bear the primary responsibility for determining t...; Question 775: The information security staff's participation in which of t...; Question 776: Which of the following is not a responsibility of an informa...; Question 777: Which of the following answers is described as a random valu...; Question 778: Which of the following statements is most accurate regarding...; Question 779: Which of the following best defines add-on security?...; Question 780: Which of the following is a problem regarding computer inves...; Question 781: Which of the following is used to find the Media Access Cont...; Question 782: Diffie Hellman, RSA, and ___________ are all examples of Pub...; Question 783: Which disaster recovery plan test involves functional repres...; Question 784: Which of the following tools is NOT likely to be used by a h...; Question 785: Which of the following is best at defeating frequency analys...; Question 786: Which access control type has a central authority that deter...; Question 787: A periodic review of user account management should not dete...; Question 788: Application Layer Firewalls operate at the:...; Question 789: HTTP, FTP, SMTP reside at which layer of the OSI model?...; Question 790: Which of the following can best eliminate dial-up access thr...; Question 791: How many bits of a MAC address uniquely identify a vendor, a...; Question 792: Failure of a contingency plan is usually:...; Question 793: Which of the following is a token-passing scheme like token ...; Question 794: Which of the following steps should be one of the first step...; Question 795: What is the effective key size of DES?...; Question 796: What is the role of IKE within the IPsec protocol?...; Question 797: Which of the following binds a subject name to a public key ...; Question 798: The Information Technology Security Evaluation Criteria (ITS...; Question 799: Which of the following is used to interrupt the opportunity ...; Question 800: The Secure Hash Algorithm (SHA-1) creates:...; Question 801: Which of the following is the BEST way to detect software li...; Question 802: What IDS approach relies on a database of known attacks?...; Question 803: Controls to keep password sniffing attacks from compromising...; Question 804: Which software development model is actually a meta-model th...; Question 805: Which of the following statements pertaining to ethical hack...; Question 806: If an employee's computer has been used by a fraudulent empl...; Question 807: Which of the following statements pertaining to RADIUS is in...; Question 808: Of the reasons why a Disaster Recovery plan gets outdated, w...; Question 809: Several analysis methods can be employed by an IDS, each wit...; Question 810: Which of the following questions is less likely to help in a...; Question 811: A confidential number used as an authentication factor to ve...; Question 812: CORRECT TEXT EICAR is an example of a _____________ used to ...; Question 813: Which of the following is a trusted, third party authenticat...; Question 814: What term describes the amount of risk that remains after th...; Question 815: RADIUS incorporates which of the following services?...; Question 816: What is malware that can spread itself over open network con...; Question 817: Which type of control is concerned with restoring controls?...; Question 818: What are the three performance measurements used in biometri...; Question 819: Which of the following is a cryptographic protocol and infra...; Question 820: Which of the following is immune to the effects of electroma...; Question 821: Which of the following statements pertaining to software tes...; Question 822: Which of the following does not address Database Management ...; Question 823: Volatile memory is referred to as ROM....; Question 824: Which of the following does not address Database Management ...; Question 825: Complete the blanks. When using PKI, I digitally sign a mess...; Question 826: In biometrics, "one-to-many" search against database of stor...; Question 827: Which of the following is an IP address that is private (i.e...; Question 828: Which of the following would be an example of the best passw...; Question 829: Which of the following questions are least likely to help in...; Question 830: Which of the following can be used as a covert channel?...; Question 831: What enables a workstation to boot without requiring a hard ...; Question 832: Which of the following is not a component of a Operations Se...; Question 833: What is the main objective of proper separation of duties?...; Question 834: Which of the following is the most reliable, secure means of...; Question 835: DES - Data Encryption standard has a 128 bit key and is very...; Question 836: Which of the following statements pertaining to disaster rec...; Question 837: Which type of firewall can be used to track connectionless p...; Question 838: Which of the following best allows risk management results t...; Question 839: Which of the following security models does NOT concern itse...; Question 840: Like the Kerberos protocol, SESAME is also subject to which ...; Question 841: Which of the following groups represents the leading source ...; Question 842: In order to enable users to perform tasks and duties without...; Question 843: What physical characteristic does a retinal scan biometric d...; Question 844: All hosts on an IP network have a logical ID called a(n):...; Question 845: Which of the following statements pertaining to key manageme...; Question 846: Related to information security, confidentiality is the oppo...; Question 847: Which of the following is NOT a basic component of security ...; Question 848: A ______________ is a means, method, or program to neutraliz...; Question 849: Why should batch files and scripts be stored in a