EMT Practice Test

1. Question Content...


Question List

Question1: The Diffie-Hellman algorithm is used for:

Question2: DES - Data Encryption standard has a 128 bit key and is very difficult to break.

Question3: Which of the following biometric devices offers the LOWEST CER?

Question4: A Business Continuity Plan should be tested:

Question5: Which of the following focuses on sustaining an organization's business functions during and after a disruption?

Question6: The IP header contains a protocol field. If this field contains the value of 51, what type of data is contained within the ip datagram?

Question7: Which of the following standards is concerned with message handling?

Question8: Which of the following is a method of multiplexing data where a communication channel is divided into an arbitrary number of variable bit-rate digital channels or data streams. This method allocates bandwidth dynamically to physical channels having information to transmit?

Question9: During which phase of an IT system life cycle are security requirements developed?

Question10: In non-discretionary access control using Role Based Access Control (RBAC), a central authority determines what subjects can have access to certain objects based on the
organizational security policy. The access controls may be based on:

Question11: Which of the following is not a logical control when implementing logical access security?

Question12: What is the Maximum Tolerable Downtime (MTD)?

Question13: The end result of implementing the principle of least privilege means which of the following?

Question14: Which of the following monitors network traffic in real time?

Question15: What does the simple security (ss) property mean in the Bell-LaPadula model?

Question16: Passwords can be required to change monthly, quarterly, or at other intervals:

Question17: Which of the following biometric characteristics cannot be used to uniquely authenticate an individual's identity?

Question18: Which of the following is a token-passing scheme like token ring that also has a second ring that remains dormant until an error condition is detected on the primary ring?

Question19: Which of the following would assist the most in Host Based intrusion detection?

Question20: ___________________ viruses change the code order of the strain each time they replicate to another machine.

Question21: Which of the following is given the responsibility of the maintenance and protection of the data?

Question22: Which of the following statements pertaining to biometrics is false?

Question23: Which of the following statements is NOT true of IPSec Transport mode?

Question24: Which of the following is a tool often used to reduce the risk to a local area network (LAN) that has external connections by filtering Ingress and Egress traffic?

Question25: Which of the following protection devices is used for spot protection within a few inches of the object, rather than for overall room security monitoring?

Question26: The ___________ protocol converts IP addresses (logical) to MAC Addresses (physical)

Question27: When a biometric system is used, which error type deals with the possibility of GRANTING access to impostors who should be REJECTED?

Question28: Which of the following is NOT a technique used to perform a penetration test?

Question29: What is the Biba security model concerned with?

Question30: In the course of responding to and handling an incident, you work on determining the root cause of the incident.
In which step are you in?

Question31: Which of the following can best be defined as a key distribution protocol that uses hybrid encryption to convey session keys. This protocol establishes a long-term key once, and then requires no prior communication in order to establish or exchange keys on a session-by-session basis?

Question32: In what way can violation clipping levels assist in violation tracking and analysis?

Question33: A prolonged power supply that is below normal voltage is a:

Question34: At which OSI/ISO layer is an encrypted authentication between a client software package and a firewall performed?

Question35: What is the primary goal of setting up a honeypot?

Question36: Making sure that the data has not been changed unintentionally, due to an accident or malice is:

Question37: Which of the following specifically addresses cyber attacks against an organization's IT systems?

Question38: What is the main focus of the Bell-LaPadula security model?

Question39: Which of the following is true about Kerberos?

Question40: Which of the following control pairing places emphasis on "soft" mechanisms that support the access control objectives?

Question41: Which of the following assertions is NOT true about pattern matching and anomaly detection in intrusion detection?

Question42: In response to Access-request from a client such as a Network Access Server (NAS), which of the following is not one of the response from a RADIUS Server?

Question43: Which of the following is NOT a technique used to perform a penetration test?

Question44: Which of the following does NOT concern itself with key management?

Question45: Which of the following would be an example of the best password?

Question46: Which device acting as a translator is used to connect two networks or applications from layer 4 up to layer 7 of the ISO/OSI Model?

Question47: A _________ is an information path that is not normally used for communication within a computer system. It is not protected by the any of the systems security mechanisms.

Question48: Why is Network File System (NFS) used?

Question49: What would be the name of a Logical or Virtual Table dynamically generated to restrict the information a user can access in a database?

Question50: Making sure that the data has not been changed unintentionally, due to an accident or malice is:

Question51: Which of the following cannot be undertaken in conjunction or while computer incident handling is ongoing?

Question52: Which one of the following is used to provide authentication and confidentiality for e-mail messages?

Question53: Which of the following encryption methods is known to be unbreakable?

Question54: Which of the following is a trusted, third party authentication protocol that was developed under Project Athena at MIT?

Question55: Which of the following would be an example of the best password?

Question56: Which of the following is true related to network sniffing?

Question57: Which of the following statements pertaining to ethical hacking is incorrect?

Question58: Controls like guards and general steps to maintain building security, securing of server rooms or laptops, the protection of cables, and usage of magnetic switches on doors and windows are some of the examples of:

Question59: Which of the following was not designed to be a proprietary encryption algorithm?

Question60: Which of the following is based on the premise that the quality of a software product is a direct function of the quality of its associated software development and maintenance processes?

Question61: Which of the following are additional terms used to describe knowledge-based IDS and behavior-based IDS?

Question62: Passwords can be required to change monthly, quarterly, or at other intervals:

Question63: Which of the following statements is most accurate regarding a digital signature?

Question64: One of these statements about the key elements of a good configuration process is NOT true

Question65: What is the maximum number of different keys that can be used when encrypting with Triple DES?

Question66: Which xDSL flavour, appropriate for home or small offices, delivers more bandwidth downstream than upstream and over longer distance?

Question67: Which of the following elements of telecommunications is not used in assuring confidentiality?

Question68: Which of the following algorithms is used today for encryption in PGP?

Question69: Which of the following is the FIRST step in protecting data's confidentiality?

Question70: Which is the last line of defense in a physical security sense?

Question71: What is also known as 10Base5?

Question72: Which of the following statements pertaining to the security kernel is incorrect?

Question73: In telephony different types of connections are being used. The connection from the phone company's branch office to local customers is referred to as which of the following choices?

Question74: Which of the following is less likely to be included in the change control sub-phase of the maintenance phase of a software product?

Question75: Knowledge-based Intrusion Detection Systems (IDS) are more common than:

Question76: A standardized list of the most common security weaknesses and exploits is the __________.

Question77: Which backup method is used if backup time is critical and tape space is at an extreme premium?

Question78: Which of the following is the WEAKEST authentication mechanism?

Question79: Which of the following keys has the SHORTEST lifespan?

Question80: Which of the following is NOT a task normally performed by a Computer Incident Response Team (CIRT)?

Question81: Which must bear the primary responsibility for determining the level of protection needed for information systems resources?

Question82: What is the role of IKE within the IPsec protocol?

Question83: Who first described the DoD multilevel military security policy in abstract, formal terms?

Question84: Which of the following is related to physical security and is not considered a technical control?

Question85: The Terminal Access Controller Access Control System (TACACS) employs which of the following?

Question86: Which of the following access control techniques best gives the security officers the ability to specify and enforce enterprise-specific security policies in a way that maps naturally to an organization's structure?

Question87: What is the main issue with media reuse?

Question88: The Telecommunications Security Domain of information security is also concerned with the prevention and detection of the misuse or abuse of systems, which poses a threat to the tenets of:

Question89: Which OSI/ISO layers are TCP and UDP implemented at?

Question90: When backing up an applications system's data, which of the following is a key question to be answered first?

Question91: Which is NOT a suitable method for distributing certificate revocation information?

Question92: What is the name of the third party authority that vouches for the binding between the data items in a digital certificate?

Question93: The property of a system or a system resource being accessible and usable upon demand by an authorized system entity, according to performance specifications for the system is referred to as?

Question94: Which access control type has a central authority that determine to what objects the subjects have access to and it is based on role or on the organizational security policy?

Question95: What can be defined as a batch process dumping backup data through communications lines to a server at an alternate location?

Question96: Which of the following is a disadvantage of a statistical anomaly-based intrusion detection system?

Question97: Which of the following backup method must be made regardless of whether Differential or Incremental methods are used?

Question98: Which of the following is NOT a fundamental component of an alarm in an intrusion detection system?

Question99: Business Continuity and Disaster Recovery Planning (Primarily) addresses the:

Question100: What is NOT true with pre shared key authentication within IKE / IPsec protocol?

Question101: A business continuity plan is an example of which of the following?

Question102: Which protocol of the TCP/IP suite addresses reliable data transport?

Question103: The preliminary steps to security planning include all of the following EXCEPT which of the following?

Question104: Which of the following is the most reliable, secure means of removing data from magnetic storage media such as a magnetic tape, or a cassette?

Question105: Which of the following is best at defeating frequency analysis?

Question106: Which of the following is NOT a compensating measure for access violations?

Question107: Which software development model is actually a meta-model that incorporates a number of the software development models?

Question108: Which of the following is true about Kerberos?

Question109: What is defined as the manner in which the network devices are organized to facilitate communications?

Question110: What is the PRIMARY reason to maintain the chain of custody on evidence that has been collected?

Question111: Which OSI/ISO layer does a SOCKS server operate at?

Question112: How many bits of a MAC address uniquely identify a vendor, as provided by the IEEE?

Question113: Telnet and rlogin use which protocol?

Question114: Which of the following is needed for System Accountability?

Question115: Which of the following are NT Audit events? (Choose all that apply)

Question116: In a SSL session between a client and a server, who is responsible for generating the master secret that will be used as a seed to generate the symmetric keys that will be used during the session?

Question117: Which of the following is related to physical security and is not considered a technical control?

Question118: Which of the following standards concerns digital certificates?

Question119: What can best be defined as high-level statements, beliefs, goals and objectives?

Question120: Which of the following best describes what would be expected at a "hot site"?

Question121: A public key algorithm that does both encryption and digital signature is which of the following?

Question122: The Data Encryption Standard (DES) encryption algorithm has which of the following characteristics?

Question123: Before the advent of classless addressing, the address 128.192.168.16 would have been considered part of:

Question124: Which of the following prevents, detects, and corrects errors so that the integrity, availability, and confidentiality of transactions over networks may be maintained?

Question125: A Security Kernel is defined as a strict implementation of a reference monitor mechanism responsible for enforcing a security policy. To be secure, the kernel must meet three basic conditions, what are they?

Question126: Which of the following rules is least likely to support the concept of least privilege?

Question127: Kerberos is vulnerable to replay in which of the following circumstances?

Question128: Which of the following is not an example of a block cipher?

Question129: Which of the following questions are least likely to help in assessing controls covering audit trails?

