Extra 1357-1448

Question 1

QUESTION NO: 1357 Which type of network topology passes all traffic through all active nodes? A. Broadband B. Star C. Baseband D. Token Ring

Answer 1

Answer: D Explanation: Token ring passes all traffic through nodes.

Question 2

QUESTION NO: 1358 The act of validating a user with a unique and specific identifier is called what? A. Validation B. Registration C. Authentication D. Authorization E. Identification

Answer 2

Answer: C Explanation: Authentication is the act of validating a user with a unique and specific identifier.

Question 3

QUESTION NO: 1359 Why is fiber the most secure means of transmission? A. High speed multiplexing B. Interception of traffic is more difficult because it is optically based C. Higher data rates make it more secure D. Multiplexing prevents traffic analysis E. Built-in fault tolerance

Answer 3

Answer: B Explanation: Fiber is more secure because it is hard to tap into and gives off no EMI such as copper cabling.

Question 4

QUESTION NO: 1360 The IAB defines which of the following as a violation of ethics? A. Performing a DoS B. Downloading an active control C. Performing a penetration test D. Creating a virus E. Disrupting Internet communications

Answer 4

Answer: E Explanation: The IAB considers the Internet a privilege, not a right, and as such considers it unethical to purposely disrupt communications.

Question 5

QUESTION NO: 1361 A chain of custody shows who ______ _________ and _________.(Choose three) A. Who controlled the evidence B. Who transcribed the evidence C. Who validated the evidence D. Who presented the evidence E. Secured the evidence F. Obtained the evidence

Answer 5

Answer: A,E,F Explanation: The chain of evidence shows who obtained the evidence, who secured the evidence, and who controlled the evidence.

Question 6

QUESTION NO: 1362 Good forensics requires the use of a bit level copy?(True/False) A. True B. False

Answer 6

Answer: A Explanation: Good forensics requires the use of a bit level copy. A bit level copy duplicates all information on the suspect’s disk. This includes slack space and free space.

Question 7

QUESTION NO: 1363 Which agency shares the task of investigating computer crime along with the FBI? A. Secret Service B. CIA C. Department of justice D. Police force E. NSA

Answer 7

Answer: A Explanation: Along with the FBI, the Secret Service has been given the authority to investigate computer crime.

Question 8

QUESTION NO: 1364 This type of password recovery is considered more difficult and must work through all possible combinations of numbers and characters. A. Passive B. Active C. Dictionary D. Brute force E. Hybrid

Answer 8

Answer: D Explanation: Brute force cracking is considered more difficult and must work through all possible combinations of numbers and characters.

Question 9

QUESTION NO: 1365 _______ are added to Linux passwords to increase their randomness. A. Salts B. Pepper C. Grains D. MD5 hashes E. Asymmetric algorithms

Answer 9

Answer: A Explanation: Salts are added to Linux passwords to increase their randomness. They are used to help insure that no two users have the same, hashed password.

Question 10

QUESTION NO: 1366 The Linux root user password is typically kept in where?(Choose two) A. etc/shadow B. cmd/passwd C. etc/passwd D. windows/system32 E. var/sys F. var/password

Answer 10

Answer: A,C Explanation: The Linux root user password is typically kept in /etc/passwd or etc/shadow.

Question 11

QUESTION NO: 1367 The goal of cryptanalysis is to ____________. A. Determine the number of encryption permutations required B. Reduce the system overhead for a crypto-system C. Choose the correct algorithm for a specified purpose D. Forge coded signals that will be accepted as authentic E. Develop secure crypto-systems

Answer 11

Answer: D Explanation: The goal of cryptanalysis is to forge coded signals that will be accepted as authentic.

Question 12

QUESTION NO: 1368 If an employee is suspected of computer crime and evidence need to be collected, which of the following departments must be involved with the procedure? A. Public relations B. Law enforcement C. Computer security D. Auditing E. HR

Answer 12

Answer: E Explanation: Human Resources always needs to be involved if an employee is suspected of wrongdoing. They know what rules apply to protect and prosecute employees.

