logo image

Combo with "study5" and 3 others

Which of the following terms is used to describe an event in which a person is denied access to a system when they should be allowed to enter?
False Negative
Which form of access control enforces security based on user identities and allows individual users to
define access controls over owned resources?
DAC (Discretionary Access Control)
Discretionary Access Control (DAC) manages access to resources using what primary element or aspect?
Identity
Which of the following is not an important aspect of password management?
Enable account lockout
Which access control model manages rights and permissions based on job descriptions and responsibilities?
Role Based Access Control
What security mechanism uses a unique list for each object embedded directly in the object itself that defines which subjects have access to certain objects and the level or type of access allowed?
User ACL
What is the most important aspect of a biometric device?
Accuracy
A device which is synchronized to an authentication server is which type of authentication?
Synchronous token
Which of the following is the term for the process of validating a subject’s identity?
Authentication
Which of the following are requirements to deploy Kerberos on a network? (Select two)
-A centralized database of users and passwords
-Time synchronization between devices
Which of the following is not used to oversee and/or improve the security performance of employees?
Exit Interviews
Which form of authentication solution employs a hashed form of the user’s password that has an added
time stamp as a form of identity?
Kerberos
Which security principle prevents any one administrator from having sufficient access to compromise
the security of the overall IT solution?
Separation of duties
Which of the following is the best action to take to make remembering passwords easier so that a
person no longer has to write the password down?
Implement end-user training
In a variation of a brute force attack, an attacker may use a predefined list (dictionary) of commonly used usernames and passwords to gain access to existing user accounts. Which countermeasures best addresses this issue?
A strong password policy
Which of the following defines the crossover rate for evaluating bio-metric systems?
The point where the number of false positives matches the number of false negatives in the biometric system
In which form of access control environment is access controlled by rules rather than by identity?
MAC (Mandatory Access Control
Which of the following is the strongest form of multi-factor authentication?
A password, a biometric scan, and a token device
Which of the following is stronger than any biometric authentication factor?
A two factor authentication
Which of the following defines an object as used in access control?
Data applications, systems, networks, and physical space
Which form of access control is based on job descriptions?
Role-based access control (RBAC)
Which of the following are disadvantages of biometrics? (Select two)
-When used alone or solely, they are no more secure than a strong password
-They require time synchronization
What is it called if the ACL automatically prevents access to anyone not on the list?
Implicit deny
What is mutual authentication?
A process by which each party in an online communication verifies the identity of the other party
What is another term for the type of logon credentials provided by a token device?
One-time password
Which of the following is not a characteristic of Kerberos?
Peer-to-peer relationships between entities
What should be done to a user account if the user goes on an extended vacation?
Disable the account
Which of the following is a password that relates to things that people know, such as a mother’s maiden name, or the name of a pet?
Cognitive
A router access control list uses information in a packet such as the destination IP address and port number to make allow or deny forwarding decisions. This is an example of what type of access control mode?
RBAC (based on rules)
Which type of access control focuses on assigning privileges based on security clearance and data sensitivity?
MAC (Mandatory access control)
Which of the following advantages can Single Sign-On (SSO) provide? (Select two)
-Access to all authorized resources with a single instance of authentication
-The elimination of multiple user accounts and passwords for an individual
What is the primary goal of separation of duties?
Prevent conflicts of interest
You have installed anti-virus software on computers at your You have installed anti-virus software on computers at your business. Within a few days, however, you notice that one computer has a virus. When you question the user, she says she did install some software a few days ago, but it was supposed to be a file compression utility. She admits shed did not scan the file before running it. What should you add to your security measures to help prevent this from happening again?
User awareness training
Your plan is to implement a new security device on your network. You should consult what before implementing ?
Change management policy
Your organization uses the following tape rotation strategy for its backup tapes:
1. The first set of tapes is used for daily backups.
2. At the end of each wee, the latest daily backup tape is promoted to be the weekly backup tape.
3. At the end of the each month, one of the weekly backup tapes is promoted to be the monthly backup tape.

What kind of backup tape rotation strategy is being used?

