Module 5 Unit 1 Review Questions

Why should a security policy instruct users not to reveal their password to technical support staff?

A security policy should do this because it would make users aware of masquerading and its dangers

How might someone masquerade as someone else when using email or instant message?

They can act as if they are someone else; someone who they are really not but claim to be

An attacker has used a rogue access point to intercept traffic passing between wireless clients and the wired network segment. What type of attack is this?

This is an impersonation attack

Why is prioritization a critical task for Disaster recovery?

It is critical because it gives a way to get the important things done tasks done first

In considering availability concerns , what use might a lockable faceplate on a server-class computer be?

It would protect the computer from any physical threats such as tampering

What does AAA stand for?

Authentication, authorization, and accounting

What are the three main areas where redundancy should be provisioned?

Data, network, and power

Which specific attack uses a botnet to threaten availability?

DoS uses botnet

Which property of secure information is comprised by snooping?

Snooping compromises confidentiality

What type of access mechanism is MOST vulnerable to replay attack?

The access token mechanism