156-110 Online Practice Questions and Answers

All of the following are possible configurations for a corporate intranet, EXCEPT:

A. Value-added network

B. Wide-area network

C. Campus-area network

D. Metropolitan-area network

E. Local-area network

Which of the following is a cost-effective solution for securely transmitting data between remote offices?

A. Standard e-mail

B. Fax machine

C. Virtual private network

D. Bonded courier

E. Telephone

Public servers are typically placed in the _______, to enhance security.

A. Restricted Entry Zone

B. Open Zone

C. Internet Zone

D. Demilitarized Zone

E. Public Entry Zone

Embedding symbols in images or common items, such as pictures or quilts, is an example of __________.

A. Espionage

B. Transposition cipher

C. Key exchange

D. Arithmancy

E. Steganography

Distinguish between the role of the data owner and the role of the data custodian. Complete the following sentence. The data owner is the:

A. department in the organization responsible for the data's physical storage location. The data custodian is anyone who has access the data for any reason.

B. person or entity who accesses/and or manipulates data or information, in the course of assigned duties. The data custodian is a person or process with the appropriate level of privilege to access the data.

C. person or entity ultimately responsible for the security of an information asset. The data custodian is the person or entity responsible for imposing and enforcing policies and restrictions, dictated by the data owner.

D. person or process that originally creates the information. The data custodian is a role that shifts to any person or process currently accessing the data, and passes to the next person or process to access the data.

E. person or entity responsible for imposing and enforcing policies and restrictions, dictated by the functional user. The data custodian is a person or process who accesses and/or manipulates the information.

ABC Corporation's network requires users to authenticate to cross the border firewall, and before entering restricted segments. Servers containing sensitive information require separate authentication. This is an example of which type of access-control method?

A. Single sign-on

B. Decentralized access control

C. Hybrid access control

D. Layered access control

E. Mandatory access control

_______ intrusion-detection systems learn the behavior of a machine or network, and create a baseline.

A. Behavioral analysis

B. Statistical anomaly

C. Network

D. Pattern matching

E. Host

What type of document contains information on alternative business locations, IT resources, and personnel?

A. End-user license agreement

B. Nondisclosure agreement

C. Acceptable use policy

D. Security policy

E. Business continuity plan

Which of the following is an example of a simple, physical-access control?

A. Lock

B. Access control list

C. Background check

D. Token

E. Firewall

Which of the following equations results in the Single Loss Expectancy for an asset?

A. Asset Value x % Of Loss From Realized Exposure

B. Asset Value x % Of Loss From Realized Threat

C. Annualized Rate of Occurrence / Annualized Loss Expectancy

D. Asset Value x % Of Loss From Realized Vulnerability

E. Annualized Rate of Occurrence x Annualized Loss Expectancy