Question1: What is the primary role of cross certification?
Question2: Risk mitigation and risk reduction controls for providing information security are classified within three main categories, which of the following are being used?
Question3: Transport Layer Security (TLS) is a two-layered socket layer security protocol that contains the TLS Record Protocol and the::
Question4: Which one of the following is used to provide authentication and confidentiality for e-mail messages?
Question5: In the context of Biometric authentication, what is a quick way to compare the accuracy of devices. In general, the device that have the lowest value would be the most accurate. Which of the following would be used to compare accuracy of devices?
Question6: In which of the following model are Subjects and Objects identified and the permissions applied to each subject/object combination are specified. Such a model can be used to quickly summarize what permissions a subject has for various system objects.
Question7: Secure Shell (SSH-2) provides all the following services except:
Question8: Which of the following is a method of multiplexing data where a communication channel is divided into an arbitrary number of variable bit-rate digital channels or data streams. This method allocates bandwidth dynamically to physical channels having information to transmit?
Question9: What is called the type of access control where there are pairs of elements that have the least upper bound of values and greatest lower bound of values?
Question10: Which of the following enables the person responsible for contingency planning to focus risk management efforts and resources in a prioritized manner only on the identified risks?
Question11: Which of the following is most appropriate to notify an external user that session monitoring is being conducted?
Question12: An alternative to using passwords for authentication in logical or technical access control is:
Question13: The Telecommunications Security Domain of information security is also concerned with the prevention and detection of the misuse or abuse of systems, which poses a threat to the tenets of:
Question14: Which of the following is true of two-factor authentication?
Question15: Packet Filtering Firewalls examines both the source and destination address of the:
Question16: Which of the following packets should NOT be dropped at a firewall protecting an organization's internal network?
Question17: What does "System Integrity" mean?
Question18: Related to information security, integrity is the opposite of which of the following?
Question19: Technical controls such as encryption and access control can be built into the operating system, be software applications, or can be supplemental hardware/software units. Such controls, also known as logical controls, represent which pairing?
Question20: What is called an exception to the search warrant requirement that allows an officer to conduct a search without having the warrant in-hand if probable cause is present and destruction of the evidence is deemed imminent?
Question21: Which of the following is considered the weakest link in a security system?
Question22: Which of the following would be used to detect and correct errors so that integrity and confidentiality of transactions over networks may be maintained while preventing unauthorize interception of the traffic?
Question23: Which of the following is an unintended communication path that is NOT protected by the system's normal security mechanisms?
Question24: What are the three FUNDAMENTAL principles of security?
Question25: Which of the following is given the responsibility of the maintenance and protection of the data?
Question26: What are the three most important functions that Digital Signatures perform?
Question27: A host-based IDS is resident on which of the following?
Question28: Physically securing backup tapes from unauthorized access is obviously a security concern and is considered a function of the:
Question29: Which of the following is best at defeating frequency analysis?
Question30: Which access control model achieves data integrity through well-formed transactions and separation of duties?
Question31: Which of the following are not Remote Access concerns?
Question32: In a hierarchical PKI the highest CA is regularly called Root CA, it is also referred to by which one of the following term?
Question33: Which of the following is a disadvantage of a statistical anomaly-based intrusion detection system?
Question34: To protect and/or restore lost, corrupted, or deleted information, thereby preserving the data integrity and availability is the purpose of:
Question35: Which device acting as a translator is used to connect two networks or applications from layer 4 up to layer
7 of the ISO/OSI Model?
Question36: Which type of attack would a competitive intelligence attack best classify as?
Question37: What type of attack involves IP spoofing, ICMP ECHO and a bounce site?
Question38: Kerberos can prevent which one of the following attacks?
Question39: Of the following, which is NOT a specific loss criteria that should be considered while developing a BIA?
Question40: Which of the following is NOT a part of a risk analysis?
Question41: Which of the following phases of a system development life-cycle is most concerned with establishing a good security policy as the foundation for design?
Question42: Which protocol of the TCP/IP suite addresses reliable data transport?
Question43: Which of the following is not a physical control for physical security?
Question44: Which of the following is BEST defined as a physical control?
Question45: Which of the following is NOT a known type of Message Authentication Code (MAC)?
Question46: What is the key size of the International Data Encryption Algorithm (IDEA)?
Question47: In what way can violation clipping levels assist in violation tracking and analysis?
Question48: As a result of a risk assessment, your security manager has determined that your organization needs to implement an intrusion detection system that can detect unknown attacks and can watch for unusual traffic behavior, such as a new service appearing on the network. What type of intrusion detection system would you select?
Question49: What kind of certificate is used to validate a user identity?
Question50: A trusted system does NOT involve which of the following?
Question51: Related to information security, the prevention of the intentional or unintentional unauthorized disclosure of contents is which of the following?
Question52: Which access control model is best suited in an environment where a high security level is required and where it is desired that only the administrator grants access control?
Question53: Which of the following networking devices allows the connection of two or more homogeneous LANs in a simple way where they forward the traffic based on the MAC address ?
Question54: Which of the following are the two MOST common implementations of Intrusion Detection Systems?
Question55: The type of discretionary access control (DAC) that is based on an individual's identity is also called:
Question56: You have been tasked to develop an effective information classification program. Which one of the following steps should be performed first?
Question57: Which of the following is not a security goal for remote access?
Question58: How would nonrepudiation be best classified as?
Question59: What refers to legitimate users accessing networked services that would normally be restricted to them?
Question60: What is NOT an authentication method within IKE and IPsec?
Question61: Which type of attack is based on the probability of two different messages using the same hash function producing a common message digest?
Question62: Which of the following LAN topologies offers the highest availability?
Question63: Which of the following is NOT true of the Kerberos protocol?
Question64: In biometric identification systems, the parts of the body conveniently available for identification are:
Question65: Contracts and agreements are often times unenforceable or hard to enforce in which of the following alternate facility recovery agreement?
Question66: The Diffie-Hellman algorithm is primarily used to provide which of the following?
Question67: Brute force attacks against encryption keys have increased in potency because of increased computing power. Which of the following is often considered a good protection against the brute force cryptography attack?
Question68: Which of the following is defined as a key establishment protocol based on the Diffie-Hellman algorithm proposed for IPsec but superseded by IKE?
Question69: What is a TFTP server most useful for?
Question70: Which division of the Orange Book deals with discretionary protection (need-to-know)?
Question71: Which of the following is NOT a correct notation for an IPv6 address?
Question72: A potential problem related to the physical installation of the Iris Scanner in regards to the usage of the iris pattern within a biometric system is:
Question73: It is a violation of the "separation of duties" principle when which of the following individuals access the software on systems implementing security?
Question74: Which OSI/ISO layer is responsible for determining the best route for data to be transferred?
Question75: Which of the following Intrusion Detection Systems (IDS) uses a database of attacks, known system vulnerabilities, monitoring current attempts to exploit those vulnerabilities, and then triggers an alarm if an attempt is found?
Question76: Like the Kerberos protocol, SESAME is also subject to which of the following?
Question77: A public key algorithm that does both encryption and digital signature is which of the following?
Question78: Which of the following backup methods is primarily run when time and tape space permits, and is used for the system archive or baselined tape sets?
Question79: Which of the following would constitute the best example of a password to use for access to a system by a network administrator?
Question80: What is the main characteristic of a multi-homed host?
Question81: What is the name of a one way transformation of a string of characters into a usually shorter fixed-length value or key that represents the original string? Such a transformation cannot be reversed?
Question82: What kind of encryption is realized in the S/MIME-standard?
Question83: For which areas of the enterprise are business continuity plans required?
Question84: Which of the following was designed to support multiple network types over the same serial link?
Question85: Which TCSEC level is labeled Controlled Access Protection?
Question86: Which of the following describes a technique in which a number of processor units are employed in a single computer system to increase the performance of the system in its application environment above the performance of a single processor of the same kind?
Question87: Another type of access control is lattice-based access control. In this type of control a lattice model is applied. How is this type of access control concept applied?
Question88: What would be the Annualized Rate of Occurrence (ARO) of the threat "user input error", in the case where a company employs 100 data entry clerks and every one of them makes one input error each month?
Question89: The control measures that are intended to reveal the violations of security policy using software and hardware are associated with:
Question90: The end result of implementing the principle of least privilege means which of the following?
Question91: What security model implies a central authority that define rules and sometimes global rules, dictating what subjects can have access to what objects?
Question92: Who is responsible for implementing user clearances in computer-based information systems at the B3 level of the TCSEC rating ?
Question93: Which of the following was developed by the National Computer Security Center (NCSC) for the US Department of Defense ?
Question94: Which of the following Operation Security controls is intended to prevent unauthorized intruders from internally or externally accessing the system, and to lower the amount and impact of unintentional errors that are entering the system?
Question95: What assesses potential loss that could be caused by a disaster?
Question96: Which of the following questions is less likely to help in assessing an organization's contingency planning controls?
Question97: What is NOT true about a one-way hashing function?
Question98: Which of the following issues is not addressed by digital signatures?
Question99: Which backup type run at regular intervals would take the least time to complete?
Question100: Which of the following describes a logical form of separation used by secure computing systems?
Question101: If an organization were to monitor their employees' e-mail, it should not:
Question102: Which of the following statements is most accurate regarding a digital signature?
Question103: Which of the following biometric devices offers the LOWEST CER?
Question104: Which of the following statements pertaining to link encryption is false?
Question105: What is the primary goal of setting up a honeypot?
Question106: Which of the following is a CHARACTERISTIC of a decision support system (DSS) in regards to Threats and Risks Analysis?
Question107: Which of the following computer design approaches is based on the fact that in earlier technologies, the instruction fetch was the longest part of the cycle?
Question108: Which of the following protocols suite does the Internet use?
Question109: Which of the following is best provided by symmetric cryptography?
Question110: Which of the following backup methods is most appropriate for off-site archiving?
Question111: Which of the following is a tool often used to reduce the risk to a local area network (LAN) that has external connections by filtering Ingress and Egress traffic?
Question112: RADIUS incorporates which of the following services?
Question113: What is the RESULT of a hash algorithm being applied to a message ?
Question114: In telephony different types of connections are being used. The connection from the phone company's branch office to local customers is referred to as which of the following choices?
Question115: Under United States law, an investigator's notebook may be used in court in which of the following scenarios?
Question116: When attempting to establish Liability, which of the following would be describe as performing the ongoing maintenance necessary to keep something in proper working order, updated, effective, or to abide by what is commonly expected in a situation?
Question117: Which of the following security mode of operation does NOT require all users to have the clearance for all information processed on the system?
Question118: A variation of the application layer firewall is called a:
Question119: What is called the verification that the user's claimed identity is valid and is usually implemented through a user password at log-on time?
