Final Exam 2015+

Beschreibung

Exam Practice Questions
Alexandre Pinheiro
Quiz von Alexandre Pinheiro, aktualisiert more than 1 year ago
Alexandre Pinheiro
Erstellt von Alexandre Pinheiro vor mehr als 8 Jahre
655
11

Zusammenfassung der Ressource

Frage 1

Frage
Which of the following can be defined as the process of rerunning a portion of the test scenario or test plan to ensure that changes or corrections have not introduced new errors?
Antworten
  • Unit testing
  • Parallel testing
  • Regression testing
  • Pilot testing

Frage 2

Frage
At which layer of the OSI model do sniffers operate?
Antworten
  • Layer 2 - Data Link Layer
  • Layer 1 - Hardware layer
  • Layer 3 - Networking Layer
  • Layer 7 - Application layer

Frage 3

Frage
When two or more separate entities (usually persons) operating in concert to protect sensitive functions or information must combine their knowledge to gain access to an asset, this is known as?
Antworten
  • Segragation of duties
  • Separation of duties
  • Need to know
  • Dual Control

Frage 4

Frage
What is the name for a substitution cipher that shifts the alphabet by 13 places?
Antworten
  • Transposition cipher
  • Caesar cipher
  • Polyalphabetic cipher
  • ROT13 cipher

Frage 5

Frage
Your organization creates software applications that are sold to the public. Recently, management has become concerned about software piracy. Which organization deals with the prevention of this crime?
Antworten
  • CIA
  • DoD
  • SPA
  • NCSC

Frage 6

Frage
A potential problem related to the physical installation of the Iris Scanner in regards to the usage of the iris pattern within a biometric system is:
Antworten
  • Concern that the laser beam may cause eye damage.
  • The iris pattern changes as a person grows older.
  • There is a relatively high rate of false accepts.
  • The optical unit must be positioned so that the sun does not shine into the aperture.

Frage 7

Frage
In Mandatory Access Control, sensitivity labels attached to object contain what information?
Antworten
  • The item's classification
  • The item's classification and category set
  • The item's category
  • The items's need to know

Frage 8

Frage
Which of the following is true about Kerberos?
Antworten
  • It utilizes public key cryptography.
  • It encrypts data after a ticket is granted, but passwords are exchanged in plain text.
  • It depends upon symmetric ciphers.
  • It is a second party authentication system.

Frage 9

Frage
Which of the following is needed for System Accountability?
Antworten
  • Audit mechanisms.
  • Documented design as laid out in the Common Criteria.
  • Authorization.
  • Formal verification of system design.

Frage 10

Frage
What is Kerberos?
Antworten
  • A three-headed dog from the Egyptian mythology.
  • A trusted third-party authentication protocol.
  • A security model.
  • A remote authentication dial in user server.

Frage 11

Frage
Kerberos depends upon what encryption method?
Antworten
  • Public Key cryptography.
  • Secret Key cryptography.
  • El Gamal cryptography.
  • Blowfish cryptography.

Frage 12

Frage
A confidential number used as an authentication factor to verify a user's identity is called a:
Antworten
  • PIN
  • User ID
  • Password
  • Challenge

Frage 13

Frage
Individual accountability does not include which of the following?
Antworten
  • unique identifiers
  • policies & procedures
  • access rules
  • audit trails

Frage 14

Frage
Which of the following exemplifies proper separation of duties?
Antworten
  • Operators are not permitted modify the system time.
  • Programmers are permitted to use the system console.
  • Console operators are permitted to mount tapes and disks.
  • Tape operators are permitted to use the system console.

Frage 15

Frage
An access control policy for a bank teller is an example of the implementation of which of the following?
Antworten
  • Rule-based policy
  • Identity-based policy
  • User-based policy
  • Role-based policy

Frage 16

Frage
Which one of the following authentication mechanisms creates a problem for mobile users?
Antworten
  • Mechanisms based on IP addresses
  • Mechanism with reusable passwords
  • One-time password mechanism.
  • Challenge response mechanism.

