Which of the following statements is true regarding guest users who require a higher degree of access? - Answer These guest users can be issued local, self-signed certificates that expire on a specific date and limit the guest's access.
Much of the policy revealed in the "Password must meet c...
Final Exam Questions And Already
Passed Answers.
Which of the following statements is true regarding guest users who require a higher degree of access? -
Answer These guest users can be issued local, self-signed certificates that expire on a specific date and
limit the guest's access.
Much of the policy revealed in the "Password must meet complexity requirements" window: - Answer
ignores password security minimum requirements.(wrong)
The Microsoft Security Baseline Analyzer is: - Answer available free of charge.
Which of the following tools can be used to ensure a newly installed system meets or exceeds the
organization's baseline security standard prior to deployment and can also help enforce patch
management and change control policies? - Answer Microsoft Security Baseline Analyzer
Which of the following provides IT and communications support to the White House, Secretary of
Defense, and all military sectors that contribute to the defense of the United States of America? -
Answer Defense Information Systems Agency (DISA)
Alison retrieved data from a company database containing personal information on customers. When
she looks at the Social Security number (SSN) field, she sees values that look like this: "XXX-XX-9142."
What has happened to these records? - Answer Masking
Which element is not a core component of the ISO 27002 standard? - Answer Cryptography
Jiang is pursuing a career in information security. He wants to eventually achieve the (ISC)2 Certified
Information Systems Security Professional (CISSP) certification but does not have the required
experience. If he passes the CISSP exam now, which credential will Jiang get? - Answer Associate of
(ISC)2
Alan withdraws cash from an ATM belonging to Bank X that is coming from his account with Bank Y.
What is Alan's relationship with Bank Y? - Answer Customer
,Which of the following is not an objective of cryptanalysis, the process of breaking codes? - Answer
Encrypt the plaintext of a target message
Alison is a security professional. A user reports that, after opening an email attachment, every document
he saves is in a template format and other Microsoft Word documents will not open. After investigating
the issue, Alison determines that the user's Microsoft Office normal.dot template has been damaged, as
well as many Word files. What type of virus is the most likely cause? - Answer Macro virus
Lincoln is a network security specialist. He is updating the password policy for his company's computing
infrastructure. His primary method of improving password policy involves lowering the chance that an
attacker can compromise and use the password before it expires. What does he do? - Answer Requires
all passwords to contain at least eight alphanumeric characters
Which type of evidence is any physical object that you can touch or otherwise directly observe, such as a
hard drive? - Answer Real
Security controls place limits on activities that might pose a risk to an organization. Ricky, a security
engineer for his company, is performing a review and measurement of all controls to capture changes to
any environment component. What is this called? - Answer Monitoring
What is a single sign-on (SSO) approach that relies upon the use of key distribution centers (KDCs) and
ticket-granting servers (TGSs)? - Answer Kerberos
What is the least likely goal of an information security awareness program? - Answer Punish users who
violate policy
What is an example of two-factor authentication (2FA)? - Answer Smart card and personal
identification number (PIN)
A company's IT manager has advised the business's executives to use a method of decentralized access
control rather than centralized to avoid creating a single point of failure. She selects a common protocol
that hashes passwords with a one-time challenge number to defeat eavesdropping-based replay attacks.
What is this protocol? - Answer Challenge-Handshake Authentication Protocol (CHAP)
, Which data source comes first in the order of volatility when conducting a forensic investigation? -
Answer Random access memory (RAM)
Tonya would like to protect her users and the network when users browse to known dangerous sites. She
plans to maintain a list of those sites and drop messages from those websites. What type of approach is
Tonya advocating? - Answer Blacklisting
Which of the following is a digital forensics specialist least likely to need in-depth knowledge of? -
Answer Mainframes
Rylie is a newly hired cybersecurity expert for a government agency. Rylie used to work in the private
sector. She has discovered that, whereas private sector companies often had confusing hierarchies for
data classification, the government's classifications are well known and standardized. As part of her
training, she is researching data that requires special authorization beyond normal classification. What is
this type of data called? - Answer Compartmentalized
Which security model does not protect the integrity of information? - Answer Bell-LaPadula
Which type of password attack is used on weak passwords and compares a hashed value of the
passwords to the system password file to find a match? - Answer Dictionary attack
Biyu is a network administrator. She is developing the compliance aspect of her company's security
policy. Currently, she is focused on the records of actions that the organization's operating system or
application software creates. What aspect of compliance is Biyu focusing on? - Answer Event logs
Karen is a hacker. She wants to access a server and control it remotely. The tool she plans to use is a type
of Trojan. What tool will Karen use for this purpose? - Answer Remote Access Tool (RAT)
Some ciphers, regardless of type, rely on the difficulty of solving certain mathematical problems, which is
the basis for asymmetric key cryptography. Which of the following is a branch of mathematics that
involves multiplicative inverses that these ciphers use? - Answer Field theory
Voordelen van het kopen van samenvattingen bij Stuvia op een rij:
Verzekerd van kwaliteit door reviews
Stuvia-klanten hebben meer dan 700.000 samenvattingen beoordeeld. Zo weet je zeker dat je de beste documenten koopt!
Snel en makkelijk kopen
Je betaalt supersnel en eenmalig met iDeal, creditcard of Stuvia-tegoed voor de samenvatting. Zonder lidmaatschap.
Focus op de essentie
Samenvattingen worden geschreven voor en door anderen. Daarom zijn de samenvattingen altijd betrouwbaar en actueel. Zo kom je snel tot de kern!
Veelgestelde vragen
Wat krijg ik als ik dit document koop?
Je krijgt een PDF, die direct beschikbaar is na je aankoop. Het gekochte document is altijd, overal en oneindig toegankelijk via je profiel.
Tevredenheidsgarantie: hoe werkt dat?
Onze tevredenheidsgarantie zorgt ervoor dat je altijd een studiedocument vindt dat goed bij je past. Je vult een formulier in en onze klantenservice regelt de rest.
Van wie koop ik deze samenvatting?
Stuvia is een marktplaats, je koop dit document dus niet van ons, maar van verkoper TestSolver9. Stuvia faciliteert de betaling aan de verkoper.
Zit ik meteen vast aan een abonnement?
Nee, je koopt alleen deze samenvatting voor €9,93. Je zit daarna nergens aan vast.
