Exam 2 - Ch. 8, 9, 10, 11, 12, 13, 14

Ace your homework & exams now with Quizwiz!

Which of the following is the process of providing additional private credentials that match the user ID or username?

Authentication

Which of the following terms means the process to decide what a user can do?

Authorization

A successful DoS attack violates the ______ property of C-I-A.

Availability

The term _______ defines the components, including people, information, and conditions, that support business objectives.

Business drivers

______ cabling provides excellent protection from interference but can be expensive.

Fiber Optic

Which of the following is commonly the primary security control for data entering the LAN-to-WAN domain?

Filtering

Which type of network device is most commonly used to filter network traffic?

Firewall

Which security related act requires organizations to protect all personal medical information?

HIPAA

Which of the following protocols is used for encrypted traffic?

HTTPS

Which of the following devices repeats input received to all ports?

Hub

Which department should take the lead in User Domain compliance accountability?

Human Resources

Which of the following devices detect potential intrusions? (Select two). A. Firewall B. IPS C. IDS D. Load balancer

IPS; IDS

Which of the following is the process of verifying credentials of a specific user?

Identification

Which of the following is not a common feature of a data center? A. Controlled environment B. Limited physical access C. In-room generator D. Raised floor

In-room generator

The ______ property of the C-I-A triad provides the assurance the information cannot be changed by unauthorized users.

Integrity

Which of the following best describes the purpose of auditing?

It verifies that systems are operating in compliance

Which of the following terms defines a strategy in which you grant access that allows a user to complete assigned tasks and nothing else?

Least Privilege

Which WAN technology is a cost-effective solution for connecting multiple locations?

MPLS

Which common term originally referred to the large cabinets that housed the processing units and memory modules of early computers?

Mainframe

Which benefits do application performance monitoring software provide? (Select two). A. Measure end-user response time B. Measure senior management browsing habits C. Measure end-user traffic volume D. Measure application installed code base

Measure end-user response time; Measure end-user traffic volume

Which of the following controls would comply with the directive to limit access to payroll data to computers in the HR department?

Media Access Control-based authorization

Which of the following describes a common LAN protocol deployed to a network the size of a city?

Metro Ethernet

The ______ feature speeds up routing network packets by adding a label to each packet with routing information.

Multi-protocol label switching (MPLS)

Which of the following is a solution that defines and implements a policy that describes the requirements to access your network?

NAC

When using DAC, a subject must possess sufficient clearance as well as ________ to access an object.

Need to Know

A(n) ______ is a dedicated computer on a LAN that runs network management software.

Network Monitoring Plan (NMP)

Every disaster recovery plan should protect ______ first.

People

Which of the following is a series of individual tasks that users accomplish to comply with one or more goals?

Procedure

What are the types of malware? (Select two). A. Programs that actively spread or infect B. Programs that slow down data transfer C. Programs that cause damage D. Programs that hide

Programs that actively spread or infect Programs that hide

A(n) _______ makes requests for remote services on behalf of local clients.

Proxy Server

Which access control method is based on granting permissions?

RBAC

Using a RACI matrix, which attribute refers to the party that actually carries out the work?

Responsible

Which LAN device commonly has the ability to filter packets and deny traffic based on the destination address?

Router

______ is a network protocol used to monitor network devices.

SNMP

Which of the following is an internal control report for the services provided by a service provider?

SOC

Which of the following protocols works well with firewalls?

SSTP

Which of the following terms ensures at least two people must perform a series of actions to complete as task?

Separation of Duties

The _____ contains guaranteed availability for your WAN connection.

Service level agreement (SLA)

If you only have one connection to the Internet and that connection fails, your organization loses its Internet connection. This is an example of a(n) ______.

Single Point of Failure

According to SOX requirements, which type of user accounts are prohibited from accessing the production environment?

Software developers

Which of the following is a collection of requirements that the users must meet?

Standard

Which of the following controls would best protect sensitive data disclosure to unauthorized users using remote computers?

Strong passwords

A(n) ______ is a subdivision or part of a network.

Subnet

_______ is a technique that creates a virtual encrypted channel that allows applications to use any protocol to communicate with servers and services without having to worry about addressing privacy concerns.

Tunneling

Which protocol does SNMP use to transport messages?

UDP

A(n) ______ makes it easy to establish what appears to be a dedicated connection over a WAN.

Virtual Private Network (VPN)

Many organizations use a(n) ______ to allow remote users to connect to internal network resources.

Virtual Private Network (VPN)

Why is mapping a LAN a productive exercise?

Visual maps help in understanding your LAN design

A(n) ______ can exclude unnecessary traffic from the WAN.

WAN Optimizer

Which entity is responsible for controlling access to network traffic in the WAN?

WAN service provider

Who writes SLAs?

WAN service provider

Some attackers use the process of ______ to find modems that may be used to attack a computer.

War Dialing

A(n) ______ generally resides in the DMZ and provides the interface between remote users and an application server.

