CS465 Computer Security: Midterm
Q. 97 What is the output length of a RIPEMD-160 hash? [ ]. 160 bits [ ]. 150 bits [ ]. 128 bits [ ]. 104 bits
160 bits
Q. 34 Which best describes access controls? [ ]. Access controls are a collection of technical controls that permit access to authorized users, systems, and applications. [ ]. Access controls help protect against threats and vulnerabilities by reducing exposure to unauthorized activities and providing access to information and systems to only those who have been approved. [ ]. Access control is the employment of encryption solutions to protect authentication information during log-on. [ ]. Access controls help protect against vulnerabilities by controlling unauthorized access to systems and information by employees, partners, and customers.
Access controls help protect against threats and vulnerabilities by reducing exposure to unauthorized activities and providing access to information and systems to only those who have been approved.
Q. 135 Messages protected by steganography can be transmitted in [ ]. Picture files [ ]. Music files [ ]. Video files [ ]. All of the above
All of the above
Q. 92 The primary purpose of formalized continuity planning test plans is to accomplish all except [ ]. Define test scope and objectives [ ]. Define test timeframes [ ]. Define test costs [ ]. Define the test script
define test cost
Q. 110 It is also important to note and configure the block size and the key size when working with a block mode cipher. If Rinjdael is the algorithm being utilized, what are the block and key size options? [ ]. Block: 56, 128, 256 Key: 56, 128, 256 [ ]. Block: 128, 256, 384 Key: 128, 256, 384 [ ]. Block: 56, 256, 384 Key: 56, 256, 384 [ ]. Block: 128, 192, 256 Key: 128, 192, 256
Block: 128, 192, 256 Key: 128, 192, 256
Q. 67 Accreditation and certification deal with similar security issues. Which of the following statements is true about certification and accreditation? [ ]. Accreditation is the technical analysis of a system to ensure that specific security requirements are met. [ ]. Certification is technical analysis of a system to ensure that specific security requirements are met. [ ]. Accreditation is the sign off by the IT staff that the system under test meets manufactures security specifications. [ ]. Certification is the sign off by the IT staff that the system under test meets manufactures security specifications.
Certification is technical analysis of a system to ensure that specific security requirements are met. [
Q. 33 What are the six main categories of access control? [ ]. Detective, corrective, monitoring, logging, recovery, and classification [ ]. Deterrent, preventative, detective, corrective, compensating, and recovery [ ]. Authorization, identification, factor, corrective, privilege, and detective [ ]. Identification, authentication, authorization, detective, corrective, and recovery
Deterrent, preventative, detective, corrective, compensating, and recovery
Q. 127 The most common forms of asymmetric key cryptography include [ ]. DiffieHellman [ ]. Rijndael [ ]. Blowfish [ ]. SHA-256
DiffieHellman
Q. 25 Which of the following is incorrect when considering privilege management? [ ]. Privileges associated with each system, service, or application, and the defined roles within the organization to which they are needed, should be identified and clearly documented. [ ]. Privileges should be managed based on least privilege. Only rights required to perform a job should be provided to a user, group, or role. [ ]. An authorization process and a record of all privileges allocated should be maintained. Privileges should not be granted until the authorization process is complete and validated. [ ]. Any privileges that are needed for intermittent job functions should be assigned to multiple user accounts as opposed to those for normal system activity related to the job function.
Privileges should be managed based on least privilege. Only rights required to perform a job should be provided to a user, group, or role.
Q. 37 Which approach revolutionized the process of cracking passwords? [ ]. Brute force [ ]. Rainbow table attack [ ]. Memory tabling [ ]. One-time hashing
Rainbow table attack
Q. 122 The process used in most block ciphers to increase their strength is [ ]. Diffusion [ ]. Confusion [ ]. Step function [ ]. SP-network
SP-network
Q. 29 Capability lists are related to the subject, whereas access control lists (ACL) are related to the object, and therefore [ ]. Under capability lists, attacker subjects can simply refuse to submit their lists and act with no restrictions. [ ]. Under access control lists, a user can invoke a program to access objects normally restricted. [ ]. Capability lists can only manage subject-to-subject access, and thus cannot be part of the reference monitor. [ ]. Only access control lists can be used in object-oriented programming.
