ISDS 4244 Test 3
d. Too high humidity can result in condensation; too low can result in static buildup
What are the effects of humidity on computing equipment? Select one: a. When humidity rises above 55 percent, an increase in temperature in electronic equipment will occur. b. Too low humidity can result in condensation; too high can result in static buildup c. When humidity drops below 40 percent, most computing equipment will not function. d. Too high humidity can result in condensation; too low can result in static buildup
a. An IT system or process has sufficient capacity if its performance falls within an acceptable range as specified in service level agreements (SLAs)
What factor primarily determines if there is sufficient capacity in IT systems and IT processes? Select one: a. An IT system or process has sufficient capacity if its performance falls within an acceptable range as specified in service level agreements (SLAs) b. Capacity planning based upon individual business unit projections c. If a particular processor or storage device is operating at no more than 80 percent of its intended capacity d. If there is sufficient processing and storage capacity to meet 125 percent of the organization's projected needs over one year
a. Mission statement
Which of the following types of information would be considered PUBLIC information? Select one: a. Mission statement b. Employee records c. Passwords d. Production statistics
a. SSH was replaced by SSL and HTTPS protocols.
Which one of the following is NOT a characteristic of secure shell (SSH)? Select one: a. SSH was replaced by SSL and HTTPS protocols. b. SSH is used to create a secure channel between two systems. c. SSH supports tunneling of protocols such as X-Windows. d. SSH offers secure authentication and encryption.
b. Uninterruptible power supply (UPS)
A system that filters incoming power spikes and other noise and supplies power for short periods through a bank of batteries is called aNo: Select one: a. Generator b. Uninterruptible power supply (UPS) c. Power distribution unit d. Dual power feed
d. Emergency changes are often related to incidents or problems, and can reference those issues so they can be closed.
How are emergency changes related to problem and incident management? Select one: a. Emergency changes fall under incident response procedures, not under the normal problem management processes. b. The steps for the emergency change process are completely different from those established for normal problem and incident management. c. Emergency changes are not related to problem and incident management, and are handled outside the normal problem management process due to urgency and necessity. d. Emergency changes are often related to incidents or problems, and can reference those issues so they can be closed.
b. Using a courier; in a double-wrapped package, requiring a signature and secure storage
How should physical media containing highly sensitive information be packaged and transported? Select one: a. Do not transport physical media; send electronically only b. Using a courier; in a double-wrapped package, requiring a signature and secure storage c. By regular mail d. By messenger, wrapped with an inner and outer envelope
b. Physical and logical network architecture, data flow architecture, and network standards and services
In order to support an organization's mission, goals, and objectives, network infrastructure design should include which of the following: Select one: a. Data flow architecture only b. Physical and logical network architecture, data flow architecture, and network standards and services c. Logical network architecture only d. Physical network architecture only
c. All actions and activities performed by operations personnel should be a part of a procedure, process, or project that has been approved by management.
Managing and controlling all of the activities that take place in an IS department means: Select one: a. All IT operations must be centrally controlled and executed. b. Managers must maintain strict control over IT budgets within the organization. c. All actions and activities performed by operations personnel should be a part of a procedure, process, or project that has been approved by management. d. IT managers must drive organizational process changes due to changes in technologies used by the organization.
