Question1: Which of the following type of traffic can easily be filtered with a stateful packet filter by enforcing the context or state of the request?
Question2: A program that intentionally leaves a security hole or covert method of access is referred to as a ___________.
Question3: Which of the following security models does NOT concern itself with the flow of data?
Question4: The IP header contains a protocol field. If this field contains the value of 6, what type of data is contained within the ip datagram?
Question5: Which of the following is NOT a form of detective administrative control?
Question6: What are the three performance measurements used in biometrics?<br>(Choose three)
Question7: A prolonged complete loss of electric power is a:
Question8: Which of the following is unlike the other three choices presented?
Question9: Which OSI/ISO layers are TCP and UDP implemented at?
Question10: A proxy can control which services (FTP and so on) are used by a workstation , and also aids in protecting the network from outsiders who may be trying to get information about the:
Question11: Which one of the following represents an ALE calculation?
Question12: Detective/Technical measures:
Question13: Which of the following assertions is NOT true about pattern matching and anomaly detection in intrusion detection?
Question14: Which of the following BEST describes a function relying on a shared secret key that is used along with a hashing algorithm to verify the integrity of the communication content as well as the sender?
Question15: Which of the following was developed by the National Computer Security Center (NCSC) for the US Department of Defense ?
Question16: Which of the following is true about link encryption?
Question17: Organizations should not view disaster recovery as which of the following?
Question18: Which one of the following is usually not a benefit resulting from the use of firewalls?
Question19: Which of the following service is a distributed database that translate host name to IP address to IP address to host name?
Question20: Which of the following BEST explains why computerized information systems frequently fail to meet the needs of users?
Question21: What is called the access protection system that limits connections by calling back the number of a previously authorized location?
Question22: Which type of control is concerned with restoring controls?
Question23: Network-based Intrusion Detection systems:
Question24: What is the appropriate role of the security analyst in the application system development or acquisition project?
Question25: Which security model introduces access to objects only through programs?
Question26: The first step in the implementation of the contingency plan is to perform:
Question27: Within the legal domain what rule is concerned with the legality of how the evidence was gathered ?
Question28: Because all the secret keys are held and authentication is performed on the Kerberos TGS and the authentication servers, these servers are vulnerable to:
Question29: What does "residual risk" mean?
Question30: The major objective of system configuration management is which of the following?
Question31: A code, as is pertains to cryptography:
Question32: Which of the following control pairing places emphasis on "soft" mechanisms that support the access control objectives?
Question33: Cryptography does not concern itself with which of the following choices?
Question34: A central authority determines what subjects can have access to certain objects based on the organizational security policy is called:
Question35: A public key algorithm that does both encryption and digital signature is which of the following?
Question36: Which of the following protocols is designed to send individual messages securely?
Question37: Which of the following refers to the data left on the media after the media has been erased?
Question38: Which of the following does not address Database Management Systems (DBMS) Security?
Question39: A _________ is an information path that is not normally used for communication within a computer system. It is not protected by the any of the systems security mechanisms.
Question40: Cryptography does NOT help in:
Question41: Which of the following best describes the purpose of debugging programs?
Question42: What is the name for a substitution cipher that shifts the alphabet by 13 places?
Question43: Which of the following is covered under Crime Insurance Policy Coverage?
Question44: In order to be able to successfully prosecute an intruder:
Question45: Which of the following computer crime is MORE often associated with INSIDERS?
Question46: In Discretionary Access Control the subject has authority, within certain limitations,
Question47: Which of the following are required for Life-Cycle Assurance?
Question48: Which of the following statements pertaining to biometrics is FALSE?
Question49: Which must bear the primary responsibility for determining the level of protection needed for information systems resources?
Question50: Which is the last line of defense in a physical security sense?
Question51: Recovery Site Strategies for the technology environment depend on how much downtime an organization can tolerate before the recovery must be completed. What would you call a strategy where the alternate site is internal, standby ready, with all the technology and equipment necessary to run the applications?
Question52: Which disaster recovery plan test involves functional representatives meeting to review the plan in detail?
Question53: Which of the following statements pertaining to Secure Sockets Layer (SSL) is false?
Question54: CORRECT TEXT
A type of virus that resides in a Word or Excel document is called a ___________ virus?
Question55: Which of the following best defines source routing?
Question56: Which of the following would best define a digital envelope?
