Study This Flashcards
If risks were categorized as either critical or normal, what risk assessment method is being used?
Qualitative
What risk assessment method produces number results
Quantitative
What document is intended to help deal with potential issues and conflict among partners
BPA
Business partner agreement addresses things like ownership, profits, losses and partner contributions
What does a more threat centered security program look like?
Focusing on understanding adversaries motivations and capabilities
What is characterized as an attempt to gain access to a systems resource
Exploit
What document defines the technical security requirements associated with two orgs and who are connecting their information systems /network?
Interconnection security agreement, ISA
When do we normally build a risk matrix
Qualitative risk analysis
A developer composes a document that details all the entry points through which an attacker could attempt to introduce code into the app environment, what does this document represent
Attack surface
Single loss expectancy equals (=) assets values times (x) exposure factor
The percentage of an asset that is lost due to a threat event
What is the minimum and customary practice of responsible protection of information assets is defined by which of the following terms?
Due care
Of two people are working together and we are concerned about collusion, what is performed?
Rotation of duties
What is a central characteristic of accountability
A systems ability to determine the actions and behavior a single individual within a system
What is the opposite of the CIA triad
Disclosure, alteration and destruction
Report assessing design, suitability and effectiveness for a service organization security controls over a period of time
SOC 2 type 2
What term is primarily concerned with enumerating an understanding the various ways an adversary might negatively impact the security of an application slated for development
Threat modeling
Policies standers guidelines in security awareness training fall under which of the following control categories
Directive controls
What principal Requires multiple individuals authorization in order to carry out a particularly critical function
Separation of duties
Security incident can be thought of in which of the following terms?
Confidentiality, integrity and availability
Which of the following terms describes the right to protect the expression of ideas
Copyright
When calculating the cost of risk I need to look for two factors which of the following choices one of these factors
Single loss expectancy
Your organization just discovered an incident in which PII looks to have been accessed But not ex filtrated. What should you do
Disclosure within 72 hours of the incident discovery
What document would be used to ensure that the IT department meeting is contractual obligations with the audit team
Ola
Operating level agreement which is an internal agreement that supports the SLA
And quantitative risk management single loss expectancy is used to quantify what
The amount of financial impact that would result if a breach occurred that impacted an asset
Prior to excepting a risk what has most likely occurred
Risk mitigation
There will always be a residual risk even if mitigating counter measures are leveraged. Either this occurs explicitly and formally or risk is accepted implicitly by choosing not to employ additional avoidance, transfer, or mitigation measures
Which ISO information security standard focuses on auditing
27001
Which type of technology would be best suited to help monitor and possibly even bolster the security of a SaaS Solutions being used by on premise employees
CASB
Cloud access security brokers are on premise or cloud base security policy enforcement points, place between cloud service consumers and cloud service providers to combine an interject enterprise security policies as cloud base resources are accessed
Identifying and labeling all personally identifiable information would be example of what
Data classification
What process customizes a standard for an organization, beginning with scoping, then adding compensating controls with parameters ( security configuration settings) 
Tailoring
What process determines the applicable portions of a standard that must be followed by organization
Scoping
Which of the following is considered nonvolatile memory
ROM
Read only memory is nonfilel storage where locations can be directly access in basic implementation. Data cannot be altered dynamically. Nonfiled storage retains this information even when the computer loses power, and can be used to boot the system.
Both dynamic ram static ram are volatile memory
Senior manager has grown particularly concerned about the potential for breach of PII data. Which of the following controls is most directly applicable to their concern
DLP
Data loss prevention tools and software filter data streams on networks, control and monitor and point activities, and monitor data in the cloud. DLP tools protect data and use data in motion and data at rest. Data loss prevention programs also feature reporting, which aids both and identifying anomalies and problems for forensic response and in meeting audit in routine compliance requirements
What is true about dynamic ram
DRAM Data is rewritten multiple times each second
Hint, dynamic RAM 
It is always being rewritten hence dynamic
What are small extremely fast storage locations directly accessible to the CPU?