Under access control lists, a user can invoke a program to access objects normally restricted.
Q. 99 Of the following groups of individuals who would be the least likely to utilize steganography? [ ]. A teenager passing notes in school [ ]. Terrorists passing notes on the Internet [ ]. Child pornographers hiding their illegal images [ ]. A business partner sending a contract
a business partner sending a contract
Q. 15 What best describes two-factor authentication? [ ]. Something you know [ ]. Something you have [ ]. Something you are [ ]. A combination of two listed above
a combination of two listed above
Q. 22 A disadvantage of single sign-on is? [ ]. Consistent time-out enforcement across platforms [ ]. A compromised password exposes all authorized resources [ ]. Use of multiple passwords to remember [ ]. Password change control
a compromised password exposes all authorized resources
Q. 48 Databases are used to combine the data from many sources into one discrete source. Which of the following is NOT a reason to create a data base? [ ]. A database will eliminate the need for data duplication across many systems. [ ]. A database will preserve storage space. [ ]. A database will prevent inconsistencies in the data by eliminating multiple copies of the data. [ ]. A database will deter insider inference attacks.
a database will deter insider inference attacks
Q. 61 Relational Database Management Systems are used to show associations between objects contained in the database. Which of the following best describes a foreign key? [ ]. A foreign key is used to uniquely identify each row in the database. [ ]. A foreign key is used to index a database. [ ]. A foreign key is used to link elements of a table. [ ]. A foreign key is used to join one table to the primary key of another table.
a foreign key is used to join one table to the primary key of another table
Q. 14 Identity management is _____. [ ]. Another name for access controls [ ]. A set of technologies and processes intended to offer greater efficiency in the management of a diverse user and technical environment [ ]. A set of technologies and processes focused on the provisioning and decommissioning of user credentials [ ]. A set of technologies and processes used to establish trust relationships with disparate systems
a set of technologies and processes intended to offer greater efficiency in the management of a diverse user and technical environment
Q. 142 What are the disadvantages of using a public key algorithm compared to a symmetric algorithm? [ ]. A symmetric algorithm provides better access control. [ ]. A symmetric algorithm is a faster process [ ]. A symmetric algorithm provides nonrepudiation of delivery. [ ]. A symmetric algorithm is more difficult to implement.
a symmetric algorithm provides nonrepudiation of delivery
Q. 9 A preliminary step in managing resources is [ ]. Conducting a risk analysis [ ]. Defining who can access a given system or information [ ]. Performing a business impact analysis [ ]. Obtaining top management support
defining who can access a given system or information
Q. 59 One of the major differences between a software compiler and a software interpreter is that [ ]. A software compiler will translate lines of code on the fly. [ ]. An interpreter will translate lines of code on the fly. [ ]. A software compiler will convert high level programming language into assembly code. [ ]. An interpreter will convert high level programming language into assembly code.
an interpreter will translate lines of code on the fly
Q. 77 Which of the following is NOT a concern when choosing a disaster recovery site? [ ]. Regulatory requirements [ ]. Physical distance [ ]. Transportation requirements [ ]. Access control procedures
access control procedures
Q. 27 A large organization that specializes in market research and analysis could realize what benefit by utilizing a Centralized Access Control system such as Remote Authentication Dial-In User Service (RADIUS) or Terminal Access Controller Access Control System (TACACS)? [ ]. Local administrators have the flexibility to grant access to individuals based on the needs of the department. [ ]. Access permissions are standardized and overlapping rights and security holes are less likely to exist. [ ]. Classified data would be protected to the appropriate level. [ ]. The authentication credentials such as user ID and password are always protected from capture.