Question120: What would be considered the biggest drawback of Host-based Intrusion Detection systems (HIDS)?
Question121: Which layer of the OSI/ISO model handles physical addressing, network topology, line discipline, error notification, orderly delivery of frames, and optional flow control?
Question122: Which of the following statements pertaining to stream ciphers is correct?
Question123: Which of the following are required for Life-Cycle Assurance?
Question124: Which of the following assertions is NOT true about pattern matching and anomaly detection in intrusion detection?
Question125: Which of the following is NOT a characteristic or shortcoming of packet filtering gateways?
Question126: In a stateful inspection firewall, data packets are captured by an inspection engine that is operating at the:
Question127: Which of the following protects a password from eavesdroppers and supports the encryption of communication?
Question128: What is called the probability that a threat to an information system will materialize?
Question129: Why would a memory dump be admissible as evidence in court?
Question130: Which of the following choices describe a condition when RAM and Secondary storage are used together?
Question131: Which of the following is the most secure form of triple-DES encryption?
Question132: Business Continuity and Disaster Recovery Planning (Primarily) addresses the:
Question133: Application Layer Firewalls operate at the:
Question134: Which of the following services relies on UDP?
Question135: Which of the following technologies has been developed to support TCP/IP networking over low-speed serial interfaces?
Question136: Which of the following is an IP address that is private (i.e. reserved for internal networks, and not a valid address to use on the Internet)?
Question137: Which of the following biometric parameters are better suited for authentication use over a long period of time?
Question138: Which of the following offers security to wireless communications?
Question139: Which of the following is needed for System Accountability?
Question140: Which of the following does not address Database Management Systems (DBMS) Security?
Question141: Which of the following is an advantage of a qualitative over a quantitative risk analysis?
Question142: As per RFC 1122, which of the following is not a defined layer in the DoD TCP/IP protocol model?
Question143: Which of the following is an example of discretionary access control?
Question144: Controls like guards and general steps to maintain building security, securing of server rooms or laptops, the protection of cables, and usage of magnetic switches on doors and windows are some of the examples of:
Question145: What size is an MD5 message digest (hash)?
Question146: What is used to protect programs from all unauthorized modification or executional interference?
Question147: Knowledge-based Intrusion Detection Systems (IDS) are more common than:
Question148: Which of the following is the MOST important aspect relating to employee termination?
Question149: Which of the following phases of a software development life cycle normally addresses Due Care and Due Diligence?
Question150: Which of the following is less likely to be used today in creating a Virtual Private Network?
Question151: Related to information security, the guarantee that the message sent is the message received with the assurance that the message was not intentionally or unintentionally altered is an example of which of the following?
Question152: Which of the following is biggest factor that makes Computer Crimes possible?
Question153: Which of the following is NOT a proper component of Media Viability Controls?
Question154: Which of the following access methods is used by Ethernet?
Question155: Which of the following is responsible for MOST of the security issues?
Question156: A X.509 public key certificate with the key usage attribute "non repudiation" can be used for which of the following?
Question157: The major objective of system configuration management is which of the following?
Question158: Kerberos depends upon what encryption method?
Question159: Secure Electronic Transaction (SET) and Secure HTTP (S-HTTP) operate at which layer of the OSI model?
Question160: Which port does the Post Office Protocol Version 3 (POP3) make use of?
Question161: Which Network Address Translation (NAT) is the most convenient and secure solution?
Question162: Which of the following is not one of the three goals of Integrity addressed by the Clark-Wilson model?
Question163: Which of the following is NOT a type of motion detector?
Question164: Which of the following statements pertaining to VPN protocol standards is false?
Question165: What mechanism does a system use to compare the security labels of a subject and an object?
Question166: Which of the following remote access authentication systems is the most robust?
Question167: A business continuity plan should list and prioritize the services that need to be brought back after a disaster strikes. Which of the following services is more likely to be of primary concern in the context of what your Disaster Recovery Plan would include?
Question168: Which of the following BEST explains why computerized information systems frequently fail to meet the needs of users?
Question169: Which of the following Kerberos components holds all users' and services' cryptographic keys?
Question170: Which of the following is most relevant to determining the maximum effective cost of access control?
Question171: Remote Procedure Call (RPC) is a protocol that one program can use to request a service from a program located in another computer in a network. Within which OSI/ISO layer is RPC implemented?
Question172: Which of the following is not a logical control when implementing logical access security?
Question173: Which of the following statements do not apply to a hot site?
Question174: Which protocol makes USE of an electronic wallet on a customer's PC and sends encrypted credit card information to merchant's Web server, which digitally signs it and sends it on to its processing bank?
Question175: What kind of Encryption technology does SSL utilize?
Question176: Which of the following test makes sure the modified or new system includes appropriate access controls and does not introduce any security holes that might compromise other systems?
Question177: Which of the following statements pertaining to ethical hacking is incorrect?
Question178: Which of the following was developed to address some of the weaknesses in Kerberos and uses public key cryptography for the distribution of secret keys and provides additional access control support?
Question179: Communications devices must operate:
Question180: Which of the following security modes of operation involves the highest risk?
Question181: Which of the following statements pertaining to disaster recovery is incorrect?
Question182: Another example of Computer Incident Response Team (CIRT) activities is:
Question183: Which of the following steps is NOT one of the eight detailed steps of a Business Impact Assessment (BIA):
Question184: Which xDSL flavour can deliver up to 52 Mbps downstream over a single copper twisted pair?
Question185: When preparing a business continuity plan, who of the following is responsible for identifying and prioritizing time-critical systems?
Question186: Which of the following tools is NOT likely to be used by a hacker?
Question187: The number of violations that will be accepted or forgiven before a violation record is produced is called which of the following?
Question188: What can be defined as a digital certificate that binds a set of descriptive data items, other than a public key, either directly to a subject name or to the identifier of another certificate that is a public-key certificate?
Question189: Which of the following would be true about Static password tokens?
Question190: Which of the following would provide the BEST stress testing environment taking under consideration and avoiding possible data exposure and leaks of sensitive data?
Question191: What is the essential difference between a self-audit and an independent audit?
Question192: What is called the access protection system that limits connections by calling back the number of a previously authorized location?
Question193: What IDS approach relies on a database of known attacks?
Question194: Which of the following is NOT true concerning Application Control?
Question195: What is the Biba security model concerned with?
Question196: Which of the following is the simplest type of firewall ?
Question197: What is the role of IKE within the IPsec protocol?
Question198: The information security staff's participation in which of the following system development life cycle phases provides maximum benefit to the organization?
Question199: What is the most correct choice below when talking about the steps to resume normal operation at the primary site after the green light has been given by the salvage team?
Question200: In an online transaction processing system (OLTP), which of the following actions should be taken when erroneous or invalid transactions are detected?
Question201: Which of the following backup methods makes a complete backup of every file on the server every time it is run?
Question202: What is the goal of the Maintenance phase in a common development process of a security policy?
Question203: Which of the following is NOT a common category/classification of threat to an IT system?
Question204: Which of the following is the most secure firewall implementation?
Question205: Which of the following is NOT a form of detective administrative control?
Question206: How should a risk be HANDLED when the cost of the countermeasure OUTWEIGHS the cost of the risk?
Question207: What is the most secure way to dispose of information on a CD-ROM?
Question208: In Mandatory Access Control, sensitivity labels attached to object contain what information?
Question209: Which of the following is NOT an asymmetric key algorithm?
Question210: A deviation from an organization-wide security policy requires which of the following?
Question211: What is also known as 10Base5?
Question212: When considering an IT System Development Life-cycle, security should be:
Question213: Which of the following specifically addresses cyber attacks against an organization's IT systems?
Question214: Which of the following would best describe the difference between white-box testing and black-box testing?
Question215: Which of the following statements pertaining to biometrics is false?
Question216: Which of the following is covered under Crime Insurance Policy Coverage?
Question217: Which of the following countermeasures would be the most appropriate to prevent possible intrusion or damage from wardialing attacks?
Question218: Secure Sockets Layer (SSL) is very heavily used for protecting which of the following?
Question219: Which of the following protocols is designed to send individual messages securely?
Question220: Which of the following can best be defined as a cryptanalysis technique in which the analyst tries to determine the key from knowledge of some plaintext-ciphertext pairs?
Question221: Which software development model is actually a meta-model that incorporates a number of the software development models?
Question222: Which of the following is the core of fiber optic cables made of?
Question223: What are the components of an object's sensitivity label?
Question224: Which of the following cannot be undertaken in conjunction or while computer incident handling is ongoing?
Question225: Which of the following questions is less likely to help in assessing identification and authentication controls?
Question226: Which of the following is needed for System Accountability?
Question227: Which security model uses division of operations into different parts and requires different users to perform each part?
Question228: Which of the following access control models is based on sensitivity labels?
Question229: Which cable technology refers to the CAT3 and CAT5 categories?
Question230: What can be defined as a table of subjects and objects indicating what actions individual subjects can take upon individual objects?
Question231: Which of the following is NOT a system-sensing wireless proximity card?
Question232: The National Institute of Standards and Technology (NIST) standard pertaining to perimeter protection states that critical areas should be illuminated up to?
Question233: What uses a key of the same length as the message where each bit or character from the plaintext is encrypted by a modular addition?
Question234: If any server in the cluster crashes, processing continues transparently, however, the cluster suffers some performance degradation. This implementation is sometimes called a:
Question235: Which of the following is used by RADIUS for communication between clients and servers?
Question236: What is the 802.11 standard related to?
Question237: Which of the following can be used as a covert channel?
Question238: One of the following statements about the differences between PPTP and L2TP is NOT true
Question239: Devices that supply power when the commercial utility power system fails are called which of the following?
Question240: Notifying the appropriate parties to take action in order to determine the extent of the severity of an incident and to remediate the incident's effects is part of:
Question241: Which of the following security models does NOT concern itself with the flow of data?
Question242: Which of the following statements is true about data encryption as a method of protecting data?
Question243: The International Standards Organization / Open Systems Interconnection (ISO/OSI) Layers does NOT have which of the following characteristics?
Question244: Who is ultimately responsible for the security of computer based information systems within an organization?
Question245: Which of the following is true about link encryption?
Question246: In SSL/TLS protocol, what kind of authentication is supported when you establish a secure session between a client and a server?
Question247: Which of the following attacks could capture network user passwords?
Question248: Because ordinary cable introduces a toxic hazard in the event of fire, special cabling is required in a separate area provided for air circulation for heating, ventilation, and air-conditioning (sometimes referred to as HVAC) and typically provided in the space between the structural ceiling and a drop-down ceiling.
This area is referred to as the:
Question249: What is called the percentage of valid subjects that are falsely rejected by a Biometric Authentication system?
