_________ involves gathering pieces of information and drawing a conclusion, whose sensitivity exceeds any of the Individual pieces of Information.
B. Social engineering
C. Movement analysis
D. Communication-pattern analysis
What is mandatory sign-on? An authentication method that:
A. uses smart cards, hardware tokens, and biometrics to authenticate users; also known as three-factor authentication
B. requires the use of one-time passwords, so users authenticate only once, with a given set of credentials
C. requires users to re-authenticate at each server and access control
D. stores user credentials locally, so that users need only authenticate the first time a local machine is used
E. allows users to authenticate once, and then uses tokens or other credentials to manage subsequent authentication attempts
Virtual corporations typically use a(n) ___________ for maintaining centralized information assets.
A. Off-line repository
B. Floppy disk
C. Data warehouse
D. CD-ROM burner
ABC Corporation’s network is configured such that a user must log in individually at each server and access control. Which type of authentication is in use?
A. Role-based access control
B. Three-factor authentication
C. Single sign-on
D. Hybrid access control
E. Mandatory sign-on
ABC Corporation’s network requires users to authenticate to cross the border firewall, and before entering restricted segments. Servers containing sensitive information require separate authentication. This is an example of which type of access-control method?
A. Single sign-on
B. Decentralized access control
C. Hybrid access control
D. Layered access control
E. Mandatory access control
Which of the following is NOT a Business Continuity Plan (BCP) recovery strategy?
A. Delegating risk to another entity, such as an insurer
B. Manual procedures; alternative solution to technology available
C. Deferring action; action waiting until a later date
D. Reciprocal agreements with another organization
E. Doing nothing; no action taken to recover the technology
A(n) __________ occurs when intrusion-detection measures fail to recognize suspicious traffic or activity.
A. False positive
B. False negative
C. CIFS pop-up
All of the following are possible configurations for a corporate intranet, EXCEPT:
A. Value-added network
B. Wide-area network
C. Campus-area network
D. Metropolitan-area network
E. Local-area network
Why does the (ISC)2 access-control systems and methodology functional domain address both the confidentiality and integrity aspects of the Information Security Triad? Access-control systems and methodologies:
A. are required standards in health care and banking.
B. provide redundant systems and data backups.
C. control who is allowed to view and modify information.
D. are academic models not suitable for implementation.
E. set standards for acceptable media-storage devices.
Which of the following best describes the largest security challenge for Remote Offices/Branch Offices?
A. Leased-line security
B. Salami attacks
C. Unauthorized network connectivity
D. Distributed denial-of-service attacks
E. Secure access to remote organizational resources
Download Latest Checkpoint 156-110 Real Free Tests , help you to pass exam 100%.