Registers
Which organization managers request for comments RFCs
IETF
Request for comments RFC‘s are managed by the Internet engineering task force (IETF) 
Which role sets that information security priorities and supports the mission of the organization
Business owner
Which of the following choices is also referred to as flash memory
Electronically erasable programmable read only memory(EEPROM)
Which method of media sanitation is performed the other local device interface, but could still potentially loud data recovery through other advanced recovery methods
Clear
Clearing is done locally via the device interface (the operating system) .
Data are not recoverable the other device in her face but I may be recoverable the advanced recovery methods
Which ISO information security standard focuses on best practices
27002
Electronic versions courseware from your favorite security training organization plays technology that limit your ability to add your own notes to the files. The files also incorporate a unique identifier that can assist in determining the source of copyrighted information having been pirated. What type of technology are they using
DRM
Digital rights management is a sweet of technology designed to protect copyrighted digital media
All types of programmable read only memory are actually special cases of a more general sort of technology
Programmable logic device (PLD)
What I associate was formally known as ISO 17799
ISO 27002
What is the best way to remove data from right once read many (worm) media
Destruction
When comparing DRAM AND SRAM. Which of the following statements is true
Dram is slower than sram
What term describes writing data to an EEPPROM
flashing
What is the best method to secure lead astray data on a DVD – r
Destruction
What role crazy manager sensitive data
Data controller
What role is in charge of computer hardware and software design, plans, and updates
System owners
What is a set of memory addresses managed by the OS that do not correspond directly to physical memory
Virtual memory
What refers to the computer’s capability to execute instructions in parallel due to the usage multiple CPUs
Multi processing
Low level commands that a CPU knows how to execute and performs many operations per instructions
CISC
The RSA algorithm uses what kind of intractable problem as the basis of its crypto system
Factoring certain large integers into their two prime factors
Which of the following coordinates systems activities during execution of code
CPU control unit
What model deals with potential conflict of interested
Brewer nash
What is a real time alternative to using CRL
OCSP
Online certificate status protocol
What term indicates the degrees of randomness
Entropy
Security model includes the no read up (simple security property) and no write down
Bell LaPadula
What security integrity model focuses on internal consistency, external consistency, will form transactions, separation of duties
Clark Wilson
Which of the following ensures that previously captured communications are not decrypted if a session key is comprised
Perfect forward secrecy
which of the following performs the calculations or operations based on programs calls
CPU arithmetic logic unit
Terms the deceives the CPUs ability to process more than one program at a time
Multitasking
What’s a cutie model includes no re-down and no right up
Simples integrity
Biba
What is a common operating system protection that prevents one software application from affecting another software application if it crashes
Process isolation
What is the term for copying memory data to a bd from hard disk
Page fault
What is the terms when the OS Copies virtual memory from hard disk to main memory
Paging
What protocol do routers use to determine the path that should be taken by a packet
IP
When you see 1E4DB3 they’re dealing with which numbering system
Hex
What network storage technology does not allow block level access, abut allows reading/arriving entering files via a network
NAS
What wireless protocol supports 54 mbps st 5 ghz
803.11 a
What allows you to uniquely identify a complete connection among all other connections on the internet
A socket pair
Which layer of the OSI model connects to the ohsucial part of the network with the Abstract pair
Data link
Which layer of the OSI mod converts. It’s i to electric signals or light impulses for transmissions
Physical layer
Which VOIP protocol is an application layer protocol used for communication signaling
SIP
What technology separates a routers control plane from the data plane
Software defined networking
Data encapsulation and the protocol stack work on which of the following ways
Each protocol or service at each layer in the OSI models adds its own information to the data as it is passed down the protocol stack
Which of the following network devices blocks (ip) limited broadcast traffic by default
Router
What encryption method should be used to secure a wireless connection
WPA2
Which wireless technology leverages battery powered radios and it’s commonly used for building automation and control
Zigbee
What IPsec method offers integrity and authentication but not confidentiality
Ah
Authentication header
Which wireless technology could be employees when there are concerns about significant electromagnetic interference
Li-fi
What authentication mechanism exposes the password in plain text
PAP
Password authentication protocol
Which layer of the OSI model converts bitch into electrical signals or light impulses for transmission
Physical layer
Which of the following layers of the OSI model handles establishment maintenance of connections between systems
Session layer
Which protocol to Rellis used to Termine the path that should be taken by a packet
IP
Which network component should be used with there’s a concern about internal network sniffing
Switch
It is desire to have one layer to lan available on multiple switches in different countries so that each system can communicate directly using frames LA or two. What technology…
Vlan
What technology separates routers control plane from the data forwarding plane 
Software defined networking
Which of the following is hopeful that work patchable soon to that shows each of the notes on a path between the local machine and a destination
Traceroute
Which of the following is popular LAN based technology
Ethernet
Which plaintext VOIP IP protocol is frequently used to transfer audio or video data
RTP
What network storage technology does not allow black level access, but allows reading and writing entire files via network
NAS
What is the measure of the when the system will be available to begin processing recovery work before being put back into a normalized production mode
Recovery time objective
RTO
Also means when the hardware, software and infrastructure are capable to start doing any necessary recovery work required before operations are resumed properly
What is it called when the amount of data loss that is acceptable for a business function called?
