Pearson Education Quick Check Daily Common Core Review

In this affiliate from CISSP Practice Questions Exam Cram, quaternary Edition , author Michael Gregg offers practice questions and answers for the CISSP Exam.

The Identity and Access Management domain tests your knowledge of the big collection of mechanisms available to command hallmark, authorization, and accounting. You must not only understand these systems, merely likewise know the advantages and risks of each type as they relate to centralized and decentralized systems. Authentication is but 1 function of the process; authorization is also a key area of this domain. Individuals should be authorized for but what they need to consummate their required tasks. Finally, there is bookkeeping (or accountability). When things go wrong, there must exist a mode to plant a chain of responsibility. The post-obit list highlights some central areas from the identity and access management domain you need to be aware of for the CISSP exam:

Managing identification and authentication

Authentication methods (types ane, two, and iii)

Authorization: DAC, MAC, function-based access command, and rule-based access control

Integrating identity as a service (for example, cloud identity)

Integrating third-party identity services (for example, on-premise)

Accounting: Logging, monitoring, auditing

Central, decentralized, and hybrid management

Single sign-on: Kerberos, RADIUS, Diameter, TACACS

Access control attacks: emanations, impersonation, and countersign cracking

Which of the following is not one of the three types of access controls?

• A. Administrative

• B. Personnel

• C. Technical

• D. Physical

Quick Reply: 192
Detailed Respond: 194

Your company has only opened a call center in Republic of india to handle nighttime operations, and y'all are asked to review the site's security controls. Specifically, you are asked which of the post-obit is the strongest form of authentication. What will your reply be?

• A. Something you know

• B. Something y'all are

• C. Passwords

• D. Tokens

Quick Respond: 192
Detailed Answer: 194

Your organisation has become worried virtually recent attempts to gain unauthorized access to the R&D facility. Therefore, you are asked to implement a system that volition require individuals to nowadays a countersign and enter a Pin at the security gate before gaining access. What is this blazon of system called?

• A. Authorization

• B. Two-factor authentication

• C. Authentication

• D. Iii-cistron authentication

Quick Reply: 192
Detailed Answer: 194

Which of the following is not i of the iii main types of hallmark?

• A. Something you remember

• B. Something you know

• C. Something you are

• D. Something you have

Quick Answer: 192
Detailed Answer: 194

While working as a contractor for Widget, Inc., y'all are asked what the weakest form of authentication is. What volition you say?

• A. Passwords

• B. Retina scans

• C. Facial recognition

• D. Tokens

Quick Answer: 192
Detailed Answer: 194

You're preparing a presentation for the senior management of your visitor. They take asked you to rank the general order of accuracy of the most popular biometric systems, with 1 being the lowest and 5 being the highest. What will yous tell them?

• A. (1) fingerprint, (ii) palm browse, (iii) hand geometry, (4) retina scan, (5) iris scan

• B. (1) fingerprint, (2) palm browse, (3) iris scan, (4) retina scan, (5) hand geometry

• C. (one) palm scan, (ii) hand geometry, (3) iris scan, (4) retina scan, (five) fingerprint

• D. (1) hand geometry, (2) palm scan, (3) fingerprint, (4) retina scan, (5) iris scan

Quick Answer: 192
Detailed Reply: 194

Which of the following items is the to the lowest degree of import to consider when designing an access command system?

• A. Chance

• B. Threat

• C. Vulnerability

• D. Almanac loss expectancy

Quick Answer: 192
Detailed Reply: 195

Today, you are meeting with a coworker who is proposing that the number of logins and passwords be reduced. Another coworker has suggested that you investigate unmarried sign-on technologies and make a recommendation at the next scheduled meeting. Which of the following is a type of single sign-on organisation?

• A. Kerberos

• B. RBAC

• C. DAC

• D. SAML

Quick Respond: 192
Detailed Answer: 195

Which style of hallmark is not susceptible to a lexicon attack?

• A. CHAP

• B. Jump

• C. WPA-PSK

• D. PAP

Quick Reply: 192
Detailed Answer: 195

Your arrangement has decided to utilise a biometric system to authenticate users. If the FAR is high, what happens?

