Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
27 Cards in this Set
- Front
- Back
|
All digital data is represented by 1 and 0 |
True |
|
|
You're the chief security contract for a company. Primary task is to document everything related to security and create a manual that can be used to manage the company in your absence. Which documents should be referenced in our manual as the ones that identify the methods used to accomplish a given task? |
Guidelines |
|
|
Which of the following strategies involves identifying a risk and making the decision to discontinue engaging in the action |
risk avoidance |
|
|
Which of the following policies are designed to reduce the risk of fraud and prevent other losses in an organization. |
separation of duties |
|
|
risk acceptance involves understanding something about the enemy and letting them know the harm that can come their way if they cause harm to you |
False - this is risk deterrence |
|
|
Least privilege grants users access to only the permissions they need to do their job |
True |
|
|
False negatives are events that aren't really incidents. |
False |
|
|
Which of the following policies describes how the employees in an organization can use company systems and resources, both software and hardware? |
Acceptable use |
|
|
risk calculations weight a potential vulnerability against the likelihood or probability of it occurring |
False |
|
|
one of the tools that can be used to assess risk is a tabletop exercise |
True |
|
|
Business impact analysis is the process of evaluating all of the critical systems in an organization to define impact and recovery plans |
True |
|
|
identification is finding out who someone is while authentication is the mechanism to verify that authentication. |
True |
|
|
A system that uses smart cards and passwords is referred to as two-factor authentication |
True |
|
|
an access control approach that uses security labels is known as a discretionary access control |
False |
|
|
what is the term that is used whenever two or more parties authenticate each other? |
mutual authentication |
|
|
your office admin is bring trained to perform server backups. Which authentication method would be ideal for this situation? |
RBAC - role based |
|
|
upper management has suddenly become concerned about security. As the senior network admin, you are asked to suggest changes that should be implemented. Which of the access methods should you recommend if the technique to be used is one that is primarily based on pre-established access and can't be changed by users? |
MAC - mandatory access control |
|
|
Which technology allows a connection to be made between two networks using a secure protocol? |
Tunneling |
|
|
Your company provides medical data to doctors from a worldwide database. Because of the sensitive nature of the data, it's imperative that authentication be established on each session and be valid only for that session. Which of the following authentication methods provides credentials that are valid only during a single session? |
Tokens |
|
|
To keep users from changing their password to the same value as the old one, or to one they used the last time around, you should enable |
password history |
|
|
What is invoked when a person claims that they are the user but cannot be authenticated |
identity proofing |
|
|
confidentiality |
a set of rules that limits access to information |
|
|
Integrity |
the assurance that the information is trustworthy and accurate |
|
|
availability |
guarantee of reliable access to the information by authorized people. |
|
|
what is defense in depth? |
use of multiple security countermeasures to protect integrity of information. |
|
|
based on what military principle? |
That it is much more difficult to defeat a complex defense system that has many layers than to penetrate a single barrier. |
|
|
components of defense in depth? |
antivirus, firewalls, anti-spyware programs, biometric verification, also physical protection such as armed guards, doors, safes. |