Grandfather
Which backup strategy backs up all files from a computer’s file system regardless of whether the files archive bit is set or not and marks them has as having been backed up?
Full
Which of the following fire extinguisher types is best used for electrical fires that might result when working with computer components?
Class C
Components within your server room are failing at a rapid pace. You discover that the humidity in the server room is at 60% and the temperature is at 80 degrees. What should you do to help reduce problems?
Add a separate A/C unit in the server room
Which of the following fire extinguisher types poses a safety risk to users in the area?(Select two)
Halon AND CO2
What is the recommended humidity level for server rooms?
50%
Users are complaining that sometimes network communications are slow. You use a protocol analyzer and find that packets are being corrupted as they pass through a switch. You also notice that this only seems to happen when the elevator is running. What should you do?
Install shielded cables near the elevator
Besides protecting a computer from under voltages, a typical UPS also performs which two actions?
Conditions the power signal AND protects from over voltages
You maintain the network for an industrial manufacturing company. You are concerned about the dust in the area getting into the server components and affecting the availability of the network. Which of the following should you implement?
Positive pressure system
What does a differential backup do during the backup?
Backs up all files with the archive bit set; does not rest the archive bit.
Your network uses the following backup strategy: full backups every Sunday night and Differential backups Monday through Saturday nights. Thursday morning the storage system fails. How many restore operations will you need to perform to recover all of the data?
2
What does an incremental backup do during the backup?
Backs up all files with the archive bit set; resets the archive bit.
A system failure has occurred. Which of the following restoration process would result in the fastest restoration of all data to its most current state?
Restore the full backup and the last differential backup.
Your network uses the following backup strategy….. Thursday morning the storage system fails. How many restore operations will you need to perform to recover all of the data?
4
Which of the following are backed up during incremental backup?
Only files that have changed since the last full or incremental backup
Which backup strategy backs up all files from a computer’s file system regardless of whether the files archive bit is set or not and marks them has as having been backed up?
full
To increase your ability to recover from a disaster, where should you store backup tapes?
At the vice president’s home
Why should backup media be stored offsite?
To prevent the same disaster from affecting both the network and the backup media.
Even if you perform regular backups, what must be done to ensure that you are protected against data loss?
Regularly test restoration procedures
The disaster recovery plan calls for having tape backups stored at a different location. The location is a safe deposit box at the local bank. Because of this, the disaster recovery plan specifies to choose a method that uses the fewest tapes, but is also quick to back up and restore files. Which backup strategy would best meet the disaster recovery plan for tape backups?
Perform a full backup once a week with differential backup the other days of the week.
Which of the following are backed up during the differential backup?
Only files that have changed since the last full backup
Your network performs a full backup every night. Each Sunday, the previous night’s backup tape is archived. Wednesday morning the storage system fails. How many restore operations will you need to perform to recover all of the data?
1
Which backup strategy backs up only files which have the archive bit set, but does not mark them as having been backed up?
Differential
Which of the following is defined as a contract which prescribes the technical support or business parameters that a provider will bestow to its clients
Service level agreement
Which type of media preparation is sufficient for media that will be reused in a different security context within your organization
Sanitization
You have purchased new computers and will be disposing of your old computers. Instead of recycling the computers, you decide to resell them through a local liquidator. Computers were previously not used for storing sensitive information. What should you do prior to getting rid of the computers
Sanitize the hard drives
Which of the following is not part of security awareness training
Employee agreement documents.
A service level agreement (SLA) defines the relationship between, and the contractual responsibilities of providers and recipients of service. Which of the following characteristics are most important when designing an SLA
Clear and detailed description of penalties if the level of service is not provided. Detailed provider responsibilities for continuity and disaster recovery mechanisms.
Over the last month you have noticed a significant increase in the occurrence of inappropriate activities performed by employees. What is the best first response step to take in order to improve or maintain the security level of the environment
Improve and hold new awareness sessions
If an organization shows sufficient due care, which burden is eliminated in the event of a security breach
Negligence
Which of the following are typically associated with human resource security policies
Termination, Background checks
A code of ethics provides for all but which of the following
Clearly defines course of action to take when a complex issue is encountered.
What is the primary purpose of forcing employees to take mandatory on-week minimum vacations every-year
To check for evidence of fraud
Who is responsible for performing the steps of the business continuity plan or disaster recovery plain in the event of an emergency
Recovery team
In business continuity planning, what is the primary focus of the scope
Business processes
What is the primary goal of business continuity planning
Maintaining business operations with reduced or restricted infrastructure capabilities or resources
Which of the following network strategies connects multiple servers together such that if one server fails, the others immediately take over its tasks, preventing a disruption in service
Clustering
