What is the purpose of resource isolation?
A. To reduce the level of broadcast traffic on physical segments.
B. To ensure that anyone accessing a resource has appropriate integrity.
C. To automate the creation of access control lists and Trusted Computing Bases.
D. To enforce access controls, and clearly separate resources from each other.
E. To make people buy more computers than they really need.
_________ intrusion-detection systems learn the behavior of a machine or network, and create a baseline.
A. Behavioral analysis
B. Statistical anomaly
D. Pattern matching
How do virtual corporations maintain confidentiality?
C. Data hashes
D. Redundant servers
E. Security by obscurity
Which of these choices correctly describe denial-of-service (DoS) attacks? (Choose THREE.)
A. DoSattacks do not require attackers to have any privileges on a target system,
B. DoSattacks are nearly impossible to stop, once they begin.
C. DoS attacks free the target system of excessive overhead.
D. DoS ties up a system with so many requests, system resources are consumed, and performance degrades.
E. DoS attacks cause the attacked system to accept legitimate access requests.
Which of the following is MOST likely to cause management to view a security-needs proposal as invalid?
A. Real-world examples
C. Ranked threats
D. quantified risks
E. Temperate manner
Which of the following tests provides testing teams some information about hosts or networks?
A. Partial-knowledge test
B. Full-knowledge test
C. Zero-knowledge test
_________ is a method of tricking users into revealing passwords, or other sensitive information.
A. Dumpster diving
B. Means testing
C. Social engineering
Which of the following is the BEST method for managing users in an enterprise?
A. Enter user data in a spreadsheet.
B. Implement centralized access control.
C. Deploy Kerberos.
D. Place them in a centralized Lightweight Directory Access Protocol.
E. Use a Domain Name System.
_________ are the people who consume, manipulate, and produce information assets.
A. Information asset owners
B. Business-unit owners
C. Audit-control groups
D. Information custodians
E. Functional users
Who should have physical access to network-connectivity devices and corporate servers?
A. Customers and clients
B. Accounting, information-technology, and auditing staff
C. Managers and C-level executives
D. Only appropriate information-technology personnel
E. Only the maintenance staff
Download Latest Checkpoint 156-110 Real Free Tests , help you to pass exam 100%.