d. Secure Sockets Layer (SSL)
SET (Secure Electronic Transaction) is an older protocol used for secure transactions across the Internet that has been largely replaced with which method? Select one: a. Secure FTP (S/FTP) b. TELNET c. Secure Shell (SSH) d. Secure Sockets Layer (SSL)
c. Computer operating systems
The software that controls computer hardware and facilitates the use of software applications is called: Select one: a. Device drivers b. RDBMS software c. Computer operating systems d. Utilities
a. Equipment theft, sabotage, and destruction by any person
Threats that physical security measures attempt to address include which of the following? Select one: a. Equipment theft, sabotage, and destruction by any person b. Data theft by authenticated users c. Data destruction by authenticated users d. Data modification by any person
a. Media copier
What is the best type of tool to use for making a forensic copy of a system's hard drive? Select one: a. Media copier b. Drag-and-drop c. Directory copier d. Backup program
d. WEP
Which encryption technique was originally designed to protect wireless networks from eavesdropping? Select one: a. SSL/TLS b. AES c. 8021X d. WEP
d. Middle and upper managers who are familiar with critical business operations
Which personnel should be chosen for a disaster recovery (DR) core team that would declare a disaster? Select one: a. Analysts who wrote DR recovery procedures b. Executive managment c. Technical staff members who will be performing recovery procedures d. Middle and upper managers who are familiar with critical business operations
d. Port scanning
Which type of attack attempts to discover open, and possibly vulnerable, ports on target systems? Select one: a. Service scanning b. Passive scanning c. OS fingerprinting d. Port scanning
d. Active-passive mode
A cluster that can automatically transfer processing to a standby member of the cluster in the event of the failure of one of the other computers in the cluster is said to be in which type of mode? Select one: a. Passive-passive mode b. Hot standby mode c. Active-active mode d. Active-passive mode
d. Firewall
A network device that serves to control the flow of network messages between networks, usually placed at the boundary between the Internet and an organization's internal network, is called aNo: Select one: a. VPN switch b. Intrusion prevention system c. Router d. Firewall
c. Reciprocal site
A recovery site operated by another company or organization is called a: Select one: a. Cold site b. Hot site c. Reciprocal site d. Mobile site
a. Reciprocal site
A recovery site operated by another company or organization is called a: Select one: a. Reciprocal site b. Cold site c. Mobile site d. Hot site
b. Trojan horse
A seemlingly harmless program that is supposed to perform one function but that actually performs another (or additional) undesired functions is called a: Select one: a. Macro virus b. Trojan horse c. Polymorphic virus d. Worm
d. Storage area network (SAN)
A stand-alone storage system that can be configured to contain several virtual volumes and connected to several servers through fiber optic cables, and is seen as "local" storage by servers' operating systems is called aNo: Select one: a. Logical server cluster b. Active-active server cluster c. Network attached storage (NAS) d. Storage area network (SAN)
d. Connectionless protocol
All of the following are characteristics of the TCP protocol EXCEPT: Select one: a. Used for data transfers requiring high integrity b. Establishes a connection between two hosts c. Uses sequence numbers to guarantee segment delivery in the correct order d. Connectionless protocol
c. MD5
All of the following are private key encryption algorithms EXCEPT: Select one: a. AES b. Twofish c. MD5 d. DES
b. Denial of service
All of the following are risks associated with the use of peer-to-peer computing EXCEPT: Select one: a. Malware b. Denial of service c. Violation of intellectual property laws d. Data leakage
b. Allowing the device to be used only in a controlled area, such as a server room
All of the following are used to protect mobile devices EXCEPT: Select one: a. Strong access control b. Allowing the device to be used only in a controlled area, such as a server room c. Encryption d. Remote data destruct
d. Rank or position within the organization
All of the following should be considered when determining if an individual requires access to sensitive or classified information EXCEPT: Select one: a. Need to know b. Security clearance level c. If access to the information is required to perform one's job functions d. Rank or position within the organization
c. Rank or position within the organization
All of the following should be considered when determining if an individual requires access to sensitive or classified information EXCEPT: Select one: a. Security clearance level b. Need to know Incorrect c. Rank or position within the organization d. If access to the information is required to perform one's job functions
a. System administrators should have a listing of all users' passwords in the event of a user's termination or extended absence.
All of the following statements are true regarding the construction and use of passwords EXCEPT: Select one: a. System administrators should have a listing of all users' passwords in the event of a user's termination or extended absence. b. Passwords should never be transmitted through e-mail or over clear text methods. c. Systems should require passwords of a minimum length (typically eight characters) and enforce complexity requirements. d. Systems should require that passwords be changed periodically, and forbid the use of recently used passwords.
c. DOS attacks can be caused by user errors that create software application error messages.
All of the following statements characterize denial of service (DOS) attacks EXCEPT: Select one: a. DOS attacks can be carried out by sending an enormous volume of messages to the target system in order to flood its input buffers and exhaust its available resources. b. A distributed denial of service (DDOS) attack emanates simultaneously from hundreds to thousands of computers, and can be difficult to withstand because of the volume of incoming messages, as well as the large number of attacking systems. c. DOS attacks can be caused by user errors that create software application error messages. d. DOS attacks can be carried out by sending a specially build message that is know to cause a service or application running on the target system to malfunction or stop running altogether.
b. In a rapidly changing IT environment, DR plans should be reviewed more often.