access permissions are standardized and overlapping rights and security holes are less likely to exist
Q. 21 What are the three types of access control? [ ]. Administrative, physical, and technical [ ]. Identification, authentication, and authorization [ ]. Mandatory, discretionary, and least privilege [ ]. Access, management, and monitoring
administrative, physical, and technical
Q. 73 The major objective of the business impact assessment process is to [ ]. Prioritize time-critical business processes [ ]. Determine the most appropriate recovery time objective for business processes [ ]. Assist in prioritization of IT applications and networks [ ]. All of the above
all of te above
Q. 76 During the threat analysis phase of the continuity planning methodology, which of the following threats should be addressed? [ ]. Physical security [ ]. Environmental security [ ]. Information security [ ]. All of the above
all of the above
Q. 47 Proprietary protocols and data formats [ ]. Are unsafe because they typically rely on security by obscurity [ ]. Are safe because buffer overflows cannot be effectively determined by random submission of data [ ]. Are insecure because vendors do not test them [ ]. Are secure because of encryption
are unsafe because they typically rely on security by obscurity
Q. 16 When enrolling with a biometrics system, a digital representation of an individual's distinct characteristics that represents information taken from a biometric sample is known as what? [ ]. Biometric signature [ ]. Biometric certificate [ ]. Biometric template [ ]. Biometric ID
biometric template
Q. 98 Of the following algorithms, which was designed and optimized for use with a 32 bit microprocessor? [ ]. Blowfish [ ]. Twofish [ ]. DES (Data Encryption Standard) [ ]. AES (Advance Encryption Standard)
blowfish
Q. 74 Performing benchmarking and peer review relative to enterprise continuity planning business processes is a valuable method to do all of the following except [ ]. Help identify leading business continuity planning processes and practices [ ]. Allow realistic goal setting for action plans and agendas [ ]. Provide a method for developing metrics and measures for the continuity planning process [ ]. Compare continuity planning personnel salary levels
compare continuity planning personnel salary levels
Q. 35 Which access control mechanism can be used to identify which subjects and objects users and groups can access and will clearly indicate which privileges are to be granted to the users or groups? [ ]. Access control matrix [ ]. Multilevel security [ ]. Capability table [ ]. Access control list
capability table
Q. 40 Configuration management ensures that approved changes are implemented as approved. Change management ensures which of the following? [ ]. Corporate officers are aware of all impending changes [ ]. Applicable regulatory compliance is adhered to [ ]. Changes are submitted, approved and recorded [ ]. Configuration changes are assigned to the most qualified individuals
changes are submitted approved and recorded
Q. 68 Common Object Request Broker Architecture (CORBA) is most closely aligned with which of the following security models? [ ]. Biba [ ]. Clark and Wilson [ ]. Bell-Lapadula [ ]. Brewer-Nash
clark and wilson
Q. 10 All of the following are benefits of role-based access control except? [ ]. Reduced total cost of security ownership [ ]. Reduced administrative error [ ]. Easy administration of privileges [ ]. Clear guidance for classification of data
clear guidance for classification of data
Q. 31 When choosing a method for authenticating a user before granting access privileges, which of the following is the primary consideration? [ ]. Cost of the authentication mechanism [ ]. Value of the data being protected [ ]. User acceptance of the mechanism [ ]. The number of false negatives
cost of the authentication mechanism
Q. 18 Which of the following factors is not generally considered when determining which biometrics system or technology is better for a given application or use? [ ]. Cost of the biometric device [ ]. Security risks [ ]. Number of users [ ]. Use of the biometric (identification or verification)
cost of the biometric device
Q. 87 The second phase of the Business Continuity Plan is the Business Impact Analysis (BIA). The Business Impact Analysis identifies critical business systems based on the impact a loss of such system would have on the overall business environment. This business impact is measured using all of the following except which one? [ ]. Maximum Tolerable Downtime [ ]. Regulatory requirements [ ]. The reputation of the organization [ ]. Critical system Mean Time between Failure (MTBF)
critical system mean time between failure (MTBF)
Q. 17 When using Kerberos for authentication, if a client in one organization needs to authenticate to a server in another organization, what Kerberos functionality will allow for this authentication? [ ]. Cross-realm operation [ ]. Cross-site certification [ ]. Realm-realm operation [ ]. Site-site certification
cross-realm operation
Q. 132 A __________is the sequence that controls the operation of the cryptographic algorithm. [ ]. Encoder [ ]. Decoder wheel [ ]. Cryptovariable [ ]. Cryptographic routine
cryptovariable
Q. 52 One of the most significant differences between the Software Development Life Cycle and the System Life Cycle is that the Software Development Life Cycle does not include which of the following phases? [ ]. Decommissioning/Disposal [ ]. Startup/Requirements [ ]. Development/Construction [ ]. Operational Testing
decommissioning/disposal