Question130: Which of the following would provide the BEST stress testing environment taking under consideration and avoiding possible data exposure and leaks of sensitive data?

Question131: For which areas of the enterprise are business continuity plans required?

Question132: What are the components of an object's sensitivity label?

Question133: Which one of the following authentication mechanisms creates a problem for mobile users?

Question134: The scope and focus of the Business continuity plan development depends most on:

Question135: Computer-generated evidence is considered:

Question136: Making sure that only those who are supposed to access the data can access is which of the following?

Question137: Which of the following pairings uses technology to enforce access control policies?

Question138: What are the three FUNDAMENTAL principles of security?

Question139: What mechanism automatically causes an alarm originating in a data center to be transmitted over the local municipal fire or police alarm circuits for relaying to both the local police/fire station and the appropriate headquarters?

Question140: Which of the following best defines a Computer Security Incident Response Team (CSIRT)?

Question141: What does it mean to say that sensitivity labels are "incomparable"?

Question142: How often should a Business Continuity Plan be reviewed?

Question143: An effective information security policy should not have which of the following characteristic?

Question144: Which of the following encryption algorithms does not deal with discrete logarithms?

Question145: Which type of attack consists of modifying the length and fragmentation offset fields in sequential IP packets?

Question146: Why do buffer overflows happen? What is the main cause?

Question147: The act of intercepting the first message in a public key exchange and substituting a bogus key for the original key is an example of which style of attack?

Question148: Telnet and rlogin use which protocol?

Question149: The standard server port number for HTTP is which of the following?

Question150: Which protocol makes USE of an electronic wallet on a customer's PC and sends encrypted credit card information to merchant's Web server, which digitally signs it and sends it on to its processing bank?

Question151: CORRECT TEXT
______________ is a major component of an overall risk management program.

Question152: In biometric identification systems, the parts of the body conveniently available for identification are:

Question153: Access Control techniques do not include which of the following choices?

Question154: Which of the following is implemented through scripts or smart agents that replays the users multiple log- ins against authentication servers to verify a user's identity which permit access to system services?

Question155: When it comes to magnetic media sanitization, what difference can be made between clearing and purging information?

Question156: In an organization, an Information Technology security function should:

Question157: In SSL/TLS protocol, what kind of authentication is supported when you establish a secure session between a client and a server?

Question158: In the context of Biometric authentication, what is a quick way to compare the accuracy of devices. In general, the device that have the lowest value would be the most accurate. Which of the following would be used to compare accuracy of devices?

Question159: Your ATM card is a form of two-factor authentication for what reason?

Question160: Which of the following would best classify as a management control?

Question161: The Computer Security Policy Model the Orange Book is based on is which of the following?

Question162: In order to be able to successfully prosecute an intruder:

Question163: Which of the following statements pertaining to key management is incorrect?

Question164: What does "System Integrity" mean?

Question165: Which of the following was developed to address some of the weaknesses in Kerberos and uses public key cryptography for the distribution of secret keys and provides additional access control support?

Question166: Which of the following protocols' primary function is to send messages between network devices regarding the health of the network?

Question167: What is the name of a one way transformation of a string of characters into a usually shorter fixed-length value or key that represents the original string? Such a transformation cannot be reversed?

Question168: Which of the following is a disadvantage of a statistical anomaly-based intrusion detection system?

Question169: Which access control model provides upper and lower bounds of access capabilities for a subject?

Question170: What can be defined as secret communications where the very existence of the message is hidden?

Question171: To protect and/or restore lost, corrupted, or deleted information, thereby preserving the data integrity and availability is the purpose of:

Question172: What is the main concern with single sign-on?

Question173: Which of the following does not address Database Management Systems (DBMS) Security?

Question174: What are called user interfaces that limit the functions that can be selected by a user?

Question175: What level of assurance for a digital certificate verifies a user's name, address, social security number, and other information against a credit bureau database?

Question176: What is a TFTP server most useful for?

Question177: The control of communications test equipment should be clearly addressed by security policy for which of the following reasons?

Question178: Which of the following is TRUE regarding Transmission Control Protocol (TCP) and User Datagram Protocol (UDP)?

Question179: Diffie Hellman, RSA, and ___________ are all examples of Public Key cryptography?

Question180: What is the act of obtaining information of a higher sensitivity by combining information from lower levels of sensitivity?

Question181: Which of the following best defines source routing?

Question182: What is the primary role of smartcards in a PKI?

Question183: Which of the following type of traffic can easily be filtered with a stateful packet filter by enforcing the context or state of the request?

Question184: ______________ is a Unix security scanning tool developed at Texas A&M university.

Question185: Which of the following Kerberos components holds all users' and services' cryptographic keys?

Question186: The Data Encryption Algorithm performs how many rounds of substitution and permutation?

Question187: Within the OSI model, at what layer are some of the SLIP, CSLIP, PPP control functions provided?

Question188: Which of the following BEST explains why computerized information systems frequently fail to meet the needs of users?

Question189: Within the legal domain what rule is concerned with the legality of how the evidence was gathered ?

Question190: Which of the following is the most secure form of triple-DES encryption?

Question191: Which one of these formulas is used in Quantitative risk analysis?

Question192: The information security staff's participation in which of the following system development life cycle phases provides maximum benefit to the organization?

Question193: What is the name of the third party authority that vouches for the binding between the data items in a digital certificate?

Question194: Which of the following statements pertaining to block ciphers is incorrect?

Question195: PGP allows which of the following to be encrypted?

Question196: Several analysis methods can be employed by an IDS, each with its own strengths and weaknesses, and their applicability to any given situation should be carefully considered. There are two basic IDS analysis methods that exists. Which of the basic method is more prone to false positive?

Question197: Which of the following statements pertaining to packet filtering is incorrect?

Question198: Which of the following centralized access control mechanisms is the least appropriate for mobile workers accessing the corporate network over analog lines?

Question199: Why would a memory dump be admissible as evidence in court?

Question200: Which of the following packets should NOT be dropped at a firewall protecting an organization's internal network?

Question201: ____________ is a file system that was poorly designed and has numerous security flaws.

Question202: Which of the following is not a responsibility of an information (data) owner?

Question203: What is Kerberos?

Question204: Which of the following is NOT a VPN communications protocol standard?

Question205: Organizations should consider which of the following first before allowing external access to their LANs via the Internet?

Question206: Which of the following is NOT true about IPSec Tunnel mode?

Question207: Which of the following statements pertaining to using Kerberos without any extension is false?

Question208: Which of the following protects Kerberos against replay attacks?

Question209: Which of the following is NOT true of the Kerberos protocol?

Question210: Which of the following is an example of discretionary access control?

Question211: Controls like guards and general steps to maintain building security, securing of server rooms or laptops, the protection of cables, and usage of magnetic switches on doors and windows are some of the examples of:

Question212: Which access model is most appropriate for companies with a high employee turnover?

Question213: Which of the following is used to find the Media Access Control address (MAC) that matches with a known Internet Protocol (IP) address?

Question214: Which of the following would constitute the best example of a password to use for access to a system by a network administrator?

Question215: Under the principle of culpable negligence, executives can be held liable for losses that result from computer system breaches if:

Question216: Which of the following are WELL KNOWN PORTS assigned by the IANA?

Question217: Which of the following statements pertaining to disaster recovery is incorrect?

Question218: Which of the following computer design approaches is based on the fact that in earlier technologies, the instruction fetch was the longest part of the cycle?

Question219: Which backup method does not reset the archive bit on files that are backed up?

Question220: Which of the following phases of a software development life cycle normally incorporates the security specifications, determines access controls, and evaluates encryption options?

Question221: Once evidence is seized, a law enforcement officer should emphasize which of the following?

Question222: Which Network Address Translation (NAT) is the most convenient and secure solution?

Question223: What security principle is based on the division of job responsibilities - designed to prevent fraud?

Question224: Secure Sockets Layer (SSL) is very heavily used for protecting which of the following?

Question225: Which one of the following statements about the advantages and disadvantages of network-based Intrusion detection systems is true

Question226: In biometrics, the "one-to-one" search used to verify claim to an identity made by a person is considered:

Question227: A Security Kernel is defined as a strict implementation of a reference monitor mechanism responsible for enforcing a security policy. To be secure, the kernel must meet three basic conditions, what are they?

Question228: What is the maximum key size for the RC5 algorithm?

Question229: IT security measures should:

Question230: In addition to the Legal Department, with what company function must the collection of physical evidence be coordinated if an employee is suspected?

Question231: How should a risk be HANDLED when the cost of the countermeasure OUTWEIGHS the cost of the risk?

Question232: Which of the following describes a technique in which a number of processor units are employed in a single computer system to increase the performance of the system in its application environment above the performance of a single processor of the same kind?

Question233: Which of the concepts best describes Availability in relation to computer resources?

Question234: Which of the following was developed by the National Computer Security Center (NCSC) for the US Department of Defense ?

Question235: What setup should an administrator use for regularly testing the strength of user passwords?

Question236: In the context of network enumeration by an outside attacker and possible Distributed Denial of Service (DDoS) attacks, which of the following firewall rules is not appropriate to protect an organization's internal network?

Question237: Who is ultimately responsible for the security of computer based information systems within an organization?

Question238: Which of the following Kerberos components holds all users' and services' cryptographic keys?

Question239: Degaussing is used to clear data from all of the following medias except:

Question240: In discretionary access environments, which of the following entities is authorized to grant information access to other people?

Question241: Which xDSL flavour delivers both downstream and upstream speeds of 1.544 Mbps over two copper twisted pairs?

Question242: Computer security should be first and foremost which of the following:

Question243: Which of the following is not a physical control for physical security?

Question244: A DMZ is also known as a

Question245: An area of the Telecommunications and Network Security domain that directly affects the Information Systems Security tenet of Availability can be defined as:

Question246: Which of the following is often the greatest challenge of distributed computing solutions?

Question247: Which of the following encryption algorithms does not deal with discrete logarithms?

Question248: Which of the following is the most critical item from a disaster recovery point of view?

Question249: Which of the following is defined as a key establishment protocol based on the Diffie-Hellman algorithm proposed for IPsec but superseded by IKE?

Question250: The RSA Algorithm uses which mathematical concept as the basis of its encryption?

Question251: Who developed one of the first mathematical models of a multilevel-security computer system?

Question252: What is the main objective of proper separation of duties?

Question253: Which of the following is the primary security feature of a proxy server?

Question254: There are parallels between the trust models in Kerberos and Public Key Infrastructure (PKI). When we compare them side by side, Kerberos tickets correspond most closely to which of the following?

Question255: Which of the following would be used to implement Mandatory Access Control (MAC)?

Question256: What can be described as an imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?