Question57: An area of the Telecommunications and Network Security domain that directly affects the Information Systems Security tenet of Availability can be defined as:
Question58: Which of the following is not a logical control when implementing logical access security?
Question59: A confidential number used as an authentication factor to verify a user's identity is called a:
Question60: Packet Filtering Firewalls examines both the source and destination address of the:
Question61: Network-based Intrusion Detection systems:
Question62: Under United States law, an investigator's notebook may be used in court in which of the following scenarios?
Question63: A proxy is considered a:
Question64: Sensitivity labels are an example of what application control type?
Question65: Which of the following devices enables more than one signal to be sent out simultaneously over one physical circuit?
Question66: Which of the following phases of a system development life-cycle is most concerned with maintaining proper authentication of users and processes to ensure appropriate access control decisions?
Question67: Which of the following is an advantage of prototyping?
Question68: Because all the secret keys are held and authentication is performed on the Kerberos TGS and the authentication servers, these servers are vulnerable to:
Question69: What is the primary role of smartcards in a PKI?
Question70: Which of the following statements pertaining to quantitative risk analysis is false?
Question71: A security policy is a rigid set of rules that must be followed explicitly in order to be effective.
Question72: Out of the steps listed below, which one is not one of the steps conducted during the Business Impact Analysis (BIA)?
Question73: EDI (Electronic Data Interchange) differs from e-Commerce in that ___________________.
Question74: The end result of implementing the principle of least privilege means which of the following?
Question75: Which of the following could be BEST defined as the likelihood of a threat agent taking advantage of a vulnerability?
Question76: Which of the following best describes what would be expected at a "hot site"?
Question77: Which division of the Orange Book deals with discretionary protection (need-to-know)?
Question78: Which IPSec operational mode encrypts the entire data packet (including header and data) into an IPSec packet?
Question79: Configuration Management controls what?
Question80: Which of the following protocols is designed to send individual messages securely?
Question81: What is the main characteristic of a multi-homed host?
Question82: Sensitivity labels are an example of what application control type?
Question83: FTP, TFTP, SNMP, and SMTP are provided at what level of the Open Systems Interconnect (OSI) Reference Model?
Question84: Which of the following best defines add-on security?
Question85: What is called an event or activity that has the potential to cause harm to the information systems or networks?
Question86: Which of the following reviews system and event logs to detect attacks on the host and determine if the attack was successful?
Question87: Some Unix systems use a very simple cipher called _________.
Question88: Which of the following choice is NOT normally part of the questions that would be asked in regards to an organization's information security policy?
Question89: Which of the following is an advantage in using a bottom-up versus a top-down approach to software testing?
Question90: Who is responsible for providing reports to the senior management on the effectiveness of the security controls?
Question91: Which of the following would best describe certificate path validation?
Question92: In regards to information classification what is the main responsibility of information (data) owner?
Question93: Which of the following statements pertaining to message digests is incorrect?
Question94: What is called an automated means of identifying or authenticating the identity of a living person based on physiological or behavioral characteristics?
Question95: Similar to Secure Shell (SSH-2), Secure Sockets Layer (SSL) uses symmetric encryption for encrypting the bulk of the data being sent over the session and it uses asymmetric or public key cryptography for:
Question96: Related to information security, the guarantee that the message sent is the message received with the assurance that the message was not intentionally or unintentionally altered is an example of which of the following?
Question97: In order to ensure the privacy and integrity of the data, connections between firewalls over public networks should use:
Question98: This type of supporting evidence is used to help prove an idea or a point, however It cannot stand on its own, it is used as a supplementary tool to help prove a primary piece of evidence. What is the name of this type of evidence?
Question99: Which of the following groups represents the leading source of computer crime losses?
Question100: What refers to legitimate users accessing networked services that would normally be restricted to them?
Question101: Smart cards are a secure alternative to which weak security mechanism?
Question102: Which of the following can be best defined as computing techniques for inseparably embedding unobtrusive marks or labels as bits in digital data and for detecting or extracting the marks later?
Question103: Which of the following statements pertaining to disaster recovery is incorrect?
Question104: Which access control model would a lattice-based access control model be an example of?
Question105: Which of the following would be used to detect and correct errors so that integrity and confidentiality of transactions over networks may be maintained while preventing unauthorize interception of the traffic?
Question106: A momentary high voltage is a:
Question107: Which of the concepts best describes Availability in relation to computer resources?
