Network Security Final Exam Review

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

20

A Preshared Key (PSK) of fewer than _______ characters may be subject to an attack if that key is a common dictionary word.

Supplicant

A RADIUS authentication server requires that the _______ be authenticated first.

For as long as it appears on the device

A TOTP token code is valid _____.

Prevent certain applications from launching that will consume too much power

A UPS can perform each of the following EXCEPT _____.

Has an initialization vector (IV) that is the same length as a WEP key of 64 bits

A WEP key that is 128 bits in length __________.

Network Intrusion Detection System (NIDS)

A _____ watches for attacks and sounds an alert only when one occurs.

Vulnerability Assessment

A ________ is a systematic and methodical evaluation of the exposure of assets to attackers, forces of nature, and any other entity that could cause potential harm.

Certificate Signing Request (CSR)

A _________ is a specially formatted encrypted message that validates the information the CA requires to issue a digital certificate.

Cable Lock

A ___________ can be used to secure a mobile device.

Hotfix

A ____________ addresses a specific customer situation and often may not be distributed outside that customer's organization.

Certificate Repository (CR)

A centralized directory of digital certificates is called a(n) __________ .

The user's identity with his public key

A digital certificate associates ____________.

Extended Validation SSL Certificate

A digital certificate that turns the address bar green is a(n) ________.

Verify the receiver

A digital signature can provide each of the following benefits EXCEPT ___________.

Stateful Packet Filtering

A firewall using _________ is the most secure type of firewall.

Deadbolt Lock

A lock that extends a solid metal bar into the door frame for extra security is the ____________.

Unified Threat Management (UTM)

A multipurpose security device is known as _______.

Subject

A process functioning on behalf of the user who attempts to access a file is known as a(n) _____.

Makes a copy of the transmission for use at a later time

A replay attack _________

Routes incoming requests to the correct server

A reverse proxy _____.

Asymmetric server cluster

A standby server that exists only to take over for another server in the event of its failure is known as a(n) _____.

Security-related human resource policy

A statement regarding due diligence would be found in which security policy?

Performing a security risk assessment

A typical configuration baseline would NOT include _____________.

Identification

A user entering her user name would correspond to the __________ action in access control.

Trojan

A user who installs a program that prints out coupons but in the background silently collects her passwords has installed a _________

Users who access a common website

A watering hole attack is directed against _______.

Intrusive Vulnerability Scan

A(n) _____ attempts to penetrate a system in order to perform a simulated attack.

Application-Aware Firewall

A(n) _____ can identify the application that send packets and then make decisions about filtering based on it.

LDAP injection attack

A(n) _____ constructs LDAP statements based on user inputs in order to retrieve information from the database or modify its contents.

Certificate Policy (CP)

A(n) _____ is a published set of rules that govern the operation of a PKI.

Memorandum of Understanding (MOU)

A(n) _____ is an agreement between two parties that is not legally enforceable.

Operational

A(n) _____ risk control type would use video surveillance systems and barricades to limit access to secure sites.

proxy server

A(n) _______ intercepts internal user requests and then processes those requests on behalf of the users.

Digest

A(n) _________ is not decrypted but is only used for comparison purposes.

Owner

A(n) _________ is the person who is responsible for the information, determines the level of security needed for the data, and delegates security duties as required.

Virus

A(n) ____________ requires a user to transport it from one computer to another.

On-Line UPS

A(n) is always running off its battery while the main power runs the battery charger.

WPA2

AES-CCMP is the encryption protocol standard used in _________.

List of remote NetBIOS names

An attacker cannot use NetBIOS to determine ______.

Integer overflow

An attacker who manipulates the maximum size of an integer type would be performing what kind of attack?

Class C

An electrical fire like that which would be found in a computer data center is known as what type of fire?

Certificate Authority (CA)

An entity that issues digital certificates is a ________.

False Positive

An event that appears to be a risk but turns out not to be one is called a _____.

Obscurity

An example of _______ is not revealing the type of computer, operating system, software, and network connection a computer uses

Diversity

An organization that purchased security products from different vendors is demonstrating what security principle?

Threat Evaluation

At what point in a vulnerability assessment would an attack tree be utilized?

Personal Area Network (PAN)

Bluetooth falls under the category of .

Reset to factory settings

Bob has attempted to enter the passcode for his mobile device but keeps entering the wrong code. Now he is asked to enter a special phrase to continue. This means that Bob's mobile device is configured to ________.