Question257: Which of the following is used to interrupt the opportunity to use or perform collusion to subvert operation for fraudulent purposes?

Question258: A prolonged power supply that is below normal voltage is a:

Question259: Which of the following biometric parameters are better suited for authentication use over a long period of time?

Question260: Transport Layer Security (TLS) is a two-layered socket layer security protocol that contains the TLS Record Protocol and the::

Question261: Which of the following is the act of performing tests and evaluations to test a system's security level to see if it complies with the design specifications and security requirements?

Question262: Which of the following is NOT a VPN communications protocol standard?

Question263: Which of the following is immune to the effects of electromagnetic interference (EMI) and therefore has a much longer effective usable length?

Question264: According to the annual CSI/FBI Computer Crime report, which group commits the most computer crimes?

Question265: A ______________ is a means, method, or program to neutralize a threat or vulnerability.

Question266: Which of the following classes is the first level (lower) defined in the TCSEC (Orange Book) as mandatory protection?

Question267: If your property Insurance has Actual Cash Valuation (ACV) clause, your damaged property will be compensated based on:

Question268: Today, privacy violations are almost as serious as security violations?

Question269: What can be described as a measure of the magnitude of loss or impact on the value of an asset?

Question270: In non-discretionary access control using Role Based Access Control (RBAC), a central authority determines what subjects can have access to certain objects based on the organizational security policy. The access controls may be based on:

Question271: Which of the following describes a logical form of separation used by secure computing systems?

Question272: Which of the following security modes of operation involves the highest risk?

Question273: Memory management in TCSEC levels B3 and A1 operating systems may utilize "data hiding". What does this mean?

Question274: The criteria for evaluating the legal requirements for implementing safeguards is to evaluate the cost (C) of instituting the protection versus the estimated loss (L) resulting from the exploitation of the corresponding vulnerability. Therefore, a legal liability may exists when:

Question275: What can be defined as a data structure that enumerates digital certificates that were issued to CAs but have been invalidated by their issuer prior to when they were scheduled to expire?

Question276: How would an IP spoofing attack be best classified?

Question277: What type of cable is used with 100Base-TX Fast Ethernet?

Question278: As a result of a risk assessment, your security manager has determined that your organization needs to implement an intrusion detection system that can detect unknown attacks and can watch for unusual traffic behavior, such as a new service appearing on the network. What type of intrusion detection system would you select?

Question279: The MOST common threat that impacts a business's ability to function normally is:

Question280: Which one of the following authentication mechanisms creates a problem for mobile users?

Question281: How is Annualized Loss Expectancy (ALE) derived from a threat?

Question282: In which layer of the OSI Model are connection-oriented protocols located in the TCP/IP suite of protocols?

Question283: HTTP, FTP, SMTP reside at which layer of the OSI model?

Question284: What type of attack involves IP spoofing, ICMP ECHO and a bounce site?

Question285: In telephony different types of connections are being used. The connection from the phone company's branch office to local customers is referred to as which of the following choices?

Question286: The throughput rate is the rate at which individuals, once enrolled, can be processed and identified or authenticated by a biometric system. Acceptable throughput rates are in the range of:

Question287: CORRECT TEXT
Symmetric = private key = secret ________ = public key = shared

Question288: Which of the following binds a subject name to a public key value?

Question289: Java is not:

Question290: A DMZ is located:

Question291: This is a common security issue that is extremely hard to control in large environments. It occurs when a user has more computer rights, permissions, and access than what is required for the tasks the user needs to fulfill. What best describes this scenario?

Question292: Which of the following classes is defined in the TCSEC (Orange Book) as discretionary protection?

Question293: What can best be described as a domain of trust that shares a single security policy and single management?

Question294: Which of the following access control techniques best gives the security officers the ability to specify and enforce enterprise-specific security policies in a way that maps naturally to an organization's structure?

Question295: Which of the following does not address Database Management Systems (DBMS) Security?

Question296: CORRECT TEXT
NIPC stands for _____ _____ _____ ______ and is a government organization designed to help protect our nation's vital information resources.

Question297: What does "System Integrity" mean?

Question298: Which of the following statements pertaining to disaster recovery is incorrect?

Question299: Attributes that characterize an attack are stored for reference using which of the following Intrusion Detection System (IDS) ?

Question300: Brute force attacks against encryption keys have increased in potency because of increased computing power. Which of the following is often considered a good protection against the brute force cryptography attack?

Question301: Application Layer Firewalls operate at the:

Question302: Which of the following is most likely to be useful in detecting intrusions?

Question303: During the salvage of the Local Area Network and Servers, which of the following steps would normally be performed first?

Question304: Which of the following is a cryptographic protocol and infrastructure developed to send encrypted credit card numbers over the Internet?

Question305: Which of the following is NOT true of the Kerberos protocol?

Question306: Which of the following is NOT a form of detective administrative control?

Question307: Which of the following best allows risk management results to be used knowledgeably?

Question308: In biometrics, "one-to-many" search against database of stored biometric images is done in:

Question309: Which of the following categories of hackers poses the greatest threat?

Question310: Which of the following would be used to implement Mandatory Access Control (MAC)?

Question311: Which of the following Intrusion Detection Systems (IDS) uses a database of attacks, known system vulnerabilities, monitoring current attempts to exploit those vulnerabilities, and then triggers an alarm if an attempt is found?

Question312: Which of the following is best defined as a circumstance in which a collection of information items is required to be classified at a higher security level than any of the individual items that comprise it?

Question313: What is NOT true with pre shared key authentication within IKE / IPsec protocol?

Question314: An alternative to using passwords for authentication in logical or technical access control is:

Question315: When we encrypt or decrypt data there is a basic operation involving ones and zeros where they are compared in a process that looks something like this:
0101 0001 Plain text
0111 0011 Key stream
0010 0010 Output
What is this cryptographic operation called?

Question316: Which of the following are the steps usually followed in the development of documents such as security policy, standards and procedures?

Question317: Which of the following is a symmetric encryption algorithm?

Question318: Which of the following is defined as a key establishment protocol based on the Diffie-Hellman algorithm proposed for IPsec but superseded by IKE?

Question319: Pin, Password, Passphrases, Tokens, smart cards, and biometric devices are all items that can be used for Authentication. When one of these item listed above in conjunction with a second factor to validate authentication, it provides robust authentication of the individual by practicing which of the following?

Question320: A potential problem related to the physical installation of the Iris Scanner in regards to the usage of the iris pattern within a biometric system is:

Question321: Which of the following questions is less likely to help in assessing physical access controls?

Question322: The Information Technology Security Evaluation Criteria (ITSEC) was written to address which of the following that the Orange Book did not address?

Question323: What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?

Question324: In Discretionary Access Control the subject has authority, within certain limitations,

Question325: What is called the access protection system that limits connections by calling back the number of a previously authorized location?

Question326: In the context of network enumeration by an outside attacker and possible Distributed Denial of Service (DDoS) attacks, which of the following firewall rules is not appropriate to protect an organization's internal network?

Question327: Which of the following results in the most devastating business interruptions?

Question328: What can best be defined as high-level statements, beliefs, goals and objectives?

Question329: In order to enable users to perform tasks and duties without having to go through extra steps it is important that the security controls and mechanisms that are in place have a degree of?

Question330: Which of the following is not a two-factor authentication mechanism?

Question331: Which protocol is used to send email?

Question332: Which of the following is an IDS that acquires data and defines a "normal" usage profile for the network or host?

Question333: What refers to legitimate users accessing networked services that would normally be restricted to them?

Question334: Which of the following best defines source routing?

Question335: What key size is used by the Clipper Chip?

Question336: A server cluster looks like a:

Question337: The IP header contains a protocol field. If this field contains the value of 2, what type of data is contained within the IP datagram?

Question338: Business Continuity Planning (BCP) is not defined as a preparation that facilitates:

Question339: Which of the following choice is NOT normally part of the questions that would be asked in regards to an organization's information security policy?

Question340: Which of the following algorithms is a stream cipher?

Question341: A Business Continuity Plan should be tested:

Question342: What is defined as the rules for communicating between computers on a Local Area Network (LAN)?

Question343: Although they are accused of being one in the same, hackers and crackers are two distinctly different groups with different goals pertaining to computers.

Question344: In an online transaction processing system (OLTP), which of the following actions should be taken when erroneous or invalid transactions are detected?

Question345: In biometric identification systems, at the beginning, it was soon apparent that truly positive identification could only be based on :

Question346: Which of the following is biggest factor that makes Computer Crimes possible?

Question347: What is NOT an authentication method within IKE and IPsec?

Question348: A periodic review of user account management should not determine:

Question349: What is called the percentage of valid subjects that are falsely rejected by a Biometric Authentication system?

Question350: Which of the following is the core of fiber optic cables made of?

Question351: All hosts on an IP network have a logical ID called a(n):

Question352: Which of the following steps should be one of the first step performed in a Business Impact Analysis (BIA)?

Question353: Which of the following protocols that provide integrity and authentication for IPSec, can also provide non-repudiation in IPSec?

Question354: Controls provide accountability for individuals who are accessing sensitive information. This accountability is accomplished:

Question355: Which of the following types of Intrusion Detection Systems uses behavioral characteristics of a system's operation or network traffic to draw conclusions on whether the traffic represents a risk to the network or host?

Question356: Which of the following NAT firewall translation modes offers no protection from hacking attacks to an internal host using this functionality?

Question357: Which of the following backup methods is primarily run when time and tape space permits, and is used for the system archive or baselined tape sets?

Question358: The primary purpose for using one-way hashing of user passwords within a password file is which of the following?

Question359: CORRECT TEXT
EICAR is an example of a _____________ used to test AV products without introducing a live virus into the network.

Question360: Which encryption algorithm is BEST suited for communication with handheld wireless devices?

Question361: Degaussing is used to clear data from all of the following medias except:

Question362: The fact that a network-based IDS reviews packets payload and headers enable which of the following?

Question363: After a company is out of an emergency state, what should be moved back to the original site first?

Question364: Which of the following backup methods makes a complete backup of every file on the server every time it is run?

Question365: After a company is out of an emergency state, what should be moved back to the original site first?

Question366: To control access by a subject (an active entity such as individual or process) to an object (a passive entity such as a file) involves setting up:

Question367: Like the Kerberos protocol, SESAME is also subject to which of the following?

Question368: Which of the following items is NOT a benefit of cold sites?

Question369: How should a risk be HANDLED when the cost of the countermeasure OUTWEIGHS the cost of the risk?

Question370: Which of the following services is NOT provided by the digital signature standard (DSS)?

Question371: Which of the following is not one of the three goals of Integrity addressed by the Clark-Wilson model?

Question372: Which of the following security controls might force an operator into collusion with personnel assigned organizationally within a different function in order to gain access to unauthorized data?