Question108: Failure of a contingency plan is usually:
Question109: The Orange Book states that "Hardware and software features shall be provided that can be used to periodically validate the correct operation of the on-site hardware and firmware elements of the TCB [Trusted Computing Base]." This statement is the formal requirement for:
Question110: Which of the following was developed as a simple mechanism for allowing simple network terminals to load their operating system from a server over the LAN?
Question111: In an online transaction processing system (OLTP), which of the following actions should be taken when erroneous or invalid transactions are detected?
Question112: Which of the following is NOT a characteristic or shortcoming of packet filtering gateways?
Question113: What is the name of the third party authority that vouches for the binding between the data items in a digital certificate?
Question114: Which access control model is best suited in an environment where a high security level is required and where it is desired that only the administrator grants access control?
Question115: Of the reasons why a Disaster Recovery plan gets outdated, which of the following is not true?
Question116: Which of the following best allows risk management results to be used knowledgeably?
Question117: Which of the following teams should NOT be included in an organization's contingency plan?
Question118: The Terminal Access Controller Access Control System (TACACS) employs which of the following?
Question119: Which of the following transmission media would NOT be affected by cross talk or interference?
Question120: Which of the following would assist the most in Host Based intrusion detection?
Question121: Which of the following statements pertaining to disk mirroring is incorrect?
Question122: Which of the following DoD Model layer provides non-repudiation services?
Question123: Which of the following is most relevant to determining the maximum effective cost of access control?
Question124: Who should measure the effectiveness of Information System security related controls in an organization?
Question125: What is the essential difference between a self-audit and an independent audit?
Question126: Which of the following is BEST defined as a physical control?
Question127: Which of the following is the core of fiber optic cables made of?
Question128: Which TCSEC class specifies discretionary protection?
Question129: What is the main objective of proper separation of duties?
Question130: Asynchronous Communication transfers data by sending:
Question131: What can best be defined as a strongly protected computer that is in a network protected by a firewall (or is part of a firewall) and is the only host (or one of only a few hosts) in the network that can be directly accessed from networks on the other side of the firewall?
Question132: Which of the following should NOT be performed by an operator?
Question133: Which protocol makes USE of an electronic wallet on a customer's PC and sends encrypted credit card information to merchant's Web server, which digitally signs it and sends it on to its processing bank?
Question134: Which device acting as a translator is used to connect two networks or applications from layer 4 up to layer 7 of the ISO/OSI Model?
Question135: Within the context of the CBK, which of the following provides a MINIMUM level of security ACCEPTABLE for an environment ?
Question136: Which of the following IEEE standards defines the token ring media access method?
Question137: Transport Layer Security (TLS) is a two-layered socket layer security protocol that contains the TLS Record Protocol and the::
Question138: What would be considered the biggest drawback of Host-based Intrusion Detection systems (HIDS)?
Question139: Which of the following is NOT a correct notation for an IPv6 address?
Question140: Which of the following statements pertaining to message digests is incorrect?
Question141: Which of the following is the best reason for the use of an automated risk analysis tool?
Question142: What can be defined as a digital certificate that binds a set of descriptive data items, other than a public key, either directly to a subject name or to the identifier of another certificate that is a public-key certificate?
Question143: Which of the following would be the MOST serious risk where a systems development life cycle methodology is inadequate?
Question144: The DES algorithm is an example of what type of cryptography?
Question145: CORRECT TEXT
NIPC stands for _____ _____ _____ ______ and is a government organization designed to help protect our nation's vital information resources.
Question146: When an outgoing request is made on a port number greater than 1023, this type of firewall creates an ACL to allow the incoming reply on that port to pass:
Question147: How would an IP spoofing attack be best classified?
Question148: What is called the percentage of valid subjects that are falsely rejected by a Biometric Authentication system?
Question149: Countermeasures have three main objectives, what are they? (Choose all that apply)
Question150: How should a risk be HANDLED when the cost of the countermeasure OUTWEIGHS the cost of the risk?
Question151: Access control is the collection of mechanisms that permits managers of a system to exercise a directing or restraining influence over the behavior, use, and content of a
system. It does not permit management to:
Question152: Which of the following is best at defeating frequency analysis?
Question153: Which of the following is a disadvantage of a statistical anomaly-based intrusion detection system?
Question154: What attribute is included in a X.509-certificate?
Question155: What is NOT true about a one-way hashing function?
Question156: Of the following, which is NOT a specific loss criteria that should be considered while developing a BIA?
Question157: Which of the following is NOT a defined ISO basic task related to network management?