Question 13

QUESTION NO: 1369 What is it called when a system has apparent flaws that were deliberately available for penetration and exploitation? A. A jail B. Investigation C. Enticement D. Data manipulation E. Trapping

Answer 13

Answer: C Explanation: Administrators that leave systems with apparent flaws are performing an act of enticement. This is sometimes called a honeypot.

Question 14

QUESTION NO: 1370 Why are computer generated documents not considered reliable? A. Difficult to detect electron tampering B. Stored in volatile media C. Unable to capture and reproduce D. Too delicate E. Because of US law, Section 7 paragraph 154

Answer 14

Answer: A Explanation: Because it is difficult to detect electron tampering and can be easily modified.

Question 15

QUESTION NO: 1371 What is the name of the software that prevents users from seeing all items or directories on a computer and is most commonly found in the UNIX/Linux environment? A. Shell Kits B. Root Kits C. Ethereal D. Shadow data E. Netbus

Answer 15

Answer: D

Question 16

QUESTION NO: 1372 What is a commercial application of steganography that is used to identify pictures or verify their authenticity? A. A MAC B. A digital checksum C. A MD5 hash D. A digital signature E. A watermark

Answer 16

Answer: E Explanation: A watermark is a commercial application of steganography that is used to identify pictures or verify its authenticity.

Question 17

QUESTION NO: 1373 What are the basic questions that must be asked at the beginning of any investigation?(Choose all that apply) A. Who B. Cost C. What D. When E. Where F. How G. Time frame H. Budget

Answer 17

Answer: A,C,D,E,F Explanation: At the beginning of any investigation, an investigator must ask who, what, when, where, and how. Answering the questions will lead to the successful conclusion of the case.

Question 18

QUESTION NO: 1374 Risk can be eliminated.(True/False) A. True B. False

Answer 18

Answer: B Explanation: Risk can never be eliminated. It may be reduced or transferred to a third party through insurance, but will always remain in some form.

Question 19

QUESTION NO: 1375 Employees are a greater risk to employers than outsiders. T/F(True/False) A. True B. False

Answer 19

Answer: A Explanation: Employees are a greater risk to employers than outsiders, because they possess two of the three items required to commit a crime: means and opportunity.

Question 20

QUESTION NO: 1376 When an organization takes reasonable measures to ensure that it took precautions to protect its network and resources is called: A. Reasonable Action B. Security Mandate C. Due Care D. Prudent Countermeasures

Answer 20

Answer: C Explanation: Due care are the steps taken to show it has taken responsibility for its actions.

Question 21

QUESTION NO: 1377 What two things below are associated with security policy?(Choose Two) A. Support of upper management B. Support of department managers C. Are tactical in nature D. Are strategic in nature E. Must be developed after procedures F. Must be developed after guidelines

Answer 21

Answer: A,D Explanation: Policies are written as a broad overview and require the support of upper management. After the development and approval of policies, guidelines and procedures may be written.

Question 22

QUESTION NO: 1378 Total risk is equal to:(Choose All That Apply) A. Threat B. Vulnerability C. Frequency D. Asset value E. Asset loss

Answer 22

Answer: A,B,D Explanation: Total risk = asset value * vulnerability * threats

Question 23

QUESTION NO: 1379 Government data classifications include which of the following:(Choose four) A. Open B. Unclassified C. Confidential D. Private E. Secret F. Top Secret

Answer 23

Answer: B,C,E,F Explanation: One of the most common systems used to classify information is the one developed within the US Department of Defense. These include: unclassified, sensitive, confidential, secret, and top secret.

Question 24

QUESTION NO: 1380 Job rotation is important because: A. It insures your employees are cross-trained. B. It increases job satisfaction. C. It reduces the opportunity for fraud

Answer 24

Answer: C Explanation: Job rotation is tightly tied to the principle of least privilege. It is an effective security control.