Question373: Which of the following identifies the encryption algorithm selected by NIST for the new Advanced Encryption Standard?

Question374: Which of the following protocols does not operate at the data link layer (layer 2)?

Question375: The basic language of modems and dial-up remote access systems is:

Question376: The information security staff's participation in which of the following system development life cycle phases provides maximum benefit to the organization?

Question377: This baseline sets certain thresholds for specific errors or mistakes allowed and the amount of these occurrences that can take place before it is considered suspicious?

Question378: Which integrity model defines a constrained data item, an integrity verification procedure and a transformation procedure?

Question379: Which of the following is not a logical control when implementing logical access security?

Question380: Which of the following statements pertaining to IPSec is incorrect?

Question381: Which of the following would be an example of the best password?

Question382: If an employee's computer has been used by a fraudulent employee to commit a crime, the hard disk may be seized as evidence and once the investigation is complete it would follow the normal steps of the Evidence Life Cycle. In such case, the Evidence life cycle would not include which of the following steps listed below?

Question383: A deviation from an organization-wide security policy requires which of the following?

Question384: Which of the following is a method of multiplexing data where a communication channel is divided into an arbitrary number of variable bit-rate digital channels or data streams. This method allocates bandwidth dynamically to physical channels having information to transmit?

Question385: The Information Technology Security Evaluation Criteria (ITSEC) was written to address which of the following that the Orange Book did not address?

Question386: Which of the following ports does NOT normally need to be open for a mail server to operate?

Question387: Which of the following protection devices is used for spot protection within a few inches of the object, rather than for overall room security monitoring?

Question388: The IP header contains a protocol field. If this field contains the value of 17, what type of data is contained within the ip datagram?

Question389: To control access by a subject (an active entity such as individual or process) to an object (a passive entity such as a file) involves setting up:

Question390: What is called an automated means of identifying or authenticating the identity of a living person based on physiological or behavioral characteristics?

Question391: What is NOT true about a one-way hashing function?

Question392: Which of the following is a not a preventative control?

Question393: Which of the following results in the most devastating business interruptions?

Question394: All hosts on an IP network have a logical ID called a(n):

Question395: Virus scanning and content inspection of SMIME encrypted e-mail without doing any further processing is:

Question396: Because all the secret keys are held and authentication is performed on the Kerberos TGS and the authentication servers, these servers are vulnerable to:

Question397: Which authentication technique best protects against hijacking?

Question398: What is the effective key size of DES?

Question399: In biometrics, "one-to-many" search against database of stored biometric images is done in:

Question400: Which xDSL flavour delivers both downstream and upstream speeds of 1.544 Mbps over two copper twisted pairs?

Question401: CORRECT TEXT
A type of virus that resides in a Word or Excel document is called a ___________ virus?

Question402: Proxies works by transferring a copy of each accepted data packet from one network to another, thereby masking the:

Question403: This is a common security issue that is extremely hard to control in large environments. It occurs when a user has more computer rights, permissions, and access than what is required for the tasks the user needs to fulfill. What best describes this scenario?

Question404: What is the framing specification used for transmitting digital signals at 1.544 Mbps on a T1 facility?

Question405: What is electronic vaulting?

Question406: Which of the following security models does NOT concern itself with the flow of data?

Question407: What can be best defined as the examination of threat sources against system vulnerabilities to determine the threats for a particular system in a particular operational environment?

Question408: What is called the probability that a threat to an information system will materialize?

Question409: A department manager has read access to the salaries of the employees in his/her department but not to the salaries of employees in other departments. A database security mechanism that enforces this policy would typically be said to provide which of the following?

Question410: How is Annualized Loss Expectancy (ALE) derived from a threat?

Question411: Which of the following statements pertaining to key management is incorrect?

Question412: Which of the following networking devices allows the connection of two or more homogeneous LANs in a simple way where they forward the traffic based on the MAC address ?

Question413: Which of the following security mode of operation does NOT require all users to have the clearance for all information processed on the system?

Question414: The three classic ways of authenticating yourself to the computer security software are by something you know, by something you have, and by something:

Question415: Which of the following is considered the weakest link in a security system?

Question416: Rule-Based Access Control (RuBAC) access is determined by rules. Such rules would fit within what category of access control ?

Question417: Passwords can be required to change monthly, quarterly, or at other intervals:

Question418: How do you distinguish between a bridge and a router?

Question419: Which of the following is a token-passing scheme like token ring that also has a second ring that remains dormant until an error condition is detected on the primary ring?

Question420: Who is responsible for initiating corrective measures and capabilities used when there are security violations?

Question421: Failure of a contingency plan is usually:

Question422: A public key algorithm that does both encryption and digital signature is which of the following?

Question423: Which of the following should NOT normally be allowed through a firewall?

Question424: Which of the following type of cryptography is used when both parties use the same key to communicate securely with each other?

Question425: As telnet is widely know to be insecure, one time passwords (OPIE) offer a great alternative. After a user logs on remotely, OPIE will issue a challenge. What two elements will thi challenge contain?( Choose two)

Question426: What does "residual risk" mean?

Question427: Which of the following would be true about Static password tokens?

Question428: Which of the following usually provides reliable, real-time information without consuming network or host resources?

Question429: A weakness or lack of a safeguard, which may be exploited by a threat, causing harm to the information systems or networks is called a ?

Question430: Which of the following LAN topologies offers the highest availability?

Question431: Which of the following is NOT true about IPSec Tunnel mode?

Question432: ___________ programs decrease the number of security incidents, educate users about procedures, and can potentially reduce losses.

Question433: Which of the following assertions is NOT true about pattern matching and anomaly detection in intrusion detection?

Question434: Which of the following is a trusted, third party authentication protocol that was developed under Project Athena at MIT?

Question435: What is a limitation of TCP Wrappers?

Question436: What is the 802.11 standard related to?

Question437: Which security model is based on the military classification of data and people with clearances?

Question438: Remote Procedure Call (RPC) is a protocol that one program can use to request a service from a program located in another computer in a network. Within which OSI/ISO layer is RPC implemented?

Question439: Java is not:

Question440: How often should tests and disaster recovery drills be performed?

Question441: The Orange Book states that "Hardware and software features shall be provided that can be used to periodically validate the correct operation of the on-site hardware and firmware elements of the TCB
[Trusted Computing Base]." This statement is the formal requirement for:

Question442: What term describes the amount of risk that remains after the countermeasures have been deployed and the vulnerabilities classified?

Question443: Which of the following answers is described as a random value used in cryptographic algorithms to ensure that patterns are not created during the encryption process?

Question444: Which of the following standards is concerned with message handling?

Question445: If an organization were to monitor their employees' e-mail, it should not:

Question446: Which of the following is less likely to be used today in creating a Virtual Private Network?

Question447: Why is infrared generally considered to be more secure to eavesdropping than multidirectional radio transmissions?

Question448: Which of the following item would best help an organization to gain a common understanding of functions that are critical to its survival?

Question449: Physical security is accomplished through proper facility construction, fire and water protection, anti-theft mechanisms, intrusion detection systems, and security procedures that are adhered to and enforced.
Which of the following is not a component that achieves this type of security?

Question450: What security problem is most likely to exist if an operating system permits objects to be used sequentially by multiple users without forcing a refresh of the objects?

Question451: What can be defined as a data structure that enumerates digital certificates that were issued to CAs but have been invalidated by their issuer prior to when they were scheduled to expire?

Question452: Which access control model achieves data integrity through well-formed transactions and separation of duties?

Question453: Which of the following Operation Security controls is intended to prevent unauthorized intruders from internally or externally accessing the system, and to lower the amount and impact of unintentional errors that are entering the system?

Question454: What would BEST define risk management?

Question455: Which of the following describes the major disadvantage of many Single Sign-On (SSO) implementations?

Question456: Which of the following classes is the first level (lower) defined in the TCSEC (Orange Book) as mandatory protection?

Question457: A good password policy uses which of the following guidelines? (Choose all that apply)

Question458: Which of the following services relies on UDP?

Question459: ____________ is used in mission critical systems and applications to lock down information based on sensitivity levels (Confidential, Top Secret, etc..

Question460: Which of the following is the primary reason why a user would choose a dial-up modem connection to the Internet when they have a faster, secure Internet connection through the organization's network?

Question461: Which of the following would be the MOST serious risk where a systems development life cycle methodology is inadequate?

Question462: Which of the following should NOT normally be allowed through a firewall?

Question463: Which of the following is addressed by Kerberos?

Question464: Which of the following statements pertaining to software testing approaches is correct?

Question465: Which division of the Orange Book deals with discretionary protection (need-to-know)?

Question466: Which of the following backup sites is the most effective for disaster recovery?

Question467: Controls to keep password sniffing attacks from compromising computer systems include which of the following?

Question468: This baseline sets certain thresholds for specific errors or mistakes allowed and the amount of these occurrences that can take place before it is considered suspicious?

Question469: A contingency plan should address:

Question470: Qualitative loss resulting from the business interruption does NOT usually include:

Question471: Which of the following is NOT a common category/classification of threat to an IT system?

Question472: Which of the following protocols is not implemented at the Internet layer of the TCP/IP protocol model?

Question473: What can best be defined as the detailed examination and testing of the security features of an IT system or product to ensure that they work correctly and effectively and do not show any logical vulnerabilities, such as evaluation criteria?

Question474: As a result of a risk assessment, your security manager has determined that your organization needs to implement an intrusion detection system that can detect unknown attacks and can watch for unusual traffic behavior, such as a new service appearing on the network. What type of intrusion detection system would you select?

Question475: Identification and authentication are the keystones of most access control systems. Identification establishes:

Question476: Under the Business Exemption Rule to the hearsay evidence, which of the following exceptions would have no bearing on the inadmissibility of audit logs and audit trails in a court of law?

Question477: Which of the following is not a responsibility of an information (data) owner?

Question478: __________ attacks capitalize on programming errors and can allow the originator to gain additional privileges on a machine.

Question479: Secure Sockets Layer (SSL) is very heavily used for protecting which of the following?

Question480: What algorithm was DES derived from?

Question481: You work in a police department forensics lab where you examine computers for evidence of crimes. Your work is vital to the success of the prosecution of criminals.
One day you receive a laptop and are part of a two man team responsible for examining it together. However, it is lunch time and after receiving the laptop you leave it on your desk and you both head out to lunch.
What critical step in forensic evidence have you forgotten?

Question482: Within the context of the CBK, which of the following provides a MINIMUM level of security ACCEPTABLE for an environment ?

Question483: CORRECT TEXT
Unlike like viruses and worm, __________ are bogus messages that spread via email forwarding.

Question484: Which of the following access control models requires security clearance for subjects?