Question250: How are memory cards and smart cards different?
Question251: What ensures that the control mechanisms correctly implement the security policy for the entire life cycle of an information system?
Question252: How many bits is the effective length of the key of the Data Encryption Standard algorithm?
Question253: Which access model is most appropriate for companies with a high employee turnover?
Question254: Why does fiber optic communication technology have significant security advantage over other transmission technology?
Question255: In what type of attack does an attacker try, from several encrypted messages, to figure out the key used in the encryption process?
Question256: Attributes that characterize an attack are stored for reference using which of the following Intrusion Detection System (IDS) ?
Question257: What are called user interfaces that limit the functions that can be selected by a user?
Question258: Which of the following is NOT a basic component of security architecture?
Question259: Which of the following is not a DES mode of operation?
Question260: This type of attack is generally most applicable to public-key cryptosystems, what type of attack am I ?
Question261: Which of the following would be the best criterion to consider in determining the classification of an information asset?
Question262: Which of the following questions is less likely to help in assessing physical access controls?
Question263: In the CIA triad, what does the letter A stand for?
Question264: How is Annualized Loss Expectancy (ALE) derived from a threat?
Question265: What can best be defined as the detailed examination and testing of the security features of an IT system or product to ensure that they work correctly and effectively and do not show any logical vulnerabilities, such as evaluation criteria?
Question266: Which of the following is NOT a property of the Rijndael block cipher algorithm?
Question267: Which of the following services is NOT provided by the digital signature standard (DSS)?
Question268: Which of the following NAT firewall translation modes offers no protection from hacking attacks to an internal host using this functionality?
Question269: Which of the following is the most important consideration in locating an alternate computing facility during the development of a disaster recovery plan?
Question270: A 'Pseudo flaw' is which of the following?
Question271: Which of the following OSI layers provides routing and related services?
Question272: Access Control techniques do not include which of the following choices?
Question273: Which of the following terms can be described as the process to conceal data into another file or media in a practice known as security through obscurity?
Question274: How do you distinguish between a bridge and a router?
Question275: Which of the following is an extension to Network Address Translation that permits multiple devices providing services on a local area network (LAN) to be mapped to a single public IP address?
Question276: Which of the following models does NOT include data integrity or conflict of interest?
Question277: Which of the following is not a component of a Operations Security "triples"?
Question278: What is a packet sniffer?
Question279: What is called an event or activity that has the potential to cause harm to the information systems or networks?
Question280: What mechanism automatically causes an alarm originating in a data center to be transmitted over the local municipal fire or police alarm circuits for relaying to both the local police/fire station and the appropriate headquarters?
Question281: Detective/Technical measures:
Question282: Which of the following logical access exposures INVOLVES CHANGING data before, or as it is entered into the computer?
Question283: Which backup method copies only files that have changed since the last full backup, but does not clear the archive bit?
Question284: Which of the following binds a subject name to a public key value?
Question285: Which of the following reviews system and event logs to detect attacks on the host and determine if the attack was successful?
Question286: You work in a police department forensics lab where you examine computers for evidence of crimes. Your work is vital to the success of the prosecution of criminals.
One day you receive a laptop and are part of a two man team responsible for examining it together.
However, it is lunch time and after receiving the laptop you leave it on your desk and you both head out to lunch.
What critical step in forensic evidence have you forgotten?
Question287: This type of supporting evidence is used to help prove an idea or a point, however It cannot stand on its own, it is used as a supplementary tool to help prove a primary piece of evidence. What is the name of this type of evidence?
Question288: Which of the following best describes the purpose of debugging programs?
Question289: Which one of the following is NOT one of the outcomes of a vulnerability assessment?
Question290: Business Continuity Planning (BCP) is not defined as a preparation that facilitates:
Question291: Which of the following floors would be most appropriate to locate information processing facilities in a 6- stories building?
Question292: In response to Access-request from a client such as a Network Access Server (NAS), which of the following is not one of the response from a RADIUS Server?
Question293: A Security Kernel is defined as a strict implementation of a reference monitor mechanism responsible for enforcing a security policy. To be secure, the kernel must meet three basic conditions, what are they?
Question294: Packet Filtering Firewalls can also enable access for:
Question295: Which of the following is used to monitor network traffic or to monitor host audit logs in real time to determine violations of system security policy that have taken place?
Question296: Which of the following is less likely to accompany a contingency plan, either within the plan itself or in the form of an appendix?
Question297: What is the main focus of the Bell-LaPadula security model?
Question298: When backing up an applications system's data, which of the following is a key question to be answered first?
Question299: What is called the formal acceptance of the adequacy of a system's overall security by the management?
Question300: Which of the following is unlike the other three choices presented?
Question301: Which of the following addresses a portion of the primary memory by specifying the actual address of the memory location?
Question302: How can an individual/person best be identified or authenticated to prevent local masquarading attacks?
Question303: Which of the following remote access authentication systems is the most robust?
Question304: What do the ILOVEYOU and Melissa virus attacks have in common?
Question305: A momentary high voltage is a:
Question306: An attack initiated by an entity that is authorized to access system resources but uses them in a way not approved by those who granted the authorization is known as a(n):
Question307: Controls provide accountability for individuals who are accessing sensitive information. This accountability is accomplished:
Question308: What can be defined as secret communications where the very existence of the message is hidden?
Question309: Which of the following recovery plan test results would be most useful to management?
Question310: Which of the following statements pertaining to Kerberos is TRUE?
Question311: Which of the following security controls might force an operator into collusion with personnel assigned organizationally within a different function in order to gain access to unauthorized data?
Question312: What is the appropriate role of the security analyst in the application system development or acquisition project?
Question313: Which is the last line of defense in a physical security sense?
Question314: The preliminary steps to security planning include all of the following EXCEPT which of the following?
Question315: Which of the following algorithms does NOT provide hashing?
Question316: Which virus category has the capability of changing its own code, making it harder to detect by anti-virus software?
Question317: Which of the following will a Business Impact Analysis NOT identify?
Question318: Which of the following statements relating to the Bell-LaPadula security model is FALSE (assuming the Strong Star property is not being used) ?
Question319: Which one of the following factors is NOT one on which Authentication is based?
Question320: What can be defined as a value computed with a cryptographic algorithm and appended to a data object in such a way that any recipient of the data can use the signature to verify the data's origin and integrity?
Question321: Why does compiled code pose more of a security risk than interpreted code?
Question322: Why should batch files and scripts be stored in a protected area?
Question323: Which of the following is most affected by denial-of-service (DOS) attacks?
Question324: External consistency ensures that the data stored in the database is:
Question325: In addition to the accuracy of the biometric systems, there are other factors that must also be considered:
Question326: Which ISO/OSI layer establishes the communications link between individual devices over a physical link or channel?
Question327: Which of the following classes is the first level (lower) defined in the TCSEC (Orange Book) as mandatory protection?
Question328: Which of the following is NOT an advantage that TACACS+ has over TACACS?
Question329: Which one of the following authentication mechanisms creates a problem for mobile users?
Question330: Communications and network security relates to transmission of which of the following?
Question331: One purpose of a security awareness program is to modify:
Question332: Which of the following is an advantage in using a bottom-up versus a top-down approach to software testing?
Question333: Which of the following is true related to network sniffing?
Question334: Which of the following is a set of data processing elements that increases the performance in a computer by overlapping the steps of different instructions?
Question335: Which IPSec operational mode encrypts the entire data packet (including header and data) into an IPSec packet?
Question336: Which of the following category of UTP cables is specified to be able to handle gigabit Ethernet (1 Gbps) according to the EIA/TIA-568-B standards?
Question337: Which of the following protocols is not implemented at the Internet layer of the TCP/IP protocol model?
Question338: What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
Question339: Which of the following is NOT a valid reason to use external penetration service firms rather than corporate resources?
Question340: Which of the following can best define the "revocation request grace period"?
Question341: You are running a packet sniffer on a network and see a packet containing a long string of "0x90 0x90
0x90 0x90...." in the middle of it traveling to an x86-based machine as a target. This could be indicative of what activity being attempted?
Question342: Which of the following is an example of an active attack?
Question343: Once evidence is seized, a law enforcement officer should emphasize which of the following?
Question344: Which of the following is the best reason for the use of an automated risk analysis tool?
Question345: Examples of types of physical access controls include all EXCEPT which of the following?
Question346: Which of the following statements pertaining to the security kernel is incorrect?
Question347: Which of the following ciphers is a subset on which the Vigenere polyalphabetic cipher was based on?
Question348: What does the directive of the European Union on Electronic Signatures deal with?
Question349: At which layer of ISO/OSI does the fiber optics work?
Question350: What can be described as a measure of the magnitude of loss or impact on the value of an asset?
Question351: A prolonged high voltage is a:
Question352: What is the highest amount a company should spend annually on countermeasures for protecting an asset valued at $1,000,000 from a threat that has an annualized rate of occurrence (ARO) of once every five years and an exposure factor (EF) of 30%?
Question353: Who can best decide what are the adequate technical security controls in a computer-based application system in regards to the protection of the data being used, the criticality of the data, and it's sensitivity level ?
Question354: Which of the following is a LAN transmission method?
Question355: What type of cable is used with 100Base-TX Fast Ethernet?
Question356: How would an IP spoofing attack be best classified?
Question357: The throughput rate is the rate at which individuals, once enrolled, can be processed and identified or authenticated by a biometric system. Acceptable throughput rates are in the range of:
Question358: Which of the following is most concerned with personnel security?
Question359: In this type of attack, the intruder re-routes data traffic from a network device to a personal machine. This diversion allows an attacker to gain access to critical resources and user credentials, such as passwords, and to gain unauthorized access to critical systems of an organization. Pick the best choice below.
Question360: What is defined as inference of information from other, intermediate, relevant facts?
Question361: Which of the following statements pertaining to a Criticality Survey is incorrect?
Question362: Which of the following is true of network security?
Question363: Which of the following is not a preventive login control?
Question364: Computer security should be first and foremost which of the following:
Question365: Which access control model would a lattice-based access control model be an example of?
Question366: Which of the following security-focused protocols has confidentiality services operating at a layer different from the others?
Question367: While using IPsec, the ESP and AH protocols both provides integrity services. However when using AH, some special attention needs to be paid if one of the peers uses NAT for address translation service.
Which of the items below would affects the use of AH and it´s Integrity Check Value (ICV) the most?
Question368: What does the (star) property mean in the Bell-LaPadula model?
Question369: What is the name of the third party authority that vouches for the binding between the data items in a digital certificate?
Question370: What is the main objective of proper separation of duties?
Question371: Crackers today are MOST often motivated by their desire to:
Question372: What is the most critical characteristic of a biometric identifying system?
Question373: Which is NOT a suitable method for distributing certificate revocation information?