Frage 17

Frage
Organizations should consider which of the following first before allowing external access to their LANs via the Internet?
Antworten
  • Plan for implementing workstation locking mechanisms.
  • Plan for protecting the modem pool.
  • Plan for providing the user with his account usage information.
  • Plan for considering proper authentication options.

Frage 18

Frage
Kerberos can prevent which one of the following attacks?
Antworten
  • Tunneling attack.
  • Playback (replay) attack.
  • Destructive attack.
  • Process attack.

Frage 19

Frage
In discretionary access environments, which of the following entities is authorized to grant information access to other people?
Antworten
  • Manager
  • Group Leader
  • Security Manager
  • Data Owner

Frage 20

Frage
What is the main concern with single sign-on?
Antworten
  • Maximum unauthorized access would be possible if a password is disclosed.
  • The security administrator's workload would increase.
  • The users' password would be too hard to remember.
  • User access rights would be increased.

Frage 21

Frage
Who developed one of the first mathematical models of a multilevel-security computer system?
Antworten
  • Diffie and Hellman.
  • Clark and Wilson.
  • Bell and LaPadula.
  • Gasser and Lipner.

Frage 22

Frage
Which of the following attacks could capture network user passwords?
Antworten
  • Data diddling
  • Sniffing
  • IP Spoofing
  • Smurfing

Frage 23

Frage
Which of the following would constitute the best example of a password to use for access to a system by a network administrator?
Antworten
  • holiday
  • Christmas12
  • Jenny
  • GyN19Za!

Frage 24

Frage
What physical characteristic does a retinal scan biometric device measure?
Antworten
  • The amount of light reaching the retina
  • The amount of light reflected by the retina
  • The pattern of light receptors at the back of the eye
  • The pattern of blood vessels at the back of the eye

Frage 25

Frage
The Computer Security Policy Model the Orange Book is based on is which of the following?
Antworten
  • Bell-LaPadula
  • Data Encryption Standard
  • Kerberos
  • Tempest

Frage 26

Frage
The end result of implementing the principle of least privilege means which of the following?
Antworten
  • Users would get access to only the info for which they have a need to know
  • Users can access all systems.
  • Users get new privileges added when they change positions.
  • Authorization creep.

Frage 27

Frage
Which of the following is the most reliable authentication method for remote access?
Antworten
  • Variable callback system
  • Synchronous token
  • Fixed callback system
  • Combination of callback and caller ID

Frage 28

Frage
Which of the following is true of two-factor authentication?
Antworten
  • It uses the RSA public-key signature based on integers with large prime factors.
  • It requires two measurements of hand geometry.
  • It does not use single sign-on technology.
  • It relies on two independent proofs of identity.

Frage 29

Frage
The primary service provided by Kerberos is which of the following?
Antworten
  • non-repudiation
  • confidentiality
  • authentication
  • authorization

Frage 30

Frage
There are parallels between the trust models in Kerberos and Public Key Infrastructure (PKI). When we compare them side by side, Kerberos tickets correspond most closely to which of the following?
Antworten
  • public keys
  • private keys
  • public-key certificates
  • private-key certificates

Frage 31

Frage
In which of the following security models is the subject's clearance compared to the object's classification such that specific rules can be applied to control how the subject-to-object interactions take place?
Antworten
  • Bell-LaPadula model
  • Biba model
  • Access Matrix model
  • Take-Grant model

Frage 32

Frage
Which of the following was developed to address some of the weaknesses in Kerberos and uses public key cryptography for the distribution of secret keys and provides additional access control support?
Antworten
  • SESAME
  • RADIUS
  • KryptoKnight
  • TACACS+

Frage 33

Frage
Single Sign-on (SSO) is characterized by which of the following advantages?
Antworten
  • Convenience
  • Convenience and centralized administration
  • Convenience and centralized data administration
  • Convenience and centralized network administration

Frage 34

Frage
What is the primary role of smartcards in a PKI?
Antworten
  • Transparent renewal of user keys
  • Easy distribution of the certificates between the users
  • Fast hardware encryption of the raw data
  • Tamper resistant, mobile storage and application of private keys of the users