An IS auditor is reviewing the disaster recovery (DR) plans for an online service provider, and has found that the DR plans are reviewed and updated annually. What statement best describes the finding that the auditor should write? Select one: a. It is not necessary to update DR plans unless the organization's business model changes. b. In a rapidly changing IT environment, DR plans should be reviewed more often. c. An annual review of the organization's DR plan is adequate. d. It only matters whether the DR plan is tested, no whether it is updated.
a. Recommend that better encryption be used
An IS auditor is reviewing wireless networks that are used to support wireless point-of-sale terminals in retail locations. The IS auditor has observed that these wireless networks to not broadcast SSID, and they employ Wired Equivalent Privacy encryption with 64-bit keys that are changed each quarter. What action should the auditor take? Select one: a. Recommend that better encryption be used b. Recommend that longer keys be used c. Recommend that SSIDs be broadcast d. Recommend that keys be changed more often
A requirement that the organization initiate an unplanned cutover test
An audit of an organization's business continuity and disaster recovery programs should include all of the following EXCEPT: Select one: a. A requirement that the organization initiate an unplanned cutover test b. An evaluation of processes and procedures c. Interviews with all key personnel d. Review of all documentation
d. An intruder will be able to crack the administrative password more easily.
An auditor has discovered that several administrators share the administrative account in a hypervisor. All of the following are risks associated with this practice EXCEPT: Select one: a. The organization faces compliance risk because most security standards and regulations forbid shared accounts. b. It is impossible to determine accountability for administrators' actions. c. It is more difficult to determine who performed specific actions. d. An intruder will be able to crack the administrative password more easily.
a. The organization should reiterate its policy that no unapproved changes should be performed, and that this can result in termination of employment.
An auditor is reviewing an organization's change management process and has found that many changes are being performed without approval. What is the best approach for the organization to take? Select one: a. The organization should reiterate its policy that no unapproved changes should be performed, and that this can result in termination of employment. b. The organization should train its staff members on the proper use of the change management process. c. The organization should identify and punish those staff members that are performing unapproved changes. d. The change management process should be changed to permit low-risk changes be done without approval.
b. Security incident
An event where the confidentiality, integrity, or availability of information (or an information system) has been compromised is called aNo: Select one: a. Data compromise b. Security incident c. Incident response d. Disaster
c. E-valuting
An option for system backup that permits organizations to back up their systems and data to an off-site location, which could be a storage system in another data center or a third-party service provider, is called. Select one: a. Full backup b. Remote storage c. E-valuting d. Transaction journaling
c. DNS servers should be classified as Critical so that customers can contact the e-commerce servers.
An organization has established a system classification scheme for identifying the criticality of systems for disaster recovery purposes. The organization's primary e-commerce application has been classified as Critical. How should the organization's DNS servers be classified? Select one: a. DNS servers need to independently classified according to criticality. b. DNS servers should be classified as Nonsensitive because they do not contain customer data. c. DNS servers should be classified as Critical so that customers can contact the e-commerce servers. d. DNS servers do not need to be classified because they do not contain customer data.
c. Work orders
An organization has initiated a business relationship with an outsourced service provider. The service provider will carry out many projects for the organization. How should the organization define and initiate each project? Select one: a. Service level agreements b. Change orders c. Work orders d. Contracts
b. Contractually link service quality to payments for service
An organization is considering outsourcing a department to an offshore service provider. How can the organization best ensure that the offshore provider's service quality will be adequate? Select one: a. Continuously monitor service levels and quality b. Contractually link service quality to payments for service c. Contractually require minimum service levels d. Contractually require dispute and resolution procedures
c. Use infrastructure from a cloud service provider only during disaster recovery (DR) testing and actual recovery operations.
An organization operates a large (1,000+ servers) e-commerce environment from a single data center. Which of the following recovery strategies would be the most effective? Select one: a. Operate the service from two data centers simultaneously, with the ability to run the entire service from either data center. b. Establish a second data center as a hot site. c. Use infrastructure from a cloud service provider only during disaster recovery (DR) testing and actual recovery operations. d. Establish a second data center as a cold site.
Use infrastructure from a cloud service provider only during disaster recovery (DR) testing and actual recovery operations.
