- All Exams Instant Download
Which of the following MUST be considered when designing effective security controls?
Which of the following MUST be considered when designing effective security controls?A . Speed of deploymentB . VisibilityC . Ease of useD . AuthenticityView AnswerAnswer: C
Which one of the following factors is NOT one on which Authentication is based?
Which one of the following factors is NOT one on which Authentication is based?A . Type 1 Something you know, such as a PIN or passwordB . Type 2 Something you have, such as an ATM card or smart cardC . Type 3 Something you are (based upon one or...
Which of the following was developed to address some of the weaknesses in Kerberos and uses public key cryptography for the distribution of secret keys and provides additional access control support?
Which of the following was developed to address some of the weaknesses in Kerberos and uses public key cryptography for the distribution of secret keys and provides additional access control support?A . SESAMEB . RADIUSC . KryptoKnightD . TACACS+View AnswerAnswer: A Explanation: Secure European System for Applications in a Multi-vendor Environment...
The type of discretionary access control (DAC) that is based on an individual's identity is also called:
The type of discretionary access control (DAC) that is based on an individual's identity is also called:A . Identity-based Access controlB . Rule-based Access controlC . Non-Discretionary Access ControlD . Lattice-based Access controlView AnswerAnswer: A Explanation: An identity-based access control is a type of Discretionary Access Control (DAC) that is based...
Which of the following is the BEST method to prevent malware from being introduced into a production environment?
Which of the following is the BEST method to prevent malware from being introduced into a production environment?A . Purchase software from a limited list of retailersB . Verify the hash key or certificate key of all updatesC . Do not permit programs, patches, or updates from the InternetD ....
Which of the following exemplifies proper separation of duties?
Which of the following exemplifies proper separation of duties?A . Operators are not permitted modify the system time.B . Programmers are permitted to use the system console.C . Console operators are permitted to mount tapes and disks.D . Tape operators are permitted to use the system console.View AnswerAnswer: A Explanation:...
What is called the use of technologies such as fingerprint, retina, and iris scans to authenticate the individuals requesting access to resources?
What is called the use of technologies such as fingerprint, retina, and iris scans to authenticate the individuals requesting access to resources?A . MicrometricsB . MacrometricsC . BiometricsD . MicroBiometricsView AnswerAnswer: C Explanation: Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of...
An audit trail is a category of what control?
An audit trail is a category of what control?A . System, ManualB . Detective, TechnicalC . User, TechnicalD . Detective, ManualView AnswerAnswer: B
Which of the following is a web application control that should be put into place to prevent exploitation of Operating System (OS) bugs?
Which of the following is a web application control that should be put into place to prevent exploitation of Operating System (OS) bugs?A . Check arguments in function callsB . Test for the security patch level of the environmentC . Include logging functionsD . Digitally sign each application moduleView AnswerAnswer:...
Which of the following is a PRIMARY security concern?
An organization publishes and periodically updates its employee policies in a file on their intranet. Which of the following is a PRIMARY security concern?A . OwnershipB . ConfidentialityC . AvailabilityD . IntegrityView AnswerAnswer: C
