You are a system administrator for a pool of Web servers. The vendor who sells your Web server posts a patch and sample exploit for a newly discovered vulnerability. You will take all of the actions listed below. Which of the following actions should you take first?
A. Run the sample exploit against a test server.
B. Run the sample exploit against a production server.
C. Apply the patch to all production servers.
D. Test the patch on a production server.
E. Test the patch on a non-production server.
Embedding symbols in images or common items, such as pictures or quilts, is an example of __________.
B. Transposition cipher
C. Key exchange
Which of the following calculations is used when selecting countermeasures?
A. Annualized Rate of Occurrence
B. Single Loss Expectancy
C. Annualized Loss Expectancy
D. Business Impact Analysis
E. Business Continuity Plan
Which of the following is the MOST important consideration, when developing security- awareness training materials?
A. Training material should be accessible and attractive.
B. Delivery mechanisms should allow easy development of additional materials, to complement core material.
C. Security-awareness training materials should never contradict an organizational security policy.
D. Appropriate language should be used to facilitate localization, should training materials require translation.
E. Written documentation should be archived, in case of disaster.
A security administrator implements Secure Configuration Verification (SCV), because SCV: (Choose THREE.)
A. Does not enable the administrator to monitor the configuration of remote computers.
B. Can block connectivity for machines that do not comply with the organization’s security policy.
C. Enables the administrator to monitor the configuration of remote computers. 1 D. Prevents attackers from penetrating headquarters’ Security Gateway.
E. Confirms that a remote configuration complies with the organization’s security policy.
If e-mail is subject to review by individuals other than the sender and recipient, what should be clearly stated in the organization’s e-mail policy?
A. Technologies and methods used to monitor and enforce the organization’s policies
B. Senior management and business-unit owner responsibilities and delegation options
C. Clear, legally defensible definition of what constitutes a business record
D. Consequences for violation of the organization’s acceptable-use policy
E. No expectation of privacy for e-mail communications, using the organization’s resources
You are preparing a machine that will be used as a dedicated Web server, be removed?
———– is issued by senior management, and defines an organization’s security goals.
A. Records-retention procedure
B. Acceptable-use policy
C. Organizational security policy
D. Security policy mission statement
E. Service level agreement
Which of the following entities review partner-extranet requirements?
A. Information systems
B. Shipping and receiving
D. Requesting department
E. Chief Information Officer
———— is the process of subjects establishing who they are to an access control.
Download Latest Checkpoint 156-110 Real Free Tests , help you to pass exam 100%.