An organization operates a large (1,000+ servers) e-commerce environment from a single data center. Which of the following recovery strategies would be the most effective? Select one: a. Use infrastructure from a cloud service provider only during disaster recovery (DR) testing and actual recovery operations. b. Establish a second data center as a cold site. c. Establish a second data center as a hot site. d. Operate the service from two data centers simultaneously, with the ability to run the entire service from either data center.
c. Tunnel mode
An organization that wants to establish a secure virtual private network (VPN) connection using IPsec will need to configure it to use which mode? Select one: a. Security association mode b. Encrypted mode c. Tunnel mode d. Transport mode
d. Tunnel mode
An organization that wants to establish a secure virtual private network (VPN) connection using IPsec will need to configure it to use which mode? Select one: a. Transport mode b. Security association mode c. Encrypted mode d. Tunnel mode
b. Distributed lock manager
Bidirectional replication has transaction concurrency issues that can be resolved using a: Select one: a. Primary-backup replication system b. Distributed lock manager c. Multiprimary replication system d. Multimaster replication system
b. Centralized management services
Directory services provide which of the following network-based services? Select one: a. Remote access b. Centralized management services c. File services d. E-mail services
c. Between user workstations and an internal file server
Firewalls are normally placed at all of the following locations EXCEPT: Select one: a. Between the internal network and the DMZ network b. Between the internal network and the Internet Incorrect c. Between user workstations and an internal file server d. Between separate zones of trust on an internal network
b. By using an intelligent problem and incident management system that is able to access the configuration management database (CMDB)
How do IT personnel determine whether incidents and problems are related to specific systems configurations? Select one: a. By consulting with a hardware vendor to determine what the system's default configuration should be b. By using an intelligent problem and incident management system that is able to access the configuration management database (CMDB) c. By running monitoring tools to determine if there is malicious traffic on the network d. By manually checking all devices to determine if a configuration error exists
b. By using monitoring consoles that have the ability to send alert messages to the personnel who manage the systems being monitored
How do centralized monitoring systems typically utilize networks to assist in monitoring and managing devices? Select one: a. By periodically sending configuration data across the network to an administrator b. By using monitoring consoles that have the ability to send alert messages to the personnel who manage the systems being monitored c. By using host-based monitoring systems that require actual interactive logon by the network administrator d. By sending broadcast messages to other network devices
c. By measuring all aspects of operations need to measured, reviewing those measurements and reports, and carrying out management-directed changes
How do managers in IT organizations determine if their operations are effective? Select one: a. By directing strategic business changes based upon the changes in the IT environment b. By gathering customer satisfaction data c. By measuring all aspects of operations need to measured, reviewing those measurements and reports, and carrying out management-directed changes d. By immediately reacting to business process changes
a. Known error
In ITIL terminology, if the incident has been seen before and its root cause is known, this is called aNo: Select one: a. Known error b. Problem c. Incident d. Service outage
d. There can be many matching foreign key fields for one primary key.
In an RDBMS, what is the relationship between foreign and primary keys? Select one: a. There can be only one matching foreign key field for each primary key. b. There can be many matching primary key fields for one foreign key. c. There can be many matching foreign keys for many different primary keys. d. There can be many matching foreign key fields for one primary key.
c. Databases must authenticate the identity of users.
In order to make use of access controls to enforce database security, what must occur? Select one: a. SQL queries to and from the database must be encrypted. b. Permissions at the table and field levels must be enforced. c. Databases must authenticate the identity of users. d. The database tables must be encrypted.
c. Physical and logical network architecture, data flow architecture, and network standards and services
In order to support an organization's mission, goals, and objectives, network infrastructure design should include which of the following: Select one: a. Physical network architecture only b. Logical network architecture only c. Physical and logical network architecture, data flow architecture, and network standards and services d. Data flow architecture only
d. It means that if an access control mechanism fails, all access will be denied.
In the context of logical access control, what does the term "fail closed" mean? Select one: a. "Fail closed" means that in the event of a power outage, all access points are closed. b. It means that if an access control mechanism fails, all access will be allowed. c. "Fail closed" means that it access is denied, a database table will be closed or locked to changes. d. It means that if an access control mechanism fails, all access will be denied.
c. Secret
In the context of protecting business information, which category of information should be treated with the utmost care and must be encrypted and labeled, never e-mailed, kept in secure containers, and destroyed with specialized procedures? Select one: a. Restricted b. Public c. Secret d. Confidential
a. Access control lists are packet-filtering rules that make allow/deny decisions based on IP address, port, service, and other criteria.
In the context of routers and firewalls, which of the following best describes the use of access control lists (ACLs)? Select one: a. Access control lists are packet-filtering rules that make allow/deny decisions based on IP address, port, service, and other criteria. b. Access control lists audit network traffic for certain characteristics, but allow it to pass unfiltered. c. Access control lists filter inbound network traffic ONLY. d. Access control lists determine who has administrative access to the router or firewall.
d. It may be possible to duplicate the digital certificate.