Q. 42 Acme Corporation performs a nightly data transfer from all their active data bases to a centralized server. The data is then normalized and the central server is queried to gain performance results for all sales locations. This activity describes which of the following? [ ]. Data warehouse [ ]. Relational database [ ]. Data performance analysis [ ]. Metadata
data warehouse
Q. 63 Anne in the accounting department, and Bill in auditing are both attempting to access an identical value in the accounts receivable data base. Anne accesses the amount normally, but Bill receives an error message indicating that he has "read only" access. One possible reason for the error message is that the database management system (DBMS) has built in features to prevent which of the following? [ ]. Static access retrieval [ ]. Automated queries [ ]. Inference attacks [ ]. Deadlocking
deadlocking
Q. 71 During development of alternative recovery strategies, all of the following activities should be performed except [ ]. Use the prioritized business process maps developed during the BIA to map time-critical supporting resources [ ]. Develop short- and long-term testing and maintenance strategies [ ]. Prepare cost estimates for acquisition of continuity support resources [ ]. Provide executive management with recommendations on acquiring appropriate continuity resources
develop short- and long-term testing and maintenance strategies
Q. 45 Applications CANNOT use which of the following methods to detect system attacks? [ ]. Known signature scanning [ ]. Activity monitoring [ ]. Change detection [ ]. Differential linear analysis
differential linear anaysis
Q. 94 Continuity of IT technologies or IT network infrastructure capabilities is addressed in what type of continuity plan? [ ]. Disaster recovery plans [ ]. Emergency response/crisis management plans [ ]. Business continuity plans [ ]. Continuous availability plans
disaster recovery plans
Q. 80 Which is the least important reason for developing business continuity and disaster recovery plans? [ ]. Disasters really do occur [ ]. Budgeting IT expenditures [ ]. Good business practice and standard of due care [ ]. Legal or regulatory compliance
disasters really do occur
Q. 107 The Diffie-Hellman key exchange protocol's success depends on the difficulty of performing [ ]. Modulo math [ ]. Factoring the products of large prime numbers [ ]. Exponential geometric calculus [ ]. Discrete logarithms
discrete logarithms
Q. 70 Business continuity management ensures that critical business processes will be resilient to failure. It must also ensure the disaster recovery processes are [ ]. Legal [ ]. Effective [ ]. Acceptable [ ]. Moral
effective
Q. 91 Data backups electronically transmitted to a remote location over a leased line and done nightly would most likely be defined as which of the following? [ ]. Off-site storage [ ]. Electronic vaulting [ ]. Database shadowing [ ]. Software Escrow
electronic vaulting
Q. 114 Secure distribution of a confidential message can be performed by: [ ]. Encrypting the message with the receiver's public key [ ]. Encrypting a hash of the message [ ]. Having the message authenticated by a certificate authority [ ]. Using a password-protected file format
encrypting the message with the receiver's public key
Q. 90 What is the most important goal of a Business Continuity Plan? [ ]. Ensuring the safety of people [ ]. Mitigating damages to company assets [ ]. Complying with local ordinances [ ]. Defining the Maximum Tolerable Downtime (MTD)
ensuring the safety of people
Q. 19 When an organization has a need for one set of subjects to be isolated from another set of subjects and at the same time, both sets need access to a common object, what type of security domain should be used? [ ]. Equivalence class of subjects [ ]. Directory services [ ]. Hierarchical domain [ ]. Equivalence class of objects
equivalence class of subjects
Q. 162 Who is accountable for information security? [ ]. Everyone [ ]. Senior management [ ]. Security officer [ ]. Data owners
everyone
Q. 75 The primary phases of the enterprise continuity planning implementation methodology include all of the following except [ ]. Current state assessment phase [ ]. Execution phase [ ]. Design and development phase [ ]. Management phase
execution phase
Q. 72 When conducting the business impact assessment, business processes are examined relative to all but one of the following criteria [ ]. Customer interruption impacts [ ]. Embarrassment or loss of confidence impacts [ ]. Executive management disruption impacts [ ]. Revenue loss potential impacts
executive management disruption impacts
Q. 69 Which of the following is considered the most important component of the enterprise-wide continuity planning program? [ ]. Business impact assessment [ ]. Formalized continuity plans [ ]. Executive management support [ ]. Hot site arrangements
executive management support
Q. 65 An artificial intelligence that gathers information from subject matter experts and attempts to use programmed rules to analyze problems and suggest a recommended course of action is called which of the following? [ ]. Classification approach [ ]. Probabilistic approach [ ]. Statistical approach [ ]. Expert system approach
expert systems approach
Q. 62 Files temporarily created by applications can expose confidential data if [ ]. Special characters are not used in the filename to keep the file hidden [ ]. The existence of the file exceeds three seconds [ ]. File permissions are not set appropriately [ ]. Special characters indicating this is a system file are not used in the filename.
