IS3340 CHAPTER 15 Flashcards
1
Q
- Anti-malware software applies mainly to workstation computers.
TRUE OR FALSE
A
FALSE
2
Q
- WHAT IS RTO?
- Real time objective
- Recovery time objective
- Recovery turn over
- Real turn over
A
Recovery time objective
3
Q
- Test your backup only when you suspect media corruption.
TRUE OR FALSE
A
FALSE
4
Q
- Even if you use the same password for a long time, it will remain secure.
TRUE OR FALSE
A
FALSE
5
Q
- Which of the following is an encryption recovery key that you should physically store in a separate safe location?
- DES
- AES
- SSTP
- EFS
A
EFS
6
Q
- Which protocol is the newest VPN protocol from Microsoft?
- SSTP
- L2TP
- PPP
- TLS
A
SSTP
7
Q
- The Plan, Do, Check, Act (PDCA) process is also called a ___ cycle.
A
Deming
8
Q
- Which printer actions should you audit?
- Remote access
- Print non-text files
- Change printer destination
- All the above
A
Remote access
Print non-text files
Change printer destination
All the above
9
Q
- Which of the following tools will compare computer settings to your standards? (Select two)
- GPMC
- SCA
- MBSA
- PDCA
A
SCA
MBSA
10
Q
- Change your ____ Directory Service Restore Mode (DSRM) password periodically, at least every six months.
A
Active Directory
11
Q
- What program should you run on Windows Server 2008 R2 immediately after installing the operating system?
- Group Policy Object (GPO)
- Anti-malware Shiel
- Security Configuration Wizard (SCW)
- Network Access Control (NAC)
A
Security Configuration Wizard (SCW)
12
Q
- What is the first step to take when hardening applications?
- Remove or disable unneeded services
- Define unique user accounts
- Harden the operating system
- Ensure every computer has up-to-date anti-malware and data
A
Harden the operating system
13
Q
- To isolate Web server computers from your internal network, place them in a segregated network called a ___.
A
Demilitarized Zone (DMZ)
14
Q
- Which of the following is the best choice for secure wireless communications?
- WPA
- WEP
- SSID
- TLS
A
WPA
15
Q
- Which of the following is NOT a core concept of Secure Development Lifecycle (SDL)?
- Education
- Availability
- Continuous improvement
- Accountability
A
Availability