Question 25

QUESTION NO: 1381 Your co-worker is studying for the CISSP exam and has come to you with a question. What is ARP poisoning? A. Flooding of a switched network B. A denial of service that uses the DNS death ping C. Turning of IP to MAC resolution D. Inserting a bogus IP and MAC address in the ARP table E. Modifying a DNS record

Answer 25

Answer: D Explanation: ARP poisoning is a masquerading attack where the attacker inserts a bogus IP and MAC address in a victims ARP table or into the table of a switch. This has the effect of redirecting traffic to the attacker and not to the intended computer.

Question 26

QUESTION NO: 1382 What is the best description for CHAP Challenge Handshake Authentication Protocol? A. Passwords are sent in clear text B. Passwords are not sent in clear text C. Passwords are not used, a digital signature is sent D. It is substandard to PAP E. It was used with PS2’s and has been discontinued

Answer 26

Answer: B Explanation: Passwords are not sent in clear text. The server performing the authentication sends a challenge value and the user types in the password. The password is used to encrypt the challenge value then is sent back to the authentication server.

Question 27

QUESTION NO: 1383 CSMA/CD computers cannot communicate without a token.(True/False) A. True B. False

Answer 27

Answer: B Explanation: CSMA/CD computers do not use a token. It is the media access method used in Ethernet.

Question 28

QUESTION NO: 1384 __________ sends out a message to all other computers indicating it is going to send out data. A. CSMA/CD B. CSMA/CA C. CSMA/HB D. PPP E. SLIP

Answer 28

Answer: B Explanation: CSMA/CA sends out a message to all other computers indicating it is going to send out data. CSMA/CA or token ring networking uses this approach to reduce the amount of data collisions.

Question 29

QUESTION NO: 1385 Which of the following best describes ISDN BRI(Choose two) A. 2 B channels B. 4 B channels C. 23 B channels D. 1 D channel E. 2 D channels

Answer 29

Answer: A,D Explanation: ISDN BRI has 2 B and 1 D channels

Question 30

QUESTION NO: 1386 The top speed of ISDN BRI is 256 KBS.(True/False) A. True B. False

Answer 30

Answer: B Explanation: The top speed of ISDN BRI is 128 KBS. Its two primary channels are each capable of carrying 64 KBS so the combined top speed is 128 KBS.

Question 31

QUESTION NO: 1387 Which of the following should NOT be implemented to protect PBX’s?(Choose all that apply) A. Change default passwords and configurations B. Make sure that maintenance modems are on 24/7 C. Review telephone bill regularly D. Block remote calling after business hours E. Post PBX configuration and specs on the company website

Answer 31

Answer: B,E Explanation: Many vendors have maintenance modems that vendors can use to troubleshoot systems and provide updates. They should normally be turned off. Also information about the system should not be posted on the website and should be closely guarded.

Question 32

QUESTION NO: 1388 Which of the following best describes the difference between a circuit based and application based firewall? A. Application based is more flexible and handles more protocols B. Circuit based provides more security C. Application based builds a state table D. Circuit based looks at IP addresses and ports E. Circuit based firewalls are only found in Cisco routers

Answer 32

Answer: D Explanation: Circuit based look only at IP address and ports, whereas application based dig much deeper into the packet. This makes it more secure.

Question 33

QUESTION NO: 1389 _________ is the fraudulent use of telephone services. A. Rolling B. Warzing C. Wardriving D. Wardialing E. Phreaking

Answer 33

Answer: E Explanation: Phreaking is the fraudulent use of telephone services.

Question 34

QUESTION NO: 1390 What is another name for a VPN? A. Firewall B. Tunnel C. Packet switching D. Pipeline E. Circuit switching

Answer 34

Answer: B Explanation: A VPN creates a secure tunnel through an insecure network.