file permissions are not set appropriateely
Q. 78 A disaster is not considered to be over until which of the following events occur? [ ]. Full operations are resumed at the recovery location. [ ]. Full operations are resumed at the primary site. [ ]. Critical business systems are recovered at the recovery site. [ ]. Critical business systems are recovered at the primary site.
full operations are resumed at the primary site
Q. 84 Operational recovery strategies can include hot sites, warm sites, cold sites and multiple processing centers. Which would be the most appropriate for a business system whose Maximum Tolerable Downtime has been determined to be three hours? [ ]. Hot site [ ]. Warm site [ ]. Cold site [ ]. Multiple processing centers
hot site
Q. 169 Security is most expensive when addressed in which phase? [ ]. Design [ ]. Rapid prototyping [ ]. Testing [ ]. Implementation
implementation
Q. 64 In terms of databases, cryptography can [ ]. Only restrict and reduce availability [ ]. Improve availability by allowing data to be easily placed where authorized users can access it [ ]. Improve availability by increasing granularity of access controls [ ]. Neither reduce nor improve availability
improve availability by allowing data to be easily placed where authorized users can access it
Q. 51 Format string vulnerabilities in programs can be found by [ ]. Forcing buffer overflows [ ]. Submitting random long strings to the application [ ]. Causing underflow problems [ ]. Including string specifiers in input data
including string specifiers in input data
Q. 5 A corporation has experienced aggressive growth in recent years, in part due to the launch of an e-commerce business. This growth has caused a strain on the corporation's ability to effectively manage the digital identities of users. Which of the following is NOT considered a negative result of lack of digital identity management? [ ]. Loss of user productivity [ ]. Increased network single point of failures [ ]. Users maintaining access to projects they are no longer working on [ ]. Increased time spent in identity deployment and provisioning
increased network single point of failures
Q. 53 The three structural parts of a virus are [ ]. Malicious payload, message payload, and benign payload [ ]. Infection, payload, and trigger [ ]. Self-replication, file attachment, and payload [ ]. Replication, destructive payload, and triggering condition
infection, payload, and trigger
Q. 54 Which of the following data base attacks describes an attack where the perpetrator uses information gained thru authorized activity to reach conclusions relating to un-authorized data? [ ]. Unauthorized access attack [ ]. Bypass attack [ ]. Query attack [ ]. Inference attack
inference attack
Q. 8 Which of the following assurance mechanisms is most likely to provide continuous feedback about how well the access control systems are working? [ ]. Vulnerability Assessments [ ]. Penetration Testing [ ]. Security Policy Review [ ]. Intrusion Detection System
intrusion detection systems
Q. 6 Role-based access control _______. [ ]. Is unique to mandatory access control [ ]. Is independent of owner input [ ]. Is based on user job functions [ ]. Can be compromised by inheritance
is based on user job functions
Q. 89 All but one of the following are advantages of automating or utilizing continuity planning software [ ]. It standardizes training approaches. [ ]. It provides a platform for management and audit oversight. [ ]. It eases long-term continuity plan maintenance. [ ]. It provides business partners with an enterprise-wide view of the continuity planning infrastructure.
