- All Exams Instant Download
The three PRIMARY requirements for a penetration test are
The three PRIMARY requirements for a penetration test areA . A defined goal, limited time period, and approval of managementB . A general objective, unlimited time, and approval of the network administratorC . An objective statement, disclosed methodology, and fixed costD . A stated objective, liability waiver, and disclosed methodologyView...
A vulnerability test on an Information System (IS) is conducted to
A vulnerability test on an Information System (IS) is conducted toA . exploit security weaknesses in the IC . measure system performance on systems with weak security controls.D . evaluate the effectiveness of security controls.E . prepare for Disaster Recovery (DR) planning.View AnswerAnswer: C
Which of the following methods protects Personally Identifiable Information (PII) by use of a full replacement of the data element?
Which of the following methods protects Personally Identifiable Information (PII) by use of a full replacement of the data element?A . Transparent Database Encryption (TDE)B . Column level database encryptionC . Volume encryptionD . Data tokenizationView AnswerAnswer: D
In a data classification scheme, the data is owned by the
In a data classification scheme, the data is owned by theA . system security managersB . business managersC . Information Technology (IT) managersD . end usersView AnswerAnswer: B
An organization is designing a large enterprise-wide document repository system. They plan to have several different classification level areas with increasing levels of controls.
An organization is designing a large enterprise-wide document repository system. They plan to have several different classification level areas with increasing levels of controls. The BEST way to ensure document confidentiality in the repository is toA . encrypt the contents of the repository and document any exceptions to that requirement.B...
Which of the following operates at the Network Layer of the Open System Interconnection (OSI) model?
Which of the following operates at the Network Layer of the Open System Interconnection (OSI) model?A . Packet filteringB . Port services filteringC . Content filteringD . Application access controlView AnswerAnswer: A
What is the ultimate objective of information classification?
What is the ultimate objective of information classification?A . To assign responsibility for mitigating the risk to vulnerable systemsB . To ensure that information assets receive an appropriate level of protectionC . To recognize that the value of any item of information may change over timeD . To recognize the...
Which of the following is a PRIMARY advantage of using a third-party identity service?
Which of the following is a PRIMARY advantage of using a third-party identity service?A . Consolidation of multiple providersB . Directory synchronizationC . Web based logonD . Automated account managementView AnswerAnswer: D
Which of the following factors contributes to the weakness of Wired Equivalent Privacy (WEP) protocol?
Which of the following factors contributes to the weakness of Wired Equivalent Privacy (WEP) protocol?A . WEP uses a small range Initialization Vector (IV)B . WEP uses Message Digest 5 (MD5)C . WEP uses Diffie-HellmanD . WEP does not use any Initialization Vector (IV)View AnswerAnswer: A
Checking routing information on e-mail to determine it is in a valid format and contains valid information is an example of which of the following anti-spam approaches?
Checking routing information on e-mail to determine it is in a valid format and contains valid information is an example of which of the following anti-spam approaches?A . Simple Mail Transfer Protocol (SMTP) blacklistB . Reverse Domain Name System (DNS) lookupC . Hashing algorithmD . Header analysisView AnswerAnswer: D