Which of the following disk configurations can sustain a loss of any two disks
RAID 1+0, RAID 0+1
What is an advantage of RAID 5 over RAID 1
RAID 5 improves performance over RAID 1
To prevent server downtime, which of the following components should be installed redundantly in a server system
Power supply
You have a computer with three hard disks………….Disk 2 fails. Which of the following is true
Data on the RAID 1 volume is accessible; data on the RAID 0 volume is not.
When returning to the rebuilt primary site, the salvage team will restore or return what process first.
Least business-critical
Daily backups are done at the ABD company location and only a weekly backup is maintained at another network location. Which of the following disaster recovery strategies is ABD using
Warm site
Which of the following is a recovery site that may have electricity connected, but there are no servers installed and no high-speed data lines present
Cold site
You manage a Web site for your company. The Web site three servers configured in a cluster. Incoming requests are distributed automatically between the three servers. All servers use a shared storage device that holds the website contents. Each server has a single network connection and a single power supply. Considering the availability of your website, which component represents a single point of failure
Website storage
You manage the website for your company. The website uses clusters of two servers with a single shared storage device. The shared storage device uses a RAID 1 configuration. Each server has a single connection to the shared storage, and a single connection to your ISP. You want to provide redundancy such that a failure in a single component does not cause the website to be unavailable. What should you add to your configuration to accomplish this
Connect one server through a different ISP to the Internet.
What is the primary security feature that can be designed into a network’s infrastructure to protect and support availability
Redundancy
Which form of alternate site is the cheapest but my not allow an organization to recover before reaching their maximum tolerable downtime
Reciprocal agreement
You have been asked to implement a RAID 5 solution for RAID 5 solution for your network. What is the minimum number of hard disks that can be used to configure RAID 5
3
Which of the following drive configuration is fault tolerant
RAID 5
Which of the following are backed up during an incremental backup
Only files that have changed since the last full or incremental backup.
Even if you perform regular backups, what must be done to ensure that you are protected against data loss
Regularly test restoration procedures
You’re responsible for implementing network cabling in a new Gigabit Ethernet network installation. The cabling will be installed in a manufacturing environment where there is a great deal of electromagnetic interference (EMI). Which type of cabling would operate best in this environment
Category 5 shielded twisted pair cable, Fiber-optic cable
Components within your server room are failing at rapid pace. You discover that the humidity in the server room is at 60% and the temperature is at 80 degrees. What should you do the help reduce problems
Add a separate A/C unit in the server room
Of the following cables, which offer the best protection against EMI
Single mode fiber optic cable
When developing the totality of security policy documentation, what type of policy document will contain instructions or information on remaining in compliance with regulations and industry standards?
Standards
If your mission critical services have a maximum tolerable downtime (MTD) (or a recovery time objective (RTO)) of 36 hours, what would be the optimum form of recovery site you should choose?
Warm
When recovery is being performed due to a disaster, what services are to be stabilized first?
Mission-critical
A disaster recovery plan should include all but which of the following?
Penetration testing
When should a hardware device be replaced in order to minimize downtime?
Just before it’s MTBF is reached
Dumpster diving is a low-tech mean of gathering information that may be useful in gaining unauthorized access, or as a starting point for more advanced attacks. How can a company reduce the risk associated with dumpster diving
Establish and enforce a document destruction policy
What is the primary difference between impersonating and masquerading
One is more active, the other is more passive
Which of the following is a common form of social engineering attack
Hoax virus information e-mails.
Which of the following are examples of social engineering
Shoulder surfing, Dumpster diving
What is the primary countermeasure to social engineering
Awareness
How can an organization help prevent social engineering attacks
Publish and enforce clearly-written security policies, Educate employees on the risk and countermeasures
You have discovered a computer that is connected to your network that was used for an attack. You have disconnected the computer form the network to isolate it from the network and stop the attack. What should you do next
Perform a memory dump
You want to store your computer-generated audits logs in case they are needed in the future examination or to be used as evidence in the event of a security incident. Which method can you use to ensure that the logs you put in storage have not been altered when you go to use them in the future
Create a hash of each log.
During a recent site survey, you find a rouge wireless access point on your network. Which of the following actions should you take first to protect your network, while still preserving evidence
Disconnect the access point from the network
When conducting a forensic investigation, and assuming that the attack has been stopped, which of the following actions should you perform first
Document what’s on screen
The chain of custody is used for what purposes
Listing people coming into contact with evidence
You have been asked to draft a document related to evidence gathering that contains details about personnel in possession and control of evidence from the time of discovery up through the time of presentation in court. What type of document is this
Chain of custody
You manage the network for your company. You have recently discovered information on a computer hard drive that might indicate evidence of illegal activity. You want to perform forensic activates on the disk to see what kind of information it contains. What should you do first
Make a bit-level copy of the disk