• A. Legitimate users are denied access to the organization's resource.

• B. Illegitimate users are granted access to the arrangement's resources.

• C. Legitimate users are granted access to the arrangement's resources.

• D. Illegitimate users are denied access to the organization'southward resource.

Quick Answer: 192
Detailed Answer: 195

Which of the following types of copper cabling is the most secure against eavesdropping and unauthorized access?

• A. Single-way fiber

• B. Multimode cobweb

• C. Category six cabling

• D. 802.11ac wireless

Quick Answer: 192
Detailed Reply: 195

Which of the post-obit is not 1 of the four access control models?

• A. Discretionary

• B. Mandatory

• C. Role-based

• D. Delegated

Quick Answer: 192
Detailed Answer: 195

Auditing is considered what method of access command?

• A. Preventive

• B. Technical

• C. Administrative

• D. Physical

Quick Answer: 192
Detailed Answer: 196

What method of access command system would a banking company teller most likely autumn nether?

• A. Discretionary

• B. Mandatory

• C. Role-based

• D. Rule-based

Quick Answer: 192
Detailed Answer: 196

Which of the following is the easiest and most common form of offline countersign hash assail used to pick off insecure passwords?

• A. Hybrid

• B. Dictionary

• C. Animate being-force

• D. Human being-in-the-eye

Quick Answer: 192
Detailed Answer: 196

Your visitor is building a research facility in Bangalore and is concerned almost technologies that can be used to pick up devious radiation from monitors and other devices. Specifically, your boss wants copper shielding installed. Which technology does your boss desire to know more about?

• A. Radon

• B. Waveguard

• C. Storm

• D. Van Allen

Quick Answer: 192
Detailed Answer: 196

Which of the following is an XML-based, open-standard information format for exchanging authentication and authorization data between an identity provider and a service provider?

• A. SAML

• B. LDAP

• C. OAuth

• D. KryptoKnight

Quick Answer: 192
Detailed Answer: 196

Christine, a newly certified CISSP, has offered to aid her brother-in-police force, Gary, at his small construction business. The business currently has xviii computers configured as a peer-to-peer network. All users are responsible for their own security and can set file and folder privileges every bit they run into fit. Which access control model best describes the configuration at this organization?

• A. Discretionary

• B. Mandatory

• C. Role-based

• D. Nondiscretionary

Quick Respond: 192
Detailed Answer: 196

Which of the following best describes challenge/response hallmark?

• A. It is an authentication protocol in which a salt value is presented to the user, who then returns an MD5 hash based on this salt value.

• B. It is an authentication protocol in which a arrangement of tickets is used to validate the user's rights to access resources and services.

• C. Information technology is an hallmark protocol in which the username and password are passed to the server using CHAP.

• D. It is an hallmark protocol in which a randomly generated string of values is presented to the user, who then returns a calculated number based on those random values.

Quick Answer: 192
Detailed Answer: 196

Your company has installed biometric access control systems. Your director has mentioned that he thinks the systems volition have a high FRR. What does this mean?

• A. Quite a few valid users will be denied access.

• B. Employees volition accept the organisation.

• C. Almost all unauthorized users will be denied.

• D. The system has a high render charge per unit and will quickly pay for itself.

Quick Answer: 192
Detailed Respond: 196

Which of the post-obit is the most time-intensive blazon of offline password attack to effort?

• A. Hybrid

• B. Manifestly text

• C. Beast-strength

• D. Man-in-the-middle

Quick Answer: 192
Detailed Reply: 196

You are approached by a junior security officeholder who wants to know what CVE stands for. What do you tell him?

• A. Critical Vulnerability and Exploits

• B. Common Vulnerabilities and Exposures

• C. Chosen Vulnerabilities and Exploits

• D. Common Vulnerabilities and Exploits

Quick Answer: 192
Detailed Reply: 197

Which of the post-obit protocols is recommended to be turned off because it transmits usernames and passwords in plaintext?

• A. SSH

• B. HTTPS

• C. Telnet

• D. TFTP

Quick Answer: 192
Detailed Answer: 197

Which biometric authentication organisation is about closely associated with law enforcement?