One potential weakness of certificate-based authentication is: Select one: a. It may be possible to forge the digital certificate. b. It may be possible to revoke the digital certificate. c. It may be possible to decrypt the digital certificate. d. It may be possible to duplicate the digital certificate.
b. Access control management
Poor capacity planning can affect all of the different aspects of IT management EXCEPT: Select one: a. Financial management b. Access control management c. Service level management d. Problem and incident management
b. IP, ICMP, IGMP, and IPSec
Protocols that are found at the TCP/IP Internet layer include: Select one: a. TCP, UDP, and IP b. IP, ICMP, IGMP, and IPSec c. IP, ICMP, HTTP, and DNS d. FTP, SFTP, and SSH
a. Asymmetric, or public, key pairs
Public key infrastructure (PKI) is based on what kind of keys? Select one: a. Asymmetric, or public, key pairs b. Symmetric, or public, key pairs c. Symmetric, or private, key pairs d. Asymmetric, or private, key pairs
d. CISC and RISC
Two primary CPU architectures that are widely used are: Select one: a. Intel and Motorola b. CISC and SPARC c. RISC and MIPS d. CISC and RISC
c. CISC and RISC
Two primary CPU architectures that are widely used are: Select one: a. Intel and Motorola b. RISC and MIPS c. CISC and RISC d. CISC and SPARC
c. Something you calculate (e.g., hash value)
Two-factor authentication relies on using factors to successfully authenticate an individual EXCEPT? Select one: a. Something you have (e.g., smart card, token) b. Something you know (e.g., a PIN) c. Something you calculate (e.g., hash value) d. Something you are (e.g., fingerprint, voice recognition pattern)
d. An IT system or process has sufficient capacity if its performance falls within an acceptable range as specified in service level agreements (SLAs)
What factor primarily determines if there is sufficient capacity in IT systems and IT processes? Select one: a. If there is sufficient processing and storage capacity to meet 125 percent of the organization's projected needs over one year b. If a particular processor or storage device is operating at no more than 80 percent of its intended capacity c. Capacity planning based upon individual business unit projections d. An IT system or process has sufficient capacity if its performance falls within an acceptable range as specified in service level agreements (SLAs)
d. To ensure that all proposed changes to an IT environment are vetted for suitability and risk, and to ensure that changes will not interfere with each other or with other planned or unplanned activities
What is the main purpose of change management? Select one: a. To allow an organization to project financial resources for new IT systems acquisition b. To respond to changes in the IT environment, such as incidents, outages, and other issues c. To record the configuration of IT systems d. To ensure that all proposed changes to an IT environment are vetted for suitability and risk, and to ensure that changes will not interfere with each other or with other planned or unplanned activities
b. To ensure that all proposed changes to an IT environment are vetted for suitability and risk, and to ensure that changes will not interfere with each other or with other planned or unplanned activities
What is the main purpose of change management? Select one: a. To respond to changes in the IT environment, such as incidents, outages, and other issues b. To ensure that all proposed changes to an IT environment are vetted for suitability and risk, and to ensure that changes will not interfere with each other or with other planned or unplanned activities c. To record the configuration of IT systems d. To allow an organization to project financial resources for new IT systems acquisition
b. To locate nonsecure wireless networks that can be exploited
What is the objective of war driving? Select one: a. To locate dial-in modems on a network b. To locate nonsecure wireless networks that can be exploited c. To locate vulnerable ports and service on a network d. To locate out-of-band connections into a network
b. The risks associated with a cutover test are high.
What is the primary disadvantage of a cutover disaster recovery (DR) test? Select one: a. A cutover test can be performed only during an actual disaster. b. The risks associated with a cutover test are high. c. A cutover test does not evaluate the organization's actual ability to recover from a disaster. d. The costs associated with a cutover test are high.
a. The risks associated with a cutover test are high.
What is the primary disadvantage of a cutover disaster recovery (DR) test? Select one: a. The risks associated with a cutover test are high. b. The costs associated with a cutover test are high. c. A cutover test can be performed only during an actual disaster. d. A cutover test does not evaluate the organization's actual ability to recover from a disaster.
c. A simulation does not evaluate the organization's actual ability to recover from a disaster.
What is the primary disadvantage of simulation disaster recovery (DR) testing? Select one: a. The high cost of simulation testing is rarely worth it. b. The risks associated with a simulation test are high. c. A simulation does not evaluate the organization's actual ability to recover from a disaster. d. It is difficult to develop a realistic simulation.
a. The only traffic that a node sees are packets sent explicitly to or from the node, as well as some broadcast traffic, reducing the risks of eavesdropping.