Question158: An attack initiated by an entity that is authorized to access system resources but uses them in a way not approved by those who granted the authorization is known as a(n):
Question159: What is the most secure way to dispose of information on a CD-ROM?
Question160: What is a hot-site facility?
Question161: Public Key Infrastructure (PKI) uses asymmetric key encryption between parties. The originator encrypts information using the intended recipient's "public" key in order to get confidentiality of the data being sent. The recipients use their own "private" key to decrypt the information. The "Infrastructure" of this methodology ensures that:
Question162: Which of the following statements pertaining to Asynchronous Transfer Mode (ATM) is false?
Question163: Which of the following statements pertaining to key management is incorrect?
Question164: What does the simple integrity axiom mean in the Biba model?
Question165: Which of the following monitors network traffic in real time?
Question166: Which of the following attacks could capture network user passwords?
Question167: Which of the following is the most important consideration in locating an alternate computing facility during the development of a disaster recovery plan?
Question168: Which of the following elements of telecommunications is not used in assuring confidentiality?
Question169: What does the (star) property mean in the Bell-LaPadula model?
Question170: Which of the following is the most secure firewall implementation?
Question171: Which of the following statements pertaining to link encryption is false?
Question172: This type of attack is generally most applicable to public-key cryptosystems, what type of attack am I ?
Question173: Considerations of privacy, invasiveness, and psychological and physical comfort when using the system are important elements for which of the following?
Question174: The standard server port number for HTTP is which of the following?
Question175: When a biometric system is used, which error type deals with the possibility of GRANTING access to impostors who should be REJECTED?
Question176: Which of the following protocols suite does the Internet use?
Question177: What is the role of IKE within the IPsec protocol?
Question178: In biometrics, "one-to-many" search against database of stored biometric images is done in:
Question179: Complete the blanks. When using PKI, I digitally sign a message using my ______ key. The recipient verifies my signature using my ______ key.
Question180: Which of following is not a service provided by AAA servers (Radius, TACACS and DIAMETER)?
Question181: Which of the following is NOT a VPN communications protocol standard?
Question182: Which of the following is an issue with signature-based intrusion detection systems?
Question183: Which of the following is the primary security feature of a proxy server?
Question184: Which method of password cracking takes the most time and effort?
Question185: Which of the following best corresponds to the type of memory addressing where the address location that is specified in the program instruction contains the address of the final desired location?
Question186: What is called the percentage of valid subjects that are falsely rejected by a Biometric Authentication system?
Question187: What is the primary goal of setting up a honeypot?
Question188: What is the main problem of the renewal of a root CA certificate?
Question189: Of the reasons why a Disaster Recovery plan gets outdated, which of the following is not true?
Question190: Organizations should consider which of the following first before allowing external access to their LANs via the Internet?
Question191: During which phase of an IT system life cycle are security requirements developed?
Question192: Which of the following is less likely to be included in the change control sub-phase of the maintenance phase of a software product?
Question193: Which of the following remote access authentication systems is the most robust?
Question194: A trusted system does NOT involve which of the following?
Question195: Organizations should consider which of the following first before allowing external access to their LANs via the Internet?
Question196: Rule-Based Access Control (RuBAC) access is determined by rules. Such rules would fit within what category of access control ?
Question197: In response to Access-request from a client such as a Network Access Server (NAS), which of the following is not one of the response from a RADIUS Server?
Question198: What security control provides a method to insure that a transaction did or did not occur?
Question199: What is the framing specification used for transmitting digital signals at 1.544 Mbps on a T1 facility?
Question200: CORRECT TEXT
__________ is a tool used by network administrators to capture packets from a network.
Question201: Contracts and agreements are often times unenforceable or hard to enforce in which of the following alternate facility recovery agreement?
Question202: Which of the following is a method of multiplexing data where a communication channel is divided into an arbitrary number of variable bit-rate digital channels or data streams. This method allocates bandwidth dynamically to physical channels having information to transmit?
Question203: Making sure that the data has not been changed unintentionally, due to an accident or malice is:
Question204: Which of the following is the most reliable, secure means of removing data from magnetic storage media such as a magnetic tape, or a cassette?
Question205: How do you distinguish between a bridge and a router?
Question206: In a SSL session between a client and a server, who is responsible for generating the master secret that will be used as a seed to generate the symmetric keys that will be used during the session?