RPO
recovery point objective
The dictates the amount of data that can be lost for a critical function
What is useful at protecting custom applications from common vulnerabilities (SQL injection, cross site scripting etc )
WAF
Web application firewall
What are the deployments available for WAF
Reverse proxy
Server install
Cloud hosted
What are WAF used for
Protection of an org public facing web apps
Can WAF be used to increase the security of off the shelf web app?
True
What is an IPS used for
Blocks traffic
Rather than alerting, the IPS will block suspicious traffic
Can have false pos which can be a self imposed DoS condition
Does a false positive on an IDS cause an availability issue?
No
What is the main emphasis of malware sandboxing?
Trying to render or execute files before passing the on, or personals providing a report after analysis
What prevents unknown/unlisted binaries from executing
application whitelisting
Antivirus software attempts to block what
Various forms of malware
What are some examples of malware
Virus
Worms
Trojan
Spyware
What involves simply making use of data about adversaries to improve security operations
IOC
Indicators of compromise
Is an IDS a passive system?
Yes
It sends alerts when malicious act is an occur
NIDS has three fundamental designs
Signature based
Protocol Analysis
Anomaly based
IDS Can operate in which two modes
Passive and active
Passive sends alerts but does not stop the attack
Active stops the attack usually be sending resets
Where does an IDS sit
On a network and sniffs traffic
RFCs
Request for comments
When are anomaly detection models used for
Small, well designed networks and in specific high risk cases
It alerts on anomalous behavior and is prone to false positives when behavior changes
What monitoring focuses on data leaving the org, system or interface
Engross monitoring
Monitoring oncoming traffic to an org or target system
Ingress
What does SIEm stand for
Security information and event management
What’s does a SEIM do
To deal with the volume and ease analysis of all the security related information and audit logs, a SEIM will go through all the logs and detect adversary tactics and problems.
What builds a behavior oriented profile of activity for both users and systems
UEBA
user and entity behavior analytics
What are some key monitoring tools?
IDS and SEIM
What type of logs can a SEIM Monitor
System/event logs
Web server logs
Firewall and proxy logs
And etc
What can be employed to ensure integrity of data remains
Digital signature
By default do syslogs provide integrity features that can confirm authenticity of the logs
No it does not
A third party utility like syslogw-NG does
Layer of OSI closest to the users and programs
Layer 7
Identification of communication partners
Determines security aspects of communication
Application layer
Layer 6
Provides representation of information to be processed by the application
Provides translations services such as EBCDIC and ASCII
Performs data encoding, compression and decompression
Presentation layer
Layer 5 Organizes communication Management of data exchange Maintains the session Allows half duplex and full duplex
Session layer
Layer 4 Optimizes network service usage Uniquely identifies end points Maintain communication integrity Error detection
Transportation layer
Layer 3 Provides network addressing Performs touring and flow control Establishes network connection Provides network path IPv4
Network layer
Layer 2
Formats messages to allow for transfer of physical media
Provides addressing for physical hardware
Ethernet or MAC addresses
Data link layer
Layer 1
Provides mechanical and electric activation, maintenance and deactivation oh physical connections for transmissions
Defines the ohh oak means of communication
Determines requirements for signal transmission. Over physical medium
Physical layer
What may be used to provide layer 2 authentication
802.1x
What layer of the OSI model connects the physical part of the network with the abstract
Data link
What DNS security protocol typically leverages browsers as the DNS client and provides increased confidentiality of DNS requests?