What is the primary security advantage to switching from shared-media networks to switched networks? Select one: a. The only traffic that a node sees are packets sent explicitly to or from the node, as well as some broadcast traffic, reducing the risks of eavesdropping. b. Improved throughput c. Elimination of collision domains d. Elimination of broadcast domains through the use of VLANs
c. Use of tools that san or examine computers, network devices, or application programs with the purpose of finding vulnerabilities
What is the purpose of vulnerability scanning? Select one: a. Determine if a system meets minimum requirements for certification and accreditation (CA) b. Identification of vulnerabilities to gain control of a system c. Use of tools that san or examine computers, network devices, or application programs with the purpose of finding vulnerabilities d. Confirm that all patches have been applied to a system
c. The IS department can be both service provider to internal customers and a customer to external providers, and often the two are interrelated.
What is the relationship, in terms of service level management, that the IT department has with both internal and external customers? Select one: a. There are usually separate IS departments charged with handling internal and external customers. b. IS departments to not manage services that are provided by external service providers; these are managed by the organization's contracts department. c. The IS department can be both service provider to internal customers and a customer to external providers, and often the two are interrelated. d. The IS department will ONLY measure and manage the services that it provides directly to internal customers.
b. Least privilege
When a database's use is restricted so that personnel have only the permissions and privileges needed to perform their job, which access control principle is being followed? Select one: a. Split custody b. Least privilege c. Mandatory access control d. Separation of duties
d. Authenticity and integrity
When a message is signed using a private key and verified with a public key, this action fulfills the message: Select one: a. Authenticity b. Confidentiality and integrity c. Integrity and availability d. Authenticity and integrity
c. Program check-out
When an authorized user is able to access some portion of application source code and make a copy under strict management control, presumably to make a modification or perform analysis, this is referred to as: Select one: a. Unit testing b. Code analysis c. Program check-out d. Version control
b. Program check-out
When an authorized user is able to access some portion of application source code and make a copy under strict management control, presumably to make a modification or perform analysis, this is referred to as: Select one: a. Version control b. Program check-out c. Code analysis d. Unit testing
b. Using the maximum signal strength possible
When designing a wireless network infrastructure, an organization that wants to create a secure network should use all of the following methods EXCEPT: Select one: a. WPA2 encryption b. Using the maximum signal strength possible c. MAC address filtering d. Disabling SSID broadcasting
b. Gate process
When each step of the release process undergoes formal review and approval before the next step is allowed to begin, this is called a: Select one: a. Regression test b. Gate process c. User acceptance test d. Requirements phase
d. Temperature that is too low can cause condensation on equipment that can result in corrosion, and even cause short circuits when condensation occurs on electrical components.
When the temperature in a data center is too high, computing and electronic equipment can overheat. What can happen if the temperature gets too low in a data center? Select one: a. Temperature that is too low can cause issues with mechanical equipment, such as tape drives and printers. b. Low temperatures can cause network cabling to become brittle and easily break. c. Low temperatures can cause the equipment to perform poorly or even freeze up. d. Temperature that is too low can cause condensation on equipment that can result in corrosion, and even cause short circuits when condensation occurs on electrical components.
c. In the case of building access controls, which would need to permit evacuation of personnel in an emergency.
When would you design an access control to "fail open"? Select one: a. In the case of an incident, where outside investigators would require immediate and complete access to restricted data. b. In the event of an emergency, data access controls would need to allow ALL access to data so it could be backed up successfully and removed from the site. c. In the case of building access controls, which would need to permit evacuation of personnel in an emergency. d. In the case of fire suppression controls, which would need to activate immediately if a fire is detected.