Question207: Integrity = ______________
Question208: Which of the following is less likely to be used today in creating a Virtual Private Network?
Question209: In what type of attack does an attacker try, from several encrypted messages, to figure out the key used in the encryption process?
Question210: Which integrity model defines a constrained data item, an integrity verification procedure and a transformation procedure?
Question211: Which of the following packets should NOT be dropped at a firewall protecting an organization's internal network?
Question212: What does the simple security (ss) property mean in the Bell-LaPadula model?
Question213: Which of the following access control models requires security clearance for subjects?
Question214: Step-by-step instructions used to satisfy control requirements is called a:
Question215: Which of the following is NOT true concerning Application Control?
Question216: If any server in the cluster crashes, processing continues transparently, however, the cluster suffers some performance degradation. This implementation is sometimes called a:
Question217: What can be defined as a list of subjects along with their access rights that are authorized to access a specific object?
Question218: Which OSI/ISO layer is responsible for determining the best route for data to be transferred?
Question219: What is Kerberos?
Question220: Which Network Address Translation (NAT) is the most convenient and secure solution?
Question221: What is the framing specification used for transmitting digital signals at 1.544 Mbps on a T1 facility?
Question222: Which of the following best corresponds to the type of memory addressing where the address location that is specified in the program instruction contains the address of the final desired location?
Question223: Which of the following protocols does not operate at the data link layer (layer 2)?
Question224: What can be defined as a data structure that enumerates digital certificates that were issued to CAs but have been invalidated by their issuer prior to when they were scheduled to expire?
Question225: Which of the following should NOT be performed by an operator?
Question226: :Which of the following is considered the LEAST secure?
Question227: Which of the following is an example of an active attack?
Question228: Which of the following is a problem regarding computer investigation issues?
Question229: Which of the following is needed for System Accountability?
Question230: Which of the following are NOT a countermeasure to traffic analysis?
Question231: Which of the following forms of authentication would most likely apply a digital signature algorithm to every bit of data that is sent from the claimant to the verifier?
Question232: When considering an IT System Development Life-cycle, security should be:
Question233: Which of the following rules appearing in an Internet firewall policy is inappropriate?
Question234: Which of the following statements pertaining to quantitative risk analysis is false?
Question235: In biometric identification systems, the parts of the body conveniently available for identification are:
Question236: A timely review of system access audit records would be an example of which of the basic security functions?
Question237: Which of the following is NOT a proper component of Media Viability Controls?
Question238: Which of the following is not a responsibility of an information (data) owner?
Question239: Which of the following is not a preventive operational control?
Question240: Who first described the DoD multilevel military security policy in abstract, formal terms?
Question241: Which of the following countermeasures would be the most appropriate to prevent possible intrusion or damage from wardialing attacks?
Question242: All of the following can be considered essential business functions that should be identified when creating a Business Impact Analysis (BIA) except one. Which of the following would not be considered an essential element of the BIA but an important TOPIC to include within the BCP plan:
Question243: Similar to Secure Shell (SSH-2), Secure Sockets Layer (SSL) uses symmetric encryption for encrypting the bulk of the data being sent over the session and it uses asymmetric or public key cryptography for:
Question244: Which of the following tape formats can be used to backup data systems in addition to its original intended audio uses?
Question245: What level of assurance for a digital certificate verifies a user's name, address, social security number, and other information against a credit bureau database?
Question246: Which of the following is less likely to accompany a contingency plan, either within the plan itself or in the form of an appendix?
Question247: Which of the following statements pertaining to a security policy is incorrect?
Question248: A deviation from an organization-wide security policy requires which of the following?
Question249: Which of the following forms of authentication would most likely apply a digital signature algorithm to every bit of data that is sent from the claimant to the verifier?
Question250: Recovery Site Strategies for the technology environment depend on how much downtime an organization can tolerate before the recovery must be completed. What would you call a strategy where the alternate site is internal, standby ready, with all the technology and equipment necessary to run the applications?
Question251: Making sure that the data is accessible when and where it is needed is which of the following?
Question252: Which of the following test makes sure the modified or new system includes appropriate access controls and does not introduce any security holes that might compromise other systems?
Question253: Which of the following services relies on UDP?
Question254: Which of the following is an example of a connectionless communication protocol?
Question255: The ability to adjust access control to the exact amount of permission necessary is called ______________.
Question256: Which of the following is the best reason for the use of an automated risk analysis tool?
Question257: A timely review of system access audit records would be an example of which of the basic security functions?