Question485: Which of the following should be emphasized during the Business Impact Analysis (BIA) considering that the BIA focus is on business processes?

Question486: What is NOT true about a one-way hashing function?

Question487: Which TCSEC class specifies discretionary protection?

Question488: Why would a memory dump be admissible as evidence in court?

Question489: Which of the following is the act of performing tests and evaluations to test a system's security level to see if it complies with the design specifications and security requirements?

Question490: Which of the following is not one of the three goals of Integrity addressed by the Clark-Wilson model?

Question491: The following is NOT a security characteristic we need to consider while choosing a biometric identification systems:

Question492: In order to be able to successfully prosecute an intruder:

Question493: Which of the following is an advantage in using a bottom-up versus a top-down approach to software testing?

Question494: Which of the following is immune to the effects of electromagnetic interference (EMI) and therefore has a much longer effective usable length?

Question495: What physical characteristic does a retinal scan biometric device measure?

Question496: Which of the following is NOT a proper component of Media Viability Controls?

Question497: Good security is built on which of the following concept?

Question498: Transport Layer Security (TLS) is a two-layered socket layer security protocol that contains the TLS Record Protocol and the::

Question499: Which of the following is NOT an advantage that TACACS+ has over TACACS?

Question500: This type of supporting evidence is used to help prove an idea or a point, however It cannot stand on its own, it is used as a supplementary tool to help prove a primary piece of evidence. What is the name of this type of evidence?

Question501: What would be the Annualized Rate of Occurrence (ARO) of the threat "user input error", in the case where a company employs 100 data entry clerks and every one of them makes one input error each month?

Question502: Which of the following category of UTP cables is specified to be able to handle gigabit Ethernet (1 Gbps) according to the EIA/TIA-568-B standards?

Question503: Which of the following is the FIRST step in protecting data's confidentiality?

Question504: Which of the following statements pertaining to RADIUS is incorrect:

Question505: Which of the following best defines add-on security?

Question506: In order to use L0pht, the ___________ must be exported from Windows NT.

Question507: Which of the following biometric characteristics cannot be used to uniquely authenticate an individual's identity?

Question508: Which of the following statements pertaining to software testing is incorrect?

Question509: When considering an IT System Development Life-cycle, security should be:

Question510: ICMP and IGMP belong to which layer of the OSI model?

Question511: Which of the following keys has the SHORTEST lifespan?

Question512: The standard server port number for HTTP is which of the following?

Question513: Which of the following would be true about Static password tokens?

Question514: Which of the following statements pertaining to packet switching is incorrect?

Question515: Sending an ICMP packet greater than 64Kb is an example of what type of attack?

Question516: What is the goal of the Maintenance phase in a common development process of a security policy?

Question517: Which xDSL flavour can deliver up to 52 Mbps downstream over a single copper twisted pair?

Question518: Kerberos is vulnerable to replay in which of the following circumstances?

Question519: RADIUS incorporates which of the following services?

Question520: What is the main purpose of Corporate Security Policy?

Question521: Which of the following is a device that is used to regenerate or replicate the received
signals?

Question522: If a sender is unable to deny having sent an electronic transmission, this concept is known as___________________

Question523: Which of the following transmission media would NOT be affected by cross talk or interference?

Question524: The basic language of modems and dial-up remote access systems is:

Question525: Which of the following protects a password from eavesdroppers and supports the encryption of communication?

Question526: What does the simple security (ss) property mean in the Bell-LaPadula model?

Question527: Kerberos can prevent which one of the following attacks?

Question528: Which of the following would be used to detect and correct errors so that integrity and confidentiality of transactions over networks may be maintained while preventing unauthorize interception of the traffic?

Question529: Who of the following is responsible for ensuring that proper controls are in place to address integrity, confidentiality, and availability of IT systems and data?

Question530: In which of the following phases of system development life cycle (SDLC) is contingency planning most important?

Question531: Which of the following is related to physical security and is not considered a technical control?

Question532: Which of the following is less likely to accompany a contingency plan, either within the plan itself or in the form of an appendix?

Question533: EDI (Electronic Data Interchange) differs from e-Commerce in that ___________________.

Question534: Sandra has used Ethereal, a packet sniffer, to listen in on network transmissions. She has captured several passwords. What type of attack has been performed on her network?

Question535: Which of the following questions are least likely to help in assessing controls covering audit trails?

Question536: A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?

Question537: Which of the following service is a distributed database that translate host name to IP address to IP address to host name?

Question538: Which of the following is most affected by denial-of-service (DOS) attacks?

Question539: Which of the following statements is most accurate regarding a digital signature?

Question540: What is called the type of access control where there are pairs of elements that have the least upper bound of values and greatest lower bound of values?

Question541: Which of the following is the MOST important aspect relating to employee termination?

Question542: CORRECT TEXT
An attempt to break an encryption algorithm is called _____________.

Question543: Which of the following is an advantage that UDP has over TCP?

Question544: Which of the following is NOT true about IPSec Tunnel mode?

Question545: Which OSI/ISO layers are TCP and UDP implemented at?

Question546: How do you distinguish between a bridge and a router?

Question547: Which of the following is the WEAKEST authentication mechanism?

Question548: Which of the following protocol was used by the INITIAL version of the Terminal Access Controller Access Control System TACACS for communication between clients and servers?

Question549: Which of the following is NOT a technical control?

Question550: Which of the following can be used as a covert channel?

Question551: Which of the following is best defined as a circumstance in which a collection of information items is required to be classified at a higher security level than any of the individual items that comprise it?

Question552: There are ______ available service ports

Question553: Degaussing is used to clear data from all of the following medias except:

Question554: Which of the following is an example of discretionary access control?

Question555: What is considered the most important type of error to avoid for a biometric access control system?

Question556: Which of the following is the most secure form of triple-DES encryption?

Question557: Which of the following is used to find the Media Access Control address (MAC) that matches with a known Internet Protocol (IP) address?

Question558: Which of the following statements pertaining to software testing approaches is correct?

Question559: Which type of firewall can be used to track connectionless protocols such as UDP and RPC?

Question560: A security policy is a rigid set of rules that must be followed explicitly in order to be effective.

Question561: What is called an exception to the search warrant requirement that allows an officer to conduct a search without having the warrant in-hand if probable cause is present and destruction of the evidence is deemed imminent?

Question562: Which of the following issues is not addressed by digital signatures?

Question563: What are the three performance measurements used in biometrics?<br>(Choose three)

Question564: Which of the following Intrusion Detection Systems (IDS) uses a database of attacks, known system vulnerabilities, monitoring current attempts to exploit those vulnerabilities, and then triggers an alarm if an attempt is found?

Question565: One of the following statements about the differences between PPTP and L2TP is NOT true

Question566: In computing what is the name of a non-self-replicating type of malware program containing malicious code that appears to have some useful purpose but also contains code that has a malicious or harmful purpose imbedded in it, when executed, carries out actions that are unknown to the person installing it, typically causing loss or theft of data, and possible system harm.

Question567: Which of the following is an IP address that is private (i.e. reserved for internal networks, and not a valid address to use on the Internet)?

Question568: CORRECT TEXT
Public keys are used for ___________ messages and private keys are used for __________ messages.

Question569: The general philosophy for DMZ's is that:

Question570: Which of the following service is a distributed database that translate host name to IP address to IP address to host name?

Question571: What is the PRIMARY goal of incident handling?

Question572: Which of the following is true about Kerberos?

Question573: Which type of password token involves time synchronization?

Question574: A variation of the application layer firewall is called a:

Question575: Which of the following is NOT a transaction redundancy implementation?

Question576: Which of the following BEST explains why computerized information systems frequently fail to meet the needs of users?

Question577: Secure Sockets Layer (SSL) is very heavily used for protecting which of the following?

Question578: The change control process:

Question579: A prolonged power supply that is below normal voltage is a:

Question580: What can be defined as an instance of two different keys generating the same ciphertext from the same plaintext?

Question581: Which of the following describes a computer processing architecture in which a language compiler or pre-processor breaks program instructions down into basic operations that can be performed by the processor at the same time?

Question582: Risk mitigation and risk reduction controls for providing information security are classified within three main categories, which of the following are being used?

Question583: SMTP can best be described as:

Question584: What is the most critical characteristic of a biometric identifying system?

Question585: The Information Technology Security Evaluation Criteria (ITSEC) was written to address which of the following that the Orange Book did not address?

Question586: When you update records in multiple locations or you make a copy of the whole database at a remote location as a way to achieve the proper level of fault-tolerance and redundancy, it is knows as?

Question587: In a SSL session between a client and a server, who is responsible for generating the master secret that will be used as a seed to generate the symmetric keys that will be used during the session?

Question588: Which of the following is NOT a property of the Rijndael block cipher algorithm?

Question589: Which of the following is not an example of a block cipher?

Question590: Which type of algorithm is considered to have the highest strength per bit of key length of any of the asymmetric algorithms?

Question591: Which of the following outlined how senior management are responsible for the computer and information security decisions that they make and what actually took place within their organizations?

Question592: In the UTP category rating, the tighter the wind:

Question593: Which of the following is an IP address that is private (i.e. reserved for internal networks, and not a valid address to use on the Internet)?

Question594: Which backup method copies only files that have changed since the last full backup, but does not clear the archive bit?

Question595: Which of the following is true related to network sniffing?

Question596: Who first described the DoD multilevel military security policy in abstract, formal terms?

Question597: Which of the following does NOT concern itself with key management?

Question598: The type of discretionary access control (DAC) that is based on an individual's identity is also called:

Question599: The general philosophy for DMZ's is that:

Question600: Which of the following access control models is based on sensitivity labels?

Question601: Which of the following groups represents the leading source of computer crime losses?

Question602: What assesses potential loss that could be caused by a disaster?

Question603: What is the difference between Access Control Lists (ACLs) and Capability Tables?

Question604: What is the effective key size of DES?

Question605: Which of the following is the primary reason why a user would choose a dial-up modem connection to the Internet when they have a faster, secure Internet connection through the organization's network?

Question606: Which of the following is not appropriate in addressing object reuse?

Question607: Which of the following transmission media would NOT be affected by cross talk or interference?

Question608: What is called the act of a user professing an identity to a system, usually in the form of a log-on ID?

Question609: What is the difference between Access Control Lists (ACLs) and Capability Tables?

Question610: CORRECT TEXT
SATAN is a _____________ based tool and COPS is a ______________ based tool

Question611: Which of the following is NOT a characteristic or shortcoming of packet filtering gateways?

Question612: Which type of attack consists of modifying the length and fragmentation offset fields in
sequential IP packets?

Question613: Which of the following access control models requires security clearance for subjects?

Question614: Which of the following would NOT violate the Due Diligence concept?