Question374: Which of the following offers confidentiality to an e-mail message?
Question375: Which of the following would best describe a Concealment cipher?
Question376: Which of the following is the act of performing tests and evaluations to test a system's security level to see if it complies with the design specifications and security requirements?
Question377: Failure of a contingency plan is usually:
Question378: Why is infrared generally considered to be more secure to eavesdropping than multidirectional radio transmissions?
Question379: Which of the following can be best defined as computing techniques for inseparably embedding unobtrusive marks or labels as bits in digital data and for detecting or extracting the marks later?
Question380: Which of the following type of traffic can easily be filtered with a stateful packet filter by enforcing the context or state of the request?
Question381: In an organization, an Information Technology security function should:
Question382: Which of the following protocols that provide integrity and authentication for IPSec, can also provide non- repudiation in IPSec?
Question383: Which of the following best ensures accountability of users for the actions taken within a system or domain?
Question384: Which of the following is not an example of a block cipher?
Question385: Which of the following monitors network traffic in real time?
Question386: What key size is used by the Clipper Chip?
Question387: Which of the following statements pertaining to packet filtering is incorrect?
Question388: Which of the following steps should be one of the first step performed in a Business Impact Analysis (BIA)?
Question389: What is the main purpose of Corporate Security Policy?
Question390: Which of the following division is defined in the TCSEC (Orange Book) as minimal protection?
Question391: When first analyzing an intrusion that has just been detected and confirming that it is a true positive, which of the following actions should be done as a first step if you wish to prosecute the attacker in court?
Question392: A copy of evidence or oral description of its contents; which is not as reliable as best evidence is what type of evidence?
Question393: Access Control techniques do not include which of the following?
Question394: Prior to a live disaster test also called a Full Interruption test, which of the following is most important?
Question395: In the course of responding to and handling an incident, you work on determining the root cause of the incident. In which step are you in?
Question396: Which of the following is NOT a compensating measure for access violations?
Question397: What can be defined as the maximum acceptable length of time that elapses before the unavailability of the system severely affects the organization?
Question398: Which of the following statements pertaining to RADIUS is incorrect:
Question399: Who is responsible for initiating corrective measures and capabilities used when there are security violations?
Question400: What can be best defined as the examination of threat sources against system vulnerabilities to determine the threats for a particular system in a particular operational environment?
Question401: Which of the following was designed as a more fault-tolerant topology than Ethernet, and very resilient when properly implemented?
Question402: What can be defined as an event that could cause harm to the information systems?
Question403: Which of the following statements pertaining to Kerberos is false?
Question404: What is defined as the rules for communicating between computers on a Local Area Network (LAN)?
Question405: What is the maximum key size for the RC5 algorithm?
Question406: When referring to a computer crime investigation, which of the following would be the MOST important step required in order to preserve and maintain a proper chain of custody of evidence:
Question407: What is the primary role of smartcards in a PKI?
Question408: Which of the following is not a disadvantage of symmetric cryptography when compared with Asymmetric Ciphers?
Question409: Which conceptual approach to intrusion detection system is the most common?
Question410: Which of the following can prevent hijacking of a web session?
Question411: Which communication method is characterized by very high speed transmission rates that are governed by electronic clock timing signals?
Question412: Which of the following devices enables more than one signal to be sent out simultaneously over one physical circuit?
Question413: What would BEST define risk management?
Question414: In a known plaintext attack, the cryptanalyst has knowledge of which of the following?
Question415: In discretionary access environments, which of the following entities is authorized to grant information access to other people?
Question416: Which of the following exemplifies proper separation of duties?
Question417: How often should tests and disaster recovery drills be performed?
Question418: In biometric identification systems, at the beginning, it was soon apparent that truly positive identification could only be based on :
Question419: Which of the following can be defined as the process of rerunning a portion of the test scenario or test plan to ensure that changes or corrections have not introduced new errors?
Question420: Which of the following ports does NOT normally need to be open for a mail server to operate?
Question421: Which of the following protects Kerberos against replay attacks?
Question422: Which of the following is an Internet IPsec protocol to negotiate, establish, modify, and delete security associations, and to exchange key generation and authentication data, independent of the details of any specific key generation technique, key establishment protocol, encryption algorithm, or authentication mechanism?
Question423: Who first described the DoD multilevel military security policy in abstract, formal terms?
Question424: Which of the following are NOT a countermeasure to traffic analysis?
Question425: Which OSI/ISO layer is the Media Access Control (MAC) sublayer part of?
Question426: Which of the following is an issue with signature-based intrusion detection systems?
Question427: What is the PRIMARY use of a password?
Question428: Which of the following statements regarding an off-site information processing facility is TRUE?
Question429: The RSA Algorithm uses which mathematical concept as the basis of its encryption?
Question430: Which of the following was developed as a simple mechanism for allowing simple network terminals to load their operating system from a server over the LAN?
Question431: Which of the following access control models requires defining classification for objects?
Question432: Java is not:
Question433: Which disaster recovery plan test involves functional representatives meeting to review the plan in detail?
Question434: What kind of certificate is used to validate a user identity?
Question435: Which one of the following statements about the advantages and disadvantages of network-based Intrusion detection systems is true
Question436: Which of the following is an IP address that is private (i.e. reserved for internal networks, and not a valid address to use on the Internet)?
Question437: Qualitative loss resulting from the business interruption does NOT usually include:
Question438: Which of the following items is NOT a benefit of cold sites?
Question439: Which of the following would be MOST important to guarantee that the computer evidence will be admissible in court?
Question440: What protocol is used to match an IP address to the appropriate hardware address of the packet's destination so it can be sent?
Question441: Rule-Based Access Control (RuBAC) access is determined by rules. Such rules would fit within what category of access control ?
Question442: What is the MOST critical piece to disaster recovery and continuity planning?
Question443: Which of the following is a device that is used to regenerate or replicate the received signals?
Question444: The three classic ways of authenticating yourself to the computer security software are: something you know, something you have, and something:
Question445: Which of the following biometric characteristics cannot be used to uniquely authenticate an individual's identity?
Question446: What is called a password that is the same for each log-on session?
Question447: Which of the following is a symmetric encryption algorithm?
Question448: Which of the following service is not provided by a public key infrastructure (PKI)?
Question449: Which xDSL flavour, appropriate for home or small offices, delivers more bandwidth downstream than upstream and over longer distance?
Question450: Which of the following is NOT a defined ISO basic task related to network management?
Question451: Ensuring least privilege does not require:
Question452: A proxy is considered a:
Question453: The Reference Validation Mechanism that ensures the authorized access relationships between subjects and objects is implementing which of the following concept:
Question454: What is a hot-site facility?
Question455: Which of the following access control techniques best gives the security officers the ability to specify and enforce enterprise-specific security policies in a way that maps naturally to an organization's structure?
Question456: Which of the following algorithms is a stream cipher?
Question457: Which of the following statements pertaining to using Kerberos without any extension is false?
Question458: Which of the following should NOT normally be allowed through a firewall?
Question459: Risk analysis is MOST useful when applied during which phase of the system development process?
Question460: What is considered the most important type of error to avoid for a biometric access control system?
Question461: A department manager has read access to the salaries of the employees in his/her department but not to the salaries of employees in other departments. A database security mechanism that enforces this policy would typically be said to provide which of the following?
Question462: What security model is dependent on security labels?
Question463: Which of the following encryption algorithms does not deal with discrete logarithms?
Question464: Which element must computer evidence have to be admissible in court?
Question465: Which access control model is also called Non Discretionary Access Control (NDAC)?
Question466: In Synchronous dynamic password tokens:
Question467: After a company is out of an emergency state, what should be moved back to the original site first?
Question468: Which protocol is used to send email?
Question469: Which of the following is TRUE regarding Transmission Control Protocol (TCP) and User Datagram Protocol (UDP)?
Question470: Similar to Secure Shell (SSH-2), Secure Sockets Layer (SSL) uses symmetric encryption for encrypting the bulk of the data being sent over the session and it uses asymmetric or public key cryptography for:
Question471: Which of the following statements pertaining to disk mirroring is incorrect?
Question472: Which of the following forms of authentication would most likely apply a digital signature algorithm to every bit of data that is sent from the claimant to the verifier?
Question473: Which of the following is an example of a passive attack?
Question474: Which backup method does not reset the archive bit on files that are backed up?
Question475: Which of the following statements pertaining to link encryption is false?
Question476: A Business Continuity Plan should be tested:
Question477: If an employee's computer has been used by a fraudulent employee to commit a crime, the hard disk may be seized as evidence and once the investigation is complete it would follow the normal steps of the Evidence Life Cycle. In such case, the Evidence life cycle would not include which of the following steps listed below?
Question478: Which of the following is not a two-factor authentication mechanism?
Question479: Why do buffer overflows happen? What is the main cause?
Question480: Computer-generated evidence is considered:
Question481: In the Bell-LaPadula model, the Star-property is also called:
Question482: A DMZ is also known as a
Question483: Which of the following is NOT a symmetric key algorithm?
Question484: Which of the following is NOT a factor related to Access Control?
Question485: Which of the following is not a responsibility of an information (data) owner?
Question486: Which common backup method is the fastest on a daily basis?
Question487: Which one of the following represents an ALE calculation?
Question488: Most access violations are:
Question489: Which of the following IEEE standards defines the token ring media access method?
Question490: Which of the following is NOT an example of an operational control?
Question491: What is the main concern with single sign-on?
Question492: Which of the following is NOT a true statement regarding the implementaton of the 3DES modes?
Question493: Which of the following choice is NOT normally part of the questions that would be asked in regards to an organization's information security policy?
Question494: An effective information security policy should not have which of the following characteristic?
Question495: Almost all types of detection permit a system's sensitivity to be increased or decreased during an inspection process. If the system's sensitivity is increased, such as in a biometric authentication system, the system becomes increasingly selective and has the possibility of generating:
Question496: Which of the following cryptographic attacks describes when the attacker has a copy of the plaintext and the corresponding ciphertext?
Question497: In which of the following security models is the subject's clearance compared to the object's classification such that specific rules can be applied to control how the subject-to-object interactions take place?
Question498: In which layer of the OSI Model are connection-oriented protocols located in the TCP/IP suite of protocols?
Question499: During the salvage of the Local Area Network and Servers, which of the following steps would normally be performed first?
Question500: Which of the following is best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in a system?
Question501: Which of the following statements pertaining to disaster recovery planning is incorrect?
Question502: Organizations should not view disaster recovery as which of the following?
Question503: Which of the following is not a preventive operational control?
Question504: Which of the following is the primary security feature of a proxy server?
Question505: Within the legal domain what rule is concerned with the legality of how the evidence was gathered ?