After an intrusion has occurred and the intruder has been removed from the system, which of the following is the best next step or action to take
Back up all logs and audits regarding the incident
You have recently discovered that a network attack has compromised your database server. In the process, customer credit card numbers might have been taken by the attacker. You have stopped the attack and put measures in place to prevent the same incident from occurring in the future. What else might you be legally required to do
Contact your customer to let them know of the security breach
How can a criminal investigator ensure the integrity of a removable media device found while collecting evidence
Create a checksum using a hashing algorithm
What is the most important element related to evidence in addition to the evidence itself
Chain of custody document
Which method can be used to verify that a bit-level image copy of a hard drive is an exact clone of the original hard drive collected as evidence?
Photographs
When duplicating a drive for forensic investigative purposes, which of the following copying methods is most appropriate?
Bit-level cloning
The immediate preservation of evidence is paramount when conducting a forensic analysis. Which of the following actions is most likely to destroy critical evidence?
Rebooting the system
Which of the following is not a form of social engineering?
Impersonating a user by logging on with stolen credentials
If maintaining confidentiality is of the utmost importance to your organization, what is the best response when an intruder is detected on your network?
Disconnect the intruder
How can an organization help prevent social engineering attacks?
Educate employees on the risks and countermeasures, Publish and enforce clearly written security policies.
Which of the following is a form of attack that tricks a victim into providing confidential information, such as identity information or logon credentials, through emails or Web sites that impersonate an online entity that the victim trusts, such as a financial institution or well known e-commerce site?
Phishing
You have just received a generic-looking e-mail that is addressed as coming from the admin of you company. The e-mail says that as part of a system upgrade, you are to go to a Web site and enter your username and password at a new Web site so you can manage your e-mail and spam using the new service. What should you do?
Verify that the e-mail was sent by the admin and that this new service is legit
On your way into the back entrance of the building at work one morning, a man dressed as a plumber asks you to let him in so he can fix the restroom. What should you do?
Direct him to the front entrance and to check in with the receptionist.
Which of the following social engineering attacks use VOIP to gain sensitive data?
Vishing
A senior executive reports that she received a suspicious email concerning a sensitive, internal project that is behind production. The email is sent from someone she doesn’t know and he is asking for immediate clarification on several of the project’s details so the project can get back on schedule. What type of an attack best describes the scenario?
Whaling – targeting senior execs
You are configuring your computer to dial up to the Internet. What protocol should you use?
PPP
Which of the following are characteristics of TACACS +?
Allowing for a possible of three different servers, one each for authentication, authorization, and accounting.
Uses TCP.
Which of the following is a platform independent authentication system that maintains a database of user accounts and passwords that centralizes the maintenance of those accounts?
RADIUS
You want to set up a service to allow multiple users to dial in to the office server from modems on their home computers. What service should you implement?
RAS
You have decided to implement a remote access solution that uses multiple remote access servers. You want to implement RADIUS to centralize remote access authentication and authorization.
Which of the following would be a required part of your configuration?
Configure the remote access servers as RADIUS clients.
You have just signed up for Internet access using a local provider that gives you a fiber optic line into your house. From there, the Ethernet and wireless connections are used to create a small network within your home.
Which of the following protocols would be used to provide authentication, authorization, and accounting for the Internet connection?
PPPoE
Which of the following are differences between RADIUS and TACACS+?
Radius combines authentication and authorization into a single function. TACAS+ allows these services to be split between different servers.
Which of the following are methods for providing centralized authentication, authorization, and accounting for remote access?
TACACS+
RADIUS
Which of the following protocols or services is commonly used on cable Internet connections for user authentication?
PPPoE
You often travel away from the office. While traveling, you would like to use a modem on your laptop computer to connect directly to a server in your office and access files on that server that you need.
You want the connection to be as secure as possible. Which type of connection will you need?
Remote access
Which of the following are performed by proxies?
Block employees from accessing certain Web sites.
Cache web pages.
What port does Telnet use?
23
You want to install a firewall that can reject packets that are not part of an active session. Which type of firewall should you use?
Circuit-level.
You have been given a laptop to use for work. You connect the laptop to your company network, use it from home and use it while traveling.
You want to protect the laptop from Internet-based attacks.
Which solution should you use?
Host based firewall.
You have used firewalls to create a demilitarized zone. You have a Web server that needs to be accessible to Internet users. The Web server must communicate with a database server for retrieving product, customer, and order information.
How should you place devices on the network to best protect the servers?
Put the database server on the private network.
Put the Web server on the DMZ.
Which of the following are characteristics of a circuit-level gateway?
Filters based on sessions.
Stateful.
You administer a Web server on your network. The computer has multiple IP addresses. They are 192.198.23.8 and 192.168.23.17. The name of the computer is www.westsim.com. You configured the Web site as follows:
-IP address: 192.168.23.8
-HTTP Port: 1030
-SSL Port: 443

