- All Exams Instant Download
A confidential number used as an authentication factor to verify a user's identity is called a:
A confidential number used as an authentication factor to verify a user's identity is called a:A . PINB . User IDC . PasswordD . ChallengeView AnswerAnswer: A Explanation: PIN Stands for Personal Identification Number, as the name states it is a combination of numbers. The following answers are incorrect: User ID This...
What is called the act of a user professing an identity to a system, usually in the form of a log-on ID?
What is called the act of a user professing an identity to a system, usually in the form of a log-on ID?A . AuthenticationB . IdentificationC . AuthorizationD . ConfidentialityView AnswerAnswer: B Explanation: Identification is the act of a user professing an identity to a system, usually in the form...
The control measures that are intended to reveal the violations of security policy using software and hardware are associated with:
The control measures that are intended to reveal the violations of security policy using software and hardware are associated with:A . Preventive/physicalB . Detective/technicalC . Detective/physicalD . Detective/administrativeView AnswerAnswer: B Explanation: The detective/technical control measures are intended to reveal the violations of security policy using technical means. Source: KRUTZ, Ronald...
Which of the following BEST describes an access control method utilizing cryptographic keys derived from a smart card private key that is embedded within mobile devices?
Which of the following BEST describes an access control method utilizing cryptographic keys derived from a smart card private key that is embedded within mobile devices?A . Derived credentialB . Temporary security credentialC . Mobile device credentialing serviceD . Digest authenticationView AnswerAnswer: A
A security control should
A security control shouldA . Allow for many exceptions.B . Cover all contingencies.C . Not rely on the security of its mechanism.D . Change frequently.View AnswerAnswer: C
This is an example of which control objective?
An information security manager implements mechanisms to perform reasonableness checks on types of information in designated fields. This is an example of which control objective?A . Preserving the utility of informationB . Preserving the availability of dataC . Preserving the integrity of dataD . Preserving the authenticity of informationView AnswerAnswer:...
Kerberos depends upon what encryption method?
Kerberos depends upon what encryption method?A . Public Key cryptography.B . Secret Key cryptography.C . El Gamal cryptography.D . Blowfish cryptography.View AnswerAnswer: B Explanation: Kerberos depends on Secret Keys or Symmetric Key cryptography. Kerberos a third party authentication protocol. It was designed and developed in the mid 1980's by MIT. It...
Which of the following BEST describes the responsibilities of a data owner?
Which of the following BEST describes the responsibilities of a data owner?A . Ensuring quality and validation through periodic audits for ongoing data integrityB . Maintaining fundamental data availability, including data storage and archivingC . Ensuring accessibility to appropriate users, maintaining appropriate levels of data securityD . Determining the impact...
During the Security Assessment and Authorization process, what is the PRIMARY purpose for conducting a hardware and software inventory?
During the Security Assessment and Authorization process, what is the PRIMARY purpose for conducting a hardware and software inventory?A . Calculate the value of assets being accredited.B . Create a list to include in the Security Assessment and Authorization package.C . Identify obsolete hardware and software.D . Define the boundaries...
An IDS is a category of what control?
An IDS is a category of what control?A . Detective, ManualB . Detective, TechnicalC . User, TechnicalD . System, ManualView AnswerAnswer: B