Question506: Which of the following firewall rules found on a firewall installed between an organization's internal network and the Internet would present the greatest danger to the internal network?
Question507: Which of the following ASYMMETRIC encryption algorithms is based on the difficulty of FACTORING LARGE NUMBERS?
Question508: In the UTP category rating, the tighter the wind:
Question509: Which of the following rules is least likely to support the concept of least privilege?
Question510: Which of the following DoD Model layer provides non-repudiation services?
Question511: What is the difference between Advisory and Regulatory security policies?
Question512: What is the name for a substitution cipher that shifts the alphabet by 13 places?
Question513: Which expert system operating mode allows determining if a given hypothesis is valid?
Question514: The basic language of modems and dial-up remote access systems is:
Question515: Which security model is based on the military classification of data and people with clearances?
Question516: Controls provide accountability for individuals who are accessing sensitive information. This accountability is accomplished:
Question517: The Data Encryption Algorithm performs how many rounds of substitution and permutation?
Question518: Which of the following computer crime is MORE often associated with INSIDERS?
Question519: What is a decrease in amplitude as a signal propagates along a transmission medium best known as?
Question520: What is called a sequence of characters that is usually longer than the allotted number for a password?
Question521: Which of the following does not apply to system-generated passwords?
Question522: What security problem is most likely to exist if an operating system permits objects to be used sequentially by multiple users without forcing a refresh of the objects?
Question523: Within the OSI model, at what layer are some of the SLIP, CSLIP, PPP control functions provided?
Question524: The security of a computer application is most effective and economical in which of the following cases?
Question525: Network cabling comes in three flavors, they are:
Question526: Where parties do not have a shared secret and large quantities of sensitive information must be passed, the most efficient means of transferring information is to use Hybrid Encryption Methods. What does this mean?
Question527: Which of the following identifies the encryption algorithm selected by NIST for the new Advanced Encryption Standard?
Question528: The property of a system or a system resource being accessible and usable upon demand by an authorized system entity, according to performance specifications for the system is referred to as?
Question529: The following is NOT a security characteristic we need to consider while choosing a biometric identification systems:
Question530: Due care is not related to:
Question531: Which of the following would best define a digital envelope?
Question532: Which backup method is used if backup time is critical and tape space is at an extreme premium?
Question533: What is the PRIMARY goal of incident handling?
Question534: Which of the following is NOT an advantage that TACACS+ has over TACACS?
Question535: Which of the following control pairing places emphasis on "soft" mechanisms that support the access control objectives?
Question536: Which of the following are REGISTERED PORTS as defined by IANA ?
Question537: A central authority determines what subjects can have access to certain objects based on the organizational security policy is called:
Question538: Which of the following is NOT part of the Kerberos authentication protocol?
Question539: Which layer of the DoD TCP/IP Model ensures error-free delivery and packet sequencing?
Question540: Which of the following is a telecommunication device that translates data from digital to analog form and back to digital?
Question541: What is used to bind a document to its creation at a particular time?
Question542: What is the primary reason why some sites choose not to implement Trivial File Transfer Protocol (TFTP)?
Question543: Which of the following choices describe a Challenge-response tokens generation?
Question544: Which of the following is NOT true about IPSec Tunnel mode?
Question545: Which of the following layers provides end-to-end data transfer service?
Question546: Which of the following statements pertaining to protection rings is false?
Question547: Which of the following is NOT a characteristic of a host-based intrusion detection system?
Question548: Which of the following is most appropriate to notify an internal user that session monitoring is being conducted?
Question549: Which of the following is NOT a task normally performed by a Computer Incident Response Team (CIRT)?
Question550: Sensitivity labels are an example of what application control type?
Question551: The deliberate planting of apparent flaws in a system for the purpose of detecting attempted penetrations or confusing an intruder about which flaws to exploit is called:
Question552: What is called an attack in which an attacker floods a system with connection requests but does not respond when the target system replies to those requests?
Question553: All following observations about IPSec are correct except:
Question554: Making sure that the data is accessible when and where it is needed is which of the following?
Question555: Which of the following is an IP address that is private (i.e. reserved for internal networks, and not a valid address to use on the Internet)?
Question556: In regards to information classification what is the main responsibility of information (data) owner?
Question557: Which of the following is addressed by Kerberos?
Question558: Which of the following is a problem regarding computer investigation issues?
Question559: Degaussing is used to clear data from all of the following medias except:
Question560: Which of the following is an example of a connectionless communication protocol?
Question561: Guards are appropriate whenever the function required by the security program involves which of the following?
Question562: In biometrics, "one-to-many" search against database of stored biometric images is done in:
Question563: Related to information security, availability is the opposite of which of the following?
Question564: ICMP and IGMP belong to which layer of the OSI model?
Question565: What is called an attack where the attacker spoofs the source IP address in an ICMP ECHO broadcast packet so it seems to have originated at the victim's system, in order to flood it with REPLY packets?
Question566: Which of the following categories of hackers poses the greatest threat?
Question567: What is the proper term to refer to a single unit of Ethernet data at the link layer of the DoD TCP model ?
Question568: According to private sector data classification levels, how would salary levels and medical information be classified?
Question569: What algorithm has been selected as the AES algorithm, replacing the DES algorithm?
Question570: Which of the following rules pertaining to a Business Continuity Plan/Disaster Recovery Plan is incorrect?
Question571: In computing what is the name of a non-self-replicating type of malware program containing malicious code that appears to have some useful purpose but also contains code that has a malicious or harmful purpose imbedded in it, when executed, carries out actions that are unknown to the person installing it, typically causing loss or theft of data, and possible system harm.
Question572: The Information Technology Security Evaluation Criteria (ITSEC) was written to address which of the following that the Orange Book did not address?
Question573: Which of the following prevents, detects, and corrects errors so that the integrity, availability, and confidentiality of transactions over networks may be maintained?
Question574: Organizations should consider which of the following first before allowing external access to their LANs via the Internet?
Question575: Which of the following exemplifies proper separation of duties?
Question576: What is the greatest danger from DHCP?
Question577: A timely review of system access audit records would be an example of which of the basic security functions?
Question578: Which of the following answers is described as a random value used in cryptographic algorithms to ensure that patterns are not created during the encryption process?
Question579: Why is traffic across a packet switched network difficult to monitor?
Question580: A network-based vulnerability assessment is a type of test also referred to as:
Question581: Which of the following does NOT concern itself with key management?
Question582: Which of the following does NOT use token-passing?
Question583: Which of the following is NOT a technique used to perform a penetration test?
Question584: Which of the following outlined how senior management are responsible for the computer and information security decisions that they make and what actually took place within their organizations?
Question585: In addition to the Legal Department, with what company function must the collection of physical evidence be coordinated if an employee is suspected?
Question586: The control of communications test equipment should be clearly addressed by security policy for which of the following reasons?
Question587: What is Kerberos?
Question588: Which of the following is the most reliable authentication method for remote access?
Question589: Which of the following is best defined as an administrative declaration by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards?
Question590: What ISO/OSI layer do switches primarily operate at?
Do take note that this question makes reference to a plain vanilla switch and not one of the smart switches that is available on the market today.
Question591: Which OSI/ISO layer does a SOCKS server operate at?
Question592: Which of the following best allows risk management results to be used knowledgeably?
Question593: A contingency plan should address:
Question594: When you update records in multiple locations or you make a copy of the whole database at a remote location as a way to achieve the proper level of fault-tolerance and redundancy, it is knows as?
Question595: Which of the following would be used to implement Mandatory Access Control (MAC)?
Question596: Which of the following questions is less likely to help in assessing physical and environmental protection?
Question597: Which of the following would best describe secondary evidence?
Question598: Unshielded Twisted Pair (UTP) cables comes in several categories. The categories are based on:
Question599: Which of the following is often the greatest challenge of distributed computing solutions?
Question600: Which of the following results in the most devastating business interruptions?
Question601: Which access control model was proposed for enforcing access control in government and military applications?
Question602: Encapsulating Security Payload (ESP) provides some of the services of Authentication Headers (AH), but it is primarily designed to provide:
Question603: What can best be defined as high-level statements, beliefs, goals and objectives?
Question604: Which of the following is the LEAST user accepted biometric device?
Question605: What is called the percentage at which the False Rejection Rate equals the False Acceptance Rate?
Question606: Which of the following best corresponds to the type of memory addressing where the address location that is specified in the program instruction contains the address of the final desired location?
Question607: Which of the following statements is NOT true of IPSec Transport mode?
Question608: What algorithm was DES derived from?
Question609: Which of the following standards is concerned with message handling?
Question610: Cryptography does NOT help in:
Question611: Which of the following best describes what would be expected at a "hot site"?
Question612: Which of the following statements pertaining to the maintenance of an IT contingency plan is incorrect?
Question613: An Architecture where there are more than two execution domains or privilege levels is called:
Question614: What can be defined as a batch process dumping backup data through communications lines to a server at an alternate location?
Question615: Telnet and rlogin use which protocol?
Question616: Step-by-step instructions used to satisfy control requirements is called a:
Question617: What is a common problem when using vibration detection devices for perimeter control?
Question618: Which of the following statements pertaining to access control is false?
Question619: Why would anomaly detection IDSs often generate a large number of false positives?
Question620: Which of the following is a large hardware/software backup system that uses the RAID technology?
Question621: In stateful inspection firewalls, packets are:
Question622: What is the name of the protocol use to set up and manage Security Associations (SA) for IP Security (IPSec)?
Question623: Which type of attack involves hijacking a session between a host and a target by predicting the target's choice of an initial TCP sequence number?
Question624: Which protocol is NOT implemented in the Network layer of the OSI Protocol Stack?
Question625: In biometric identification systems, at the beginning, it was soon apparent that truly positive identification could only be based on physical attributes of a person. This raised the necessity of answering 2 questions
:
Question626: Controls to keep password sniffing attacks from compromising computer systems include which of the following?
Question627: At what stage of the applications development process should the security department become involved?
Question628: What is the primary difference between FTP and TFTP?
Question629: What can be defined as an instance of two different keys generating the same ciphertext from the same plaintext?
Question630: Which of the following is NOT a property of a one-way hash function?
Question631: A Packet Filtering Firewall system is considered a:
Question632: Who developed one of the first mathematical models of a multilevel-security computer system?
Question633: At which OSI/ISO layer is an encrypted authentication between a client software package and a firewall performed?
Question634: A periodic review of user account management should not determine:
Question635: In the Open Systems Interconnect (OSI) Reference Model, at what level are TCP and UDP provided?
Question636: An Intrusion Detection System (IDS) is what type of control?
Question637: All of the following can be considered essential business functions that should be identified when creating a Business Impact Analysis (BIA) except one. Which of the following would not be considered an essential element of the BIA but an important TOPIC to include within the BCP plan:
Question638: Which of the following access control models requires security clearance for subjects?
