Question 1.
Which of the following is NOT a restriction, for partners accessing internal corporate resources through an extranet?

A. Preventing modification of restricted information
B. Using restricted programs, to access databases and other information resources
C. Allowing access from any location
D. Preventing access to any network resource, other than those explicitly permitted
E. Viewing inventory levels for partner products only

Answer: C

Question 2.
Which type of Business Continuity Plan (BCP) test involves practicing aspects of the BCP, without actually interrupting operations or bringing an alternate site on-line?

A. Structured walkthrough
B. Checklist
C. Simulation
D. Full interruption
E. Parallel

Answer: C

Question 3.
Which of the following equations results in the Single Loss Expectancy for an asset?

A. Asset Value x %Of Loss From Realized Exposure
B. Asset Value x % Of Loss From Realized Threat
C. Annualized Rate of Occurrence / Annualized Loss Expectancy
D. Asset Value x %Of Loss From Realized Vulnerability
E. Annualized Rate of Occurrence x Annualized Loss Expectancy

Answer: B

Question 4.
Which of the following is an integrity requirement for Remote Offices/Branch Offices (ROBOs)?

A. Private data must remain internal to an organization.
B. Data must be consistent between ROBO sites and headquarters.
C. Users must be educated about appropriate security policies.
D. Improvised solutions must provide the level of protection required.
E. Data must remain available to all remote offices.

Answer: B

Question 5.
Operating-system fingerprinting uses all of the following, EXCEPT ______, to identify a target operating system.

A. Sequence Verifier
B. Initial sequence number
C. Address spoofing
D. Time to Live
E. IP ID field

Answer: C

Question 6.
Internal intrusions are loosely divided into which categories? (Choose TWO.)

A. Attempts by insiders to perform appropriate acts, on information assets to which they have 
    been given rights or permissions.
B. Attempts by insiders to access resources, without proper access rights
C. Attempts by insiders to access external resources, without proper access rights.
D. Attempts by insiders to perform inappropriate acts, on external information assets to which 
    They have been given rights or permissions.
E. Attempts by insiders to perform inappropriate acts, on information assets to which they have 
    been given rights or permissions.

Answer: B, E

Question 7.
_________ occurs when an individual or process acquires a higher level of privilege. Or access, than originally intended.

A. Security Triad
B. Privilege aggregation
C. Need-to-know
D. Privilege escalation
E. Least privilege

Answer: D

Question 8.
Which encryption algorithm has the highest bit strength?

A. AES
B. Blowfish
C. DES
D. CAST
E. Triple DES

Answer: A

Question 9.
How is bogus information disseminated?

A. Adversaries sort through trash to find information.
B. Adversaries use anomalous traffic patterns as indicators of unusual activity. They will employ 
    other methods, such as social engineering, to discover the cause of the noise.
C. Adversaries use movement patterns as indicators of activity.
D. Adversaries take advantage of a person's trust and goodwill.
E. Seemingly, unimportant pieces of data may yield enough information to an adversary, for him 
    to disseminate incorrect information and sound authoritative,

Answer: E

Question 10.
Which type of Business Continuity Plan (BCP) test involves shutting down z on-line, and moving all operations to the alternate site?

A. Parallel
B. Full interruption
C. Checklist
D. Structured walkthrough
E. Simulation

Answer: B

	Web www.certsbraindumps.com