- All Exams Instant Download
Which of the following is used by the Point-to-Point Protocol (PPP) to determine packet formats?
Which of the following is used by the Point-to-Point Protocol (PPP) to determine packet formats?A . Layer 2 Tunneling Protocol (L2TP)B . Link Control Protocol (LCP)C . Challenge Handshake Authentication Protocol (CHAP)D . Packet Transfer Protocol (PTP)View AnswerAnswer: B
Which of the following would be MOST effective in mitigating this vulnerability?
An organization recently conducted a review of the security of its network applications. One of the vulnerabilities found was that the session key used in encrypting sensitive information to a third party server had been hard-coded in the client and server applications. Which of the following would be MOST effective...
Which of the BEST internationally recognized standard for evaluating security products and systems?
Which of the BEST internationally recognized standard for evaluating security products and systems?A . Payment Card Industry Data Security Standards (PCI-DSS)B . Common Criteria (CC)C . Health Insurance Portability and Accountability Act (HIPAA)D . Sarbanes-Oxley (SOX)View AnswerAnswer: B
Which of the following entails identification of data and links to business processes, applications, and data stores as well as assignment of ownership responsibilities?
Which of the following entails identification of data and links to business processes, applications, and data stores as well as assignment of ownership responsibilities?A . Security governanceB . Risk managementC . Security portfolio managementD . Risk assessmentView AnswerAnswer: B
What is the foundation of cryptographic functions?
What is the foundation of cryptographic functions?A . CipherB . EncryptionC . HashD . EntropyView AnswerAnswer: A
Which of the following mobile code security models relies only on trust?
Which of the following mobile code security models relies only on trust?A . Code signingB . Class authenticationC . SandboxingD . Type safetyView AnswerAnswer: A Explanation: Reference: https://csrc.nist.gov/csrc/media/publications/conference-paper/1999/10/21/proceedings-of-the22nd-nissc-1999/documents/papers/t09.pdf (11)
Which of the following is MOST important when assigning ownership of an asset to a department?
Which of the following is MOST important when assigning ownership of an asset to a department?A . The department should report to the business ownerB . Ownership of the asset should be periodically reviewedC . Individual accountability should be ensuredD . All members should be trained on their responsibilitiesView AnswerAnswer:...
Who in the organization is accountable for classification of data information assets?
Who in the organization is accountable for classification of data information assets?A . Data ownerB . Data architectC . Chief Information Security Officer (CISO)D . Chief Information Officer (CIO)View AnswerAnswer: A
An important principle of defense in depth is that achieving information security requires a balanced focus on which PRIMARY elements?
An important principle of defense in depth is that achieving information security requires a balanced focus on which PRIMARY elements?A . Development, testing, and deploymentB . Prevention, detection, and remediationC . People, technology, and operationsD . Certification, accreditation, and monitoringView AnswerAnswer: C Explanation: Reference: https://www.giac.org/paper/gsec/3873/information-warfare-cyber-warfare-futurewarfare/106165 (14)
Proven application security principles include which of the following?
Proven application security principles include which of the following?A . Minimizing attack surface areaB . Hardening the network perimeterC . Accepting infrastructure security controlsD . Developing independent modulesView AnswerAnswer: A