Can be embedded inside a webpage but add-ons cannot.

Browser plug-ins _________.

Geolocation

Creating a pattern of where a user accesses a remote web account is an example of _____.

Substitutes DNS addresses so that the computer is automatically redirected to another device.

DNS poisoning ____________.

To verify the authenticity of the Registration Authorizer

Digital certificates cannot be used ________.

Wet chemical system

Each of these is a category of fire suppression systems EXCEPT a _____.

Attack Assessment

Each of these is a step in risk management EXCEPT _____.

Operating System

Each optional feature is found on most mobile devices EXCEPT ________.

In-band Key Exchange

Elliptic Curve Diffie-Hellman (ECDH) is an example of _________.

Andragogical

For adult learners, a(n) approach (the art of helping an adult learn) is often preferred.

A hoax could convince a user that a bad Trojan is circulating and that he should change his security settings.

How can an attacker use a hoax?

Logically

How does a virtual LAN (VLAN) allow devices to be grouped?

A virtualized environment is created and the code is executed in it.

How does heuristic detection detect a virus?

It discards unsolicited packets.

How does network address translation (NAT) improve security?

It takes more time to generate candidate password digests.

How is key stretching effective in resisting password attacks?

It allows secure web domains to exchange user authentication and authorization data

How is the Security Assertion Markup Language (SAML) used?

Alice's public key

If Bob wants to send a secure message to Alice using an asymmetric cryptographic algorithm, which key does he use to encrypt the message?

Captive Portal

If Cora tries to access a free public Wi-Fi at a local coffee shop that requires her to first agree to an Acceptable Use Policy (AUP) before continuing, what type of AP has she encountered?

Address Resolution Protocol (ARP) poisoning

If a device is determined to have an out-of-date virus signature file, then Network Access Control (NAC) can redirect that device to a network by _____.

Connect them to different switches and routers

If a group of users must be separated from other users, what is the most secure network design?

Fail-Open

If a software application aborts and leaves the program open, which control structure is it using?

White Box

If a tester is given the IP addresses, network diagrams, and source code of customer applications, the tester is using which technique?

Makes a request to the authenticator

In a network using IEEE 802.1x, a supplicant __________.

Server Digital Certificate

In order to ensure a secure cryptographic connection between a web browser and a web server, a(n) _____ would be used.

Is assigned a label

In the Mandatory Access Control (MAC) model, every subject and object _____.

Mandatory Access Control

In the ________ model, the end-user cannot change any security settings.

As the functional and design specifications are being developed based on the requirements

In the software development process, when should a design review be conducted?

ICMP Poisoning

Internet Control Message Protocol (ICMP) is NOT used by which kind of attacks?

Behavioral

Keystroke dynamics is an example of which type of biometrics?

Impersonation

Michelle pretends to be the help desk manager and calls Steve to trick him into giving her his password. What social engineering attack has Michelle performed?

Location services

Mobile devices using _________ are at increased risk of targeted physical attacks.

Personal Digital Assistant (PDA)

One of the first mobile devices was a _______.

Non-Repudation

Proving that a user sent an email message is known as .

Are widely accepted in the industry

Public Key Cryptography Standards (PKCS) ________.

Is the management of digital certificates

Public Key Infrastructure (PKI) _____.

Perfect Forward Secrecy

Public key systems that generate random public keys that are different for each session are called _______.

Clean Desk Policy

Requiring employees to clear their workspace of all papers at the end of each business day is called _____.

Ease of use

Tablet computers are designed for _______.

Encrypts the key and the message

The Hashed Message Authentication Code (HMAC) __________.

Provides cryptographic services in hardware instead of software

The Trusted Platform Module (TPM) _________.

Third

The ________-party trust model supports CA.

Chief Information Security Officer (CISO)

The _________ is primarily responsible for assessing, managing, and implementing security

In the directory structure of the file system

The areas of a file in which steganography can hide data do NOT include ________.

MTTR

The average amount of time that it will take a device to recover from a failure that is not a terminal failure is called the _________.

Custody

The chain of _____ documents that the evidence was under strict control at all times and no unauthorized person was given the opportunity to corrupt the evidence.

Hypertext Transport Protocol (HTTP)

The preferred method today of bot herders for command and control of zombies is ________.

Evil Twin

The primary design of a(n) ________ is to capture the transmissions from legitimate users.

