Topic 12: NEW QUESTIONS A
An Intrusion Detection System (IDS) has recently been deployed in a Demilitarized Zone
(DMZ). The IDS detects a flood of malformed packets. Which of the following BEST
describes what has occurred?
A.
Denial of Service (DoS) attack
B.
Address Resolution Protocol (ARP) spoof
C.
Buffer overflow
D.
Ping flood attack
Denial of Service (DoS) attack
In order to assure authenticity, which of the following are required?
A.
Confidentiality and authentication
B.
Confidentiality and integrity
C.
Authentication and non-repudiation
D.
Integrity and non-repudiation
Integrity and non-repudiation
Match the types of e-authentication tokens to their description.
Drag each e-authentication token on the left to its corresponding description on the right.
Which of the following would BEST describe the role directly responsible for data within an
organization?
A.
Data custodian
B.
Information owner
C.
Database administrator
D.
Quality control
Data custodian
The use of private and public encryption keys is fondamental in the implementation of
which of the following?
A.
Diffie-Hellman algorithm
B.
Message Digest 5 (ND5)
C.
Secure Sockets Layer (SSL)
D.
Advanced Encryption Standard (AES)
Secure Sockets Layer (SSL)
Which of the following alarm systems is recommended to detect intrusions through windows in a high-noise, occupied environment?
A.
Acoustic sensor
B.
Motion sensor
C.
Shock sensor
D.
Photoelectric sensor
Shock sensor
Why is planning in Disaster Recovery (DR) an interactive process?
A.
It details off-site storage plans
B.
It identifies omissions in the plan
C.
It defines the objectives of the plan
D.
It forms part of the awareness process
It identifies omissions in the plan
Due to system constraints, a group of system administrators must share a high-level access set of credentials.
Which of the following would be MOST appropriate to implement?
A.
Increased console lockout times for failed logon attempts
B.
Reduce the group in size
C.
A credential check-out process for a per-use basis
D.
Full logging on affected systems
A credential check-out process for a per-use basis
Which of the following is part of a Trusted Platform Module (TPM)?
A.
A non-volatile tamper-resistant storage for storing both data and signing keys in a secure fashion
B.
A protected Pre-Basic Input/Output System (BIOS) which specifies a method or a metric for “measuring” the state of a computing platform
C.
A secure processor targeted at managing digital keys and accelerating digital signing
D.
A platform-independent software interface for accessing computer functions
A non-volatile tamper-resistant storage for storing both data and signing keys in a secure fashion
The MAIN use of Layer 2 Tunneling Protocol (L2TP) is to tunnel data
A.
through a firewall at the Session layer
B.
through a firewall at the Transport layer
C.
in the Point-to-Point Protocol (PPP)
D.
in the Payload Compression Protocol (PCP)
in the Point-to-Point Protocol (PPP)
A vulnerability assessment report has been submitted to a client. The client indicates that
one third of the hosts
that were in scope are missing from the report.
In which phase of the assessment was this error MOST likely made?
A.
Enumeration
B.
Reporting
C.
Detection
D.
Discovery
Enumeration
Match the functional roles in an external audit to their responsibilities.
Drag each role on the left to its corresponding responsibility on the right.
Select and Place:
| Page 43 out of 124 Pages |
| Previous |