Frage 35

Frage
What kind of certificate is used to validate a user identity?
Antworten
  • Public key certificate
  • Attribute certificate
  • Root certificate
  • Code signing certificate

Frage 36

Frage
The following is not a security characteristic we need to consider while choosing a biometric identification systems:
Antworten
  • data acquisition process
  • cost
  • enrollment process
  • speed and user interface

Frage 37

Frage
In biometric identification systems, at the beginning, it was soon apparent that truly positive identification could only be based on physical attributes of a person. This raised the necessity of answering 2 questions:
Antworten
  • what was the sex of a person and his age
  • what part of body to be used and how to accomplish identification that is viable
  • what was the age of a person and his income level
  • what was the tone of the voice of a person and his habits

Frage 38

Frage
In biometric identification systems, the parts of the body conveniently available for identification are:
Antworten
  • neck and mouth
  • hands, face, and eyes
  • feet and hair
  • voice and neck

Frage 39

Frage
Controlling access to information systems and associated networks is necessary for the preservation of their:
Antworten
  • Authenticity, confidentiality and availability
  • Confidentiality, integrity, and availability.
  • integrity and availability.
  • authenticity, confidentiality, integrity and availability.

Frage 40

Frage
To control access by a subject (an active entity such as individual or process) to an object (a passive entity such as a file) involves setting up:
Antworten
  • Access Rules
  • Access Matrix
  • Identification controls
  • Access terminal

Frage 41

Frage
Rule-Based Access Control (RuBAC) access is determined by rules. Such rules would fit within what category of access control?
Antworten
  • Discretionary Access Control (DAC)
  • Mandatory Access control (MAC)
  • Non-Discretionary Access Control (NDAC)
  • Lattice-based Access control

Frage 42

Frage
The type of discretionary access control (DAC) that is based on an individual's identity is also called:
Antworten
  • Identity-based Access control
  • Rule-based Access control
  • Non-Discretionary Access Control
  • Lattice-based Access control

Frage 43

Frage
Which access control type has a central authority that determine to what objects the subjects have access to and it is based on role or on the organizational security policy?
Antworten
  • Mandatory Access Control
  • Discretionary Access Control
  • Non-Discretionary Access Control
  • Rule-based Access control

Frage 44

Frage
Which of the following control pairings include: organizational policies and procedures, pre- employment background checks, strict hiring practices, employment agreements, employee termination procedures, vacation scheduling, labeling of sensitive materials, increased supervision, security awareness training, behavior awareness, and sign-up procedures to obtain access to information systems and networks?
Antworten
  • Preventive/Administrative Pairing
  • Preventive/Technical Pairing
  • Preventive/Physical Pairing
  • Detective/Administrative Pairing

Frage 45

Frage
Technical controls such as encryption and access control can be built into the operating system, be software applications, or can be supplemental hardware/software units. Such controls, also known as logical controls, represent which pairing?
Antworten
  • Preventive/Administrative Pairing
  • Preventive/Technical Pairing
  • Preventive/Physical Pairing
  • Detective/Technical Pairing

Frage 46

Frage
What is called the use of technologies such as fingerprint, retina, and iris scans to authenticate the individuals requesting access to resources?
Antworten
  • Micrometrics
  • Macrometrics
  • Biometrics
  • MicroBiometrics

Frage 47

Frage
What is called the access protection system that limits connections by calling back the number of a previously authorized location?
Antworten
  • Sendback systems
  • Callback forward systems
  • Callback systems
  • Sendback forward systems

Frage 48

Frage
What are called user interfaces that limit the functions that can be selected by a user?
Antworten
  • Constrained user interfaces
  • Limited user interfaces
  • Mini user interfaces
  • Unlimited user interfaces

Frage 49

Frage
Controls such as job rotation, the sharing of responsibilities, and reviews of audit records are associated with:
Antworten
  • Preventive/physical
  • Detective/technical
  • Detective/physical
  • Detective/administrative

Frage 50

Frage
The control measures that are intended to reveal the violations of security policy using software and hardware are associated with:
Antworten
  • Preventive/physical
  • Detective/technical
  • Detective/physical
  • Detective/administrative

Frage 51

Frage
The controls that usually require a human to evaluate the input from sensors or cameras to determine if a real threat exists are associated with:
Antworten
  • Preventive/physical
  • Detective/technical
  • Detective/physical
  • Detective/administrative

Frage 52

Frage
External consistency ensures that the data stored in the database is:
Antworten
  • in-consistent with the real world.
  • remains consistant when sent from one system to another.
  • consistent with the logical world.
  • consistent with the real world.

