156-110 Online Practice Questions and Answers

A(n) ________________ is a one-way mathematical function that maps variable values into smaller values of a fixed length.

A. Symmetric key

B. Algorithm

C. Back door

D. Hash function

E. Integrity

What is mandatory sign-on? An authentication method that:

A. uses smart cards, hardware tokens, and biometrics to authenticate users; also known as three-factor authentication

B. requires the use of one-time passwords, so users authenticate only once, with a given set of credentials

C. requires users to re-authenticate at each server and access control

D. stores user credentials locally, so that users need only authenticate the first time a local machine is used

E. allows users to authenticate once, and then uses tokens or other credentials to manage subsequent authentication attempts

Which of the following is a cost-effective solution for securely transmitting data between remote offices?

A. Standard e-mail

B. Fax machine

C. Virtual private network

D. Bonded courier

E. Telephone

_______ can mimic the symptoms of a denial-of-service attack, and the resulting loss in productivity can be no less devastating to an organization.

A. ICMP traffic

B. Peak traffic

C. Fragmented packets

D. Insufficient bandwidth

E. Burst traffic

A _______ attack uses multiple systems to launch a coordinated attack.

A. Distributed denial-of-service

B. Teardrop

C. Birthday

D. FTP Bounce

E. Salami

Which TWO of the following items should be accomplished, when interviewing candidates for a position within an organization?

A. Hire an investigation agency to run background checks.

B. Verify all dates of previous employment.

C. Question candidates, using polygraphs.

D. Contact personal and professional references.

E. Run criminal-background checks.

A(n) _______ occurs when intrusion-detection measures fail to recognize suspicious traffic or activity.

A. False positive

B. False negative

C. CIFS pop-up

D. Threshold

E. Alarm

____________________ is the state of being correct, or the degree of certainty a person or process can have, that the data in an information asset is correct.

A. Confidentiality

B. Integrity

C. Authenticity

D. Privacy

E. Availability

Which of the following is NOT a concern for enterprise physical security?

A. Network Intrusion Detection Systems

B. Social engineering

C. Dumpster diving

D. Property theft

E. Unauthorized access to a facility

Which type of Business Continuity Plan (BCP) test involves shutting down a primary site, bringing an alternate site on-line, and moving all operations to the alternate site?

A. Parallel

B. Full interruption

C. Checklist

D. Structured walkthrough

E. Simulation