Which of the following would assist the most in Host Based intrusion detection?

Which of the following would assist the most in Host Based intrusion detection?A .  audit trails.B .  access control lists.C .  security clearances.D .  host-based authentication. View Answer Answer: A Explanation: To assist in Intrusion Detection you would review audit logs for access violations. The following answers are incorrect: access control lists. This is...

A security evaluation report and an accreditation statement are produced in which of the following phases of the system development life cycle?

A security evaluation report and an accreditation statement are produced in which of the following phases of the system development life cycle?A .  project initiation and planning phaseB .  system design specification phaseC .  development & documentation phaseD .  acceptance phase View Answer Answer: D Explanation: The Answer "acceptance phase". Note the question asks...

Controls to keep password sniffing attacks from compromising computer systems include which of the following?

Controls to keep password sniffing attacks from compromising computer systems include which of the following?A .  static and recurring passwords.B .  encryption and recurring passwords.C .  one-time passwords and encryption.D .  static and one-time passwords. View Answer Answer: C Explanation: To minimize the chance of passwords being captured one-time passwords would prevent a password...

Which of the following phases of a software development life cycle normally incorporates the security specifications, determines access controls, and evaluates encryption options?

Which of the following phases of a software development life cycle normally incorporates the security specifications, determines access controls, and evaluates encryption options?A .  Detailed designB .  ImplementationC .  Product designD .  Software plans and requirements View Answer Answer: C...

Which property ensures that only the intended recipient can access the data and nobody else?

Which property ensures that only the intended recipient can access the data and nobody else?A .  ConfidentialityB .  CapabilityC .  IntegrityD .  Availability View Answer Answer: A Explanation: Confidentiality is defined as the property that ensures that only the intended recipient can access the data and nobody else. It is usually achieve using cryptogrphic...

What refers to legitimate users accessing networked services that would normally be restricted to them?

What refers to legitimate users accessing networked services that would normally be restricted to them?A .  SpoofingB .  PiggybackingC .  EavesdroppingD .  Logon abuse View Answer Answer: D Explanation: Unauthorized access of restricted network services by the circumvention of security access controls is known as logon abuse. This type of abuse refers to users...

Which of the following access control techniques best gives the security officers the ability to specify and enforce enterprise-specific security policies in a way that maps naturally to an organization’s structure?

Which of the following access control techniques best gives the security officers the ability to specify and enforce enterprise-specific security policies in a way that maps naturally to an organization’s structure?A .  Access control listsB .  Discretionary access controlC .  Role-based access controlD .  Non-mandatory access control View Answer Answer: C Explanation: Role-based access...