Question 35

QUESTION NO: 1391 Which of the following is a connection-orientated protocol? A. IP B. UDP C. TCP D. ICMP E. SNMP F. TFTP

Answer 35

Answer: C Explanation: TCP is a connection-orientated protocol.

Question 36

QUESTION NO: 1392 Which of the following is not considered firewall technology? A. Screened subnet B. Screened host C. Duel gateway host D. Dual homed host

Answer 36

Answer: C Explanation: Duel gateway host is not considered firewall technology.

Question 37

QUESTION NO: 1393 Which of the following can be used to defeat a call-back security system? A. Call waiting B. Passive wiretapping C. Active wiretapping D. Brute force password attacks E. Call forwarding

Answer 37

Answer: E Explanation: Call forwarding can be used to bypass the call back feature and is considered a security risk.

Question 38

QUESTION NO: 1394 Which type of network topology passes all traffic through all active nodes? A. Broadband B. Star C. Baseband D. Token Ring

Answer 38

Answer: D Explanation: Token ring passes all traffic through nodes.

Question 39

QUESTION NO: 1395 The act of validating a user with a unique and specific identifier is called what? A. Validation B. Registration C. Authentication D. Authorization E. Identification

Answer 39

Answer: C Explanation: Authentication is the act of validating a user with a unique and specific identifier.

Question 40

QUESTION NO: 1396 Why is fiber the most secure means of transmission? A. High speed multiplexing B. Interception of traffic is more difficult because it is optically based C. Higher data rates make it more secure D. Multiplexing prevents traffic analysis E. Built-in fault tolerance

Answer 40

Answer: B Explanation: Fiber is more secure because it is hard to tap into and gives off no EMI such as copper cabling.

Question 41

QUESTION NO: 1397 The IAB defines which of the following as a violation of ethics? A. Performing a DoS B. Downloading an active control C. Performing a penetration test D. Creating a virus E. Disrupting Internet communications

Answer 41

Answer: E Explanation: The IAAB considers the Internet a privilege, not a right, and as such considers it unethical to purposely disrupt communications.

Question 42

QUESTION NO: 1398 A chain of custody shows who ______ _________ and _________.(Choose three) A. Who controlled the evidence B. Who transcribed the evidence C. Who validated the evidence D. Who presented the evidence E. Secured the evidence F. Obtained the evidence

Answer 42

Answer: A,E,F Explanation: The chain of evidence shows who obtained the evidence, who secured the evidence, and who controlled the evidence.

Question 43

QUESTION NO: 1399 Good forensics requires the use of a bit level copy?(True/False) A. True B. False

Answer 43

Answer: A Explanation: Good forensics requires the use of a bit level copy. A bit level copy duplicates all information on the suspect’s disk. This includes slack space and free space.

Question 44

QUESTION NO: 1400 Which agency shares the task of investigating computer crime along with the FBI? A. Secret Service B. CIA C. Department of justice D. Police force E. NSA

Answer 44

Answer: A Explanation: Along with the FBI, the Secret Service has been given the authority to investigate computer crime.

Question 45

QUESTION NO: 1401 This type of password recovery is considered more difficult and must work through all possible combinations of numbers and characters. A. Passive B. Active C. Dictionary D. Brute force E. Hybrid

Answer 45

Answer: D Explanation: Brute force cracking is considered more difficult and must work through all possible combinations of numbers and characters.

Question 46

QUESTION NO: 1402 _______ are added to Linux passwords to increase their randomness. A. Salts B. Pepper C. Grains D. MD5 hashes E. Asymmetric algorithms

Answer 46

Answer: A Explanation: Salts are added to Linux passwords to increase their randomness. They are used to help insure that no two users have the same, hashed password.

Question 47

QUESTION NO: 1403 The Linux root user password is typically kept in where?(Choose two) A. etc/shadow B. cmd/passwd C. etc/passwd D. windows/system32 E. var/sys F. var/password

Answer 47

Answer: A,C Explanation: The Linux root user password is typically kept in /etc/passwd or etc/shadow.