Question639: Under the principle of culpable negligence, executives can be held liable for losses that result from computer system breaches if:
Question640: How should a doorway of a manned facility with automatic locks be configured?
Question641: The controls that usually require a human to evaluate the input from sensors or cameras to determine if a real threat exists are associated with:
Question642: An access system that grants users only those rights necessary for them to perform their work is operating on which security principle?
Question643: What principle focuses on the uniqueness of separate objects that must be joined together to perform a task? It is sometimes referred to as "what each must bring" and joined together when getting access or decrypting a file. Each of which does not reveal the other?
Question644: What is the Maximum Tolerable Downtime (MTD)?
Question645: Another name for a VPN is a:
Question646: The criteria for evaluating the legal requirements for implementing safeguards is to evaluate the cost (C) of instituting the protection versus the estimated loss (L) resulting from the exploitation of the corresponding vulnerability. Therefore, a legal liability may exists when:
Question647: The session layer provides a logical persistent connection between peer hosts. Which of the following is one of the modes used in the session layer to establish this connection?
Question648: In biometrics, the "one-to-one" search used to verify claim to an identity made by a person is considered:
Question649: Whose role is it to assign classification level to information?
Question650: Which of the following are additional terms used to describe knowledge-based IDS and behavior-based IDS?
Question651: Which of the following is not a property of the Rijndael block cipher algorithm?
Question652: Which of the following statements pertaining to Asynchronous Transfer Mode (ATM) is false?
Question653: Which of the following is NOT a transaction redundancy implementation?
Question654: The Terminal Access Controller Access Control System (TACACS) employs which of the following?
Question655: Which security model introduces access to objects only through programs?
Question656: Which of the following type of cryptography is used when both parties use the same key to communicate securely with each other?
Question657: What is the PRIMARY reason to maintain the chain of custody on evidence that has been collected?
Question658: When an outgoing request is made on a port number greater than 1023, this type of firewall creates an ACL to allow the incoming reply on that port to pass:
Question659: Which of the following keys has the SHORTEST lifespan?
Question660: Which of the following algorithms is used today for encryption in PGP?
Question661: Which of the following describes the major disadvantage of many Single Sign-On (SSO) implementations?
Question662: Which of the following computer recovery sites is the least expensive and the most difficult to test?
Question663: Unshielded Twisted Pair cabling is a:
Question664: The viewing of recorded events after the fact using a closed-circuit TV camera is considered a
Question665: Which of the following offers security to wireless communications?
Question666: What is the maximum allowable key size of the Rijndael encryption algorithm?
Question667: Which of the following is true about Kerberos?
Question668: Secure Sockets Layer (SSL) uses a Message Authentication Code (MAC) for what purpose?
Question669: In order to be able to successfully prosecute an intruder:
Question670: What is it called when a computer uses more than one CPU in parallel to execute instructions?
Question671: Which OSI/ISO layers are TCP and UDP implemented at?
Question672: Which integrity model defines a constrained data item, an integrity verification procedure and a transformation procedure?
Question673: The fact that a network-based IDS reviews packets payload and headers enable which of the following?
Question674: What is the main problem of the renewal of a root CA certificate?
Question675: Which of the following statements pertaining to key management is incorrect?
Question676: What protocol is used on the Local Area Network (LAN) to obtain an IP address from it's known MAC address?
Question677: Which of the following would assist the most in Host Based intrusion detection?
Question678: The Logical Link Control sub-layer is a part of which of the following?
Question679: What works as an E-mail message transfer agent?
Question680: Which of the following is the most complete disaster recovery plan test type, to be performed after successfully completing the Parallel test?
Question681: Which of the following best defines add-on security?
Question682: Which access control model enables the OWNER of the resource to specify what subjects can access specific resources based on their identity?
Question683: The Secure Hash Algorithm (SHA-1) creates:
Question684: What does "residual risk" mean?
Question685: Which xDSL flavour delivers both downstream and upstream speeds of 1.544 Mbps over two copper twisted pairs?
Question686: The Data Encryption Standard (DES) encryption algorithm has which of the following characteristics?
Question687: What can best be described as an abstract machine which must mediate all access to subjects to objects?
Question688: What does the Clark-Wilson security model focus on?
Question689: In which of the following phases of system development life cycle (SDLC) is contingency planning most important?
Question690: Which of the following should be emphasized during the Business Impact Analysis (BIA) considering that the BIA focus is on business processes?
Question691: Pin, Password, Passphrases, Tokens, smart cards, and biometric devices are all items that can be used for Authentication. When one of these item listed above in conjunction with a second factor to validate authentication, it provides robust authentication of the individual by practicing which of the following?
Question692: Which of the following is most likely to be useful in detecting intrusions?
Question693: Layer 4 of the OSI stack is known as:
Question694: Which of the following is not appropriate in addressing object reuse?
Question695: What setup should an administrator use for regularly testing the strength of user passwords?
Question696: Which TCSEC class specifies discretionary protection?
Question697: Which of the following can be defined as a framework that supports multiple, optional authentication mechanisms for PPP, including cleartext passwords, challenge-response, and arbitrary dialog sequences?
Question698: Which of the following is the most reliable, secure means of removing data from magnetic storage media such as a magnetic tape, or a cassette?
Question699: The concept of best effort delivery is best associated with?
Question700: Which of the following can be defined as an Internet protocol by which a client workstation can dynamically access a mailbox on a server host to manipulate and retrieve mail messages that the server has received and is holding for the client?
Question701: If your property Insurance has Replacement Cost Valuation (RCV) clause your damaged property will be compensated:
Question702: Which of the following was developed in order to protect against fraud in electronic fund transfers (EFT) by ensuring the message comes from its claimed originator and that it has not been altered in transmission?
Question703: The computations involved in selecting keys and in enciphering data are complex, and are not practical for manual use. However, using mathematical properties of modular arithmetic and a method known as
"_________________," RSA is quite feasible for computer use.
Question704: How often should a Business Continuity Plan be reviewed?
Question705: Which type of attack involves impersonating a user or a system?
Question706: Which of the following is less likely to be included in the change control sub-phase of the maintenance phase of a software product?
Question707: Frame relay uses a public switched network to provide:
Question708: Which of the following are the steps usually followed in the development of documents such as security policy, standards and procedures?
Question709: In the context of access control, locks, gates, guards are examples of which of the following?
Question710: Which of the following are additional access control objectives?
Question711: Which of the following elements is NOT included in a Public Key Infrastructure (PKI)?
Question712: An application layer firewall is also called a:
Question713: Which of the following statements pertaining to message digests is incorrect?
Question714: Buffer overflow and boundary condition errors are subsets of which of the following?
Question715: Which of the following is not a form of passive attack?
Question716: Which of the following protocol was used by the INITIAL version of the Terminal Access Controller Access Control System TACACS for communication between clients and servers?
Question717: What can best be described as a domain of trust that shares a single security policy and single management?
Question718: A one-way hash provides which of the following?
Question719: IT security measures should:
Question720: Which of the following focuses on sustaining an organization's business functions during and after a disruption?
Question721: Within the context of the CBK, which of the following provides a MINIMUM level of security ACCEPTABLE for an environment ?
Question722: A DMZ is located:
Question723: Which of the following would be LESS likely to prevent an employee from reporting an incident?
Question724: FTP, TFTP, SNMP, and SMTP are provided at what level of the Open Systems Interconnect (OSI) Reference Model?
Question725: What is the maximum number of different keys that can be used when encrypting with Triple DES?
Question726: There are parallels between the trust models in Kerberos and Public Key Infrastructure (PKI). When we compare them side by side, Kerberos tickets correspond most closely to which of the following?
Question727: What is the main difference between a Smurf and a Fraggle attack?
Question728: Which of the following is used in database information security to hide information?
Question729: Which of the following protects Kerberos against replay attacks?
Question730: Which of the following refers to the data left on the media after the media has been erased?
Question731: Who should DECIDE how a company should approach security and what security measures should be implemented?
Question732: What would be the name of a Logical or Virtual Table dynamically generated to restrict the information a user can access in a database?
Question733: Which of the following technologies is a target of XSS or CSS (Cross-Site Scripting) attacks?
Question734: Which of the following is the WEAKEST authentication mechanism?
Question735: Which of the following phases of a software development life cycle normally incorporates the security specifications, determines access controls, and evaluates encryption options?
Question736: For maximum security design, what type of fence is most effective and cost-effective method (Foot are being used as measurement unit below)?
Question737: Which of the following is used to interrupt the opportunity to use or perform collusion to subvert operation for fraudulent purposes?
Question738: Which of the following access control models introduces user security clearance and data classification?
Question739: What is defined as the hardware, firmware and software elements of a trusted computing base that implement the reference monitor concept?
Question740: Authentication Headers (AH) and Encapsulating Security Payload (ESP) protocols are the driving force of IPSec. Authentication Headers (AH) provides the following service except:
Question741: The IP header contains a protocol field. If this field contains the value of 2, what type of data is contained within the IP datagram?
Question742: Related to information security, confidentiality is the opposite of which of the following?
Question743: Configuration Management controls what?
Question744: What can be described as an imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?
Question745: Which of the following is defined as an Internet, IPsec, key-establishment protocol, partly based on OAKLEY, that is intended for putting in place authenticated keying material for use with ISAKMP and for other security associations?
Question746: Which of the following is a token-passing scheme like token ring that also has a second ring that remains dormant until an error condition is detected on the primary ring?
Question747: Risk reduction in a system development life-cycle should be applied:
Question748: How many rounds are used by DES?
Question749: Which of the following backup sites is the most effective for disaster recovery?
Question750: Which of the following is related to physical security and is not considered a technical control?
Question751: The primary service provided by Kerberos is which of the following?
Question752: Which of the following describes a computer processing architecture in which a language compiler or pre- processor breaks program instructions down into basic operations that can be performed by the processor at the same time?
Question753: In order to ensure the privacy and integrity of the data, connections between firewalls over public networks should use:
Question754: Good security is built on which of the following concept?
Question755: Which of the following is best defined as a circumstance in which a collection of information items is required to be classified at a higher security level than any of the individual items that comprise it?
Question756: What is electronic vaulting?
Question757: During the testing of the business continuity plan (BCP), which of the following methods of results analysis provides the BEST assurance that the plan is workable?
Question758: Which of the following embodies all the detailed actions that personnel are required to follow?
Question759: In Discretionary Access Control the subject has authority, within certain limitations,
Question760: What can be defined as: It confirms that users' needs have been met by the supplied solution ?
Question761: What can best be defined as a strongly protected computer that is in a network protected by a firewall (or is part of a firewall) and is the only host (or one of only a few hosts) in the network that can be directly accessed from networks on the other side of the firewall?