• A. Fingerprint recognition

• B. Iris recognition

• C. Facial recognition

• D. Retina pattern recognition

Quick Respond: 192
Detailed Answer: 197

What type of admission control arrangement doesn't requite users much freedom to make up one's mind who can admission their files and is known for its structure and utilise of security labels?

• A. Discretionary

• B. Mandatory

• C. Role-based

• D. Nondiscretionary

Quick Answer: 192
Detailed Reply: 197

As the newly appointed security officer for your corporation, yous advise replacing the countersign-based hallmark system with RSA tokens. Elsa, your chief technology officer, denies your request, citing budgetary constraints. As a temporary solution, Elsa asks that you notice means to increase password security. Which of the following will reach this goal?

• A. Disabling password-protected screensavers

• B. Enabling account lockout controls

• C. Enforcing a password policy that requires noncomplex passwords

• D. Enabling users to apply the aforementioned password on more than one arrangement

Quick Reply: 192
Detailed Answer: 197

Which of the post-obit is a major issue with signature-based IDSs?

• A. Signature-based IDSs cannot detect aught-day attacks.

• B. Signature-based IDSs can detect but attacks in which activity deviates from normal behavior.

• C. Signature-based IDSs are available just as host-based systems.

• D. Signature-based IDSs are price-prohibitive.

Quick Answer: 192
Detailed Answer: 197

Administrative controls form an important part of security, and although most of us don't like paperwork, that is a large part of this security control. Which of the following is a high-level document that describes a management plan for how security should exist practiced throughout the organization?

• A. Guidelines

• B. Policies

• C. Procedures

• D. Standards

Quick Answer: 192
Detailed Respond: 197

A hacker submits a malicious URL asking for a assist folio from an unpatched Apache server that supports an Oracle9i Application Server. This causes a denial of service. Which of the following would have best protected the corporation from this attack?

• A. HIDS

• B. NIPS

• C. HIPS

• D. NIDS

Quick Answer: 192
Detailed Answer: 198

One of your coworkers has joined a CISSP study grouping and is discussing today'due south list of topics. One of the topics is this: What is an example of a passive set on?

• A. Dumpster diving

• B. Sniffing

• C. Installing SubSeven

• D. Social engineering

Quick Answer: 192
Detailed Answer: 198

What is one of the major reasons why separation of duties should be good?

• A. Reduced cross-grooming

• B. Legal

• C. Union policies and procedures

• D. To force bunco

Quick Answer: 192
Detailed Answer: 198

There are two basic types of access control policies. Which of the following describes the best approach for a CISSP?

• A. Begin with deny all.

• B. Allow some based on needs assay.

• C. Brainstorm with allow all.

• D. Deny some based on needs analysis.

Quick Answer: 192
Detailed Reply: 198

Your manager asks y'all to set up up a fake network to identify contractors who may exist poking effectually the network without authorization. What is this type of system called?

• A. Trap-and-trace

• B. Honeypot

• C. Snare

• D. Prison

Quick Respond: 192
Detailed Reply: 198

Various operating systems such as Windows utilise what to control access rights and permissions to resource and objects?

• A. RBAC

• B. MITM

• C. ABS

• D. ACL

Quick Answer: 192
Detailed Answer: 198

While hanging around the watercooler, you hear that your company, Big Tex Bank and Trust, is introducing a new policy. The visitor will require periodic chore rotation and will force all employees to use their holiday time. From a security standpoint, why is this important?

• A. Chore rotation is important because it reduces employee burnout.

• B. Job rotation is important because employees need to be cantankerous-trained in case of man-fabricated or natural disasters.

• C. Job rotation ensures that no one tin easily commit fraud or other types of deception without risking exposure.

• D. Forcing employees to utilize their vacation time ensures time abroad from work, which results in healthy, more productive employees.

Quick Answer: 192
Detailed Answer: 198

Your director persists in asking you to ready up a fake network to identify contractors who may be poking around the network without authorization. What legal issue pertaining to these devices should you exist most concerned with?