Web server

A ______ is a type of malware that is a self-contained program that replicates and sends copies of itself to other computers

Worm

Defining access controls where each user has the permission to carry out assigned tasks and nothing else is called

the principle of least privilege

Most WAN protocols operate at which level in the OSI reference model?

2

Which of the following is true? A. A BCP is normally part of a DRP B. A BCP addresses only IT issues C. A DRP is normally part of a BCP D. A DRP should address even minor interruptions

A DRP is normally part of a BCP

Which of the following best describes a dual-homed ISP connection?

A network that maintains two ISP connections

Which of the following best describes the term honeypot?

A server that is deliberately set up in an unsecure manner to attract attackers

Which of the following types of policies defines prohibited actions?

Acceptable use policy (AUP)

Which type of plan contains instructions on how to recover from a power failure?

BCP

Which of the following transmission techniques requires the entire bandwidth of a channel?

Baseband

True or False. The primary concern for remote access is availability.

False

True or False. WAN subscription cost tends to decrease as availability increases.

False

What does it mean when there are differences between the last security configuration baseline and the current security configuration settings?

Changes have occurred (either authorized or unauthorized)

Which type of agreement can protect the ability to file a patent application?

Confidentiality agreement

Why is LAN device configuration control important?

Configuration control can detect changes an attacker might have made to allow harmful traffic in a LAN

True or False. You only need written authorization prior to conducting a penetration test that accesses resources outside your organization.

False

Which type of WAN generally has the highest speed and is most secure?

Dedicated line

Which of the following choices protect your system from users transferring private data files from a server to a workstation? (Select two). A. Increase the frequency of object access audits. B. Deliver current security policy training. C. Place access control to prohibit inappropriate actions. D. Enable access auditing for all private data files.

Deliver current security policy training. Place access control to prohibit inappropriate actions.

A(n) ______ is an isolated part of a network that is connected both to the Internet and your internal secure network and is a common home for Internet-facing Web servers.

Demilitarized Zone (DMZ)

Which type of control only reports that a violation has occurred?

Detective

______ means the ongoing attention and care an organization places on security and compliance.

Due diligence

Where must sensitive information be encrypted to ensure its confidentiality? (Select two). A. While in use on a workstation B. During transmission over the network C. As it is stored on disk D. In memory

During transmission over the network As it is stored on disk

Which of the following is the primary type of control employed in the WAN domain?

Encryption

_______ is the primary security control used in the Remote Access domain.

Encryption

True or False. A LAN is a network that generally spans several city blocks.

False

True or False. A confidentiality agreement sets the expectations of each employee and sets job performance standards.

False

True or False. A local resource is any resource connected to the local LAN.

False

True or False. All VPN traffic is encrypted.

False

True or False. Because the System/Application domain is the innermost domain, security controls are not as important.

False

True or False. By definition, VPN traffic is encrypted.

False

True or False. PCI DSS allows merchants to store the CVV number.

False

True or False. The WAN domain commonly contains a DMZ.

False

True or False. The main concern of data security in the System/Application domain is integrity.

False

Which type of full database encryption doesn't require any user interaction?

TDE

Which protocol is commonly used to protect data sent to Web browsers when not using VPNs?

TLS

What condition must exist for a background check to be governed by FCRA?

The investigation is performed by a third party

How can some smart routers attempt to stop a DoS attack in progress?

They can terminate any connections with the source of the attack

Which of the following would be the best use for a packet sniffer? A. To approve or deny traffic based on the destination address B. To encrypt confidential data C. To analyze packet contents to specific LAN devices D. To track configuration changes to specific LAN devices

To analyze packet contents for known inappropriate traffic

True or False. A distributed application is one in which the components that make up the application reside on different computers.

True

True or False. A solid multilayered security plan means that an attacker will likely encounter several security controls before reaching the System/Application domain components.

True

True or False. Discretionary access control is based on roles and granted permissions.

True

True or False. Even the newest wireless protocols are slower than using high-quality physical cable.

True

True or False. Given adequate security controls, PDAs are appropriate for use as remote access devices.

True

True or False. NAT is helpful to hide internal IP addresses from the outside world.

True

True or False. One of the most important concerns when sending data across a WAN is confidentiality

True

True or False. The use of global user accounts can simplify user maintenance.

True

True or False. You should back up LAN device configuration settings as part of a LAN backup.

True

Many organizations use a RCI matrix to document tasks and the personnel responsible for the assignments. RACI stands for ______, ______, consulted, and informed.

responsible, accountable


Related study sets

PSI National Exam for Real Estate

View Set

Q2 Cumulative Test Review (U.S History)

View Set

Quiz 11 Burns and Emergency/Trauma

View Set

Concept 3: Periodic table of elements

View Set

MGMT 4350 Chapter 9: Ethics, Corporate Social Responsibility, Environmental Sustainability

View Set

NUR 112 // E5: 1-Growth and Development (Conception - Adolescence)

View Set