Frage 53

Frage
A central authority determines what subjects can have access to certain objects based on the organizational security policy is called:
Antworten
  • Mandatory Access Control
  • Discretionary Access Control
  • Non-Discretionary Access Control
  • Rule-based Access control

Frage 54

Frage
What is called the act of a user professing an identity to a system, usually in the form of a log-on ID?
Antworten
  • Authentication
  • Identification
  • Authorization
  • Confidentiality

Frage 55

Frage
Which one of the following factors is not one on which Authentication is based?
Antworten
  • Type 1 Something you know, such as a PIN or password
  • Type 2 Something you have, such as an ATM card or smart card
  • Type 3 Something you are (based upon one or more intrinsic physical or behavioral traits), such as a fingerprint or retina scan
  • Type 4 Something you are, such as a system administrator or security administrator

Frage 56

Frage
A central authority determines what subjects can have access to certain objects based on the organizational security policy is called:
Antworten
  • Mandatory Access Control
  • Discretionary Access Control
  • Non-Discretionary Access Control
  • Rule-based Access control

Frage 57

Frage
What is called the act of a user professing an identity to a system, usually in the form of a log-on ID?
Antworten
  • Authentication
  • Identification
  • Authorization
  • Confidentiality

Frage 58

Frage
What is called the verification that the user's claimed identity is valid and is usually implemented through a user password at log-on time?
Antworten
  • Authentication
  • Identification
  • Integrity
  • Confidentiality

Frage 59

Frage
Which one of the following factors is not one on which Authentication is based?
Antworten
  • Type 1 Something you know, such as a PIN or password
  • Type 2 Something you have, such as an ATM card or smart card
  • Type 3 Something you are (based upon one or more intrinsic physical or behavioral traits), such as a fingerprint or retina scan
  • Type 4 Something you are, such as a system administrator or security administrator

Frage 60

Frage
The act of requiring two of the three factors to be used in the authentication process refers to:
Antworten
  • Two-Factor Authentication
  • One-Factor Authentication
  • Bi-Factor Authentication
  • Double Authentication

Frage 61

Frage
Which type of password provides maximum security because a new password is required for each new log-on?
Antworten
  • One-time or dynamic password
  • Congnitive password
  • Static password
  • Passphrase

Frage 62

Frage
What is called a password that is the same for each log-on session?
Antworten
  • "one-time password"
  • "two-time password"
  • static password
  • dynamic password

Frage 63

Frage
What is called a sequence of characters that is usually longer than the allotted number for a password?
Antworten
  • passphrase
  • cognitive phrase
  • anticipated phrase
  • Real phrase

Frage 64

Frage
Which best describes a tool (i.e. keyfob, calculator, memory card or smart card) used to supply dynamic passwords?
Antworten
  • Tickets
  • Tokens
  • Token passing networks
  • Coupons

Frage 65

Frage
Which of the following would be true about Static password tokens?
Antworten
  • The owner identity is authenticated by the token
  • The owner will never be authenticated by the token.
  • The owner will authenticate himself to the system
  • The token does not authenticates the token owner but the system

Frage 66

Frage
In Synchronous dynamic password tokens:
Antworten
  • The token generates a new password value at fixed time intervals (this password could be based on the time of day encrypted with a secret key).
  • The token generates a new non-unique password value at fixed time intervals (this password could be based on the time of day encrypted with a secret key).
  • The unique password is not entered into a system or workstation along with an owner's PIN.
  • The authentication entity in a system or workstation knows an owner's secret key and PIN, and the entity verifies that the entered password is invalid and that it was entered during the invalid time window

Frage 67

Frage
In biometrics, "one-to-many" search against database of stored biometric images is done in:
Antworten
  • Authentication
  • Identification
  • Identities
  • Identity-based access control

Frage 68

Frage
Which of the following is true of biometrics?
Antworten
  • It is used for identification in physical controls and it is not used in logical controls
  • It is used for authentication in physical controls and for identification in logical controls
  • It is used for identification in physical controls and for authentication in logical controls.
  • Biometrics has not role in logical controls.