b. Secret
Which classification of information should never be stored on a mobile device and must be encrypted and properly labeled while in storage? Select one: a. Public b. Secret c. Restricted d. Confidential
b. Switch
Which device operates at layer 2 of the OSI model and is concerned with listening to traffic to learn the MAC address(es) associated with each of its ports and sending packets only to destination ports? Select one: a. CSU/DSU b. Switch c. Router d. Bridge
a. Switch
Which device operates at layer 2 of the OSI model and is concerned with listening to traffic to learn the MAC address(es) associated with each of its ports and sending packets only to destination ports? Select one: a. Switch b. CSU/DSU c. Bridge d. Router
b. Inrush
Which electric power vulnerability is characterized by a sudden increase in current flowing to a device, usually associated with the startup of a large motor, and may cause a voltage drop that lasts several seconds? Select one: a. Dropout b. Inrush c. Spike or surge d. Brownout
c. Natural disasters
Which is NOT one of the common types of incidents that should be included in an incident response plan? Select one: a. Information system theft b. Malware c. Natural disasters d. Information exposure, theft, or corruption
b. RAID-1
Which level of RAID creates a "mirror," where data written to one disk in the array is also written to a second disk in the array, making the volume more reliable through the preservation of data even when one disk in the array fails? Select one: a. RAID-5 b. RAID-1 c. RAID-6 d. RAID-0
b. RAID-6
Which level of RAID uses two parity blocks instead of a single parity block and can withstand the failure of any two disks in the array, instead of a single disk? Select one: a. RAID-0 b. RAID-6 c. RAID-5 d. RAID-1
d. WPA2
Which method of encryption is considered superior to WEP in terms of protecting wireless networks? Select one: a. MD5 b. SSL/TLS c. SSH d. WPA2
d. Network IDS (NIDS) and host-based IDS (HIDS)
Which of the following are ways that intrusion detection systems (IDS) can be classified? Select one: a. Software and hardware b. Signature based c. Internal and external d. Network IDS (NIDS) and host-based IDS (HIDS)
a. This is the point at which the false reject rate (FRR) equals the false accept rate (FAR). This is the ideal point for a well-tuned biometric system.
Which of the following best describes the term "crossover error rate" in the context of biometric authentication mechanisms? Select one: a. This is the point at which the false reject rate (FRR) equals the false accept rate (FAR). This is the ideal point for a well-tuned biometric system. b. This is the point where the maximum threshold of allowable authentication errors is reached and the system becomes unusable. c. This is the rate at which invalid subjects are accepted as valid. This occurs when the biometric system has too large a margin of error. d. This is the rate at which valid subjects are rejected. This occurs when the biometric system has too small a margin for error.
a. Information security policy
Which of the following describes a policy that includes as its component a statement of executive support, roles and responsibilities, values of information-related assets, protection of information assets, acceptable behavior, enforcement and consequences, support for laws and regulations, and risk management? Select one: a. Information security policy b. Acceptable use policy c. Risk management policy d. Business continuity policy
c. Inert gas
Which of the following fire suppression methods is considered the best one for computer/data centers? Select one: a. Deluge b. Dry pipe c. Inert gas d. Class A fire extinguisher
b. Spam
Which of the following forms of attack perpetrated through e-mail contains messages that advertise legitimate goods and services as well as fakes, and could contain malware? Select one: a. Phishing b. Spam c. Spoofing d. Trojan horses
c. Split custody
Which of the following involves the concept of dividing knowledge of a specific object or task between two persons? Select one: a. Segregation of duties b. Two-person control c. Split custody d. Least privilege
c. The service provider will have access to some of the organization's sensitive information.
Which of the following is the primary risk associated with third-party service providers? Select one: a. The service provider will have access to some of the organization's equipment. b. The service provider will have physical access to some of the organization's facilities. c. The service provider will have access to some of the organization's sensitive information. d. The service provider will have access to some of the organization's personnel.
d. Because VoIP systems communicate over TCP/IP, and because many are based on conventional operating systems, VoIP is protected through primarily the same measures that are used to protect other IT systems.
Which of the following is true regarding protecting voice over IP (VoIP) communications? Select one: a. Protecting VoIP communications requires different technologies and countermeasures than traditional IP networks. b. VoIP should always run on IP networks separate from the organization's data network. c. VoIP is not vulnerable to the same attacks as traditional IP networks. d. Because VoIP systems communicate over TCP/IP, and because many are based on conventional operating systems, VoIP is protected through primarily the same measures that are used to protect other IT systems.
d. A financial transaction processing with a delay
Which of the following normally would NOT be an indication that an incident is taking place? Select one: a. Inabililty to access a public website b. Disk space on the server rapidly filling up c. Widespread network outages d. A financial transaction processing with a delay
b. Allowing users to install only legally licensed software brought from home
Which of the following practices is NOT considered to be effective with regard to software licensing? Select one: a. Software metering b. Allowing users to install only legally licensed software brought from home c. Centralized software management and procurement d. Software licensing policies
c. IPSec
Which of the following protocols may be used to encrypt a remote access connection? Select one: a. SHA1 b. FISH c. IPSec d. MD5
d. IP address spoofing
Which of the following spoofing techniques involves the altering of the OSI layer 3 addressing information? Select one: a. Web addressing spoofing b. E-mail address spoofing c. MAC address spoofing d. IP address spoofing
d. T1 (also known as DS-1) circuits contain 24 DS-0 channels.