it provides business partners with an enterprise-wide view of the continuity panning infrastructure
Q. 41 Which of the following is NOT a software development method? [ ]. Iterative development [ ]. Joint-interactive [ ]. Computer Aided Software Engineering [ ]. Reuse Model
joint-interactive
Q. 12 Which of the following standards based systems allow users to sign in to a central location that verifies their identity and thereafter authorizes them to designated network services that are matched with a custom user profile? [ ]. Simple sign-on [ ]. Kerberos [ ]. Central sign-on [ ]. Synchronous sign-on
kerberos
Q. 32 Host-based Intrusion Detection Systems (IDS) should be utilized to compliment network-based IDS. Which type of activity could a host-based IDS detect that a network-based IDS would not be able to detect? [ ]. Abnormal activity between a client and server [ ]. Malicious software transmitted in an encrypted tunnel [ ]. A data packet with an improperly formatted header [ ]. Offensive content in a HTTP request
malicious software transmitted in an encryption tune
Q. 39 Which type of access control would be most suitable for a system that stores data of the highest sensitivity level? [ ]. Mandatory Access Control [ ]. System High Access Control [ ]. Discretionary Access Control [ ]. Role-Based Access Control
mandatory access control
Q. 85 After completion of a Business Impact Analysis, recovery strategies must be developed. The primary concern of these recovery strategies is: [ ]. Meeting the pre-determined time frame [ ]. Assessing the impact of system failure to the business [ ]. Determining the cost-benefit analysis of a system safeguard [ ]. Defining applicable cost recovery routines
meeting the pre-determined time frame
Q. 88 When moving business functions from the backup site to the primary site, which of the following events should be performed first? [ ]. Move all critical systems from the backup site to the primary site. [ ]. Move least critical systems from the backup site to the primary site. [ ]. Move operational systems. [ ]. Move accounting systems.
move least critical systems from the backup site to the primary site
Q. 66 If a database is protected from modification using only symmetric encryption, someone may still be able to mount an attack by: [ ]. Moving blocks of data such that a field belonging to one person is assigned to another [ ]. Changing the encryption key so that a collision occurs [ ]. Using the public key instead of the private key [ ]. Arranging to intercept the public key in transit and replace it with his own
moving blocks of data such that a field belonging to one person is assigned to another
Q. 36 In mandatory access control, the system controls access and the owner determines? [ ]. Validation [ ]. Need to know [ ]. Consensus [ ]. Verification
need to know
Q. 57 Periodic vendor bug and vulnerability fixes need to be installed by a patch management system. These systems are limited in scope by which of the following? [ ]. Network bandwidth [ ]. Version of the operating system under test [ ]. Limits on agent operation [ ]. Source code availability
network bandwidth
Q. 138 The only cipher system said to be unbreakable by brute force is [ ]. AES [ ]. DES [ ]. One-time pad [ ]. Triple DES
one-time pad
Q. 2 Mandatory access control is reliant upon which of the following? [ ]. Owner establishing user permission, subjects given a clearance level and policy [ ]. Owner classifying data, subjects given a clearance level and policy [ ]. Owner establishing user permission, subjects given a clearance level and system discretion [ ]. Owner classifying data, subjects given a clearance level and system discretion
owner classifying data, subjects given a clearance level and policy
Q. 3 A potential vulnerability of the Kerberos authentication server is? [ ]. Single point of failure [ ]. Asymmetric key compromise [ ]. Use of dynamic passwords [ ]. Limited lifetimes for authentication credentials
single point of failure
Q. 24 Which of the following Intrusion Detection System (IDS) engines is most likely to detect a virus or worm that morphs in order to remain hidden? [ ]. Protocol Anomaly Intrusion Detection System [ ]. Statistical Anomaly Intrusion Detection System [ ]. Pattern Matching Intrusion Detection System [ ]. Stateful Matching Intrusion Detection System
pattern matching intrusion detection system
Q. 100 A way to defeat frequency analysis as a method to determine the key is to use [ ]. Substitution ciphers [ ]. Transposition ciphers [ ]. Polyalphabetic ciphers [ ]. Inversion ciphers
polyalphabetic ciphers
Q. 50 The primary key is used to uniquely identify records in a database. By adding additional variables to the primary key, two items with the same identifier can be differentiated. This is often used to prevent inference attacks. Which of the following is best described by this scenario? [ ]. Polymorphism [ ]. Polyalphabetic [ ]. Polyinstantiation [ ]. Polyvariabolic
polyinstantiation
Q. 55 Integrating cryptography into applications may lead to [ ]. Increased stability as the programs are protected against viral attack [ ]. Enhanced reliability as users can no longer modify source code [ ]. Reduced breaches of policy due to disclosure of information [ ]. Possible denial of service if the keys are corrupted
possible denial of service if the keys are corrupted
Q. 83 The primary reason for conducting continuity planning tests is to [ ]. Provide employees' families with a method for contacting management [ ]. Ensure that continuity plans are current and viable [ ]. Prepare third parties to react to an emergency within the enterprise [ ]. Identify which employees can go home following a disaster