Question 48

QUESTION NO: 1404 The goal of cryptanalysis is to ____________. A. Determine the number of encryption permutations required B. Reduce the system overhead for a crypto-system C. Choose the correct algorithm for a specified purpose D. Forge coded signals that will be accepted as authentic E. Develop secure crypto-systems

Answer 48

Answer: D Explanation: The goal of cryptanalysis is to forge coded signals that will be accepted as authentic.

Question 49

QUESTION NO: 1405 If an employee is suspected of computer crime and evidence need to be collected, which of the following departments must be involved with the procedure? A. Public relations B. Law enforcement C. Computer security D. Auditing E. HR

Answer 49

Answer: E Explanation: Human Resources always needs to be involved if an employee is suspected of wrongdoing. They know what rules apply to protect and prosecute employees.

Question 50

QUESTION NO: 1406 What is it called when a system has apparent flaws that were deliberately available for penetration and exploitation? A. A jail B. Investigation C. Enticement D. Data manipulation E. Trapping

Answer 50

Answer: C Explanation: Administrators that leave systems with apparent flaws are performing an act of enticement. This is sometimes called a honeypot.

Question 51

QUESTION NO: 1407 Why are computer generated documents not considered reliable? A. Difficult to detect electron tampering B. Stored in volatile media C. Unable to capture and reproduce D. Too delicate E. Because of US law, Section 7 paragraph 154

Answer 51

Answer: A Explanation: Because it is difficult to detect electron tampering and can be easily modified.

Question 52

QUESTION NO: 1408 What is the name of the software that prevents users from seeing all items or directories on a computer and is most commonly found in the UNIX/Linux environment? A. Shell Kits B. Root Kits C. Ethereal D. Shadow data E. Netbus

Answer 52

Answer: D

Question 53

QUESTION NO: 1409 What is a commercial application of steganography that is used to identify pictures or verify their authenticity? A. A MAC B. A digital checksum C. A MD5 hash D. A digital signature E. A watermark

Answer 53

Answer: E Explanation: A watermark is a commercial application of steganography that is used to identify pictures or verify its authenticity.

Question 54

QUESTION NO: 1410 What are the basic questions that must be asked at the beginning of any investigation?(Choose all that apply) A. Who B. Cost C. What D. When E. Where F. How G. Time frame H. Budget

Answer 54

Answer: A,C,D,E,F Explanation: At the beginning of any investigation, an investigator must ask who, what, when, where, and how. Answering the questions will lead to the successful conclusion of the case.

Question 55

QUESTION NO: 1411 Risk can be eliminated.(True/False) A. True B. False

Answer 55

Answer: B Explanation: Risk can never be eliminated. It may be reduced or transferred to a third party through insurance, but will always remain in some form.

Question 56

QUESTION NO: 1412 Employees are a greater risk to employers than outsiders. T/F(True/False) A. True B. False

Answer 56

Answer: A Explanation: Employees are a greater risk to employers than outsiders, because they possess two of the three items required to commit a crime: means and opportunity.

Question 57

QUESTION NO: 1413 What does the term “red boxing” mean? A. Denial of Service B. Telephone voltage manipulation C. Sounds of coins dropping D. Tone manipulation E. A salami attack

Answer 57

Answer: C Explanation: Red boxing was used by phone phreakers to record the sound off coins dropping in pay phones and play it back to gain free phone access.

Question 58

QUESTION NO: 1414 Which of the following is the proper lifecycle of evidence? A. A Collection, storage, present in court, destroy B. Collection, transportation, storage, return to owner C. Collection, present in court, transportation, return to owner D. Collection, analysis, storage, present in court, return to owner E. Collection, storage, transportation, present in court, return to owner

Answer 58

Answer: D Explanation: The life cycle of evidence includes: collection, analysis, storage, present in court, and return to owner

Question 59

QUESTION NO: 1415 A copy of a computer disk would be what type of evidence? A. Secondary B. Best C. Hearsay D. Direct E. Indirect

Answer 59

Answer: C Explanation: A copy of a computer disk is considered hearsay, because unless it has been copied in a forensically approved manner, it is not credible evidence.