DoH
What layer of the OSI model interacts with informs and prepares it to be transmitted across the network
Transport layer
Dedicated security mode, this is not one
Systems handle multiple classification. Levels
What is two phase commit
Distributed database architecture that ensures that no transactions are finalized until all connected systems have successfully synchronize
Non violate storage that prevents existing data from being overwritten
Worm
What function Verifies the security of system, resources and test the effectiveness of the controls implemented and helps determine where more controls might be needed
Auditing
Which technique do layer to switch his employee to speed up forwarding data across ports
Cut through
On what environment are updates to the OSPF protocol handled by the co trip plane rather than a routers data plane
Software defined networking
Created a rule in the IDS to prevent attack. Anatomist wants to verify it tower and machine is protected. What tool would they use?
Metasploit
191.10.1.1-191.10.11.255
Class b
Class b ip range
128.0.0.0 though 191.255.255.255
Who should write up the lessons learned?
The on-site handler
When smart cards replace passwords as authentication, to access a system what is now a problem?
Lost tokens
The minimum and customary practice of responsible protection of information assets is defined by what
Due care
What pen test activities would be effective in validating TEMPTEST effectiveness
Radiation monitoring
The CMMI targets what specific aspect of software development
Processes
What can be used by developers to proved additional protection Against buffer overflow’s
Canaries
What causes chrome to have many processes instances when there are multiple tabs open
Sandboxing
Google uses sandboxing in it a chrome browser. Each tab is separate process, each sandboxes from each other
What is the strategy behind the BIA
Maximum allowable downtime
A NDA is used to enforce which part of a security program
Data classification
What is the downside of selecting twisted pair cabling with more twists per segment
Higher costs
What type of security testing would be most likely to be performed on a monthly basis by a security team
Vulnerability scanning
Application fuzzing is a form of what
Pen testing
How does Linux NX protect against buffer overflows attacks?
It marks pages of the stack as non executable
In a pen test, what is used to exploit services
Core impact
What is the advantage of a 200 gigabyte rainbow table over a 100 huge byte rainbow table covering the same key space
Faster password cracking
A web application is provided a redirect URL information it that the subject has been successfully authenticated. What is being used?
Openid
Openid provides claims about a user identity and authentication
What is the principal of SSO
Authentication
What does the VNC payload in an attack with Metasploit give the attacker
Remote GUI
When involved in the US legal proceedings under what condition is ESI considers non discoverable
If deleted as part of previously established business process
Which of the following is an approved replacement for Halon?
Fm 200
What is a hash
A one way mathematical function
How many bits are in an IPv6
128
Early sign of a DoS
A packet with source IP/port matching the destination IP/port
What is context based access control
When access to something in the network is unavailable or available depending on the time of day or week
What is likely to be treated as PII by both company policy and law
A document that contains names and addresses of customers
What is the first step to be accomplished in a preliminary legal investigation
Determine if a crime has occurred
How is the annualize loss expectancy calculated
Single loss expectancy times annualize rate of occurrence
A helpdesk ticket regarding slow server response is escalated for investigation. The assigned administrator determines at the activities due to the running of a legitimate business application and closes a ticket. What phase of incident response does this occur during?
Detection
Terrifying weather event report activity is infected in certain happens during the detection face
The following statement can best be described as what type of secure documentation?