protected ...; Question 850: Which of the following is considered the weakest link in a s...; Question 851: CORRECT TEXT SATAN is a _____________ based tool and COPS is...; Question 852: In the course of responding to and handling an incident, you...; Question 853: __________ attacks capitalize on programming errors and can ...; Question 854: To control access by a subject (an active entity such as ind...; Question 855: The RSA Algorithm uses which mathematical concept as the bas...; Question 856: Which xDSL flavour can deliver up to 52 Mbps downstream over...; Question 857: Which of the following is not one of the three goals of Inte...; Question 858: Under the principle of culpable negligence, executives can b...; Question 859: Which of the following is NOT a VPN communications protocol ...; Question 860: Which of the following statements pertaining to VPN protocol...; Question 861: Which of the following best defines a Computer Security Inci...; Question 862: Which of the following should NOT normally be allowed throug...; Question 863: What can best be described as a domain of trust that shares ...; Question 864: Which of the following is the most reliable, secure means of...; Question 865: You have been tasked to develop an effective information cla...; Question 866: What is defined as the manner in which the network devices a...; Question 867: Which of the following was developed by the National Compute...; Question 868: Which of the following is needed for System Accountability?...; Question 869: Which of the following was designed as a more fault-tolerant...; Question 870: Insiders have a clear advantage in committing computer crime...; Question 871: What is the primary role of smartcards in a PKI?...; Question 872: Which of the following is given the responsibility of the ma...; Question 873: Preservation of confidentiality within information systems r...; Question 874: Which of the following is NOT a proper component of Media Vi...; Question 875: Which cable technology refers to the CAT3 and CAT5 categorie...; Question 876: In SSL/TLS protocol, what kind of authentication is supporte...; Question 877: Which of the following was not designed to be a proprietary ...; Question 878: What are called user interfaces that limit the functions tha...; Question 879: Which of the following cannot be undertaken in conjunction o...; Question 880: Preservation of confidentiality within information systems r...; Question 881: In order to be able to successfully prosecute an intruder:...; Question 882: Which of the following is an advantage in using a bottom-up ...; Question 883: What can best be described as a domain of trust that shares ...; Question 884: What is the proper term to refer to a single unit of Etherne...; Question 885: What is NOT true with pre shared key authentication within I...; Question 886: Who of the following is responsible for ensuring that proper...; Question 887: Which of the following is used to monitor network traffic or...; Question 888: Which of the following classes is the first level (lower) de...; Question 889: Which of the following is addressed by Kerberos?...; Question 890: What is the appropriate role of the security analyst in the ...; Question 891: In the UTP category rating, the tighter the wind:...; Question 892: Which of the following is the most reliable authentication m...; Question 893: Which of the following would MOST likely ensure that a syste...; Question 894: Which of the following is NOT a common backup method?...; Question 895: A circuit level proxy is ___________________ when compared t...; Question 896: What can be defined as an instance of two different keys gen...; Question 897: Which of the following types of Intrusion Detection Systems ...; Question 898: Which of the following biometric characteristics cannot be u...; Question 899: Which of the following is not a two-factor authentication me...; Question 900: What can be defined as an instance of two different keys gen...; Question 901: The typical computer fraudsters are usually persons with whi...; Question 902: Which of the following are WELL KNOWN PORTS assigned by the ...; Question 903: Which of the following control pairing places emphasis on "s...; Question 904: The three classic ways of authenticating yourself to the com...; Question 905: When it comes to magnetic media sanitization, what differenc...; Question 906: Which of the following results in the most devastating busin...; Question 907: Which of the following backup method must be made regardless...; Question 908: Which of the following is a tool often used to reduce the ri...; Question 909: Which of the following would best classify as a management c...; Question 910: Which of the following would best define a digital envelope?...; Question 911: Asynchronous Communication transfers data by sending:...; Question 912: In biometrics, the "one-to-one" search used to verify claim ...; Question 913: During which phase of an IT system life cycle are security r...; Question 914: CORRECT TEXT :A _________ refers to hidden code or instructi...; Question 915: Transport Layer Security (TLS) is a two-layered socket layer...; Question 916: Which of the following protocols is designed to send individ...; Question 917: What attribute is included in a X.509-certificate?...; Question 918: What does it mean to say that sensitivity labels are "incomp...; Question 919: In SSL/TLS protocol, what kind of authentication is supporte...; Question 920: Unclassified, Private, Confidential, Secret, Top Secret, and...; Question 921: In response to Access-request from a client such as a Networ...; Question 922: The communications products and services, which ensure that ...; Question 923: Which of the following rules is least likely to support the ...; Question 924: Which of the