Least Privilege

The principle known as _________ in access control means that each user should be given only the minimal amount of privileges necessary for that person to perform his job function.

20 and 21

The protocol File Transfer Protocol (FTP) uses which two ports?

Keyed Entry Lock

The residential lock most often used for keeping out intruders is the ________.

Digital Certificate

The strongest technology that would assure Alice that Bob is the sender of a message is a(n) _____.

Single Sign-On

Using one authentication credential to access multiple accounts or applications is known as _____.

Temporal Key Integrity Protocol (TKIP)

WPA replaces WEP with _________.

Accounts Payable

What CANNOT be classified as an asset?

Health Insurance Portability and Accountability Act (HIPAA)

What act requires enterprises to guard protected health information and implement policies and procedures to safeguard it?

Reformat the web application server's hard drive

What action cannot be performed through a successful SQL injection attack?

Mobile Device Management (MDM)

What allows a device to be managed remotely?

Regulatory

What approach is NOT a part of the Simple Risk Model?

Cybercriminals

What are attackers called who belong to a network of identity thieves and financial fraudsters?

Image

What can a QR code NOT contain?

Stockholders

What cannot be classified as an "insider"?

Vapor Barrier

What cannot be used along with fencing as a security perimeter?

A protocol analyzer

What cannot be used to hide information about the internal network?

Send spam email to all users in the company on Tuesday

What could NOT be defined as a logic bomb?

Disk to Disk to Tape (D2D2T)

What data backup solution uses the magnetic disk as a temporary storage area?

Point to another area data memory that contains the attacker's malware code

What do attackers use buffer overflows to do?

It limits devices that can connect to a switch

What does MAC limiting and filtering do?

Copies all files changed since the last full or incremental backup

What does an incremental backup do?

It separates personal data from corporate data

What does containerization do?

Redundant Array of Independent Drives

What does the abbreviation RAID represent?

Geo-Fencing

What enforces the location in which an app can function by tracking the location of the mobile device?

Intrusion Detection

What function does an Internet content filter NOT perform?

Hardware Security Module (HSM)

What has an onboard key generator and key storage facility, as well as accelerated symmetric and asymmetric encryption, and can back up sensitive material in encrypted form?

Keyboard Mapping

What is NOT a Microsoft Windows setting that can be configured through a security template?

Risk Loss

What is NOT a basic security protection for information that cryptography can provide?

Is only used by hactivists against foreign enemies

What is NOT a characteristic of Advanced Persistent Threat (APT)?

Collisions should be rare

What is NOT a characteristic of a secure hash algorithm?

A long password

What is NOT a characteristic of a weak password?

Periodic Visual Inspections

What is NOT a characteristic of an alarmed carrier PDS?

Alerts users when a new patch cannot be found

What is NOT a function of a vulnerability scanner?

Limit access control

What is NOT a goal of information security?

Users can more easily roam from one WLAN to another.

What is NOT a limitation of turning off the SSID broadcast from an AP?

It displays the attack's programming skills.

What is NOT a reason why adware is scorned?

Greater sophistication of defense tools

What is NOT a reason why it is difficult to defend against today's attackers?

The processors on clients are smaller than on web servers and thus they are easier to defend.

What is NOT a reason why securing server-side web applications is difficult?

Most sites force users to create weak passwords even though they do not want to.

What is NOT a reason why users create weak passwords?

Resistance

What is NOT a response to risk?

Public networks are faster than local networks and can spread malware more quickly to mobile devices.

What is NOT a risk of connecting a mobile device to a public network?

Only 50 percent of the packets will be encrypted.

What is NOT a risk when a home wireless router is not securely configured?

Virtual servers are less expensive that their physical counterparts

What is NOT a security concern of virtualized environments?

Last known good configuration

What is NOT a security feature for locating a lost or stolen mobile device?

SmallSD

What is NOT a size of SD cards?

Data In-Process

What is NOT a state of data that DLP examines?

Purposes

What is NOT a successive layer in which information security is achieved?

Making all configuration changes remotely

What is NOT a technique for securing a router?

Low-Capacity

What is NOT a type of SD card?

WNIC Probe

What is NOT a type of wireless AP probe?

Transport itself through the network to another device

What is NOT an action that a virus can take?

Resource Control

What is NOT an activity phase control?

Cost increases

What is NOT an advantage of BYOD for an organization?

