- All Exams Instant Download
The use of private and public encryption keys is fundamental in the implementation of which of the following?
The use of private and public encryption keys is fundamental in the implementation of which of the following?A . Diffie-Hellman algorithmB . Secure Sockets Layer (SSL)C . Advanced Encryption Standard (AES)D . Message Digest 5 (MD5)View AnswerAnswer: B
Which of the following BEST describes an access control method utilizing cryptographic keys derived from a smart card private key that is embedded within mobile devices?
Which of the following BEST describes an access control method utilizing cryptographic keys derived from a smart card private key that is embedded within mobile devices?A . Derived credentialB . Temporary security credentialC . Mobile device credentialing serviceD . Digest authenticationView AnswerAnswer: A
At a MINIMUM, a formal review of any Disaster Recovery Plan (DRP) should be conducted
At a MINIMUM, a formal review of any Disaster Recovery Plan (DRP) should be conductedA . monthly.B . quarterly.C . annually.D . bi-annually.View AnswerAnswer: C
Which of the following is an attacker MOST likely to target to gain privileged access to a system?
Which of the following is an attacker MOST likely to target to gain privileged access to a system?A . Programs that write to system resourcesB . Programs that write to user directoriesC . Log files containing sensitive informationD . Log files containing system callsView AnswerAnswer: A
Alternate encoding such as hexadecimal representations is MOST often observed in which of the following forms of attack?
Alternate encoding such as hexadecimal representations is MOST often observed in which of the following forms of attack?A . SmurfB . Rootkit exploitC . Denial of Service (DoS)D . Cross site scripting (XSS)View AnswerAnswer: D
Which of the following is of GREATEST assistance to auditors when reviewing system configurations?
Which of the following is of GREATEST assistance to auditors when reviewing system configurations?A . Change management processesB . User administration proceduresC . Operating System (OS) baselinesD . System backup documentationView AnswerAnswer: A
Which of the following could cause a Denial of Service (DoS) against an authentication system?
Which of the following could cause a Denial of Service (DoS) against an authentication system?A . Encryption of audit logsB . No archiving of audit logsC . Hashing of audit logsD . Remote access audit logsView AnswerAnswer: D
Who in the organization is accountable for classification of data information assets?
Who in the organization is accountable for classification of data information assets?A . Data ownerB . Data architectC . Chief Information Security Officer (CISO)D . Chief Information Officer (CIO)View AnswerAnswer: A
What would be the MOST probable cause?
An organization is found lacking the ability to properly establish performance indicators for its Web hosting solution during an audit . What would be the MOST probable cause?A . Absence of a Business Intelligence (BI) solutionB . Inadequate cost modelingC . Improper deployment of the Service-Oriented Architecture (SOA)D . Insufficient...
In a basic SYN flood attack, what is the attacker attempting to achieve?
In a basic SYN flood attack, what is the attacker attempting to achieve?A . Exceed the threshold limit of the connection queue for a given serviceB . Set the threshold to zero for a given serviceC . Cause the buffer to overflow, allowing root accessD . Flush the register stack,...