following is biggest factor that makes Computer...; Question 925: How should a risk be HANDLED when the cost of the countermea...; Question 926: Which of the following is used to find the Media Access Cont...; Question 927: CORRECT TEXT ______________ is a major component of an overa...; Question 928: Which of the following would be used to detect and correct e...; Question 929: Which of the following tape formats can be used to backup da...; Question 930: Which of the following algorithms is a stream cipher?...; Question 931: Which of the following encryption algorithms does not deal w...; Question 932: Which of the following type of traffic can easily be filtere...; Question 933: Which of the following is the core of fiber optic cables mad...; Question 934: To be admissible in court, computer evidence must be which o...; Question 935: In non-discretionary access control using Role Based Access ...; Question 936: Your ATM card is a form of two-factor authentication for wha...; Question 937: How do you distinguish between a bridge and a router?...; Question 938: Which is NOT a suitable method for distributing certificate ...; Question 939: Which of the following is an example of discretionary access...; Question 940: A deviation from an organization-wide security policy requir...; Question 941: Which of the following control pairing places emphasis on "s...; Question 942: Which of the following is an example of an active attack?...; Question 943: Which of the following is an IDS that acquires data and defi...; Question 944: A server cluster looks like a:; Question 945: Physical security is accomplished through proper facility co...; Question 946: Which of the following is an advantage that UDP has over TCP...; Question 947: The control of communications test equipment should be clear...; Question 948: Which of the following is defined as a key establishment pro...; Question 949: Which of the following would NOT violate the Due Diligence c...; Question 950: Define the term tuple.; Question 951: When should a post-mortem review meeting be held after an in...; Question 952: A business continuity plan should list and prioritize the se...; Question 953: Which of the following is related to physical security and i...; Question 954: The basic language of modems and dial-up remote access syste...; Question 955: Which of the following would assist the most in Host Based i...; Question 956: At which layer of ISO/OSI does the fiber optics work?...; Question 957: Which of the following is NOT a transaction redundancy imple...; Question 958: Which OSI/ISO layers are TCP and UDP implemented at?...; Question 959: In discretionary access environments, which of the following...; Question 960: What algorithm was DES derived from?...; Question 961: As telnet is widely know to be insecure, one time passwords ...; Question 962: To protect and/or restore lost, corrupted, or deleted inform...; Question 963: Which of the following item would best help an organization ...; Question 964: Which of the following statements pertaining to using Kerber...; Question 965: How should a risk be HANDLED when the cost of the countermea...; Question 966: Which of the following is implemented through scripts or sma...; Question 967: Sandra has used Ethereal, a packet sniffer, to listen in on ...; Question 968: How do you distinguish between a bridge and a router?...; Question 969: Each data packet is assigned the IP address of the sender an...; Question 970: When preparing a business continuity plan, who of the follow...; Question 971: What can be described as an imaginary line that separates th...; Question 972: What is NOT true with pre shared key authentication within I...; Question 973: Application Layer Firewalls operate at the:...; Question 974: Which of the following are WELL KNOWN PORTS assigned by the ...; Question 975: In what way can violation clipping levels assist in violatio...; Question 976: In the context of network enumeration by an outside attacker...; Question 977: What is the primary reason why some sites choose not to impl...; Question 978: Which backup method copies only files that have changed sinc...; Question 979: What is a TFTP server most useful for?...; Question 980: Which of the following computer recovery sites is only parti...; Question 981: What is the framing specification used for transmitting digi...; Question 982: What mechanism does a system use to compare the security lab...; Question 983: Guards are appropriate whenever the function required by the...; Question 984: Which of the following prevents, detects, and corrects error...; Question 985: CORRECT TEXT NIPC stands for _____ _____ _____ ______ and is...; Question 986: Which of the following security modes of operation involves ...; Question 987: Which of the following was developed as a simple mechanism f...; Question 988: Which of the following is not an example of a block cipher?...; Question 989: Which of the following would be MOST important to guarantee ...; Question 990: Although they are accused of being one in the same, hackers ...; Question 991: The IP header contains a protocol field. If this field conta...; Question 992: Which of the following access control models is based on sen...; Question 993: Telnet and rlogin use which protocol?...; Question 994: Which of the following statements pertaining to key manageme...; Question 995: Which of the following standards is concerned with message h...; Question 996: Decentralized access control allows ______________________....; Question 997: What security control provides a method to insure that a tra...; Question 998: Risk mitigation and risk reduction controls for providing in...; Question 999: Which of the following is most likely to be useful in detect...

Question 466/999

LEAVE A REPLY

Download PDF File