cyber security 15
The security administrator for Corp.com wants to provide wireless access for employees as well as guests.
Multiple wireless access points and separate networks for internal users and guests are required.
Which of the following should separate each network? (Choose all that apply.)
Channels
uber
SSIDS
Security protocols
Which of the following is
true concerning vulnerability scanning? (Choose all that apply.)
Some scanning attempts are intrusive while some are non-intrusive.
Some scanning attempts may be credentialed while some may be non-credentialed.
False positive is possible!
How is credentialed scanning better than non-credentialed scanning?
(Choose all that apply.)
Safer scanning
More accurate results
Customized auditing
Help from a Recovery Agent is necessary when what?
The private key is lost by a user.
What is the difference
between a key escrow and a recovery agent? (Choose all that apply.)
The former is primarily for third party access to data
The latter is primarily for helping internal users
What is is a document that states in
writing how a company plans to protect its physical and information technology
(IT) assets called?
security policy
According to the E-mail Policy Template, mass mailings for what? or malware warnings shall not be sent without company approval.
virus
According to the Encryption Policy template, symmetric cryptosystem keys must be at least
how many bits in length?
56
According to the Information Sensitivity Policy Template, access to information classified as Most Sensitive requires the signing of a what pact?
(non-disclosure) pact
According to the Password Protection Policy Template, all system passwords should be changed?
quarterly
For adult learners, which approach is often preferred?
Andragogical
Which policy defines the actions users may perform while accessing systems and networking equipment?
Acceptable use policy
Which of the following is
NOT a time employee training should be conducted?
After monthly patch updates.
Agnella was asked to create a report that listed the reasons why a contractor should be provided penetration testing
authorization. Which of the follow would she NOT list in her report?
Access to resources
Which statement does NOT describe a characteristic of a policy?
Policies identify what tools and procedures are needed.
Which statement is NOT something that a security policy must do?
Balance protection with productivity.
Which of these is NOT a response to risk?
resistance
Which of the following risk control types would use video surveillance systems and barricades to limit access to secure sites?
technical
While traveling abroad, Giuseppe needs to use public Internet café computers to access the secure network. Which of the following non-persistence tools should he use?
Live boot media
Simona needs to research a control that attempts to discourage security
violations before they occur.
Which control will she research?
Deterrent control
Which of the following is
NOT a security risk of social media sites for users?
Social media sites use popup ads.
What describes the ability of an enterprise data center to revert to its former size after expanding?
Elasticity
Tomassa is asked to determine the expected monetary loss every time a risk occurs. Which formula will she use?
SLE
Which statement does NOT describe a characteristic of a policy?
Policies communicate a unanimous agreement of judgment.
Which of the following is the average amount of time that it will take a device to recover from a failure that is not a terminal failure?
MTTR
Bria is reviewing the
company's updated personal email policy. Which of the following will she NOT find in it?
Employees should not give out their company email address unless requested.
What is a collection of suggestions that should be implemented?
Guideline
Which of the following approaches to risk calculation typically assigns a numeric value (1-10) or label (High, Medium, or Low)
represents a risk?
Qualitative risk calculation
Bob needs to create an agreement between his company and a third-party organization that demonstrates a
"convergence of will"
between the parties so that they can work together.
Which type of agreement will Bob use?
MOU
Which of the following covers the procedures of managing object authorizations?
Privilege management
Which of the following threats would be classified as the actions of a hactivist?
External threat