A __________ posture provides many levels of security possibilities, for access control.
A. Layered defensive
C. Flat defensive
D. Reactive defensive
E. Proactive offensive
A(n) ___________ is the first step for determining which technical information assets should be protected.
A. Network diagram
B. Business Impact Analysis
C. Office floor plan
E. Intrusion detection system
Which of the following statements about the maintenance and review of information security policies is NOT true?
A. The review and maintenance of security policies should be tied to the performance evaluations ofaccountable individuals.
B. Review requirements should be included in the security policies themselves.
C. When business requirements change, security policies should be reviewed to confirm that policies reflect the new business requirements.
D. Functional users and information custodians are ultimately responsible for the accuracy and relevance of information security policies.
E. In the absence of changes to business requirements and processes, information-security policy reviews should be annual.
_________ is a type of cryptography, where letters of an original message are systematically rearranged into another sequence.
A. Symmetric-key exchange
C. Transposition cipher
D. Asymmetric-key encryption
E. Simple substitution cipher
A(n) __________ is an abstract machine, which mediates all access subjects have to objects.
B. Reference monitor
C. State machine
__________ is the state of being correct, or the degree of certainty a person or process can have, that the data in an information asset is correct.
Enterprise employees working remotely require access to data at an organization’s headquarters. Which of the following is the BEST method to transfer this data?
A. Standard e-mail
B. Faxed information
C. Dial-in access behind the enterprise firewall
D. Virtual private network
E. CD-ROMs shipped with updated versions of the data
INFOSEC professionals are concerned about providing due care and due diligence. With whom should they consult, when protecting information assets?
A. Law enforcement in their region
B. Senior management, particularly business-unit owners
C. IETF enforcement officials
D. Other INFOSEC professionals
E. Their organizations’ legal experts
The items listed below are examples of ___________ controls.
*Procedures and policies *Employee security-awareness training *Employee background checks *Increasing management security awareness
A(n) ___________ is an unintended communication path that can be used to violate a system security policy.
A. Covert channel
B. Integrity axiom
C. Simple rule violation
D. Inferred fact
E. Aggregated data set
Download Latest Checkpoint 156-110 Real Free Tests , help you to pass exam 100%.