• A. Enticement

• B. Federal Statute 1029

• C. Entrapment

• D. Liability

Quick Answer: 192
Detailed Reply: 198

Your brother-in-police, Mario, is studying for the CISSP test. He text-letters you with what he believes is an important question: What is a major disadvantage of access control lists? How practise you answer him?

• A. Overhead of the auditing role

• B. Brunt of centralized control

• C. Independence from resource owners

• D. Lack of centralized control

Quick Answer: 192
Detailed Answer: 198

Tabular array 5.i provides an example of some types and categories of admission control. Which of the following is the best case of a technical deterrent?

Table 5.1 Sample Access Types and Categories

Attribute	Deterrent	Preventive	Detective	Corrective	Recovery	Compensating
Administrative	-	-	Audit Policy	-	Incident Response Plan	-
Technical	-	ACLs	-	-	-	-
Physical	-	-	-	Burn Extinguisher	-	Defense in depth

• A. AUP

• B. Warning banner

• C. Anti-virus

• D. Hot site

Quick Answer: 192
Detailed Answer: 199

What does TACACS+ use as its communication protocol?

• A. TCP

• B. UDP

• C. ICMP

• D. TCP and UDP

Quick Answer: 192
Detailed Answer: 199

Which of the post-obit attributes does not apply to MAC?

• A. Multilevel

• B. Label-based

• C. Universally practical

• D. Discretionary

Quick Answer: 192
Detailed Respond: 199

Which of the following is not part of concrete access control?

• A. CCTV

• B. Mantraps

• C. Information classification and labeling

• D. Biometrics

Quick Respond: 192
Detailed Reply: 199

During a weekly staff meeting, your boss reveals that some employees accept been allowing other employees to use their passwords. He is determined to put a cease to this and wants you to install biometric access control systems. He has asked about some basic attributes, such equally type I errors, type II errors, and the CER, as shown in Figure 5.1. What'due south so important well-nigh the CER? How exercise you respond?

• A. Speed typically is determined by calculating the CER.

• B. The CER has to practise with the customer acceptance rate considering some systems are more user-friendly than others.

• C. Accuracy typically is adamant past calculating the CER.

• D. The CER has to do with the toll per employee because some biometric access control systems are very good, but likewise very expensive.

Quick Answer: 192
Detailed Respond: 199

Kerberos has some features that arrive a good pick for access command and authentication. I of these items is a ticket. What is a ticket used for?

• A. A ticket is a block of data that allows users to prove their identity to an hallmark server.

• B. A ticket is a block of data that allows users to prove their identity to a service.

• C. A ticket is a block of data that allows users to evidence their identity to a ticket-granting server.

• D. A ticket is a cake of information that allows users to prove their identity to the Kerberos server.

Quick Answer: 192
Detailed Answer: 199

What is the all-time definition of identification?

• A. The human activity of verifying your identity

• B. The act of challenge a specific identity

• C. The act of finding or testing the truth

• D. The act of inspecting or reviewing a user's actions

Quick Answer: 192
Detailed Reply: 199

What term ways that a user cannot deny a specific action because at that place is positive proof that he or she performed it?

• A. Accountability

• B. Auditing

• C. Nonrepudiation

• D. Validation

Quick Respond: 192
Detailed Answer: 199

What type of cryptography does SESAME employ to distribute keys?

• A. Public primal

• B. Secret fundamental

• C. SHA hashing algorithm

• D. None; it uses plaintext

Quick Answer: 192
Detailed Answer: 199

Which of the post-obit is a category of security controls that job rotation fits into?

• A. Recovery

• B. Corrective

• C. Detective

• D. Bounty

Quick Answer: 192
Detailed Answer: 199

What does RADIUS use for its transport protocol?

• A. UDP

• B. TCP

• C. TCP and UDP

• D. ICMP

Quick Respond: 192
Detailed Answer: 200

Your chief information officer (CIO) needs your recommendation for a centralized admission control system to maintain all the users and associated permissions. He also wants to be able to utilise this arrangement for a wireless local area network (LAN). In addition to the wireless LAN requirement, the network administrator has stated that it is not of import to the CIO to accept a system that volition split the authentication, potency, and accounting processes upwards; even so, having the option to use UDP, SCTP, or TCP is a must. The CIO likewise requires a SSO technology that can support non-repudiation and authenticity. The CIO has stated he is willing to buy more than one system to meet the specified requirements. Which of the following is the best recommendation you lot would give?

