NEW QUESTION 1

Part of your change management plan details what should happen in the change control system for your project. Theresa, a junior project manager, asks what the configuration management activities are for scope changes. You tell her that all of the following are valid configuration management activities except for which one?

• A. Configuration Status Accounting
• B. Configuration Item Costing
• C. Configuration Identification
• D. Configuration Verification and Auditing

Answer: B

NEW QUESTION 2

Shoulder surfing is a type of in-person attack in which the attacker gathers information about the premises of an organization. This attack is often performed by looking surreptitiously at the keyboard of an employee's computer while he is typing in his password at any access point such as a terminal/Web site. Which of the following is violated in a shoulder surfing attack?

• A. Availability
• B. Integrity
• C. Confidentiality
• D. Authenticity

Answer: C

NEW QUESTION 3

Every network device contains a unique built in Media Access Control (MAC) address, which is used to identify the authentic device to limit the network access. Which of the following addresses is a valid MAC address?

• A. F936.28A1.5BCD.DEFA
• B. A3-07-B9-E3-BC-F9
• C. 1011-0011-1010-1110-1100-0001
• D. 132.298.1.23

Answer: B

NEW QUESTION 4

Cryptography is the science of?

• A. Encrypting and decrypting plain text messages.
• B. Decrypting encrypted text messages.
• C. Encrypting plain text messages.
• D. Hacking secure information.

Answer: A

NEW QUESTION 5

John is a merchant. He has set up a LAN in his office. Some important files are deleted as a result of virus attack. John wants to ensure that it does not happen again. What will he use to protect his data from virus?

• A. Antivirus
• B. Backup
• C. Symmetric encryption
• D. Firewall

Answer: A

NEW QUESTION 6

Your company is covered under a liability insurance policy, which provides various liability coverage for information security risks, including any physical damage of assets, hacking attacks, etc. Which of the following risk management techniques is your company using?

• A. Risk acceptance
• B. Risk transfer
• C. Risk avoidance
• D. Risk mitigation

Answer: B

NEW QUESTION 7

You work as a professional Computer Hacking Forensic Investigator for DataEnet Inc. You want to investigate e-mail information of an employee of the company. The suspected employee is using an online e-mail system such as Hotmail or Yahoo. Which of the following folders on the local computer will you review to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.

• A. Cookies folder
• B. Temporary Internet Folder
• C. Download folder
• D. History folder

Answer: ABD

NEW QUESTION 8

Which two security components should you implement on the sales personnel portable computers to increase security?
(Click the Exhibit button on the toolbar to see the case study.) Each correct answer represents a complete solution. Choose two.

• A. Remote access policy
• B. L2TP over IPSec
• C. PPTP
• D. Remote Authentication Dial-In User Service (RADIUS)
• E. Encrypting File System (EFS)

Answer: BE

NEW QUESTION 9

Which of the following are the levels of public or commercial data classification system? Each correct answer represents a complete solution. Choose all that apply.

• A. Sensitive
• B. Unclassified
• C. Confidential
• D. Public
• E. Secret
• F. Private

Answer: ACDF

NEW QUESTION 10

Which of the following statements are true about routers?
Each correct answer represents a complete solution. Choose all that apply.

• A. Routers do not limit physical broadcast traffic.
• B. Routers act as protocol translators and bind dissimilar networks.
• C. Routers organize addresses into classes, which are used to determine how to move packets from one network to another.
• D. Routers are responsible for making decisions about which of several paths network (or Internet) traffic will follow.

Answer: BCD

NEW QUESTION 11

Which of the following is used to authenticate asymmetric keys?

• A. Digital signature
• B. MAC Address
• C. Password
• D. Demilitarized zone (DMZ)

Answer: A

NEW QUESTION 12

The Information assurance pillars provide the surety of data availability to the users of an Information system. Which of the following network infrastructure techniques accomplishes the objective of an efficient data availability management on a network?
Each correct answer represents a complete solution. Choose all that apply.

• A. SAN
• B. EFS
• C. NAS
• D. RAID

Answer: ACD

NEW QUESTION 13

Which term best describes an e-mail that contains incorrect and misleading information or warnings about viruses?

• A. Blowfish
• B. Spam
• C. Virus
• D. Trojan horse
• E. Hoax
• F. Rlogin

Answer: E

NEW QUESTION 14

Which of the following is the most secure place to host a server that will be accessed publicly through the Internet?

• A. A DNS Zone
• B. An Intranet
• C. A demilitarized zone (DMZ)
• D. A stub zone

Answer: C

NEW QUESTION 15

Your company is going to add wireless connectivity to the existing LAN. You have concerns about the security of the wireless access and wish to implement encryption. Which of the following would be the best choice for you to use?

• A. WAP
• B. WEP
• C. DES
• D. PKI

Answer: B

NEW QUESTION 16
......