Question762: What attribute is included in a X.509-certificate?
Question763: Upon which of the following ISO/OSI layers does network address translation operate?
Question764: When a station communicates on the network for the first time, which of the following protocol would search for and find the Internet Protocol (IP) address that matches with a known Ethernet address?
Question765: Which of the following is a trusted, third party authentication protocol that was developed under Project Athena at MIT?
Question766: The "vulnerability of a facility" to damage or attack may be assessed by all of the following except:
Question767: What is the proper term to refer to a single unit of IP data?
Question768: In non-discretionary access control using Role Based Access Control (RBAC), a central authority determines what subjects can have access to certain objects based on the organizational security policy.
The access controls may be based on:
Question769: The Diffie-Hellman algorithm is used for:
Question770: In the days before CIDR (Classless Internet Domain Routing), networks were commonly organized by classes. Which of the following would have been true of a Class B network?
Question771: Which of the following is not a method to protect objects and the data within the objects?
Question772: During which phase of an IT system life cycle are security requirements developed?
Question773: Which of the following is the FIRST step in protecting data's confidentiality?
Question774: Which of the following best describes signature-based detection?
Question775: To be admissible in court, computer evidence must be which of the following?
Question776: Which SSL version offers client-side authentication?
Question777: Considerations of privacy, invasiveness, and psychological and physical comfort when using the system are important elements for which of the following?
Question778: The DES algorithm is an example of what type of cryptography?
Question779: Which of the following statements pertaining to firewalls is incorrect?
Question780: Within the realm of IT security, which of the following combinations best defines risk?
Question781: What enables users to validate each other's certificate when they are certified under different certification hierarchies?
Question782: What is an IP routing table?
Question783: Virus scanning and content inspection of SMIME encrypted e-mail without doing any further processing is:
Question784: Which type of password token involves time synchronization?
Question785: Virus scanning and content inspection of SMIME encrypted e-mail without doing any further processing is:
Question786: Which of the following elements of telecommunications is not used in assuring confidentiality?
Question787: Which of the following protocols does not operate at the data link layer (layer 2)?
Question788: An area of the Telecommunications and Network Security domain that directly affects the Information Systems Security tenet of Availability can be defined as:
Question789: In the statement below, fill in the blank:
Law enforcement agencies must get a warrant to search and seize an individual's property, as stated in the
_____ Amendment.
Question790: When two or more separate entities (usually persons) operating in concert to protect sensitive functions or information must combine their knowledge to gain access to an asset, this is known as?
Question791: What is the effective key size of DES?
Question792: Which of the following would be the best reason for separating the test and development environments?
Question793: The IP header contains a protocol field. If this field contains the value of 6, what type of data is contained within the ip datagram?
Question794: Which layer of the TCP/IP protocol model would best correspond to the OSI/ISO model's network layer?
Question795: What does the (star) integrity axiom mean in the Biba model?
Question796: The first step in the implementation of the contingency plan is to perform:
Question797: What is the role of IKE within the IPsec protocol?
Question798: A confidential number used as an authentication factor to verify a user's identity is called a:
Question799: The three classic ways of authenticating yourself to the computer security software are by something you know, by something you have, and by something:
Question800: What is NOT true with pre shared key authentication within IKE / IPsec protocol?
Question801: What is the main characteristic of a bastion host?
Question802: How many layers are defined within the US Department of Defense (DoD) TCP/IP Model?
Question803: Under the Business Exemption Rule to the hearsay evidence, which of the following exceptions would have no bearing on the inadmissibility of audit logs and audit trails in a court of law?
Question804: Attributable data should be:
Question805: What is malware that can spread itself over open network connections?
Question806: When we encrypt or decrypt data there is a basic operation involving ones and zeros where they are compared in a process that looks something like this:
0101 0001 Plain text
0111 0011 Key stream
0010 0010 Output
What is this cryptographic operation called?
Question807: Which of the following questions are least likely to help in assessing controls covering audit trails?
Question808: Password management falls into which control category?
Question809: What is called a system that is capable of detecting that a fault has occurred and has the ability to correct the fault or operate around it?
Question810: Who of the following is responsible for ensuring that proper controls are in place to address integrity, confidentiality, and availability of IT systems and data?
Question811: Which of the following is defined as the most recent point in time to which data must be synchronized without adversely affecting the organization (financial or operational impacts)?
Question812: The Clipper Chip utilizes which concept in public key cryptography?
Question813: Each data packet is assigned the IP address of the sender and the IP address of the:
Question814: What is one disadvantage of content-dependent protection of information?
Question815: Who can best decide what are the adequate technical security controls in a computer-based application system in regards to the protection of the data being used, the criticality of the data, and it's sensitivity level ?
Question816: Which of the following control pairings include: organizational policies and procedures, pre-employment background checks, strict hiring practices, employment agreements, employee termination procedures, vacation scheduling, labeling of sensitive materials, increased supervision, security awareness training, behavior awareness, and sign-up procedures to obtain access to information systems and networks?
Question817: A security evaluation report and an accreditation statement are produced in which of the following phases of the system development life cycle?
Question818: Which of the following statements pertaining to Secure Sockets Layer (SSL) is false?
Question819: Passwords can be required to change monthly, quarterly, or at other intervals:
Question820: Which of the following can best eliminate dial-up access through a Remote Access Server as a hacking vector?
Question821: A code, as is pertains to cryptography:
Question822: Which of the following is not an encryption algorithm?
Question823: The high availability of multiple all-inclusive, easy-to-use hacking tools that do NOT require much technical knowledge has brought a growth in the number of which type of attackers?
Question824: Which of the following protection devices is used for spot protection within a few inches of the object, rather than for overall room security monitoring?
Question825: Memory management in TCSEC levels B3 and A1 operating systems may utilize "data hiding". What does this mean?
Question826: Hierarchical Storage Management (HSM) is commonly employed in:
Question827: What is the name of the first mathematical model of a multi-level security policy used to define the concept of a secure state, the modes of access, and rules for granting access?
Question828: When it comes to magnetic media sanitization, what difference can be made between clearing and purging information?
Question829: Which of the following is true about digital certificate?
Question830: In order to enable users to perform tasks and duties without having to go through extra steps it is important that the security controls and mechanisms that are in place have a degree of?
Question831: Which of the following is immune to the effects of electromagnetic interference (EMI) and therefore has a much longer effective usable length?
Question832: A server cluster looks like a:
Question833: Which of the following pairings uses technology to enforce access control policies?
Question834: To understand the 'whys' in crime, many times it is necessary to understand MOM. Which of the following is not a component of MOM?
Question835: What does the simple security (ss) property mean in the Bell-LaPadula model?
Question836: What enables a workstation to boot without requiring a hard or floppy disk drive?
Question837: The IP header contains a protocol field. If this field contains the value of 51, what type of data is contained within the ip datagram?
Question838: Who is responsible for providing reports to the senior management on the effectiveness of the security controls?
Question839: Which of the following would NOT violate the Due Diligence concept?
Question840: A common way to create fault tolerance with leased lines is to group several T1s together with an inverse multiplexer placed:
Question841: Which of the following types of Intrusion Detection Systems uses behavioral characteristics of a system's operation or network traffic to draw conclusions on whether the traffic represents a risk to the network or host?
Question842: Which of the following statements pertaining to a security policy is incorrect?
Question843: Preservation of confidentiality within information systems requires that the information is not disclosed to:
Question844: Which of the following standards concerns digital certificates?
Question845: Which of the following are WELL KNOWN PORTS assigned by the IANA?
Question846: Physical security is accomplished through proper facility construction, fire and water protection, anti-theft mechanisms, intrusion detection systems, and security procedures that are adhered to and enforced.
Which of the following is not a component that achieves this type of security?
Question847: Which access control model provides upper and lower bounds of access capabilities for a subject?
Question848: Which of the following statements pertaining to software testing is incorrect?
Question849: One of these statements about the key elements of a good configuration process is NOT true
Question850: The primary purpose for using one-way hashing of user passwords within a password file is which of the following?
Question851: When should a post-mortem review meeting be held after an intrusion has been properly taken care of?
Question852: What is a characteristic of using the Electronic Code Book mode of DES encryption?
Question853: All hosts on an IP network have a logical ID called a(n):
Question854: Which of the following statements pertaining to the Bell-LaPadula is TRUE if you are NOT making use of the strong star property?
Question855: Which of the following centralized access control mechanisms is the least appropriate for mobile workers accessing the corporate network over analog lines?
Question856: Access control is the collection of mechanisms that permits managers of a system to exercise a directing or restraining influence over the behavior, use, and content of a system. It does not permit management to:
Question857: A momentary power outage is a:
Question858: Compared to RSA, which of the following is true of Elliptic Curve Cryptography(ECC)?
Question859: Which of the following usually provides reliable, real-time information without consuming network or host resources?
Question860: Controlling access to information systems and associated networks is necessary for the preservation of their:
Question861: Which of the following can best eliminate dial-up access through a Remote Access Server as a hacking vector?
Question862: Which of the following would be an example of the best password?
Question863: What can be defined as a data structure that enumerates digital certificates that were issued to CAs but have been invalidated by their issuer prior to when they were scheduled to expire?
Question864: What is the framing specification used for transmitting digital signals at 1.544 Mbps on a T1 facility?
Question865: Which of the following would best classify as a management control?
Question866: Which of the following can best be defined as a key distribution protocol that uses hybrid encryption to convey session keys. This protocol establishes a long-term key once, and then requires no prior communication in order to establish or exchange keys on a session-by-session basis?
Question867: Which of the following is the BEST way to detect software license violations?
Question868: What layer of the ISO/OSI model do routers normally operate at?
Question869: The IP header contains a protocol field. If this field contains the value of 17, what type of data is contained within the ip datagram?
Question870: If an operating system permits shared resources such as memory to be used sequentially by multiple users/application or subjects without a refresh of the objects/memory area, what security problem is MOST likely to exist?
Question871: Logical or technical controls involve the restriction of access to systems and the protection of information.
Which of the following statements pertaining to these types of controls is correct?
Question872: Which of the following statements pertaining to PPTP (Point-to-Point Tunneling Protocol) is incorrect?
Question873: Which type of attack involves impersonating a user or a system?
Question874: What attack involves the perpetrator sending spoofed packet(s) wich contains the same destination and source IP address as the remote host, the same port for the source and destination, having the SYN flag, and targeting any open ports that are open on the remote host?
Question875: A weakness or lack of a safeguard, which may be exploited by a threat, causing harm to the information systems or networks is called a ?
Question876: In what way could Java applets pose a security threat?
Question877: What is the act of obtaining information of a higher sensitivity by combining information from lower levels of sensitivity?
