CHAPTER 1 ASSESSMENT

  1.   1. Which of the following is the best description of the defense-in-depth strategy?

    1. Hiding protected resources behind multiple firewalls

    2. Using multiple layers of security controls to protect resources

    3. Fully securing the most important resources first

    4. Staying current on as many known attacks as possible

  2.   2. What is the main goal of information security?

    1. Protect information from unauthorized use

    2. Catch as many unauthorized users as possible

    3. Protect information from unauthorized modification

    4. Stop anonymous users from accessing information

  3.   3. Does turning off a computer make the information it contains secure?

    1. Yes, because no unauthorized user can access information on a computer that is turned off.

    2. No, because the information might be copied somewhere else.

    3. Yes, because aggressive actions always result in more secure systems.

    4. No, because secure data must still be available to authorized users.

  4.   4. Which of the following is the best description of a security control?

    1. A mechanism to stop attacks before they occur

    2. A rule that defines acceptable use of a computer

    3. A mechanism that protects a resource

    4. A device that detects unusual activity

  5.   5. Which of the following could be classified as a logical control?

    1. Firewall

    2. Fence

    3. Acceptable use policy

    4. Smoke detector

  6.   6. Which of the following could be classified as a detective control?

    1. Password

    2. Door

    3. Acceptable use policy

    4. Log monitor

  7.   7. Which of the tenets of information security most directly serves the needs of authorized users?

    1. Availability

    2. Integrity

    3. Confidentiality

    4. None of the above

  8.   8. Which of the tenets of information security is most related to the need-to-know property?

    1. Availability

    2. Integrity

    3. Confidentiality

    4. None of the above

  9.   9. Where is the most likely place a database management system would run?

    1. Network device

    2. Server

    3. Thin client

    4. Thick client

  10. 10. Which Microsoft Windows Server 2019 edition would be most appropriate for large-scale deployment using extensive virtualization?

    1. Datacenter

    2. HPC

    3. Enterprise

    4. Web

  11. 11. According to the Microsoft EULA, what is the extent of the damages that can be recovered due to a Windows fault?

    1. Nothing

    2. The price paid for the software license

    3. Actual damages incurred

    4. Actual damages incurred plus the cost of the software license

  12. 12. Which of the following is the best definition of a threat?

    1. Any exposure to damage

    2. A weakness that allows damage to occur

    3. An action that exploits a weakness

    4. Any action that could lead to damage

  13. 13. What ransomware was released in 2017 and exploited a weakness in SMB to propagate?

    1. LockyA

    2. Conficker

    3. WannaCry

    4. CryptoLocker

  14. 14. What term describes a malicious software program that users are tricked into running?

    1. Trojan horse

    2. Worm

    3. Virus

    4. Phishing message

  15. 15. Which of the following defines the cycle used to address Windows threats and vulnerabilities?

    1. Plan-do-review

    2. Discovery-analysis-remediation

    3. Design-implementation-verification

    4. Detection-containment-eradication

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.145.17.18