Which type of audit can be used to determine whether accounts have been established properly and verify that privilege creep isn't occurring?
Privilege audit
Usage audit
Escalation audit
Report audit
What kind of physical access device restricts access to a small number of individuals at one time?
Checkpoint
Perimeter security
Security zones
Mantrap
Which of the following is a set of voluntary standards governing encryption?
PKI
PKCS
ISA
SSL
Which protocol is used to create a secure environment in a wireless network?
WAP
WEP
WTLS
WML
An Internet server interfaces with TCP/IP at which layer of the DOD model?
Transport layer
Network layer
Process layer
Internet layer
You want to establish a network connection between two LANs using the Internet. Which technology would best accomplish that for you?
IPSec
L2TP
PPP
SLIP
Which design concept limits access to systems from outside users while protecting users and systems inside the LAN?
DMZ
VLAN
I&A
Router
In the key recovery process, which key must be recoverable?
Rollover key
Secret key
Previous key
Escrow key
Which kind of attack is designed to overload a particular protocol or service?
Spoofing
Back door
Man in the middle
Flood
Which component of an IDS collects data?
Data source
Sensor
Event
Analyzer
What is the process of making an operating system secure from attack called?
Hardening
Tuning
Sealing
Locking down
The integrity objective addresses which characteristic of information security?
Verification that information is accurate
Verification that ethics are properly maintained
Establishment of clear access control of data
Verification that data is kept private and secure
Which mechanism is used by PKI to allow immediate verification of a certificate's validity?
CRL
MD5
SSHA
OCSP
Which of the following is the equivalent of a VLAN from a physical security perspective?
Perimeter security
Partitioning
Security zones
Physical barrier
A user has just reported that he downloaded a file from a prospective client using IM. The user indicates that the file was called account.doc. The system has been behaving unusually since he downloaded the file. What is the most likely event that occurred?
Your user inadvertently downloaded a virus using IM.
Your user may have a defective hard drive.
Your user is hallucinating and should increase his medication.
The system is suffering from power surges.
Which mechanism or process is used to enable or disable access to a network resource based on an IP address?
NDS
ACL
Hardening
Port blocking
Which of the following would provide additional security to an Internet web server?
Changing the port address to 80.
Changing the port address to 1019.
Adding a firewall to block port 80.
Web servers can't be secured.
What type of program exists primarily to propagate and spread itself to other systems?
Virus
Trojan horse
Logic bomb
Worm
An individual presents herself at your office claiming to be a service technician. She wants to discuss your current server configuration. This may be an example of what type of attack?
Social engineering
Access control
Perimeter screening
Behavioral engineering
Which of the following is a major security problem with FTP servers?
Password files are stored in an unsecure area on disk.
Memory traces can corrupt file access.
User IDs and passwords are unencrypted.
FTP sites are unregistered.
Which system would you install to provide active protection and notification of security problems in a network connected to the Internet?
IDS
Network monitoring
Router
VPN
The process of verifying the steps taken to maintain the integrity of evidence is called what?
Security investigation
Chain of custody
Three A's of investigation
Security policy
What encryption process uses one message to hide another?
Steganography
Hashing
MDA
Cryptointelligence
Which policy dictates how computers are used in an organization?
Security policy
User policy
Use policy
Enforcement policy
Which algorithm is used to create a temporary secure session for the exchange of key information?
KDC
KEA
SSL
RSA
You've been hired as a security consultant for a company that's beginning to implement handheld devices, such as PDAs. You're told that the company must use an asymmetric system. Which security standard would you recommend it implement?
ECC
PKI
SHA
MD
Which of the following backup methods will generally provide the fastest backup times?
Full backup
Incremental backup
Differential backup
Archival backup
You want to grant access to network resources based on authenticating an individual's retina during a scan. Which security method uses a physical characteristic as a method of determining identity?
Smart card
I&A
Biometrics
CHAP
Which access control method is primarily concerned with the role that individuals have in the organization?
MAC
DAC
RBAC
STAC
The process of investigating a computer system for clues into an event is called what?
Computer forensics
Virus scanning
Security policy
Evidence gathering
3.133.117.2