Which of the following statements concerning T-carrier circuits is true? Select one: a. North American T1 carrier standards are based on multiples of 32 circuits. b. T-carrier circuits are found only in Europe. c. The data rate of a T3 circuit is 1.5444 Mbps. d. T1 (also known as DS-1) circuits contain 24 DS-0 channels.
a. Viruses are fragments of code that attach themselves to .exe files (executable programs) and are activated when the program they're attached to is run.
Which of the following statements concerning viruses is true? Select one: a. Viruses are fragments of code that attach themselves to .exe files (executable programs) and are activated when the program they're attached to is run. b. A virus is designed to hide itself from the operating system as well as evade detection by antivirus software, and is able to run "underneath" the operating system so that it is undetectable. c. Viruses are stand-alone programs capable of human-assisted and automatic propagation. d. Viruses are programs that are purported to perform one function but that actually perform other (or additional) undesired functions.
d. A hot site is the best choice when the RTO is a small amount of time.
Which of the following statements describing hot, warm, and cold recovery sites is true? Select one: a. A warm site provides a location where backup systems are already running and in a state of near-readiness to return to operations in a short amount of time. b. Cold recovery sites are the least expensive and permit a rapid return to normal operations. c. Hot recovery sites are the least expensive and permit a rapid return to normal operations. d. A hot site is the best choice when the RTO is a small amount of time.
d. Single sign-on refers to an environment where a centralized directory service such as LDAP (Lightweight Directory Access Protocol), RADIUS (Remote Access Dial-In User Service), or Microsoft Active Directory is used by several applications for authentication.
Which of the following statements regarding single sign-on is FALSE? Select one: a. A user needs to sign on only one time, even in a multiple-application environment. b. Single sign-on is more complex than reduced sign-on. In a single sign-on environment, each participating application must be able to communicate with a centralized authentication controller and act accordingly, either by requiring a new user to log in or not. c. Single sign-on refers to an interconnected environment where applications are logically connected to a centralized authentication server that is aware of the logged-in/-out status of each user. d. Single sign-on refers to an environment where a centralized directory service such as LDAP (Lightweight Directory Access Protocol), RADIUS (Remote Access Dial-In User Service), or Microsoft Active Directory is used by several applications for authentication.
d. Biometric
Which of the following terms describes an authentication system that uses physical attributes as part of its access control mechanism? Select one: a. Kerberos authentication b. Challenge handshake authentication protocol (CHAP) Incorrect c. Psychometric d. Biometric
b. Toll fraud
Which of the following threats is uniquely vulnerable to Voice over IP systems in addition to the normal threats any IP-based network would face? Select one: a. Eavesdropping b. Toll fraud c. Denial of service d. Spoofing
c. Authentication and encryption
Which two elements are key to implementing remote access? Select one: a. Identification and authorization b. Identification and encryption c. Authentication and encryption d. Encryption and permissions
c. Spyware
Which type of malware performs one or more surveillance-type actions on a computer reporting back to the malware owner? Select one: a. Worms b. Viruses c. Spyware d. Trojan horses
c. Pre-action
Which type of water-pipe fire suppression method is usually considered best for data centers? Select one: a. Wet pipe b. Dry pipe c. Pre-action d. Deluge
d. PDAs and laptops
Which types of devices would a "remote destruct" feature be enabled on in the event they are lost or stolen? Select one: a. Switches and routers b. Servers c. Desktop PCs d. PDAs and laptops
a. IT service desk
Who acts as the single point of contact for requests from customers? Select one: a. IT service desk b. CIO c. IT manager Incorrect d. Network operations section
a. Certificate authority
Who signs a digital certificate, providing assurance that the certificate and the identifying information it contains is valid? Select one: a. Certificate authority b. Revocation authority c. Registration authority d. Issuing authority
c. To make sure that functions that were confirmed to be working properly in prior releases continue to work as expected
Why is regression testing important to the release process? Select one: a. To allow users to test all functions prior to the final release b. To confirm whether software is performing according to requirements c. To make sure that functions that were confirmed to be working properly in prior releases continue to work as expected d. To ensure that units of code are error-free before being integrated into the overall system