Question615: Why would anomaly detection IDSs often generate a large number of false positives?

Question616: Which of the following is an example of an active attack?

Question617: What protocol is used to match an IP address to the appropriate hardware address of the packet's destination so it can be sent?

Question618: Which of the following is the most reliable, secure means of removing data from magnetic storage media such as a magnetic tape, or a cassette?

Question619: What would be the name of a Logical or Virtual Table dynamically generated to restrict the information a user can access in a database?

Question620: The following is NOT a security characteristic we need to consider while choosing a biometric identification systems:

Question621: Kerberos depends upon what encryption method?

Question622: What physical characteristic does a retinal scan biometric device measure?

Question623: Which of the following biometric devices has the lowest user acceptance level?

Question624: What mechanism automatically causes an alarm originating in a data center to be transmitted over the local municipal fire or police alarm circuits for relaying to both the local police/fire station and the appropriate headquarters?

Question625: Which of the following are WELL KNOWN PORTS assigned by the IANA?

Question626: The IP header contains a protocol field. If this field contains the value of 2, what type of data is contained within the IP datagram?

Question627: What is the appropriate role of the security analyst in the application system development or acquisition project?

Question628: While there are many different models for IT system life cycle, most contain five unique phases.
Which of the following would be the last phase?

Question629: What type of attack involves IP spoofing, ICMP ECHO and a bounce site?

Question630: Which of the following statements pertaining to stream ciphers is correct?

Question631: Who should direct short-term recovery actions immediately following a disaster?

Question632: Which of the following does not address Database Management Systems (DBMS) Security?

Question633: Which of the following is the most critical item from a disaster recovery point of view?

Question634: The session layer provides a logical persistent connection between peer hosts. Which of the following is one of the modes used in the session layer to establish this connection?

Question635: How should a risk be HANDLED when the cost of the countermeasure OUTWEIGHS the cost of the risk?

Question636: Which of the following is the biggest concern with firewall security?

Question637: Under the Business Exemption Rule to the hearsay evidence, which of the following exceptions would have no bearing on the inadmissibility of audit logs and audit trails in a court of law?

Question638: Which of the following best describes the purpose of debugging programs?

Question639: Which of the following is NOT a task normally performed by a Computer Incident Response Team (CIRT)?

Question640: Which of the following is NOT a common backup method?

Question641: What attack involves the perpetrator sending spoofed packet(s) wich contains the same destination and source IP address as the remote host, the same port for the source and destination, having the SYN flag, and targeting any open ports that are open on the remote host?

Question642: Organizations should not view disaster recovery as which of the following?

Question643: In the Bell-LaPadula model, the Star-property is also called:

Question644: Which of the following is NOT a common category/classification of threat to an IT system?

Question645: Which of the following would MOST likely ensure that a system development project meets business objectives?

Question646: Which of the following is not a security goal for remote access?

Question647: Which layer of the OSI model handles encryption?

Question648: What security control provides a method to insure that a transaction did or did not occur?

Question649: Which of the following tools is NOT likely to be used by a hacker?

Question650: What is it called when a computer uses more than one CPU in parallel to execute instructions?

Question651: When submitting a passphrase for authentication, the passphrase is converted into ...

Question652: What kind of encryption is realized in the S/MIME-standard?

Question653: Kerberos can prevent which one of the following attacks?

Question654: A central authority determines what subjects can have access to certain objects based on the organizational security policy is called:

Question655: Which of the following would be used to detect and correct errors so that integrity and confidentiality of transactions over networks may be maintained while preventing unauthorize interception of the traffic?

Question656: Under United States law, an investigator's notebook may be used in court in which of the following scenarios?

Question657: Which of the following will a Business Impact Analysis NOT identify?

Question658: Preservation of confidentiality within information systems requires that the information is not disclosed to:

Question659: Which of the following is a device that is used to regenerate or replicate the received signals?

Question660: Knowledge-based Intrusion Detection Systems (IDS) are more common than:

Question661: What security model implies a central authority that define rules and sometimes global rules, dictating what subjects can have access to what objects?

Question662: Which of the following computer design approaches is based on the fact that in earlier technologies, the instruction fetch was the longest part of the cycle?

Question663: This type of supporting evidence is used to help prove an idea or a point, however It cannot stand on its own, it is used as a supplementary tool to help prove a primary piece of evidence. What is the name of this type of evidence?

Question664: Which of the following is NOT a common backup method?

Question665: Which authentication technique best protects against hijacking?

Question666: Why are coaxial cables called "coaxial"?

Question667: Which conceptual approach to intrusion detection system is the most common?

Question668: In response to Access-request from a client such as a Network Access Server (NAS), which of the following is not one of the response from a RADIUS Server?

Question669: The RSA algorithm is an example of what type of cryptography?

Question670: How many bits of a MAC address uniquely identify a vendor, as provided by the IEEE?

Question671: Which of the following is NOT a common backup method?

Question672: Where parties do not have a shared secret and large quantities of sensitive information must be passed, the most efficient means of transferring information is to use Hybrid Encryption Methods. What does this mean?

Question673: Which of the following statements pertaining to disk mirroring is incorrect?

Question674: To protect and/or restore lost, corrupted, or deleted information, thereby preserving the data integrity and availability is the purpose of:

Question675: Which protocol of the TCP/IP suite addresses reliable data transport?

Question676: Which of the following backup methods is most appropriate for off-site archiving?

Question677: Which of the following are suitable protocols for securing VPN connections at the lower layers of the OSI model?

Question678: Ensuring least privilege does not require:

Question679: Which of the following would best describe certificate path validation?

Question680: Which of the following choices describe a Challenge-response tokens generation?

Question681: Which of the following technologies has been developed to support TCP/IP networking over low-speed serial interfaces?

Question682: Which of the following statements pertaining to disaster recovery planning is incorrect?

Question683: Complete the blanks. When using PKI, I digitally sign a message using my ______ key. The recipient verifies my signature using my ______ key.

Question684: CORRECT TEXT
:A _________ refers to hidden code or instructions added to an application or operating system. This code will not execute until appropriate / predetermined conditions are met.

Question685: Which of the following BEST describes a function relying on a shared secret key that is used along with a hashing algorithm to verify the integrity of the communication content as well as the sender?

Question686: What mechanism does a system use to compare the security labels of a subject and an object?

Question687: Like the Kerberos protocol, SESAME is also subject to which of the following?

Question688: Which of the following is an IP address that is private (i.e. reserved for internal networks, and not a valid address to use on the Internet)?

Question689: Which of the following is the BEST way to detect software license violations?

Question690: Which of the following is NOT a basic component of security architecture?

Question691: What is Kerberos?

Question692: Who of the following is responsible for ensuring that proper controls are in place to address integrity, confidentiality, and availability of IT systems and data?

Question693: Which of the following refers to the data left on the media after the media has been erased?

Question694: Which backup method only copies files that have been recently added or changed and also leaves the archive bit unchanged?

Question695: At what stage of the applications development process should the security department become involved?

Question696: Which of the following would best define a digital envelope?

Question697: Recovery Site Strategies for the technology environment depend on how much downtime an organization can tolerate before the recovery must be completed. What would you call a strategy where the alternate site is internal, standby ready, with all the technology and equipment necessary to run the applications?

Question698: Which of the following would best describe a Concealment cipher?

Question699: Which of the following is NOT a property of a one-way hash function?

Question700: Each data packet is assigned the IP address of the sender and the IP address of the:

Question701: Decentralized access control allows ______________________.

Question702: The IP header contains a protocol field. If this field contains the value of 1, what type of data is contained within the IP datagram?

Question703: Which of the following is the best reason for the use of an automated risk analysis tool?

Question704: Which of the following is considered the MOST secure?

Question705: Which of the following is a problem regarding computer investigation issues?

Question706: Public Key Infrastructure (PKI) uses asymmetric key encryption between parties. The originator encrypts information using the intended recipient's "public" key in order to get confidentiality of the data being sent.
The recipients use their own "private" key to decrypt the information. The "Infrastructure" of this methodology ensures that:

Question707: The controls that usually require a human to evaluate the input from sensors or cameras to determine if a real threat exists are associated with:

Question708: In the context of access control, locks, gates, guards are examples of which of the following?

Question709: When preparing a business continuity plan, who of the following is responsible for identifying and prioritizing time-critical systems?

Question710: Which of the following security models does NOT concern itself with the flow of data?

Question711: Which of the following elements of telecommunications is not used in assuring confidentiality?

Question712: Which of the following protocol was used by the INITIAL version of the Terminal Access Controller Access Control System TACACS for communication between clients and servers?

Question713: Which of the following is not a physical control for physical security?

Question714: Which of the following remote access authentication systems is the most robust?

Question715: Which of the following was not designed to be a proprietary encryption algorithm?

Question716: Which of the following is a cryptographic protocol and infrastructure developed to send encrypted credit card numbers over the Internet?

Question717: Which of the following is an example of a passive attack?

Question718: Which of the following ports does NOT normally need to be open for a mail server to operate?

Question719: Which of following is not a service provided by AAA servers (Radius, TACACS and DIAMETER)?

Question720: Which of the following is not a property of the Rijndael block cipher algorithm?

Question721: Which cable technology refers to the CAT3 and CAT5 categories?

Question722: Which of the following tape formats can be used to backup data systems in addition to its original intended audio uses?

Question723: When should a post-mortem review meeting be held after an intrusion has been properly taken care of?

Question724: What are the two most critical aspects of risk analysis? (Choose two)

Question725: Which of the following computer crime is MORE often associated with INSIDERS?

Question726: Which of the following is an Internet IPsec protocol to negotiate, establish, modify, and delete security associations, and to exchange key generation and authentication data, independent of the details of any specific key generation technique, key establishment protocol, encryption algorithm, or authentication mechanism?

Question727: Macintosh computers are not at risk for receiving viruses.

Question728: What is called the percentage of valid subjects that are falsely rejected by a Biometric Authentication system?

Question729: Which backup type run at regular intervals would take the least time to complete?

Question730: A circuit level proxy is ___________________ when compared to an application level proxy.

Question731: Each data packet is assigned the IP address of the sender and the IP address of the:

Question732: The standard of __________ states that a certain level of integrity and information protection levels will be maintained.

Question733: When two or more separate entities (usually persons) operating in concert to protect sensitive functions or information must combine their knowledge to gain access to an asset, this is known as?

Question734: What can be defined as the maximum acceptable length of time that elapses before the unavailability of the system severely affects the organization?

Question735: Which type of attack involves the alteration of a packet at the IP level to convince a system that it is communicating with a known entity in order to gain access to a system?

Question736: Which of the following algorithms is a stream cipher?

Question737: Which of the following computer recovery sites is only partially equipped with processing equipment?