Users complain that they can’t connect to the Web site when they type www.westsim.com. What is the most likely source of the problem?

The HTTP port should be changed to 80.
Your company leases a very fast Internet connection and pays for it based on usage. You have been asked by the company to reduce Internet line lease costs. You want to reduce the amount of web pages that are downloaded over the leased connection, without decreasing performance.
What is the best way to do this?
Install a proxy server.
You have a router that is configured as a firewall. The router is a layer 3 device only. Which of the following does the router use for identifying allowed or denied packets?
IP address.
You are configuring a firewall to allow access to a server hosted on the demilitarized zone on your network. You open TCP/IP ports 80, 25, 110, and 143. Assuming that no other ports on the firewall need to be configured to provide access, what applications are most likely to be hosted on the server?
Web server, e-mail server.
To increase security on your computer’s internal network, the administrator has disabled as many ports as possible. Now, however, though you can browse the Internet, you are unable to perform secure credit card transactions.
Which port needs to be enabled to allow secure transactions?
443.
You provide Internet access for a local school. You want to control Internet access based on user, and prevent access to specific URLs.
Which type of firewall should you install?
Application level.
Which of the following does a router acting as a firewall use to control which packets are forwarded or dropped?
ACL.
You have a company network that is connected to the Internet. You want all users to have Internet access, but need to protect your private network and users. You also need to make a Web server publicly available to Internet users.
Which solution should you use?
Use firewalls to create a DMZ. Place the Web server inside the DMZ, and the private network behind the DMZ.
Which protocol and port is used by BOOTP/DHCP?
UDP 67
After blocking a number of ports to secure your server, you are unable to send e-mail. To allow e-mail service which of the following needs to be done?
Open port 25 and allow STMP service.
Which of the following network services or protocols uses TCP/IP port 69?
TFTP.
How does a proxy server differ from a packet filtering firewall?
A proxy server operates at the Application layer, while a packet filtering firewall operates at the Network layer.
Which protocol and port number is used by TFTP?
UDP 69.
Your company has a connection to the Internet that allows users to access the Internet. You also have a Web server and an e-mail server that you want to make available to Internet users. You want to create a DMZ for these two servers.
Which type of device should you use to create the DMZ?
Network based firewall.

Need essay sample on "Combo with "study5" and 3 others"? We will write a custom essay sample specifically for you for only .90/page

Can’t wait to take that assignment burden offyour shoulders?

Let us know what it is and we will show you how it can be done!
×
Sorry, but copying text is forbidden on this website. If you need this or any other sample, please register
Signup & Access Essays

Already on Businessays? Login here

No, thanks. I prefer suffering on my own
Sorry, but copying text is forbidden on this website. If you need this or any other sample register now and get a free access to all papers, carefully proofread and edited by our experts.
Sign in / Sign up
No, thanks. I prefer suffering on my own
Not quite the topic you need?
We would be happy to write it
Join and witness the magic
Service Open At All Times
|
Complete Buyer Protection
|
Plagiarism-Free Writing

Emily from Businessays

Hi there, would you like to get such a paper? How about receiving a customized one? Check it out https://goo.gl/chNgQy