prepare third parties to react to an emergency within the enterprise
Q. 93 Crisis management planning focuses management attention on the following [ ]. Preplanning that will enable management to anticipate and react in the event of emergency [ ]. Reacting to a natural disaster such as a hurricane or earthquake [ ]. Anticipating adverse financial events [ ]. IT systems restart and recovery activities
preplanning that will enable management to anticipate and react in the event of emergency
Q. 28 Controls that are designed to stop unauthorized personnel from entering a facility are categorized as which of the following? [ ]. Preventive controls [ ]. Detective controls [ ]. Deterrent controls [ ]. Recovery controls
preventive controls
Q. 26 What identity management tool would allow a user to update personal information such as address, phone number and withholdings without having to directly involve the Human Resources department? [ ]. Account Management System [ ]. Password Management system [ ]. Profile Update System [ ]. Consistent Sign-on System
profile update system
Q. 109 ANSI X9.17 is concerned primarily with [ ]. Protection and secrecy of keys [ ]. Financial records and retention of encrypted data [ ]. Formalizing a key hierarchy [ ]. The lifespan of key-encrypting keys (KKM)
protection and secrecy of keys
Q. 43 Database design models have changed over the years. Which of the following models places the data in tables where the rows represent records and the columns represent attributes? [ ]. Hierarchical Database Management System [ ]. Relational Database Management System [ ]. Network Database Management System [ ]. Divergent Database Management System
relational database management system
Which is a fundamental disadvantage of biometrics? [ ]. Revoking credentials [ ]. Encryption [ ]. Communications [ ]. Placement
revoking credentials
Q. 13 All of the follow are true about Role-Based Access Control (RBAC) except? [ ]. Role-based access control is associated with discretionary access control [ ]. Individual users are enrolled in appropriate roles [ ]. Privileges are inherited [ ]. Role-based access control is associated with mandatory access control
role-based access control is associated with mandatory access control
Q. 20 Which of the following requires that a user or process be granted access to only those resources necessary to perform assigned functions? [ ]. Discretionary access control [ ]. Separation of duties [ ]. Least privilege [ ]. Rotation of duties
separation of duties
Q. 38 Access control systems enable management to do all of the following EXCEPT which one? [ ]. Specify which users can access the system [ ]. Specify what resources the user can access [ ]. Specify what operations the users can perform [ ]. Specify how a user can access a resource
specify how a user can access a resource
Q. 102 Asymmetric key cryptography is used for all of the following except [ ]. Encryption of data [ ]. Access control [ ]. Nonrepudiation [ ]. Steganography
steganography
Q. 86 According to local policy, disaster recovery team members meet annually to discuss business recovery strategies. Each team member describes the series of actions taken by their department in the event of an emergency. Actions are critiqued based on efficiency of system recovery and impact to other business units. This is best described as what type of testing strategy? [ ]. Checklist [ ]. Structured Walk Through [ ]. Simulation [ ]. Incarcerated Testing
structured walk through
Q. 106 The two methods of encrypting data are [ ]. Substitution and transposition [ ]. Block and stream [ ]. Symmetric and asymmetric [ ]. DES and AES
symmetric and asymmetric
Q. 96 Of the following ciphers, which in general is the most effective type for implementation in hardware? [ ]. Symmetric block [ ]. Symmetric stream [ ]. Asymmetric [ ]. Key exchange
symmetric stream
Q. 7 Which is the least significant issue when considering biometrics? [ ]. Resistance to counterfeiting [ ]. Technology type [ ]. User acceptance [ ]. Reliability and accuracy
technology type
Q. 95 An effective continuity plan will contain all of the following type of information except for [ ]. Prioritized list of business processes or IT systems to be recovered [ ]. The business impact assessment report [ ]. Recovery team structures and assignments [ ]. The primary and secondary location where backup and recovery activities will take place
the business impact assessment report
Q. 79 Under which of the following situations would a trashcan fire be considered a disaster? [ ]. The fire alarms went off and the building had to be evacuated. [ ]. The fire spread beyond the trashcan and the fire department had to be called. [ ]. The trashcan contained company sensitive documents. [ ]. The fire caused critical business systems to be disabled for longer than the Maximum Tolerable Downtime (MTD)
the fire caused critical business systems to be disabled for longer than the maximum tolerable downtown (MTD)
Q. 56 An application that uses dynamic link libraries can be forced to execute malicious code, even without replacing the target .dll file, by exploiting [ ]. Registry settings [ ]. The library search order [ ]. Buffer overflows [ ]. Library input validation flaws
the library search order
Q. 82 Which of the following statements most appropriately describes the timeliness of processes and supporting resources prioritization and recovery? [ ]. The processes are mission critical. [ ]. The processes are critical. [ ]. The processes are time critical. [ ]. All of the above.