Question738: Controls are implemented to:

Question739: Which of the following technologies has been developed to support TCP/IP networking over low-speed serial interfaces?

Question740: Application Layer Firewalls operate at the:

Question741: Companies can now be sued for privacy violations just as easily as they can be sued for security compromises.

Question742: The Secure Hash Algorithm (SHA-1) creates:

Question743: Why is traffic across a packet switched network difficult to monitor?

Question744: What kind of encryption is realized in the S/MIME-standard?

Question745: What attribute is included in a X.509-certificate?

Question746: Which of the following is a tool often used to reduce the risk to a local area network (LAN) that has external connections by filtering Ingress and Egress traffic?

Question747: In SSL/TLS protocol, what kind of authentication is supported when you establish a secure session between a client and a server?

Question748: To protect and/or restore lost, corrupted, or deleted information, thereby preserving the data integrity and availability is the purpose of:

Question749: What is malware that can spread itself over open network connections?

Question750: Which of the following is defined as the most recent point in time to which data must be synchronized without adversely affecting the organization (financial or operational impacts)?

Question751: What attribute is included in a X.509-certificate?

Question752: In what way can violation clipping levels assist in violation tracking and analysis?

Question753: Asynchronous Communication transfers data by sending:

Question754: Which of the following networking devices allows the connection of two or more homogeneous LANs in a simple way where they forward the traffic based on the MAC address ?

Question755: Which of the following statements pertaining to ethical hacking is incorrect?

Question756: The first step in the implementation of the contingency plan is to perform:

Question757: As per RFC 1122, which of the following is not a defined layer in the DoD TCP/IP protocol model?

Question758: Which of the following is an example of a connectionless communication protocol?

Question759: Which of the following is needed for System Accountability?

Question760: Password management falls into which control category?

Question761: Which of the following can best eliminate dial-up access through a Remote Access Server as a hacking vector?

Question762: Which of the following is a trusted, third party authentication protocol that was developed under Project Athena at MIT?

Question763: Which of the following is NOT a characteristic of a host-based intrusion detection system?

Question764: Which of the following is used to interrupt the opportunity to use or perform collusion to subvert operation for fraudulent purposes?

Question765: Which type of control is concerned with restoring controls?

Question766: Of the reasons why a Disaster Recovery plan gets outdated, which of the following is not true?

Question767: The control of communications test equipment should be clearly addressed by security policy for which of the following reasons?

Question768: Which of the following exemplifies proper separation of duties?

Question769: Which type of attack is based on the probability of two different messages using the same hash function producing a common message digest?

Question770: What can best be defined as the sum of protection mechanisms inside the computer, including hardware, firmware and software?

Question771: Which of the following best ensures accountability of users for the actions taken within a system or domain?

Question772: Which of the following would NOT violate the Due Diligence concept?

Question773: Which one of the following statements about the advantages and disadvantages of network-based Intrusion detection systems is true

Question774: Which of the following was designed as a more fault-tolerant topology than Ethernet, and very resilient when properly implemented?

Question775: What is called an event or activity that has the potential to cause harm to the information systems or networks?

Question776: Which of the following best describes signature-based detection?

Question777: Failure of a contingency plan is usually:

Question778: External consistency ensures that the data stored in the database is:

Question779: Which of the following was developed in order to protect against fraud in electronic fund transfers (EFT) by ensuring the message comes from its claimed originator and that it has not been altered in transmission?

Question780: Guards are appropriate whenever the function required by the security program involves which of the following?

Question781: What can best be described as a domain of trust that shares a single security policy and single management?

Question782: Which backup method is used if backup time is critical and tape space is at an extreme premium?

Question783: An effective information security policy should not have which of the following characteristic?

Question784: What is the Biba security model concerned with?

Question785: The typical computer fraudsters are usually persons with which of the following characteristics?

Question786: Which of the following can best define the "revocation request grace period"?

Question787: Which of the following protocols operates at the session layer (layer 5)?

Question788: What ISO/OSI layer do switches primarily operate at?
Do take note that this question makes reference to a plain vanilla switch and not one of the smart switches that is available on the market today.

Question789: Which of the following are additional access control objectives?

Question790: Which of the following is NOT a fundamental component of an alarm in an intrusion detection system?

Question791: The concept of best effort delivery is best associated with?

Question792: Which of the following concerning the Rijndael block cipher algorithm is false?

Question793: Kerberos depends upon what encryption method?

Question794: In an organization where there are frequent personnel changes, non-discretionary access control using Role Based Access Control (RBAC) is useful because:

Question795: What enables a workstation to boot without requiring a hard or floppy disk drive?

Question796: What are called user interfaces that limit the functions that can be selected by a user?

Question797: Physical security is accomplished through proper facility construction, fire and water protection, anti-theft mechanisms, intrusion detection systems, and security procedures that are adhered to and enforced. Which of the following is not a component that achieves this type of security?

Question798: What is the maximum key size for the RC5 algorithm?

Question799: What is the difference between Advisory and Regulatory security policies?

Question800: What is the primary reason why some sites choose not to implement Trivial File Transfer Protocol (TFTP)?

Question801: Which of the following statements pertaining to the Bell-LaPadula is TRUE if you are NOT making use of the strong star property?

Question802: Which of the following results in the most devastating business interruptions?

Question803: What is the primary reason why some sites choose not to implement Trivial File Transfer Protocol (TFTP)?

Question804: The Data Encryption Algorithm performs how many rounds of substitution and permutation?

Question805: Which of the following is not a component of a Operations Security "triples"?

Question806: When a station communicates on the network for the first time, which of the following protocol would search for and find the Internet Protocol (IP) address that matches with a known Ethernet address?

Question807: Authentication Headers (AH) and Encapsulating Security Payload (ESP) protocols are the driving force of IPSec. Authentication Headers (AH) provides the following service except:

Question808: Which of the following is most concerned with personnel security?

Question809: To be admissible in court, computer evidence must be which of the following?

Question810: Is the person who is attempting to log on really who they say they are? What form of access control does this questions stem from?

Question811: What setup should an administrator use for regularly testing the strength of user passwords?

Question812: Which of the following statements pertaining to access control is false?

Question813: What uses a key of the same length as the message where each bit or character from the plaintext is encrypted by a modular addition?

Question814: A true network security audit does include an audit for modems?

Question815: What is defined as the hardware, firmware and software elements of a trusted computing base that implement the reference monitor concept?

Question816: Which disaster recovery plan test involves functional representatives meeting to review the plan in detail?

Question817: Which of the following can be used as a covert channel?

Question818: This is a common security issue that is extremely hard to control in large environments. It occurs when a user has more computer rights, permissions, and access than what is required for the tasks the user needs to fulfill.
What best describes this scenario?

Question819: What is the primary difference between FTP and TFTP?

Question820: IT security measures should:

Question821: Which xDSL flavour can deliver up to 52 Mbps downstream over a single copper twisted pair?

Question822: What algorithm has been selected as the AES algorithm, replacing the DES algorithm?

Question823: Which of the following statements pertaining to biometrics is FALSE?

Question824: Which of the following is a problem regarding computer investigation issues?

Question825: Which of the following types of Intrusion Detection Systems uses behavioral characteristics of a system's operation or network traffic to draw conclusions on whether the traffic represents a risk to the network or host?

Question826: What is the primary goal of setting up a honeypot?

Question827: A business continuity plan should list and prioritize the services that need to be brought back after a disaster strikes. Which of the following services is more likely to be of primary concern in the context of what your Disaster Recovery Plan would include?

Question828: Which of the following is based on the premise that the quality of a software product is a direct function of the quality of its associated software development and maintenance processes?

Question829: Which of the following would best classify as a management control?

Question830: What can be described as an imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?

Question831: Virus scanning and content inspection of SMIME encrypted e-mail without doing any further processing is:

Question832: Which of the following was designed as a more fault-tolerant topology than Ethernet, and very resilient when properly implemented?

Question833: Which access control type has a central authority that determine to what objects the subjects have access to and it is based on role or on the organizational security policy?

Question834: Knowledge-based Intrusion Detection Systems (IDS) are more common than:

Question835: Which of the following should NOT be performed by an operator?

Question836: How often should a Business Continuity Plan be reviewed?

Question837: Similar to Secure Shell (SSH-2), Secure Sockets Layer (SSL) uses symmetric encryption for encrypting the bulk of the data being sent over the session and it uses asymmetric or public key cryptography for:

Question838: Which of the following is used to find the Media Access Control address (MAC) that matches with a known Internet Protocol (IP) address?

Question839: Out of the steps listed below, which one is not one of the steps conducted during the Business Impact Analysis (BIA)?

Question840: Risk analysis is MOST useful when applied during which phase of the system development process?

Question841: In stateful inspection firewalls, packets are:

Question842: Define the term tuple.

Question843: Volatile memory is referred to as ROM.

Question844: What security model is dependent on security labels?

Question845: Which of the following is addressed by Kerberos?

Question846: Which of the following statements relating to the Bell-LaPadula security model is FALSE (assuming the Strong Star property is not being used) ?

Question847: Which of the following was developed by the National Computer Security Center (NCSC) for the US Department of Defense ?

Question848: Which of the following statements pertaining to software testing approaches is correct?

Question849: What enables a workstation to boot without requiring a hard or floppy disk drive?

Question850: Which of the following is most affected by denial-of-service (DOS) attacks?

Question851: If an operating system permits shared resources such as memory to be used sequentially by multiple users/application or subjects without a refresh of the objects/memory area, what security problem is MOST likely to exist?

Question852: Which port does the Post Office Protocol Version 3 (POP3) make use of?

Question853: Which of the following access control models requires defining classification for objects?

Question854: You have been tasked to develop an effective information classification program. Which one of the following steps should be performed first?

Question855: In an online transaction processing system (OLTP), which of the following actions should be taken when erroneous or invalid transactions are detected?

Question856: The communications products and services, which ensure that the various components of a network (such as devices, protocols, and access methods) work together refers to:

Question857: Which of the following can prevent hijacking of a web session?

Question858: How long are IPv4 addresses?

Question859: What is called the use of technologies such as fingerprint, retina, and iris scans to authenticate the individuals requesting access to resources?

Question860: What can be defined as an instance of two different keys generating the same ciphertext from the same plaintext?

Question861: What is NOT an authentication method within IKE and IPsec?

Question862: What algorithm has been selected as the AES algorithm, replacing the DES algorithm?

Question863: Who can best decide what are the adequate technical security controls in a computer-based application system in regards to the protection of the data being used, the criticality of the data, and it's sensitivity level ?

Question864: Which of the following is true related to network sniffing?

Question865: What is a common problem when using vibration detection devices for perimeter control?