All and user systems on the network must be protected at the host level against malware and unauthorized access attempts
Policy
How many bits is IPV4
32
Which protocol Heather would be shown in screen shot when it has resignation port 443
TCP
What are key TCP header fields
Source in destination ports flags and sequence number
What is a relaying party
The party that uses the login credentials when using open ID

What is the main difference between a third-party audit and an internal audit
Objectivity
Which of the following access control techniques require the use her to follow a transformation procedure to access protected data
The Clark Wilson model introduces the concept of transformation procedure that defines how changes can be made to objects in the system
Which of the following can be used for distributed denial of service attack
Sending TCP packets with the SYN flags set
Which of the following describes the purpose of LDAP
A centralized repository for user in system resources on a network
Operational security change control is a process that manages changes to which of the following
Hardware, software Netwerk
What technology would help a business that streams movies to customers worldwide ensure consistent performance
Content distribution network
Antivirus Blocked an executable and sent a notice to a security vendor information management system. What kind of control does antivirus represent
Preventative
What standard was introduced by the IEEE to address the issue of authentication
802.1x
At which critical step in the system development process should a risk assessment be performed
Project initiation
What is a mandatory component of a single sign-on system
Centralize credential storage
All the following statement can best be described as what type of security documentation
While the company strongly recommends again sending sensitive or confidential data via email the data owner may authorize this method of communication of the center uses company provided email Christian to transmit data
Guideline
Who ultimately has ownership of the business continuity plan in an enterprise
Chief executive officer
It belongs to the business
Media sanitation instruction prevent
Object reuse
How are processing task carried out in asymmetrical multiprocessing system
System processes will run on one CPU and the other CPUs will run the applications
During which phase of the fetch decode execute cycle does the CPU determine what actions the instructions to take
Decode
Which software development Methodist driven by the possible failure of the software project to achieve stated goals
Spiral
It is driven by risk
With respect to the data classification wall which of the following is a responsibility of the system on her
Assist in the identification implementation assessment Of the common security controls
Which of the following is not an advantage of a centralized access control administration
Flexibility
And organization maintains a plan for emergency response, employee communications, back up operations, and post disaster recovery that will ensure that availability of critical resources and procedures to return to full production an existing office facilities. What type of plan is being described
Business continuity plan
What is likely to be done at five through an assessment of core security processes
The root cause of security failures
A programmer received an application error message that a requested Record was being accessed by another process. The programmer is the only person with access to the test database. After Rebooting her computer, she was able to access the record. What caused the error message
Deadlock condition has been put in place
What is the meterpreter on the Metasploit framework 
A payload
Which component of an account a management process is most likely to limit an attack
Scheduling retiring of inactive accounts
What uses a NOP sled
Bidder overflow
Which of the following is used for day to day protection of business critical resources and controlling access to computer facilities
Operational controls
When making online purchases what can a user easily check to see if the Information they are going to submit will not be observed by eavesdroppers
Using websites with HTTPS
A system is built so there is redundancy, but there are no dedicated hard drives for data, back up or parity. What system Is this
RAID 5
What does NSlookup command do
See the host name and The IP address and DNS
Which software development methodology is not primary code centric
DEVOPS
Which of the following development phases would be closer to the end of the process
Installment and implementation
Which component of IPsec uses a verification function similar to signing an email with a digital signature
Authentication header
What is a benefit of using Kerberos for authentication
Password remain encrypted during transfer
Which of the following is most likely to result in shell access to a users workstation
Social engineering
Not port scanning or not war dialing
What type of security testing is being performed when a programmer compiles an application with all warnings enabled
Static Analysis
A single disk in a RAID array fails and data is lost. What kind of RAID was this
0
During an incident in what phase should the decision be made to pull an affected system off the network?
Response
What is the total number of UDP PORTS that could be open on a system
65,536
What must be included for a success exploitation
Payload
What security model requires every user of the system and every object in the system to be assigned a security label and allow access based solely on these labels
Lattice
Which security document would contain technical details about how a specific application must be configured
Baseline
Determining an individual is who they claim to be
Authentication
Which topology used two rings for fault tolerance
FDDI
What part of the file contains Info about the user and App that created the file
Metadata
Security model focuses on confidentiality of info
Bell lapadula
Security cameras are what type of control
Compensating
What term is used for programs stored on read only memory devices
Firmware
Why is computer generated documentation usually considered non reliable evidence
Too difficult to detect prior mods
What indicates a server side attack
The attack is launched against a network service that is listening on the victim host 
What does the Advanced Encryption Standard AES, use s boxes for during the encryption process
Substitution
What part of security assessment does pair programming belong to?