Frage 69

Frage
What is called the percentage of valid subjects that are falsely rejected by a Biometric Authentication system?
Antworten
  • False Rejection Rate (FRR) or Type I Error
  • False Acceptance Rate (FAR) or Type II Error
  • Crossover Error Rate (CER)
  • True Rejection Rate (TRR) or Type III Error

Frage 70

Frage
What is called the percentage of invalid subjects that are falsely accepted by a Biometric authentication system?
Antworten
  • False Rejection Rate (FRR) or Type I Error
  • False Acceptance Rate (FAR) or Type II Error
  • Crossover Error Rate (CER)
  • True Acceptance Rate (TAR) or Type III Error

Frage 71

Frage
What is called the percentage at which the False Rejection Rate equals the False Acceptance Rate?
Antworten
  • False Rejection Rate (FRR) or Type I Error
  • False Acceptance Rate (FAR) or Type II Error
  • Crossover Error Rate (CER)
  • Failure to enroll rate (FTE or FER)

Frage 72

Frage
Considerations of privacy, invasiveness, and psychological and physical comfort when using the system are important elements for which of the following?
Antworten
  • Accountability of biometrics systems
  • Acceptability of biometrics systems
  • Availability of biometrics systems
  • Adaptability of biometrics systems

Frage 73

Frage
Which of the following offers advantages such as the ability to use stronger passwords, easier password administration, one set of credential, and faster resource access?
Antworten
  • Smart cards
  • Single Sign-On (SSO)
  • Symmetric Ciphers
  • Public Key Infrastructure (PKI)

Frage 74

Frage
Which of the following describes the major disadvantage of many Single Sign-On (SSO) implementations?
Antworten
  • Once an individual obtains access to the system through the initial log-on, they have access to all resources within the environment that the account has access to.
  • The initial logon process is cumbersome to discourage potential intruders.
  • Once a user obtains access to the system through the initial log-on, they only need to logon to some applications.
  • Once a user obtains access to the system through the initial log-on, he has to logout from all other systems

Frage 75

Frage
Which of the following is implemented through scripts or smart agents that replays the users multiple log-ins against authentication servers to verify a user's identity which permit access to system services?
Antworten
  • Single Sign-On
  • Dynamic Sign-On
  • Smart cards
  • Kerberos

Frage 76

Frage
Which of the following is not true of the Kerberos protocol?
Antworten
  • Only a single login is required per session.
  • The initial authentication steps are done using public key algorithm
  • The KDC is aware of all systems in the network and is trusted by all of them
  • It performs mutual authentication

Frage 77

Frage
The authenticator within Kerberos provides a requested service to the client after validating which of the following?
Antworten
  • timestamp
  • client public key
  • client private key
  • server public key

Frage 78

Frage
Which of the following is addressed by Kerberos?
Antworten
  • Confidentiality and Integrity
  • Authentication and Availability
  • Validation and Integrity
  • Auditability and Integrity

Frage 79

Frage
Kerberos is vulnerable to replay in which of the following circumstances?
Antworten
  • When a private key is compromised within an allotted time window
  • When a public key is compromised within an allotted time window.
  • When a ticket is compromised within an allotted time window.
  • When the KSD is compromised within an allotted time window.

Frage 80

Frage
Like the Kerberos protocol, SESAME is also subject to which of the following?
Antworten
  • timeslot replay
  • password guessing
  • symmetric key guessing
  • asymmetric key guessing

Frage 81

Frage
RADIUS incorporates which of the following services?
Antworten
  • Authentication server and PIN codes.
  • Authentication of clients and static passwords generation.
  • Authentication of clients and dynamic passwords generation.
  • Authentication server as well as support for Static and Dynamic passwords.