Question878: This baseline sets certain thresholds for specific errors or mistakes allowed and the amount of these occurrences that can take place before it is considered suspicious?
Question879: Which of the following concerning the Rijndael block cipher algorithm is false?
Question880: Which of the following mechanisms was created to overcome the problem of collisions that occur on wired networks when traffic is simultaneously transmitted from different nodes?
Question881: Which of the following is a not a preventative control?
Question882: Which of the following is NOT a common integrity goal?
Question883: A business continuity plan is an example of which of the following?
Question884: What is the primary role of smartcards in a PKI?
Question885: Which of the following transmission media would NOT be affected by cross talk or interference?
Question886: Which of the following is an advantage that UDP has over TCP?
Question887: Which of the following statements pertaining to quantitative risk analysis is false?
Question888: A prolonged complete loss of electric power is a:
Question889: PGP uses which of the following to encrypt data?
Question890: Asynchronous Communication transfers data by sending:
Question891: Valuable paper insurance coverage does not cover damage to which of the following?
Question892: What does the simple integrity axiom mean in the Biba model?
Question893: Controls are implemented to:
Question894: Which of the following protocols operates at the session layer (layer 5)?
Question895: Organizations should consider which of the following first before allowing external access to their LANs via the Internet?
Question896: A circuit level proxy is ___________________ when compared to an application level proxy.
Question897: Which of the following statements pertaining to software testing approaches is correct?
Question898: Which security model ensures that actions that take place at a higher security level do not affect actions that take place at a lower level?
Question899: In the process of gathering evidence from a computer attack, a system administrator took a series of actions which are listed below. Can you identify which one of these actions has compromised the whole evidence collection process?
Question900: What is called the act of a user professing an identity to a system, usually in the form of a log-on ID?
Question901: Which must bear the primary responsibility for determining the level of protection needed for information systems resources?
Question902: Which of the following is an advantage of prototyping?
Question903: Which of the following would best describe certificate path validation?
Question904: Which of the following is the biggest concern with firewall security?
Question905: Which of the following are suitable protocols for securing VPN connections at the lower layers of the OSI model?
Question906: Which of the following would BEST be defined as an absence or weakness of safeguard that could be exploited?
Question907: The absence of a safeguard, or a weakness in a system that may possibly be exploited is called a(n)?
Question908: Which backup method is additive because the time and tape space required for each night's backup grows during the week as it copies the day's changed files and the previous days' changed files up to the last full backup?
Question909: Which of the following phases of a system development life-cycle is most concerned with maintaining proper authentication of users and processes to ensure appropriate access control decisions?
Question910: The Computer Security Policy Model the Orange Book is based on is which of the following?
Question911: Which type of password provides maximum security because a new password is required for each new log-on?
Question912: This is a common security issue that is extremely hard to control in large environments. It occurs when a user has more computer rights, permissions, and access than what is required for the tasks the user needs to fulfill. What best describes this scenario?
Question913: Which of the following statements pertaining to IPSec is incorrect?
Question914: Which layer defines how packets are routed between end systems?
Question915: What best describes a scenario when an employee has been shaving off pennies from multiple accounts and depositing the funds into his own bank account?
Question916: Which of the following offers advantages such as the ability to use stronger passwords, easier password administration, one set of credential, and faster resource access?
Question917: Which type of encryption is considered to be unbreakable if the stream is truly random and is as large as the plaintext and never reused in whole or part?
Question918: Which of the following is NOT an administrative control?
Question919: Which of the following tools is less likely to be used by a hacker?
Question920: Which of the following are suitable protocols for securing VPN connections at the lower layers of the OSI model?
Question921: Which of the following rules appearing in an Internet firewall policy is inappropriate?
Question922: Which approach to a security program ensures people responsible for protecting the company's assets are DRIVING the program?
Question923: Which one of the following is usually not a benefit resulting from the use of firewalls?
Question924: Which of following is not a service provided by AAA servers (Radius, TACACS and DIAMETER)?
Question925: Which of the following is less likely to be used today in creating a Virtual Private Network?
Question926: Which of the following service is a distributed database that translate host name to IP address to IP address to host name?
Question927: When a biometric system is used, which error type deals with the possibility of GRANTING access to impostors who should be REJECTED?
Question928: What would BEST define a covert channel?
Question929: Why is Network File System (NFS) used?
Question930: Recovery Site Strategies for the technology environment depend on how much downtime an organization can tolerate before the recovery must be completed. What would you call a strategy where the alternate site is internal, standby ready, with all the technology and equipment necessary to run the applications?
Question931: Which of the following would be best suited to oversee the development of an information security policy?
Question932: In a SSL session between a client and a server, who is responsible for generating the master secret that will be used as a seed to generate the symmetric keys that will be used during the session?
Question933: Which of the following is true about link encryption?
Question934: Proxies works by transferring a copy of each accepted data packet from one network to another, thereby masking the:
Question935: Which of the following is a cryptographic protocol and infrastructure developed to send encrypted credit card numbers over the Internet?
Question936: If your property Insurance has Actual Cash Valuation (ACV) clause, your damaged property will be compensated based on:
Question937: Which of the following backup method must be made regardless of whether Differential or Incremental methods are used?
Question938: Which of the following is based on the premise that the quality of a software product is a direct function of the quality of its associated software development and maintenance processes?
Question939: Which of the following would MOST likely ensure that a system development project meets business objectives?
Question940: Complete the blanks. When using PKI, I digitally sign a message using my ______ key. The recipient verifies my signature using my ______ key.
Question941: Which encryption algorithm is BEST suited for communication with handheld wireless devices?
Question942: This type of backup management provides a continuous on-line backup by using optical or tape
"jukeboxes," similar to WORMs (Write Once, Read Many):
Question943: Several analysis methods can be employed by an IDS, each with its own strengths and weaknesses, and their applicability to any given situation should be carefully considered. There are two basic IDS analysis methods that exists. Which of the basic method is more prone to false positive?
Question944: What is the maximum length of cable that can be used for a twisted-pair, Category 5 10Base-T cable?
Question945: A proxy can control which services (FTP and so on) are used by a workstation , and also aids in protecting the network from outsiders who may be trying to get information about the:
Question946: Which authentication technique best protects against hijacking?
Question947: Secure Shell (SSH) is a strong method of performing:
Question948: Which of the following is implemented through scripts or smart agents that replays the users multiple log- ins against authentication servers to verify a user's identity which permit access to system services?
Question949: In the context of network enumeration by an outside attacker and possible Distributed Denial of Service (DDoS) attacks, which of the following firewall rules is not appropriate to protect an organization's internal network?
Question950: Which of the following proves or disproves a specific act through oral testimony based on information gathered through the witness's five senses?
Question951: What is NOT an authentication method within IKE and IPsec?
Question952: Which of the following methods of providing telecommunications continuity involves the use of an alternative media?
Question953: The typical computer fraudsters are usually persons with which of the following characteristics?
Question954: The IP header contains a protocol field. If this field contains the value of 1, what type of data is contained within the IP datagram?
Question955: Which of the following should NOT be performed by an operator?
Question956: What is a limitation of TCP Wrappers?
Question957: The RSA algorithm is an example of what type of cryptography?
Question958: The scope and focus of the Business continuity plan development depends most on:
Question959: How many bits of a MAC address uniquely identify a vendor, as provided by the IEEE?
Question960: In a SSL session between a client and a server, who is responsible for generating the master secret that will be used as a seed to generate the symmetric keys that will be used during the session?
Question961: What is RAD?
Question962: Which type of algorithm is considered to have the highest strength per bit of key length of any of the asymmetric algorithms?
Question963: The Orange Book states that "Hardware and software features shall be provided that can be used to periodically validate the correct operation of the on-site hardware and firmware elements of the TCB
[Trusted Computing Base]." This statement is the formal requirement for:
Question964: When a possible intrusion into your organization's information system has been detected, which of the following actions should be performed first?
Question965: What is defined as the manner in which the network devices are organized to facilitate communications?
Question966: Which of the following best describes remote journaling?
Question967: Who should measure the effectiveness of Information System security related controls in an organization?
Question968: Which of the following classes is defined in the TCSEC (Orange Book) as discretionary protection?
Question969: A packet containing a long string of NOP's followed by a command is usually indicative of what?
Question970: A momentary low voltage, from 1 cycle to a few seconds, is a:
Question971: Which of the following best defines a Computer Security Incident Response Team (CSIRT)?
Question972: Which layer of the TCP/IP protocol stack corresponds to the ISO/OSI Network layer (layer 3)?
Question973: Which type of control is concerned with avoiding occurrences of risks?
Question974: Which of the following protocols' primary function is to send messages between network devices regarding the health of the network?
Question975: Which of the following statements pertaining to biometrics is FALSE?
Question976: Which of the following tasks is NOT usually part of a Business Impact Analysis (BIA)?
Question977: One of the following assertions is NOT a characteristic of Internet Protocol Security (IPsec)
Question978: Which type of control is concerned with restoring controls?
Question979: Which of the following media is MOST resistant to EMI interference?
Question980: A group of independent servers, which are managed as a single system, that provides higher availability, easier manageability, and greater scalability is:
Question981: Domain Name Service is a distributed database system that is used to map:
Question982: Which of the following teams should NOT be included in an organization's contingency plan?
Question983: Identification and authentication are the keystones of most access control systems. Identification establishes:
Question984: A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
Question985: Because all the secret keys are held and authentication is performed on the Kerberos TGS and the authentication servers, these servers are vulnerable to:
Question986: Making sure that the data has not been changed unintentionally, due to an accident or malice is:
Question987: Which of the following is more suitable for a hardware implementation?
Question988: Which of the following is not a one-way hashing algorithm?
Question989: Which of the following is required in order to provide accountability?
Question990: The communications products and services, which ensure that the various components of a network (such as devices, protocols, and access methods) work together refers to:
Question991: In an organization where there are frequent personnel changes, non-discretionary access control using Role Based Access Control (RBAC) is useful because:
Question992: Which of the following biometric devices has the lowest user acceptance level?
Question993: Which of the following BEST describes a function relying on a shared secret key that is used along with a hashing algorithm to verify the integrity of the communication content as well as the sender?
Question994: The number of violations that will be accepted or forgiven before a violation record is produced is called which of the following?
Question995: Making sure that only those who are supposed to access the data can access is which of the following?
Question996: Before the advent of classless addressing, the address 128.192.168.16 would have been considered part of:
Question997: What is called the use of technologies such as fingerprint, retina, and iris scans to authenticate the individuals requesting access to resources?
Question998: Which of the following is NOT a common backup method?
Question999: Which of the following is commonly used for retrofitting multilevel security to a database management system?
Question1000: Which of the following is true about Kerberos?