• A. Purchase a Bore for centralized access control and SESAME for SSO.

• B. Purchases a RADIUS for centralized admission control and Kerberos considering it is most commonly used and, most importantly, has been around a long time and many organizations trust it.

• C. Buy a Diameter for centralized access command and Kerberos for SSO.

• D. Purchase Extended Terminal Access Controller System for centralized access command and apply SESAME for SSO.

Quick Respond: 192
Detailed Answer: 200

You have been promoted to security officer for a Fortune 500 company and are performing an audit of elevated privileges for the network. You lot observe that there are many members from the help desk that have privileges to diverse systems that they do not crave to practice their task on a daily basis. What best business practice does your visitor lack?

• A. Separation of duties

• B. Principle of least privilege

• C. Need to know

• D. Privilege pitter-patter

Quick Answer: 192
Detailed Answer: 200

What does strong hallmark require?

• A. Public/individual keys

• B. Using ii different methods of identification

• C. Using a method of identification from at least two of blazon I, II, or III

• D. Authenticating inside an encrypted tunnel

Quick Reply: 192
Detailed Answer: 200

You lot take a homogeneous environment with multiple awarding servers. Your users are having difficulty remembering all their passwords as they complete their daily activities. What would exist the all-time solution?

• A. Lower the passwords' complexity requirements

• B. Implement harsher penalties

• C. Add assisted user reset capabilities

• D. Use unmarried sign-on

Quick Answer: 192
Detailed Answer: 200

How practise you lower type 1 errors on biometric devices?

• A. By increasing blazon 2 errors

• B. By decreasing type 2 errors

• C. Past increasing precision

• D. By decreasing CER

Quick Answer: 192
Detailed Answer: 200

When yous log into your remote server from home, your server sends you a nonce that you enter into a token device that you were issued when yous were hired. Your token device responds with a value you enter at the prompt. What take yous entered?

• A. A unmarried sign-on using synchronous authentication

• B. A one-fourth dimension password using synchronous hallmark

• C. A unmarried sign-on using asynchronous authentication

• D. A one-time password using asynchronous hallmark

Quick Respond: 192
Detailed Answer: 200

Which of the following describes a distinction between Kerberos and SESAME?

• A. Kerberos supplies SSO; SESAME does not.

• B. Kerberos uses symmetric encryption; SESAME uses asymmetric encryption.

• C. Kerberos tin be used for nonrepudiation; SESAME cannot.

• D. SESAME can be accessed using GSS-API; Kerberos cannot.

Quick Answer: 192
Detailed Answer: 201

What type of physical control is a mantrap?

• A. Deterrent

• B. Corrective

• C. Preventive

• D. Detective

Quick Answer: 192
Detailed Answer: 201

What is the all-time fashion to store passwords?

• A. In a one-fashion encrypted file

• B. Using symmetric encryption

• C. Using asymmetric encryption

• D. Past ways of a digital signature

Quick Answer: 192
Detailed Respond: 201

The deed of professing to exist a specific user is

• A. Validation

• B. Authorization

• C. Authentication

• D. Identification

Quick Answer: 192
Detailed Answer: 201

Which of the post-obit best describes a Zephyr nautical chart?

• A. A means of establishing the accuracy of a biometric system

• B. A means of comparison different biometric systems

• C. A means of comparing blazon Ii and type III authentication systems

• D. A nautical chart used to examine the accuracy of IDSs and IPSs

Quick Answer: 192
Detailed Respond: 201

What is authentication?

• A. Supplying a username

• B. Using criteria to determine what a user can practice

• C. Verifying identification

• D. Reviewing audit logs

Quick Answer: 192
Detailed Reply: 201

Being asked what your maiden name is, what city you were born in, and what your pet's name is an example of what?