Question258: Which of the following services relies on UDP?
Question259: Which backup method copies only files that have changed since the last full backup, but does not clear the archive bit?
Question260: Which of the following is not an encryption algorithm?
Question261: What is the act of obtaining information of a higher sensitivity by combining information from lower levels of sensitivity?
Question262: Access Control techniques do not include which of the following?
Question263: In the CIA triad, what does the letter A stand for?
Question264: Which type of attack involves the alteration of a packet at the IP level to convince a system that it is communicating with a known entity in order to gain access to a system?
Question265: Which of the following is the BEST way to detect software license violations?
Question266: The concept of best effort delivery is best associated with?
Question267: The three classic ways of authenticating yourself to the computer security software are: something you know, something you have, and something:
Question268: Within the OSI model, at what layer are some of the SLIP, CSLIP, PPP control functions provided?
Question269: The IP header contains a protocol field. If this field contains the value of 17, what type of data is contained within the ip datagram?
Question270: ___________________ is ultimately responsible for security and privacy violations.
Question271: What can best be defined as high-level statements, beliefs, goals and objectives?
Question272: Which of the following is NOT true of the Kerberos protocol?
Question273: The IP header contains a protocol field. If this field contains the value of 2, what type of data is contained within the IP datagram?
Question274: The session layer provides a logical persistent connection between peer hosts. Which of the following is one of the modes used in the session layer to establish this connection?
Question275: What is called an automated means of identifying or authenticating the identity of a living person based on physiological or behavioral characteristics?
Question276: When it comes to magnetic media sanitization, what difference can be made between clearing and purging information?
Question277: Secure Shell (SSH-2) supports authentication, compression, confidentiality, and integrity, SSH is commonly used as a secure alternative to all of the following protocols below except:
Question278: Who first described the DoD multilevel military security policy in abstract, formal terms?
Question279: What type of cable is used with 100Base-TX Fast Ethernet?
Question280: Guards are appropriate whenever the function required by the security program involves which of the following?
Question281: Which security model uses division of operations into different parts and requires different users to perform each part?
Question282: Making sure that the data has not been changed unintentionally, due to an accident or malice is:
Question283: Which of the following is commonly used for retrofitting multilevel security to a database management system?
Question284: Which of the following is true about Kerberos?
Question285: Which of the following statements pertaining to the security kernel is incorrect?
Question286: Which of the following is NOT a defined ISO basic task related to network management?
Question287: What mechanism automatically causes an alarm originating in a data center to be transmitted over the local municipal fire or police alarm circuits for relaying to both the local police/fire station and the appropriate headquarters?
Question288: What does the directive of the European Union on Electronic Signatures deal with?
Question289: Which of the following prevents, detects, and corrects errors so that the integrity, availability, and confidentiality of transactions over networks may be maintained?
Question290: A proxy is considered a:
Question291: Which xDSL flavour delivers both downstream and upstream speeds of 1.544 Mbps over two copper twisted pairs?
Question292: Which of the following would be best suited to oversee the development of an information security policy?
Question293: Which of the following is an example of One-Time Password technology? (Choose all that apply)
Question294: __________ attacks capitalize on programming errors and can allow the originator to gain additional privileges on a machine.
Question295: An Architecture where there are more than two execution domains or privilege levels is called:
Question296: What is called the formal acceptance of the adequacy of a system's overall security by the management?
Question297: While there are many different models for IT system life cycle most contain five unique phases. Which of the following would be the first phase?
Question298: Preservation of confidentiality within information systems requires that the information is not disclosed to:
Question299: Smart cards are an example of which type of control?
Question300: Technical controls such as encryption and access control can be built into the operating system, be software applications, or can be supplemental hardware/software units. Such controls, also known as logical controls, represent which pairing?
Question301: Which of the following is true about Kerberos?
Question302: Physically securing backup tapes from unauthorized access is obviously a security concern and is considered a function of the:
Question303: Which of the following elements of telecommunications is not used in assuring confidentiality?
Question304: Which of the following mechanisms was created to overcome the problem of collisions that occur on wired networks when traffic is simultaneously transmitted from different nodes?
Question305: How would nonrepudiation be best classified as?
Question306: Which of the following is the simplest type of firewall ?
Question307: Controls are implemented to:
Question308: When gathering digital evidence it is very important to do the following: (Choose all that apply)
Question309: Which of the following protocols that provide integrity and authentication for IPSec, can also provide non- repudiation in IPSec?