Technical security testing
Regarding OS protection mechanisms which is false about the ring
Wearing allows users processes to interact with a kernel as peer processes
Which statement correctly describes a relevant consideration when defending against client-side versus server-side attacks
Client side are usually harder to defend against
MTD = what
RTO+wrt
How to protect trade secrets
Auditing file access and controlling copying of intellectual property
What is covered by an SLA
Vendors agreed response time to a system outage
Writing a company’s security policy is what type of control
Administrative
Access control model is primarily which type of control
Preventative
What problem was TEMPEST designed to encounter
Data leakage through Electromagnetic radiation
Which type of access control and pops all users having a clearance
MAC
What is a business continuity plan
And overarching plan includes A collection of other plans
What type of packages tracert Receive a reply that used to determine the route
Time exceed
Which plan provides procedures for minimal loss of life
Occupant emergency plan
What is the least important item to be capture an audit logs
System performance output data
And organization hired a third-party to contact monthly vulnerability assessment. In which phase of business continuity plan does this belong
Current state assessment
Which process will reveal a buffer overflow vulnerability in an application
Fuzzing
Which extensible authentication protocol method authenticate a client at the server but is not manually authenticate the server to the client
EAP-MD5
What is the goal of technical security testing
To remediate vulnerabilities
What part of the waterfall model ensures that a product meets the specifications
Verification
What are used to care for CrossSite scripting attack to be successful
The victims computer must execute a Malicious script
Increasing availability of a service components of the cheap by implementing which of the following
Fault tolerance
DNS is what
Protocol for translating IP address is to names and Back again 
What is a typical length of an extended unique identifier
64
What is a fundamental principle of the waterfall model
Each development phase must be completed before the next begins
Due to differing privacy laws between countries a company uses a separate never to handle and stores data in each country it operates in. What is this an example of an terms of risk handling methods
Mitigation
Security analyst sends a scan packet to a live host wire open ports on the same network segment but the packets receives no response. Which protocol is the analyst using
UDP
Which of the following is not a high-level single sign-on access method
Public kiosks
In the process of employee termination which access management Activity most effectively controls access
Account revocation
And what pieces does a router for network traffic
IP address
Which model has an explicit practice of sending unexpected input into applications for the development cycle
Microsoft threat modeling
Oh what will trigger false positives on network that uses anomaly detection
Behavior changes
What is recommended cable that will allow for 100 MBPSD data rate
Category 5
What statement about biometrics is not true
Users can be authenticated by what they know
What risk Estimation approach uses establish practices and calculations
Quantitative risk analysis
Which of the following is an example of context dependent access control
File system quota
How does water suppress fire
Reduces temperature
What passengers your accountability for your actions taken within a system or domain
User Identification and authentication
What must be configured for an incident responded to review successful and field login attempts
Accounting
Accounting is a system ability to determine the actions of a single individual
What data classification role responsible retaining records as per approve policy
Data custodian
What needs to be done for FW2 to be able to take the pivot from you use a workstation to server SRv2
SW2 Must be on later to only and have the server in a different VLAN
What type of testing used tools to LA source code vulnerabilities
Static Analysis
What is a characteristic of a MAC address on a network interface card
Remains the same regardless of the location
What IPSEC of protocols provides integrity but Not encryption
AH
And attackers preach to companies perimeter and penetrated her system. She’s attempting to maintain her access using tools that are already installed on the system. She creates a job that opens a port on the system every night at midnight. Which of the following is most likely to detect the creation of attackers back door
Baseline monitoring
If an attacker wanted to run their own program in the colonel what attack with the use
Privileged escalation
What collision avoidance of those Internet use
CSMA/CD
Which type of fallen this off to discover through dynamic analysis
Authentication bypass
How can triple your help in the Recovery process
Determine which files in the system were compromised
Which of the following is a set of low level commands a CPU knows how to execute
CISC
Which of the following address is it gonna be claimed, proper authentication, and authorization with users across different organizations
SAML
What web vulnerability exploit say system at the database layer allowing attacker to create read modifier delete sensitive data
SQL injection
What date it would be most useful in a situation where someone’s credentials may have been compromised
Successful logins
What is not a Common OS mechanism
Paging
Current OS protection mechanisms include layering, extraction, process isolation and hardware segmentation
A DBMS should possess a number of characteristics to be considered secure. One characteristic that it should always maintain a stable state even after hardware/software failure. What is this