Question 60

QUESTION NO: 1416 A copyright protects _________. A. The trade secrets of a company B. A persons private papers C. An invention D. An expression or an idea E. Distinguishing or unique characters, colors, or words

Answer 60

Answer: D Explanation: A copyright protects the expression of a resource, not the resource directly.

Question 61

QUESTION NO: 1417 ________ is a ________ attack that eavesdrops on communication. (Choose two) A. Passive B. Active C. Brute force D. Wiretapping E. Password cracking

Answer 61

Answer: A,D Explanation: Wiretapping is a passive attack that eavesdrops on communication. It is only legal with prior consent or a warrant.

Question 62

QUESTION NO: 1418 What types of laws are considered standards of performance or conduct expected by government agencies from companies, industries, and certain officials.(Chose all that apply) A. Civil B. Criminal C. Administrative D. Regulatory E. Tort

Answer 62

Answer: C,D Explanation: Administrative or regulatory laws are considered standards of performance or conduct expected by government agencies from companies, industries, and certain officials.

Question 63

QUESTION NO: 1419 Sandra’s employer is considering placing login banners on all company computers to indicate to the users about the permitted use of company computers. What is this called? A. Employee privacy law B. Employee policies C. Employee regulations D. User policies E. Acceptable use policy

Answer 63

Answer: E Explanation: Acceptable use policies provide the company with legal protection. Logon banners should be used to inform users what will happen if they do not follow company rules.

Question 64

QUESTION NO: 1420 ________ deemed proprietary to a company and can be information that provides a competitive edge. A. Trade secrets are B. Copyrights are C. Restricted information is D. Information marked strictly private is

Answer 64

Answer: A Explanation: Trade secrets are deemed proprietary to a company and can be information that provides a competitive edge. This information is protected as long as the owner takes the necessary security actions.

Question 65

QUESTION NO: 1421 Sandra is studying for her CISSP exam. Sandra has come to you for help and wants to know what the last step in the change control process is? A. Validated and approved B. Test and implement C. Review and approve D. Report change to management E. Inform user of change

Answer 65

Answer: D Explanation: Reporting the change to management is the last step in the process.

Question 66

QUESTION NO: 1422 Who is ultimately responsible for the security of an organization? A. Management B. Senior management C. The chief security officer D. Department heads E. Employees

Answer 66

Answer: B Explanation: Senior management is ultimately responsible for the security of an organization. Policy flows from the top down.

Question 67

QUESTION NO: 1423 Which of the following falls under the categories of configuration management?(Choose three) A. Operating system configuration B. Software configuration C. Hardware configuration D. Logical configuration E. Physical configuration

Answer 67

Answer: A,B,C Explanation: Configuration management controls the changes that take place in hardware, software, and operating systems.

Question 68

QUESTION NO: 1424 Macro viruses infect what type of files. A. Microsoft office files B. Mail servers C. E-mail messages D. Web browsers E. Linux Kernel files

Answer 68

Answer: A Explanation: Macro viruses infect Microsoft office files. There are many macro viruses because the macro language is easy to use and because Microsoft Office is prolific.

Question 69

QUESTION NO: 1425 What is another name for rows and columns within relational databases?(Choose two) A. Relations B. Keys C. Tuples D. Views E. Attributes

Answer 69

Answer: C,E Explanation: Within a relational database, the rows of a table are called tuples and the columns are called attributes.

Question 70

QUESTION NO: 1426 Which of the following can reproduce itself without the help of system applications or resources? A. Trojan B. Logic bomb C. Virus D. Worm E. Backdoor

Answer 70

Answer: D Explanation: Worms can reproduce themselves without the help of system applications or resources.