Question310: Which type of encryption is considered to be unbreakable if the stream is truly random and is as large as the plaintext and never reused in whole or part?
Question311: Which of the following is not a DES mode of operation?
Question312: What ensures that the control mechanisms correctly implement the security policy for the entire life cycle of an information system?
Question313: Which of the following is the WEAKEST authentication mechanism?
Question314: A group of independent servers, which are managed as a single system, that provides higher availability, easier manageability, and greater scalability is:
Question315: The high availability of multiple all-inclusive, easy-to-use hacking tools that do NOT require much technical knowledge has brought a growth in the number of which type of attackers?
Question316: Authentication Headers (AH) and Encapsulating Security Payload (ESP) protocols are the driving force of IPSec. Authentication Headers (AH) provides the following service except:
Question317: Which of the following is less likely to accompany a contingency plan, either within the plan itself or in the form of an appendix?
Question318: Which of the following specifically addresses cyber attacks against an organization's IT systems?
Question319: Which of the following is a CHARACTERISTIC of a decision support system (DSS) in regards to Threats and Risks Analysis?
Question320: Secure Shell (SSH-2) provides all the following services except:
Question321: Which of the following would be true about Static password tokens?
Question322: Which of the following would be the best reason for separating the test and development environments?
Question323: Once evidence is seized, a law enforcement officer should emphasize which of the following?
Question324: Much like the layers of an onion, ______________ is a comprehensive set of security solutions layered to provide the best protection.
Question325: The Orange Book is founded upon which security policy model?
Question326: Which of the following packets should NOT be dropped at a firewall protecting an organization's internal network?
Question327: MD5 is a ___________ algorithm
Question328: Contracts and agreements are often times unenforceable or hard to enforce in which of the following alternate facility recovery agreement?
Question329: What mechanism does a system use to compare the security labels of a subject and an object?
Question330: Which of the following control pairing places emphasis on "soft" mechanisms that support the access control objectives?
Question331: Which of the following is less likely to be used today in creating a Virtual Private Network?
Question332: Controls are implemented to:
Question333: What can best be defined as high-level statements, beliefs, goals and objectives?
Question334: Which of the following answers is described as a random value used in cryptographic algorithms to ensure that patterns are not created during the encryption process?
Question335: Physically securing backup tapes from unauthorized access is obviously a security concern and is considered a function of the:
Question336: Which of the following should be emphasized during the Business Impact Analysis (BIA) considering that the BIA focus is on business processes?
Question337: Which one of the following is used to provide authentication and confidentiality for e-mail messages?
Question338: Which of the following are required for Life-Cycle Assurance?
Question339: Which type of firewall can be used to track connectionless protocols such as UDP and RPC?
Question340: What is it called when a computer uses more than one CPU in parallel to execute instructions?
Question341: Under the Business Exemption Rule to the hearsay evidence, which of the following exceptions would have no bearing on the inadmissibility of audit logs and audit trails in a court of law?
Question342: Which of the following biometric devices has the lowest user acceptance level?
Question343: Who should measure the effectiveness of Information System security related controls in an organization?
Question344: How should a risk be HANDLED when the cost of the countermeasure OUTWEIGHS the cost of the risk?
Question345: Which expert system operating mode allows determining if a given hypothesis is valid?
Question346: In a SSL session between a client and a server, who is responsible for generating the master secret that will be used as a seed to generate the symmetric keys that will be used during the session?
Question347: Attributable data should be:
Question348: Which of the following layers provides end-to-end data transfer service?
Question349: CORRECT TEXT
When an employee leaves the company, their network access account should be __________?
Question350: Physical security is accomplished through proper facility construction, fire and water protection, anti-theft mechanisms, intrusion detection systems, and security procedures that are adhered to and enforced.
Which of the following is not a component that achieves this type of security?
Question351: The Diffie-Hellman algorithm is used for:
Question352: What is a packet sniffer?
Question353: Which of the following is best defined as an administrative declaration by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards?
Question354: Which of the following addresses a portion of the primary memory by specifying the actual address of the memory location?
Question355: In discretionary access environments, which of the following entities is authorized to grant information access to other people?
Question356: In the context of network enumeration by an outside attacker and possible Distributed Denial of Service (DDoS) attacks, which of the following firewall rules is not appropriate to protect an organization's internal network?