The risk of overloading a desktop client is reduced.

What is NOT an advantage of a load balancer?

Users can disable or circumvent updates just as they can if their computer is configured to use the vendor's online update service.

What is NOT an advantage to an automated patch update service?

ARP address impersonation

What is NOT an attack against a switch?

Successful logins

What is NOT an entry in a firewall log that should be investigated?

Barricade

What is NOT designed to prevent individuals from entering sensitive areas but instead is intended to direct traffic flow?

Determining user need (analyzing)

What is NOT part of the makeup of the AAA elements in network security?

Common Access Card (CAC)

What is a U.S. Department of Defense (DoD) smart card that is used for identification of active-duty and reserve military personnel?

Guideline

What is a collection of suggestions that should be implemented?

Third-party cookie

What is a cookie that was not created by the website being viewed called?

Vulnerability appraisal

What is a current snapshot of the security of an organization?

OpenID

What is a decentralized open-source FIM that does not require specific software to be installed on the desktop?

Cost

What is a disadvantage of biometric readers?

Spyware

What is a general term used for describing software that gathers information without the user's consent?

An attack that slightly alters dictionary words

What is a hybrid attack?

Whitelist

What is a list of approved email senders?

Threat Agent

What is a person or element that has the power to carry out a threat?

A random string assigned by a web server

What is a session token?

Multifactor Authentication System

What is a token system that requires the user to enter the code along with a PIN called?

MAC addresses are initially exchanged between wireless devices and the AP in an unencrypted format

What is a vulnerability of MAC address filtering?

Intimidation

What is an attempt to influence a user by coercion?

Level 0+1

What is an example of a nested RAID?

To spy on citizens

What is an objective of state-sponsored attackers?

Flash cookie

What is another name for a locally shared object?

SSL v2.0

What is considered the weakest cryptographic transport protocol?

Plaintext

What is data called that is to be encrypted by inputting it into an cryptographic algorithm?

Typo Squatting

What is it called when a user makes a typing error when entering a URL that takes him to an imposter website?

Content-length

What is not an HTTP header attack?

Android apps can be sideloaded

What is one reason Android devices are considered to be at a higher security risk than iOS devices?

A framework for transporting authentication protocols

What is the Extensible Authentication Protocol (EAP)?

To inject SQL statements through unfiltered user input

What is the basis of a SQL injection attack?

TACACS+

What is the current version of TACACS?

The aim of a hactivist is not to incite panic like cyberterrorists

What is the difference between a hactivist and a cyberterrorist?

A NIPS can take action more quickly to combat an attack.

What is the difference between a network intrusion detection system (NIDS) and a network intrusion prevention system (NIPS)?

Develop a security policy.

What is the first step in securing an operating system?

Reconnaissance

What is the first step in the Cyber Kill Chain?

SHA-3

What is the latest version of the Secure Hash Algorithm?

Discretionary Access Control (DAC)

What is the least restrictive access control model?

Recovery Point Objective (RPO)

What is the maximum length of time that an organization can tolerate between data backups?

Custodian

What is the name given to the individual who periodically reviews security settings and maintains records of access by users?

Its usage creates a detectable pattern

What is the primary weakness of Wired Equivalent Privacy (WEP)?

A virus can be transmitted.

What is the security risk of a P2P network?

Bot Herder

What is the term used for an attacker who controls multiple zombies in a botnet?

BlueSnarfing

What is the unauthorized access of information from a wireless device through a Bluetooth connection called?

LDAP

What is the version of the X.500 standard that runs on a personal computer over TCP/IP?

XSS does not attack the web application server to steal or corrupt its information

What is unique about a cross-site scripting (XSS) attack compared to other injection attacks?

Spim

What is unsolicited instant messaging called?

Books

What items retrieved through dumpster diving would NOT provide useful information?

Transitive

What kind of attack is performed by an attacker who takes advantage of the inadvertent and unauthorized access built through succeeding systems that all trust one another?

The necessary steps to protect a person or property from harm

What phrase describes the term "security" in a general sense?

Lock Screen

What prevents a mobile device from being used until the user enters the correct passcode?

Integrity

What protection is provided by hashing?

Reformat the hard drive and reinstall the operating system.

What should you do to completely remove a rootkit form a computer?

It prevents DoS or DDoS attacks

What statement about a flood guard is true?

It monitors and controls two interlocking doors to a room.