Fault tolerant
A network bridge learns which systems reside on a network segment by building a table that consist of which of the following
MAC addresses
What should security procedures be based off of
Organizational policies
In the context of Clark Wilson model of data integrity, maintaining external consistency and chairs which of the following
The system state is consistent with the data outside the system
Where are hash passwords stored on A Linux system
/etc/shadow
Which task within the excess provision Lifecycle should take place one employee Changes apartments
Maintenance
What would most effectively be used to block a malicious ACK packet sent to pour it doesn’t matter initials SYN packet
Stateful firewall
What technique used by malicious it’s too overly one frame on top of another, thereby tricking the user to perform an action they did not intend
Click jacking
What do the UDP and TCP protocol Have in common
Operates at the transport layer
What encryption algorithm is not using single key Encryption
Diffie Hellman
What intra Company document helps an organization meets service commitments to customers
OLA
Frame-relay is simplified version of which of the following
X.25
What are sprinkler systems and allow large volumes of water to be released in a short period of time
Deluge
The concept of subject/program binding aside to which of the following security models
Clark Wilson
What is a common problem about my truck access controls
False acceptance rate
What is the key difference between an internal audit in an external audit
Testing team members
What rate level uses byte level parity
3
 After forensic investigator Caesars a computer drive time investigation what is the next step
Make a bit level image copy of the desks
After reviewing your file service catalog a system admin notice is there a know if it’s locked for any type of file access. What type of issue is this
Accountability
What type of control can automatically initiate creative control
Detective
What is the primary disadvantage of a VPN
Unpredictable performance
What is not a characteristic of a distributed system
Rigid
Why would a company provide employees from using client to cite VPNs
Three use reduces effectiveness of subnetwork monitoring devices
What is the purpose of a network protocol like radius and tacacs
Authenticate users on behalf of other services
What approach insures new users initially have no access to sensitive application information
Secure by default
What is the most crucial piece of developing access recovery plan
Management support
Which maturity level of the CMMI model is this offer process characterizes as ad hoc
Initial
What software testing method can be used against compile code with no access to source
Fuzzing
What is caused by applications that request in later and properly release resources
Memory leak
Company has restricted options in the user interface for us users, preventing them from opening command line interface. What type of control this
Preventative
Which entity provides formal authorization on a system access decisions
Data owner
Which metric should be considered in the purchase of preventative control
tco
The spiral model of project management is primarily driven by what factor
Risk
What has can an untrusted Java apple perform on a client machine when run from the browser
Make network connection to the original host
When talking about data classification rolls a custodian is concerned with all the following except what
Determine the datas value to the organization in the threshold be on which absolutely does purged
Which protocols describe his best effort protocol
UDP
A system admin find the unknown user account they have been created several months prior to discovery. What process should be improved and evil more timely medication of the future
Log monitoring
Which component of the operating system includes an interrupt handler that handles all request that are competing for system service
The kernel
Battling weather patterns requires a computer design to execute a small set of instructions for efficiently. What type of computer is best for this
RISC
Reduce instructions set computer
What is assumed with a trusted computing base (TCB)
System components are securely designed and configured
What is a phishing attack and I was it, they carried out
Danity theft scheme that takes place to email in a bogus website
What software is both gratis and libre 
Freeware
What is a symmetric key algorithm
Blowfish
What can be attacked with a rainbow table
Hash
What access control measures a directive
Background check
When planning for physical security threats how can I smoke detector help
 spell detetric and sense smoke by interference of light or ionization
What common network Troubleshooting told makes use of Internet control message protocol packets with particular time to live values
Traceroute
With regards to access controls what differentiates a passphrase from a password
Passphrase is typically longer and more difficult to get guess 
What tool would best be used to record and send to use his password of an Internet
Keylogger
What is considered a potential Vulnerability specifically for hardware based thin clients
Lack of timely patching
How can organization share a single document repository were each company retains control over his authentication credentials
FIM
What functionality do open ID and Saml provide
Open ID performance authentication, while SAML encodes authentication related information
Worms have the ability to Joe directly to which type of the attack process by tutoring payloads to high numbers of IP addresses
Exploit vulnerable services
Under open ID which of the following are sites that can use identity information from sites that are sources of identity information
Relaying parties