Question357: _______ and ________ are the primary controls of most access control systems.<br>(Choose two)
Question358: A Business Continuity Plan should be tested:
Question359: A server cluster looks like a:
Question360: What is the MOST critical piece to disaster recovery and continuity planning?
Question361: As per the Orange Book, what are two types of system assurance?
Question362: Secure Sockets Layer (SSL) is very heavily used for protecting which of the following?
Question363: In a Public Key Infrastructure, how are public keys published?
Question364: Which of the following statements pertaining to Kerberos is TRUE?
Question365: In which of the following security models is the subject's clearance compared to the object's classification such that specific rules can be applied to control how the subject-to-object interactions take place?
Question366: Which of the following is not a component of a Operations Security "triples"?
Question367: Identification and authentication are the keystones of most access control systems. Identification establishes:
Question368: The IP header contains a protocol field. If this field contains the value of 2, what type of data is contained within the IP datagram?
Question369: Business Continuity and Disaster Recovery Planning (Primarily) addresses the:
Question370: Which of the following is an Internet IPsec protocol to negotiate, establish, modify, and delete security associations, and to exchange key generation and authentication data, independent of the details of any specific key generation technique, key establishment protocol, encryption algorithm, or authentication mechanism?
Question371: A momentary power outage is a:
Question372: Which of following is not a service provided by AAA servers (Radius, TACACS and DIAMETER)?
Question373: CORRECT TEXT
Accounting, __________, and ____________ are the AAAs of information security.
Question374: What is called a sequence of characters that is usually longer than the allotted number for a password?
Question375: What is the maximum length of cable that can be used for a twisted-pair, Category 5 10Base-T cable?
Question376: Which access control model provides upper and lower bounds of access capabilities for a subject?
Question377: Which of the following is NOT a technique used to perform a penetration test?
Question378: Another name for a VPN is a:
Question379: Which of the following statements pertaining to stream ciphers is correct?
Question380: The control of communications test equipment should be clearly addressed by security policy for which of the following reasons?
Question381: Domain Name Service is a distributed database system that is used to map:
Question382: Which of the following would be an example of the best password?
Question383: A potential problem related to the physical installation of the Iris Scanner in regards to the usage of the iris pattern within a biometric system is:
Question384: Which access model is most appropriate for companies with a high employee turnover?
Question385: The throughput rate is the rate at which individuals, once enrolled, can be processed and identified or authenticated by a biometric system. Acceptable throughput rates are in the range of:
Question386: Which of the following cannot be undertaken in conjunction or while computer incident handling is ongoing?
Question387: This baseline sets certain thresholds for specific errors or mistakes allowed and the amount of these occurrences that can take place before it is considered suspicious?
Question388: What is defined as the hardware, firmware and software elements of a trusted computing base that implement the reference monitor concept?
Question389: Which of the following protection devices is used for spot protection within a few inches of the object, rather than for overall room security monitoring?
Question390: An Architecture where there are more than two execution domains or privilege levels is called:
Question391: Sensitivity labels are an example of what application control type?
Question392: _____________ states that users should only be given enough access to accomplish their jobs.
Question393: While using IPsec, the ESP and AH protocols both provides integrity services. However when using AH, some special attention needs to be paid if one of the peers uses NAT for address translation service. Which of the items below would affects the use of AH and it´s Integrity Check Value (ICV) the most?
Question394: Which type of attack consists of modifying the length and fragmentation offset fields in sequential IP packets?
Question395: Which communication method is characterized by very high speed transmission rates that are governed by electronic clock timing signals?
Question396: What is a big difference between Java Applets and Active X controls?
Question397: Crime Prevention Through Environmental Design (CPTED) is a discipline that:
Question398: Which of the following embodies all the detailed actions that personnel are required to follow?
Question399: All hosts on an IP network have a logical ID called a(n):
Question400: Why is traffic across a packet switched network difficult to monitor?
Question401: What is called an automated means of identifying or authenticating the identity of a living person based on physiological or behavioral characteristics?
Question402: What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
Question403: Only law enforcement personnel are qualified to do computer forensic investigations.
Question404: Which of the following terms can be described as the process to conceal data into another file or media in a practice known as security through obscurity?
Question405: FTP, TFTP, SNMP, and SMTP are provided at what level of the Open Systems Interconnect (OSI) Reference Model?
Question406: Which of the following would NOT violate the Due Diligence concept?
Question407: Which encryption algorithm is BEST suited for communication with handheld wireless devices?