Question 71

QUESTION NO: 1427 What is the final stage of the system development life cycle? A. Certification B. Validation C. Evaluation D. Implementation E. Maintenance F. Installation

Answer 71

Answer: E Explanation: Maintenance is the final stage of the system development life cycle.

Question 72

QUESTION NO: 1428 A polymorphic virus is _____________. A. A virus that makes copies of itself and then makes changes to those copies B. A virus that can make itself stealth C. A virus that is written in a macro language D. A virus that is written in visual basic E. A virus that infects the boot sector of a hard drive

Answer 72

Answer: A Explanation: A polymorphic virus is a virus that makes copies of itself, then makes changes to those copies. It does this in hopes of avoiding detection of anti-virus software.

Question 73

QUESTION NO: 1429 Which one of the following is identified by a business impact analysis?(Choose three) A. Determining regulatory requirements B. Analyzing the threats associated with each functional area C. Determining the risk associated with each threat D. Identifying the major functional areas of information E. Determining the team members that will be associated with disaster planning

Answer 73

Answer: B,C,D Explanation: The following identifies a business impact analysis: analyzing the threats associated with each functional area, determining the risk associated with each threat, and identifying the major functional areas of information.

Question 74

QUESTION NO: 1430 _______ are the step-by-step instructions used to satisfy control requirements. A. Policy B. Procedure C. Guideline D. Standard E. Outline

Answer 74

Answer: B Explanation: Procedures are the step-by-step instructions used to satisfy control requirements.

Question 75

QUESTION NO: 1431 Which of the following are controls that can be used to secure faxing of sensitive data?(Choose all that apply) A. Disable automatic printing B. Print “sensitive document banner” on each page C. Fax encryptor D. Send to email boxes instead of printing E. Restrict the use of fax machines that use a ribbon or duplication cartridge

Answer 75

Answer: A,C,D,E Explanation: All of the items listed can help secure faxes except printing a sensitive document banner, which actually encourages people to look at the document.

Question 76

QUESTION NO: 1432 Which of the following are considered administrative controls?(Choose all that apply) A. Rotation of duties B. Separation of duties C. Implementation of WEP keys D. Enforcing mandatory vacations

Answer 76

Answer: A,B,D Explanation: Rotation of duties, separation of duties, and mandatory vacations are all administrative controls, enforcing WEP is a technical control

Question 77

QUESTION NO: 1433 Why should organizations enforce separation of duties? A. It ensures compliance with federal union rules B. It helps verify that all employees know their job tasks C. It provides for a better work environment D. It encourages collusion E. It is considered valuable in deterring fraud

Answer 77

Answer: E Explanation: Separation of duties is considered valuable in deterring fraud since fraud can occur if an opportunity exists for collaboration between various job related capabilities. The most commonly used examples are the separate transactions needed to initiate a payment and to authorize a payment. No single individual should be capable of executing both transactions.

Question 78

QUESTION NO: 1434 What is the most secure way to dispose of data held on a CD? A. Reformatting B. Sanitizing C. Physical destruction D. Degaussing

Answer 78

Answer: C Explanation: Since CD’s cannot be sanitized in a way to remove all data, they should be physically destroyed. There are many products that con do this. Some actually shred the CD!

Question 79

QUESTION NO: 1435 What is the most accepted way to dispose data held on a floppy disk? A. Reformatting B. Sanitizing C. Physical destruction D. Degaussing

Answer 79

Answer: D Explanation: Degaussing is the most accepted way of disposing data held on a floppy disk.

Question 80

QUESTION NO: 1436 Which of the following is NOT an attack against operations? A. Morris Worm B. SYN Denial of Service C. Buffer Overflow D. Brute force E. Known plain text attack

Answer 80

Answer: E Explanation: A known plain text attack is an attack against the organization’s cryptosystem, not a direct attack against operations.