Question866: As per the Orange Book, what are two types of system assurance?

Question867: A confidential number used as an authentication factor to verify a user's identity is called a:

Question868: Which of the following statements pertaining to PPTP (Point-to-Point Tunneling Protocol) is incorrect?

Question869: At which layer of ISO/OSI does the fiber optics work?

Question870: Which of the following is NOT an example of an operational control?

Question871: Which of the following biometric devices has the lowest user acceptance level?

Question872: In the statement below, fill in the blank:
Law enforcement agencies must get a warrant to search and seize an individual's property, as stated in the
_____ Amendment.

Question873: Which of the following is defined as an Internet, IPsec, key-establishment protocol, partly based on OAKLEY, that is intended for putting in place authenticated keying material for use with ISAKMP and for other security associations?

Question874: Which of the following is a CHARACTERISTIC of a decision support system (DSS) in regards to Threats and Risks Analysis?

Question875: For which areas of the enterprise are business continuity plans required?

Question876: Which of the following devices enables more than one signal to be sent out simultaneously over one physical circuit?

Question877: A confidential number used as an authentication factor to verify a user's identity is called a:

Question878: Which of the following is true of network security?

Question879: Which of the following can be defined as the process of rerunning a portion of the test scenario or test plan to ensure that changes or corrections have not introduced new errors?

Question880: Several analysis methods can be employed by an IDS, each with its own strengths and weaknesses, and their applicability to any given situation should be carefully considered. There are two basic IDS analysis methods that exists. Which of the basic method is more prone to false positive?

Question881: What can be defined as an instance of two different keys generating the same ciphertext from the same plaintext?

Question882: Which of the following is an extension to Network Address Translation that permits multiple devices providing services on a local area network (LAN) to be mapped to a single public IP address?

Question883: Which of the following is not a component of a Operations Security "triples"?

Question884: In the course of responding to and handling an incident, you work on determining the root cause of the incident. In which step are you in?

Question885: A contingency plan should address:

Question886: What type of software can be used to prevent, detect (and possibly correct) malicious activities on a system?

Question887: Which of the following was developed as a simple mechanism for allowing simple network terminals to load their operating system from a server over the LAN?

Question888: What IDS approach relies on a database of known attacks?

Question889: Which of the following is NOT and encryption algorithm?

Question890: Which of the following is an Internet IPsec protocol to negotiate, establish, modify, and delete security associations, and to exchange key generation and authentication data, independent of the details of any specific key generation technique, key establishment protocol, encryption algorithm, or authentication mechanism?

Question891: Which of the following statements pertaining to VPN protocol standards is false?

Question892: Which one of the following factors is NOT one on which Authentication is based?

Question893: CORRECT TEXT
______________ is a high speed data routing technology also known as X.25.

Question894: What layer of the OSI/ISO model does Point-to-point tunnelling protocol (PPTP) work at?

Question895: A server cluster looks like a:

Question896: If your property Insurance has Replacement Cost Valuation (RCV) clause your damaged property will be compensated:

Question897: Which of the following Kerberos components holds all users' and services' cryptographic keys?

Question898: Which of the following prevents, detects, and corrects errors so that the integrity, availability, and confidentiality of transactions over networks may be maintained?

Question899: In Discretionary Access Control the subject has authority, within certain limitations,

Question900: Which type of encryption is considered to be unbreakable if the stream is truly random and is as large as the plaintext and never reused in whole or part?

Question901: Which of the following are NOT a countermeasure to traffic analysis?

Question902: Controls like guards and general steps to maintain building security, securing of server rooms or laptops, the protection of cables, and usage of magnetic switches on doors and windows are some of the examples of:

Question903: What is the greatest danger from DHCP?

Question904: What is the greatest danger from DHCP?

Question905: Secure Shell (SSH-2) provides all the following services except:

Question906: Which of the following is the most reliable authentication method for remote access?

Question907: Which of the following proves or disproves a specific act through oral testimony based on information gathered through the witness's five senses?

Question908: What is the proper term to refer to a single unit of Ethernet data at the link layer of the DoD TCP model ?

Question909: The typical computer fraudsters are usually persons with which of the following characteristics?

Question910: Unclassified, Private, Confidential, Secret, Top Secret, and Internal Use Only are levels of

Question911: Which of the following categories of hackers poses the greatest threat?

Question912: Which of the following BEST explains why computerized information systems frequently fail to meet the needs of users?

Question913: Which type of password provides maximum security because a new password is required for each new log-on?

Question914: Which of the following services is NOT provided by the digital signature standard (DSS)?

Question915: Related to information security, confidentiality is the opposite of which of the following?

Question916: Information security policies are a ___________________.

Question917: Preservation of confidentiality within information systems requires that the information is not disclosed to:

Question918: In biometric identification systems, at the beginning, it was soon apparent that truly positive identification could only be based on :

Question919: This type of attack is generally most applicable to public-key cryptosystems, what type of attack am I ?

Question920: What does it mean to say that sensitivity labels are "incomparable"?

Question921: During the salvage of the Local Area Network and Servers, which of the following steps would normally be performed first?

Question922: What can be described as a measure of the magnitude of loss or impact on the value of an asset?

Question923: When preparing a business continuity plan, who of the following is responsible for identifying and prioritizing time-critical systems?

Question924: Which of the following protocols is designed to send individual messages securely?

Question925: A momentary high voltage is a:

Question926: In the context of network enumeration by an outside attacker and possible Distributed Denial of Service (DDoS) attacks, which of the following firewall rules is not appropriate to protect an organization's internal network?

Question927: What can be described as an imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?

Question928: Which of the following access control models introduces user security clearance and data classification?

Question929: Which encryption algorithm is BEST suited for communication with handheld wireless devices?

Question930: Which of the following is a CHARACTERISTIC of a decision support system (DSS) in regards to Threats and Risks Analysis?

Question931: Devices that supply power when the commercial utility power system fails are called which of the following?

Question932: Which of the following is a telecommunication device that translates data from digital to analog form and back to digital?

Question933: Which of the following control pairing places emphasis on "soft" mechanisms that support the access control objectives?

Question934: Which of the following is a symmetric encryption algorithm?

Question935: In SSL/TLS protocol, what kind of authentication is supported when you establish a secure session between a client and a server?

Question936: Why should batch files and scripts be stored in a protected area?

Question937: What mechanism does a system use to compare the security labels of a subject and an object?

Question938: Which of the following statements pertaining to firewalls is incorrect?

Question939: Of the following, which is NOT a specific loss criteria that should be considered while developing a BIA?

Question940: Which of the following item would best help an organization to gain a common understanding of functions that are critical to its survival?

Question941: Which of the following is used to monitor network traffic or to monitor host audit logs in real time to determine violations of system security policy that have taken place?

Question942: What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?

Question943: Which of the following would best describe the difference between white-box testing and black-box testing?

Question944: Which of the following is not a DES mode of operation?

Question945: Which of the following is NOT a part of a risk analysis?

Question946: What is the main difference between computer abuse and computer crime?

Question947: What protocol is used to match an IP address to the appropriate hardware address of the packet's destination so it can be sent?

Question948: When a station communicates on the network for the first time, which of the following protocol would search for and find the Internet Protocol (IP) address that matches with a known Ethernet address?

Question949: Another example of Computer Incident Response Team (CIRT) activities is:

Question950: Which of the following statements pertaining to a security policy is incorrect?

Question951: A group of independent servers, which are managed as a single system, that provides higher availability, easier manageability, and greater scalability is:

Question952: Words appearing in the English dictionary are not considered to be good passwords, but words appearing in the French, Spanish, Italian, and Japanese dictionaries are not considered a risk.

Question953: Secure Shell (SSH-2) supports authentication, compression, confidentiality, and integrity, SSH is commonly used as a secure alternative to all of the following protocols below except:

Question954: Cryptography does not concern itself with which of the following choices?

Question955: The DES algorithm is an example of what type of cryptography?

Question956: In a stateful inspection firewall, data packets are captured by an inspection engine that is operating at the:

Question957: Which of the following is true of two-factor authentication?

Question958: What is the PRIMARY use of a password?

Question959: The Trusted Computer Security Evaluation Criteria book (TCSEC) defines two types of assurance. What are they? (Choose two)

Question960: Which of the following is true about link encryption?

Question961: What does the (star) property mean in the Bell-LaPadula model?

Question962: What protocol is used on the Local Area Network (LAN) to obtain an IP address from it's known MAC address?

Question963: In the UTP category rating, the tighter the wind:

Question964: Which of the following would be MOST important to guarantee that the computer evidence will be admissible in court?

Question965: Which of the following Kerberos components holds all users' and services' cryptographic keys?

Question966: Which of the following protects Kerberos against replay attacks?

Question967: Controls are implemented to:

Question968: How many bits is the effective length of the key of the Data Encryption Standard algorithm?

Question969: Which of the following centralized access control mechanisms is the least appropriate for mobile workers accessing the corporate network over analog lines?

Question970: Which of the following statements pertaining to block ciphers is incorrect?

Question971: Brute force attacks against encryption keys have increased in potency because of increased computing power.
Which of the following is often considered a good protection against the brute force cryptography attack?

Question972: Which of the following is NOT an administrative control?

Question973: CORRECT TEXT
The two categories of threats are natural and ___________.

Question974: Which of the following is an example of discretionary access control?

Question975: Masquerading is synonymous with __________.

Question976: What is called the formal acceptance of the adequacy of a system's overall security by the management?

Question977: Which of the following is NOT a characteristic of a host-based intrusion detection system?

Question978: Which of the following would best describe secondary evidence?

Question979: CORRECT TEXT
______________ relates to the concept of protecting data from unauthorized users.

Question980: Cable modems are less secure than DSL connections because cable modems are shared with other subscribers?

Question981: Which of the following statements pertaining to Secure Sockets Layer (SSL) is false?

Question982: What can best be defined as the sum of protection mechanisms inside the computer, including hardware, firmware and software?

Question983: Secure Shell (SSH-2) supports authentication, compression, confidentiality, and integrity, SSH is commonly used as a secure alternative to all of the following protocols below except:

Question984: The following is NOT a security characteristic we need to consider while choosing a biometric identification systems:

Question985: What key size is used by the Clipper Chip?

Question986: One purpose of a security awareness program is to modify:

Question987: Only law enforcement personnel are qualified to do computer forensic investigations.

Question988: Which of the following is a method of multiplexing data where a communication channel is divided into an arbitrary number of variable bit-rate digital channels or data streams. This method allocates bandwidth dynamically to physical channels having information to transmit?

Question989: Encapsulating Security Payload (ESP) provides some of the services of Authentication Headers (AH), but it is primarily designed to provide:

Question990: Sensitivity labels are an example of what application control type?