Frage 82

Frage
Which of the following protects a password from eavesdroppers and supports the encryption of communication?
Antworten
  • Challenge Handshake Authentication Protocol (CHAP)
  • Challenge Handshake Identification Protocol (CHIP)
  • Challenge Handshake Encryption Protocol (CHEP)
  • Challenge Handshake Substitution Protocol (CHSP)

Frage 83

Frage
Which of the following represents the columns of the table in a relational database?
Antworten
  • attributes
  • relation
  • record retention
  • records or tuples

Frage 84

Frage
A database view is the results of which of the following operations?
Antworten
  • Join and Select.
  • Join, Insert, and Project
  • Join, Project, and Create.
  • Join, Project, and Select.

Frage 85

Frage
Which of the following is used to create and modify the structure of your tables and other objects in the database?
Antworten
  • SQL Data Definition Language (DDL)
  • SQL Data Manipulation Language (DML)
  • SQL Data Relational Language (DRL)
  • SQL Data Identification Language (DIL)

Frage 86

Frage
Which of the following is used to monitor network traffic or to monitor host audit logs in real time to determine violations of system security policy that have taken place?
Antworten
  • Intrusion Detection System
  • Compliance Validation System
  • Intrusion Management System (IMS)
  • Compliance Monitoring System

Frage 87

Frage
Which of the following monitors network traffic in real time?
Antworten
  • network-based IDS
  • host-based IDS
  • application-based IDS
  • firewall-based IDS

Frage 88

Frage
A host-based IDS is resident on which of the following?
Antworten
  • On each of the critical hosts
  • decentralized hosts
  • central hosts
  • bastion hosts

Frage 89

Frage
Which of the following usually provides reliable, real-time information without consuming network or host resources?
Antworten
  • network-based IDS
  • host-based IDS
  • application-based IDS
  • firewall-based IDS

Frage 90

Frage
The fact that a network-based IDS reviews packets payload and headers enable which of the following?
Antworten
  • Detection of denial of service
  • Detection of all viruses
  • Detection of data corruption
  • Detection of all password guessing attacks

Frage 91

Frage
Which of the following reviews system and event logs to detect attacks on the host and determine if the attack was successful?
Antworten
  • host-based IDS
  • firewall-based IDS
  • bastion-based IDS
  • server-based IDS

Frage 92

Frage
What would be considered the biggest drawback of Host-based Intrusion Detection systems (HIDS)?
Antworten
  • It can be very invasive to the host operating system
  • Monitors all processes and activities on the host system only
  • Virtually eliminates limits associated with encryption
  • They have an increased level of visibility and control compared to NIDS

Frage 93

Frage
Attributes that characterize an attack are stored for reference using which of the following Intrusion Detection System (IDS)?
Antworten
  • signature-based IDS
  • statistical anomaly-based IDS
  • event-based IDS
  • inferent-based IDS

Frage 94

Frage
Which of the following is an issue with signature-based intrusion detection systems?
Antworten
  • Only previously identified attack signatures are detected.
  • Signature databases must be augmented with inferential elements.
  • It runs only on the windows operating system
  • Hackers can circumvent signature evaluations.

Frage 95

Frage
Which of the following is an IDS that acquires data and defines a "normal" usage profile for the network or host?
Antworten
  • Statistical Anomaly-Based ID
  • Signature-Based ID
  • dynamical anomaly-based ID
  • inferential anomaly-based ID

Frage 96

Frage
Which of the following is most relevant to determining the maximum effective cost of access control?
Antworten
  • the value of information that is protected
  • management's perceptions regarding data importance
  • budget planning related to base versus incremental spending
  • the cost to replace lost data

Frage 97

Frage
Which of the following is not a factor related to Access Control?
Antworten
  • integrity
  • authenticity
  • confidentiality
  • availability

Frage 98

Frage
Which of the following is most appropriate to notify an external user that session monitoring is being conducted?
Antworten
  • Logon Banners
  • Wall poster
  • Employee Handbook
  • Written agreement

