Podcast
Questions and Answers
What is the Single Loss Expectancy (SLE) if the Annualized Loss Occurrence is $120,000 and the Anticipated Rate of Occurrence (ARO) is once every 10 years?
What is the Single Loss Expectancy (SLE) if the Annualized Loss Occurrence is $120,000 and the Anticipated Rate of Occurrence (ARO) is once every 10 years?
- $12,000
- $10,000
- $24,000
- $1,200 (correct)
Which of the following is NOT a type of risk strategy mentioned in the text?
Which of the following is NOT a type of risk strategy mentioned in the text?
- Devolution
- Transformation
- Conveyance
- Avoidance (correct)
When assigning permissions to users, which principle should you follow?
When assigning permissions to users, which principle should you follow?
- Manifest destiny
- Eminent domain
- Most privilege (correct)
- Risk deterrence
If a system is designed to fool attackers into thinking it is unsecured, what is it called?
If a system is designed to fool attackers into thinking it is unsecured, what is it called?
What is the purpose of Separation of Duties policies?
What is the purpose of Separation of Duties policies?
If a fire that might damage an asset occurs once every 20 years and the asset's value would be $10,000 in parts if damaged, what would be the Annualized Loss Expectancy (ALE) for this asset?
If a fire that might damage an asset occurs once every 20 years and the asset's value would be $10,000 in parts if damaged, what would be the Annualized Loss Expectancy (ALE) for this asset?
Which layer of the TCP/IP model does the Telnet protocol operate on?
Which layer of the TCP/IP model does the Telnet protocol operate on?
If you wanted to connect two networks securely over the Internet, what type of technology could you use?
If you wanted to connect two networks securely over the Internet, what type of technology could you use?
Which access control model uses predefined access privileges assigned by the administrator?
Which access control model uses predefined access privileges assigned by the administrator?
What authentication method uses a Key Distribution Center (KDC)?
What authentication method uses a Key Distribution Center (KDC)?
Which of the following is an access control method model that grants rights based on job function or position held?
Which of the following is an access control method model that grants rights based on job function or position held?
What method is used for a 'victim' to learn attack methods without compromising a live system?
What method is used for a 'victim' to learn attack methods without compromising a live system?
To run 'sniffer' software properly, what mode must the NIC in the computer running the software be set to?
To run 'sniffer' software properly, what mode must the NIC in the computer running the software be set to?
What is used to monitor a network for suspect activity?
What is used to monitor a network for suspect activity?
What is a message from the analyzer indicating that an event of interest has occurred?
What is a message from the analyzer indicating that an event of interest has occurred?
What is the remote access protocol, almost exclusively implemented by Cisco, that involves a central server providing remote access usernames for dial-up users?
What is the remote access protocol, almost exclusively implemented by Cisco, that involves a central server providing remote access usernames for dial-up users?
Which of the following is a passive method of threat response?
Which of the following is a passive method of threat response?
Which Evaluation Assurance Level (EAL) indicates that the user seeks assurance for correct system operation but does not consider security threats as serious?
Which Evaluation Assurance Level (EAL) indicates that the user seeks assurance for correct system operation but does not consider security threats as serious?
Which port should be closed on systems to prevent unauthorized running of programs?
Which port should be closed on systems to prevent unauthorized running of programs?
Which IEEE standard is followed by Wireless Ethernet?
Which IEEE standard is followed by Wireless Ethernet?
What security layer is used for wireless 802.11 connections with WAP?
What security layer is used for wireless 802.11 connections with WAP?
In what kind of attack does a rogue wireless access point pretend to be a legitimate wireless service provider to intercept user-transmitted information?
In what kind of attack does a rogue wireless access point pretend to be a legitimate wireless service provider to intercept user-transmitted information?
Which hypervisor model requires the operating system to be up and running before it can boot?
Which hypervisor model requires the operating system to be up and running before it can boot?
What type of security attack is a result of the trusting nature of human beings?
What type of security attack is a result of the trusting nature of human beings?
In computer room humidity management, what is the ideal percentage that should be maintained?
In computer room humidity management, what is the ideal percentage that should be maintained?
What is used to provide EMI & RFI shielding for an entire room of computer or electronic equipment?
What is used to provide EMI & RFI shielding for an entire room of computer or electronic equipment?
Which type of fire extinguisher is best suited for extinguishing a computer fire?
Which type of fire extinguisher is best suited for extinguishing a computer fire?
Locking the door(s) to the server room involves what kind of security?
Locking the door(s) to the server room involves what kind of security?
Which of the following is NOT a goal of information security?
Which of the following is NOT a goal of information security?
Flashcards are hidden until you start studying