What statement about a mantrap is true?

It can only protect data while it is on the user's personal computer

What statement about data loss prevention (DLP) is NOT true?

It is designed for use on a large scale.

What statement is NOT true regarding hierarchical trust models?

Traditional network security devices ignore the content of HTTP traffic, which is the vehicle of web application attacks.

What statement is correct regarding why traditional network security devices cannot by used to block web application attacks?

The Windows virtual machine needs its own security

What statement is true regarding security for a computer that boots to Apple Mac OS X and then runs a Windows virtual machine?

Software keyloggers are easy to detect

What statement regarding a keylogger is NOT true?

Black Hat Hackers

What term was used to describe attackers who would break into a computer system without the owner's permission and publicly disclose the vulnerability?

Man-in-the-Middle

What type of attack intercepts legitimate communication and forges a fictitious response to the sender?

Directory Traversal

What type of attack involves an attacker accessing files in directories other than the root directory?

Public Cloud

What type of cloud is offered to all users?

Laptop

What type of computer most closely resembles a desktop computer?

Administrative Controls

What type of controls are the processes for developing and ensuring that policies and procedures are carried out?

SNMPv3

What version of Simple Network Management Protocol (SNMP) is considered the most secure?

Date

What would NOT be a filtering mechanism found in a firewall rule?

Router Delay

What would NOT be a valid Internet Control Message Protocol (ICMP) error message?

To secure the crime scene

When an unauthorized event occurs, what is the first duty of the computer forensics response team?

In digests

Where can keys NOT be stored?

On the Internet

Where does a web-based computer store user files?

With the SMTP server

Where is the preferred location for installation of a spam filter?

DNS poisoning

Which Domain Name System (DNS) attack replaces a fraudulent IP address for a symbolic name?

FC hard zone

Which Fibre Channel zone is the most restrictive?

802.11ac

Which IEEE WLAN has the highest data rate?

Group Policy

Which Microsoft Windows feature provides centralized management and configuration of computers and remote users who are using Active Directory?

PIN method

Which Wi-Fi Protected Setup (WPS) method is vulnerable?

LM (LAN Manager) hash

Which algorithm is the weakest for creating password digests?

RSA

Which asymmetric cryptography algorithm is the most secure?

RSA

Which asymmetric encryption algorithm uses prime numbers?

Pre-image Attack

Which attack is an attempt to compare a known digest to an unknown digest?

What you do

Which authentication factor is based on a unique talent that a user possesses?

Kerberos

Which authentication protocol is available as a free download that runs on Microsoft Windows, Apple Mac OS X, and Linux?

Hub

Which device is easiest for an attacker to take advantage of in order to capture and analyze packets?

OTP

Which encryption method cannot be broken mathematically?

iSCSI

Which high-speed storage network protocols used by a SAN is IP-based?

Weight

Which human characteristic is NOT used for biometric identification?

Diffie-Hellman (DH)

Which key exchanges uses the same keys each time?

Level 1

Which level of RAID uses disk mirroring and is considered fault-tolerant?

Ransomware

Which malware locks up a user's computer and then displays a message that purports to come from a law enforcement agency?

XML

Which markup language is designed to carry data?

Subnotebook

Which mobile device is the smallest?

Moisture

Which of the following is NOT a motion detection method?

Push Flood

Which of these is NOT a DoS attack?

It is a private document used only by top-level administrators for planning.

Which of these is NOT a characteristic of a disaster recovery plan (DRP)?

Busy

Which of these is NOT a state of a port that can be returned by a port scanner?

Authorization

Which of these is NOT part of the certificate life cycle?

A spark to start the process

Which of these is NOT required for a fire to occur?

Access Control List (ACL)

Which of these is a set of permissions that is attached to an object?

SFTP

Which of these is the most secure protocol for transferring files?

Advanced Encryption Standard

Which of these is the strongest symmetric cryptography algorithm?

HOTP

Which one-time password is event-driven?

Representative from a hardware vendor

Which person should NOT serve on a security policy development team?

Acceptable Use Policy

Which policy defines the actions users may perform while accessing systems and networking equipment?

How long will it take to finish the backup?

Which question is NOT a basic question to be asked regarding creating a data backup?

Do not use alphabetic characters.

Which recommendation would NOT be found in a password management and complexity policy?

Operational

Which risk category addresses events that impact the daily business of the organization?

