Give us your feedback!
Question:
Which of the following is primarily focused on identifying violations and incidents?
Response:
Detective
Corrective
Recovery
Compensating
Preventative
Work factor is defined as:
the amount of effort/time required by an attacker to overcome a protective measure
the amount of effort/time required to maintain an established security plan once it has been implemented
the amount of effort/time required by an administrator to establish a reasonable system security plan
the amount of effort/time required by an algorithm to fully encrypt or decrypt a message
Account administration, policies and standards, asset classification and reviews of audit trails are all examples of
Physical controls
Technical controls
Both technical and administrative controls
Administrative controls
Which of the following extinguishing methods is best for a computer or electrical fire?
Soda Acid
ESD Blanket
Water
CO2
Which access control includes job rotation?
Technical
Administrative
Organizational
Physical
Which OSI layer includes the LLC and MAC sub-layers?
Session
Data Link
Transport
Network
Match the following examples to their definitions
Unpatched servers
Vulnerability
A virus that relies on unpatched code or OS levels
Threat
The likelihood a threat will be realized, the frequency of natural disasters
Risk
$1M dollars per day downtime
Exposure
A proxy server
Countermeasure
Biometric authentication is most often hampered by:
User acceptance
Rings/Weight change
Cost to implement
Initial Registration
Match the following terms and definitions
Intended to discourage a potential attacker
Deterrent
Intended to avoid an incident from happening
Preventive
Fixes component or systems after an incident has occurred
Intended to bring the environment back to production levels
Identify an incidents activities
Alternate measures of control
John's computer access changed with his reassignment to a new department. This is an example of:
Mandatory access control
Role-based access control
Need-to-Know control
Owner set access control
Access List Control
Which of the following is NOT an example of biometric identification?
Hand shape/pattern
Ear shape/pattern
Voice
Retinal imagery
Which of the following is not a typical layer 1 topology?
mesh
bus
star
2 layer star
ring
Which classification of fuel type is gasoline given?
B
A
D
C
What OSI Layer includes data compression?
Datalink
Application
Presentation
Falsely rejecting an authorized user is:
FRR or Type I error
FRA or Type IV error
CER or Type III error
FAR or Type II error