Frage 99

Frage
Which of the following pairings uses technology to enforce access control policies?
Antworten
  • Preventive/Administrative
  • Preventive/Technical
  • Preventive/Physical
  • Detective/Administrative

Frage 100

Frage
In the course of responding to and handling an incident, you work on determining the root cause of the incident. In which step are you in?
Antworten
  • Recovery
  • Containment
  • Triage
  • Analysis and tracking

Frage 101

Frage
Access control is the collection of mechanisms that permits managers of a system to exercise a directing or restraining influence over the behavior, use, and content of a system. It does not permit management to:
Antworten
  • specify what users can do
  • specify which resources they can access
  • specify how to restrain hackers
  • specify what operations they can perform on a system

Frage 102

Frage
Access Control techniques do not include which of the following choices?
Antworten
  • Relevant Access Controls
  • Discretionary Access Control
  • Mandatory Access Control
  • Lattice Based Access Control

Frage 103

Frage
Which of the following statements relating to the Bell-LaPadula security model is false (assuming the Strong Star property is not being used)?
Antworten
  • A subject is not allowed to read up
  • The *- property restriction can be escaped by temporarily downgrading a high level subject.
  • A subject is not allowed to read down
  • It is restricted to confidentiality

Frage 104

Frage
When a biometric system is used, which error type deals with the possibility of granting access to impostors who should be rejected?
Antworten
  • Type I error
  • Type II error
  • Type III error
  • Crossover error

Frage 105

Frage
Which of the following is the FIRST step in protecting data's confidentiality?
Antworten
  • Install a firewall
  • Implement encryption
  • Identify which information is sensitive
  • Review all user access rights

Frage 106

Frage
Which of the following best ensures accountability of users for the actions taken within a system or domain?
Antworten
  • Identification
  • Authentication
  • Authorization
  • Credentials

Frage 107

Frage
Which of the following statements pertaining to biometrics is false?
Antworten
  • User can be authenticated based on behavior.
  • User can be authenticated based on unique physical attributes.
  • User can be authenticated by what he knows.
  • A biometric system's accuracy is determined by its crossover error rate (CER).

Frage 108

Frage
Which of the following biometric devices offers the LOWEST CER?
Antworten
  • Keystroke dynamics
  • Voice verification
  • Iris scan
  • Fingerprint

Frage 109

Frage
Which of the following is the weakest authentication mechanism?
Antworten
  • Passphrases
  • Passwords
  • One-time passwords
  • Token devices

Frage 110

Frage
Which of the following statements pertaining to access control is false?
Antworten
  • Users should only access data on a need-to-know basis.
  • If access is not explicitly denied, it should be implicitly allowed.
  • Access rights should be granted based on the level of trust a company has on a subject.
  • Roles can be an efficient way to assign rights to a type of user who performs certain tasks.

Frage 111

Frage
Which of the following is not part of the Kerberos authentication protocol?
Antworten
  • Symmetric key cryptography
  • Authentication service (AS)
  • Principals
  • Public Key

Frage 112

Frage
Which access control model enables the owner of the resource to specify what subjects can access specific resources based on their identity?
Antworten
  • Discretionary Access Control
  • Mandatory Access Control
  • Sensitive Access Control
  • Role-based Access Control

Frage 113

Frage
Which of the following access control models is based on sensitivity labels?
Antworten
  • Discretionary access contro
  • Mandatory access control
  • Rule-based access control
  • Role-based access control
Zusammenfassung anzeigen Zusammenfassung ausblenden

ähnlicher Inhalt

CISSP Domains
pikeje
Certified Information Systems Security Professional (CISSP)
GoAsk Chaz
CISSP Domians
examtime8725
CISSP Incidents and Ethics
Dani B
Chapter 5 - CISSP Domain 2 - Protecting Security of Assets
Niels de Jonge
Chapter 4 - CISSP Domain 1 - Laws, Regulations and Compliance
Niels de Jonge
Asset Security
Dani B
Security Engineering
sefa duran
Chapter 6 - CISSP Domain 3 - Cryptographic and Symmetric Algorithms
Niels de Jonge
BCP/DR
hunter sekara
CISSP Domains
Sara Talbott