Filter packets based on protocol settings

Which secure feature does a load balancer NOT provide?

OAuth

Which single sign-on (SSO) technology depends on tokens?

It dynamically assigns roles to subjects based on rules.

Which statement about Rule Based Access Control is true?

It removes private addresses when the packet leaves the network.

Which statement about network address translation (NAT) is true?

It attempts to standardize vulnerability assessments.

Which statement about the Open Vulnerability and Assessment Language (OVAL) is true?

It uses automated software to scan for vulnerabilities.

Which statement about vulnerability scanning is true?

Policies communicate a unanimous agreement of judgment.

Which statement does NOT describe a characteristic of a policy?

Only access a social networking site on personal time.

Which statement is NOT a general security recommendation when using social networking sites?

Require all users to approve the policy before it is implemented.

Which statement is NOT a guideline for developing a security policy?

State reasons why the policy is necessary.

Which statement is NOT something that a security policy must do?

It uses FIN messages that can pass through firewalls and avoid detection.

Which statement regarding TCP SYN port scanning is NOT true?

It contains servers that are used only by internal network users.

Which statement regarding a demilitarized zone (DMZ) is NOT true?

It cannot be part of a honeynet.

Which statement regarding a honeypot is NOT true?

Vulnerability appraisal is always the easiest and quickest step.

Which statement regarding vulnerability appraisal is NOT true?

Physical keyboard

Which technology is NOT a characteristic of a mobile device?

Wireless Probe

Which technology is NOT found in a wireless broadband router?

Near Field Communication (NFC)

Which technology is predominately used for contactless payment systems?

PEAP

Which technology should be used instead of LEAP?

HTTP Header

Which type of attack modifies the fields that contain the different characteristics of the data that is being transmitted?

Firewall Log

Which type of device log contains the most beneficial security data?

Access Log

Which type of log can provide details regarding requests for specific files on a system?

Hot Site

Which type of site is essentially a duplicate of the production site and has all the equipment needed for an organization to continue running?

Individuals on a decision-making level

Who should be involved in a tabletop exercise?

The vulnerability was previously unknown and is unlikely to be patched quickly

Why can brokers command such a high price for what they sell?

They can cause significant disruption by destroying only a few targets

Why do cyberterrorists target power plants, air traffic control centers, and water systems?

It allows an attacker to bypass many of the network security configurations.

Why is a rogue AP a security vulnerability?

It prevents a broadcast storm that can cripple a network

Why is loop protection necessary?

It could result in denial of service (DoS) attacks.

Why should the account lockout threshold not be set too low?

RADIUS

With the development of IEEE 802.1x port security, the _____ authentication server has seen even greater usage.

Session keys

_____ are symmetric keys to encrypt and decrypt information exchanged during the session and to verify its integrity.

Cognitive

_____ biometrics is related to the perception, thought processes, and understanding of the user.

Implicit Deny

_____ in access control means that if a condition is not explicitly met, then access is to be rejected.

Secure Shell (SSH)

_____ is a protocol for securely accessing a remote computer.

Privilege

_____ management covers the procedures of managing object authorizations.

Online Certificate Status Protocol (OCSP)

_____ performs a real-time lookup of a digital certificate's status.

Key Escrow

_____ refers to a situation in which keys are managed by a third party, such as a trusted CA.

Baseline reporting

_______ is a comparison of the present security state of a system to a standard established by the organization.

Due care

_______ is defined as the obligations that are imposed on owners and operators of assets to exercise reasonable care of the assets and take necessary precautions to protect them.

Ethics

________ may be defined as the study of what people understand to be good and right behavior and how people make those judgments.

Whaling

________ sends phishing messages only to wealthy individuals.

Threat modeling

_________ constructs scenarios of the types of threats that assets can face in order to learn who the attackers are, why they attack, and what types of attacks may occur.

Authentication

_________ ensures that individuals are who they claim to be

Tailgating

_________ is following an authorized person through a secure door.

Group Policy

___________ allows for a single configuration to be set and then deployed to many or all users.

Confidentiality

___________ ensures that only authorized parties can view the information

IT contingency planning

___________ is the process of developing an outline of procedures to be followed in the event of a major IT incident or an incident that directly impacts IT.


Ensembles d'études connexes

UNA MBA 600_ Chapter 5: Managerial Planning and Goal Setting Key Terms

View Set

11.31.M - Lesson: Developed & Developing Nations Review

View Set