A(n) ________________ is a one-way mathematical function that maps variable values into smaller values of a fixed length.
A. Symmetric key
B. Algorithm
C. Back door
D. Hash function
E. Integrity
One individual is selected from each department, to attend a security-awareness course. Each person returns to his department, delivering the course to the remainder of the department. After training is complete, each person acts as a peer coach. Which type of training is this?
A. On-line training
B. Formal classroom training
C. Train-the-mentor training
D. Alternating-facilitator training
E. Self-paced training
Why should the number of services on a server be limited to required services?
A. Every open service represents a potential vulnerability.
B. Closed systems require special connectivity services.
C. Running extra services makes machines more efficient.
D. All services are inherently stable and secure.
E. Additional services make machines more secure.
_______ intrusion detection involves comparing traffic to known characteristics of malicious traffic, known as attack signatures.
A. Pattern matching
B. Statistical anomaly
C. Behavioral analysis
D. Host
E. Network
Which of the following are common failures that should be addressed in an organization's Business Continuity Plan (BCP) ? (Choose THREE.)
A. Connectivity failures
B. Accounting failures
C. Hardware failures
D. Utility failures
E. Personal failures
Which of the following is the BEST method for managing users in an enterprise?
A. Enter user data in a spreadsheet.
B. Implement centralized access control.
C. Deploy Kerberos.
D. Place them in a centralized Lightweight Directory Access Protocol.
E. Use a Domain Name System.
A security administrator implements Secure Configuration Verification (SCV), because SCV: (Choose THREE.)
A. Does not enable the administrator to monitor the configuration of remote computers.
B. Can block connectivity for machines that do not comply with the organization's security policy.
C. Enables the administrator to monitor the configuration of remote computers.
D. Prevents attackers from penetrating headquarters' Security Gateway.
E. Confirms that a remote configuration complies with the organization's security policy.
Which of the following equations results in the Single Loss Expectancy for an asset?
A. Asset Value x % Of Loss From Realized Exposure
B. Asset Value x % Of Loss From Realized Threat
C. Annualized Rate of Occurrence / Annualized Loss Expectancy
D. Asset Value x % Of Loss From Realized Vulnerability
E. Annualized Rate of Occurrence x Annualized Loss Expectancy
Which encryption algorithm has the highest bit strength?
A. AES
B. Blowfish
C. DES
D. CAST
E. Triple DES
Which of the following are appropriate uses of asymmetric encryption? (Choose THREE.)
A. Authentication
B. Secure key-exchange mechanisms
C. Public Web site access
D. Data-integrity checking
E. Sneaker net