the processes are time critical
Q. 60 Why cannot outside programs determine the existence of malicious code with 100 percent accuracy? [ ]. Users do not update their scanners frequently enough. [ ]. Firewalls are not intended to detect malicious code. [ ]. The purpose of a string depends upon the context in which it is interpreted. [ ]. The sourced code language is often unknown.
the purpose of a string depends upon the context in which it is interpreted
Q. 46 In a relational database, which of the following is true concerning a primary key? [ ]. A primary key must contain a common identifier associated with all entries into a table. [ ]. The primary key must contain a non-null value in order to uniquely identify the tuple. [ ]. Primary keys can be identified by their unique number-number-letter format. [ ]. The use of primary keys is only required in network data base management systems, and does not apply to relational databases.
the use of primary key is only required in network data base management systems, and does not apply to relational database
Q. 133 The Scytale found in ancient Sparta was a form of [ ]. substitution [ ]. hashing [ ]. key exchange [ ]. transposition
transposition
Q. 58 A screen saver that opens an encrypted tunnel to a website under malicious control with the purpose of allowing attackers access to the infected machine is an example of which of the following versions of malware? [ ]. Logic Bomb [ ]. Trojan Horse [ ]. Virtual Private Network [ ]. Spyware
trojan horse
Q. 11 Access control systems that rely on a Common Access Cards (CAC) to provide identification and biometrics for authentication of an individual are know as what type of system? [ ]. Integrated authentication [ ]. Two-factor authentication [ ]. Multiple factor authentication [ ]. Authenticated transaction
two0factor authentication
Q. 81 Business Continuity Management is a cyclical process. Which of the following is the first step in Business Continuity Management? [ ]. Gain management approval [ ]. Perform a threat analysis [ ]. Determine Business Continuity Management team members [ ]. Understand your business
understand your business
Q. 4 Which of the following is not a desired response of an intrusion detection system upon detecting malicious activity? [ ]. Drop suspicious data packets at the firewall [ ]. Report the activity to other hosts on the site [ ]. Update configurations within the IDS [ ]. Update the anti-virus definitions within a firewall
update the anti-virus definitions within a firewall
Q. 44 A database that uses pre-defined groupings of data that can only be accessed based upon a user's authorization level, uses which of the following access control models? [ ]. Role-based access control [ ]. Mandatory access control [ ]. View-based access control [ ]. Front-end delineated access control
view based acccess control
Q. 23 An enterprise may decide to use penetration testing to identify all of the following EXCEPT? [ ]. Gaps in security countermeasures [ ]. Response capabilities of the intrusion detection team [ ]. Who is responsible for monitoring audit logs [ ]. How suspicious activity is reported
who is responsible for monitoring audit logs.
Q. 30 What type of testing would be most effective in detecting a rogue wireless access point? [ ]. Wireless application security testing [ ]. War dialing [ ]. Network penetration [ ]. Wireless network penetration
wireless network penetration
Q. 49 After being closed for the weekend, on Monday morning Acme Corporation finds that their servers are running slowly. The CPU utilizations are showing 100% utilization. Network traffic is also exceptionally high. On the close of business on Friday, all systems were behaving normal. Closer examination is likely to reveal which of the following infestations? [ ]. Data diddler [ ]. Distributed denial of service (DDoS) [ ]. Virus [ ]. Worm
worm