Question 81

QUESTION NO: 1437 Which one of the following tools can be used to launch a Distributed Denial of service attack against a network? A. Satan B. Saint C. Trinoo D. Nmap E. Netcat

Answer 81

Answer: C Explanation: Trinoo and the Tribal Flood Network (TFN) are the two most commonly used distributed denial of service attacks. The other four tools mentioned are reconnaissance techniques used to map networks and scan for known vulnerabilities.

Question 82

QUESTION NO: 1438 Which one of the following network attacks takes advantages of weaknesses in the fragment reassembly functionality of the TCP/IP protocol stack? A. Teardrop B. Smurf C. Ping of Death D. SYN flood E. SNMP Attack

Answer 82

Answer: A Explanation: The teardrop attack uses overlapping packet fragments to confuse a target system and cause the system to reboot or crash.

Question 83

QUESTION NO: 1439 What are the elements of the CIA triad?(Choose three) A. Confidentiality B. Accountability C. Accessibility D. Integrity E. Interest F. Control G. Availability

Answer 83

Answer: A,D,G Explanation: The essential security principles of confidentiality, integrity, and availability are referred to as the CIA Triad.

Question 84

QUESTION NO: 1440 ____________ is the first step of access control. A. Identification B. Authorization C. Validation D. Interrogation E. Accountability logging

Answer 84

Answer: A Explanation: The first step in the access control process is identifying who the subject is.

Question 85

QUESTION NO: 1441 What is a Type 2 authentication factor? A. Something you know B. Something you are C. Something you have

Answer 85

Answer: C Explanation: A Type 2 authentication factor is something you have, such as a smart card, ATM card, token device, memory card, etc.

Question 86

QUESTION NO: 1442 _______ requires that two entities work together to complete a task? A. Rotation of duties B. Separation of duties C. Dual controls D. Enforced mandatory vacations E. Workplace rules

Answer 86

Answer: C Explanation: Dual controls require that two entities work together to complete a task. This is used to reduce the possibility of fraud.

Question 87

QUESTION NO: 1443 PGP provides which of the following?(Choose three) A. Confidentiality B. Accountability C. Accessibility D. Integrity E. Interest F. Non-repudiation G. Authenticity

Answer 87

Answer: A,D,G Explanation: PGP provides confidentiality, integrity, and authenticity.

Question 88

QUESTION NO: 1444 Computer security is generally considered the responsibility of everyone in the organization.(True/False) A. True B. False

Answer 88

Answer: A Explanation: Everyone is responsible for security.

Question 89

QUESTION NO: 1445 Which aspect of security was the Bell-LaPadula access control model designed to protect? A. Authenticity B. Accountability C. Accessibility D. Integrity E. Interest F. Non-repudiation G. Confidentiality

Answer 89

Answer: G Explanation: The Bell-LaPadula model is focused on maintaining confidentiality.

Question 90

QUESTION NO: 1446 Which access control method uses security policies and security awareness training to stop or deter an unauthorized activity from occurring? A. Administrative B. Preventative C. Detective D. Authoritative E. Corrective .

Answer 90

Answer: B Explanation: Preventative access control is deployed to stop an unauthorized activity from occurring

Question 91

QUESTION NO: 1447 The Secure Hash Algorithm (SHA) is specified in? A. Digital Encryption Standard B. Digital Signature Standard C. Digital Encryption Standard D. Advanced Encryption Standard E. NSA 1403

Answer 91

Answer: B Explanation: SHA is specified in DSS, not DES. DSS: http://www.itl.nist.gov/fipspubs/fip186.htm DES: http://www.itl.nist.gov/fipspubs/fip46-2.htm

Question 92

QUESTION NO: 1448 Which of the following is an example of a symmetric key algorithm?(Choose all that apply) A. Rijndael B. RSA C. Diffie-Hellman D. Knapsack E. IDEA

Answer 92

Answer: A,E Explanation: All the others except Rijndael and IDEA are examples of asymmetric key algorithms.