• A. Single sign-on (SSO)

• B. Self-service password reset

• C. Centralized authentication

• D. Assisted passwords

Quick Answer: 192
Detailed Respond: 201

Which of the post-obit best describes a federated identity?

• A. Just some other term for SSO.

• B. It is restricted to use inside a specific domain or area of the network.

• C. Type I authentication (something y'all know).

• D. It is portable and can be used across business boundaries.

Quick Answer: 192
Detailed Respond: 201

Which of the following is the most accurate biometric organization?

• A. A CER of 1

• B. A CER of 2

• C. A CER of 3

• D. None of the higher up because CER is not a numeric rating

Quick Answer: 192
Detailed Answer: 201

Which blazon of control that includes fences, password protection, and CCTV is designed to stop an event from occurring?

• A. Detective control

• B. Preventive control

• C. Corrective control

• D. Deterrent command

Quick Answer: 192
Detailed Answer: 201

Nondiscretionary access control includes which of the post-obit?

• A. Role- and job-based

• B. Dominion-based and mandatory

• C. Labeled and mandatory

• D. None of the to a higher place because in that location are no subcategories

Quick Answer: 192
Detailed Answer: 201

What is a trust?

• A. A i-fashion-just span established between two domains

• B. A two-way-only bridge established between two domains

• C. A security span that is established afterward a valid hallmark

• D. A security bridge that is established between two domains

Quick Answer: 192
Detailed Respond: 201

What form of authorization is closely associated with labels?

• A. Rule-based access control

• B. Discretionary access control

• C. Mandatory access control

• D. Office-based admission command

Quick Respond: 192
Detailed Answer: 201

How can a swipe card, smart card, or USB dongle be described?

• A. An active token

• B. A static token

• C. Blazon I authentication

• D. Blazon III authentication

Quick Answer: 192
Detailed Reply: 202

The Equal Error Rate is equivalent to what?

• A. The point at which faux acceptance and fake rejection encounter

• B. The crossover error rate minus x pct

• C. The bespeak at which imitation acceptance is at its highest and fake rejection is at its everyman

• D. The point at which false acceptance is at its everyman and false rejection is at its highest

Quick Answer: 192
Detailed Respond: 202

Which of the post-obit is the virtually expensive ways of verifying a user's identity?

• A. Single sign-on

• B. Tokens

• C. Biometrics

• D. Passwords

Quick Reply: 192
Detailed Respond: 202

Which biometric organization examines the colored portion of the eye that surrounds the student?

• A. Iris

• B. Retina

• C. Fovea

• D. Optic disc

Quick Answer: 192
Detailed Answer: 202

Which of the following best describes a rainbow table?

• A. An assail confronting a biometric arrangement

• B. An attack against a fingerprint scanner

• C. A table used for digital signatures

• D. A table of precomputed password hashes

Quick Respond: 192
Detailed Answer: 202

The ticket-granting service is a component of what?

• A. TACACS

• B. Kerberos

• C. RADIUS

• D. SESAME

Quick Respond: 192
Detailed Answer: 202

The Privilege Attribute Certificate (PAC) is a component of what?

• A. TACACS

• B. Kerberos

• C. RADIUS

• D. SESAME

Quick Reply: 192
Detailed Answer: 202

What nontechnical assail attempts to lure the victim into giving upwards financial data, credit carte du jour numbers, or other types of business relationship information?

• A. Pretexting

• B. Social engineering

• C. Dumpster diving

• D. Phishing

Quick Answer: 192
Detailed Answer: 202

You are asked to work on a project where users demand to share credentials across multiple domains without forcing them to log in more than once. What technologies might meet this business demand?

• A. Cookies

• B. Unique X.509 certificates

• C. Web access direction

• D. Separate usernames and passwords

Quick Answer: 192
Detailed Reply: 202

Your visitor was initially considering iii security models to use to design admission rights and controls in its new operating organization (Os). These models included Biba, Bell-LaPadula, and Clark Wilson. If the visitor decided to base of operations its Bone on the Biba model, which of the following properties is right?

• A. A user cannot write down to a lower level.

• B. The model makes utilize of transformational procedures and constrained data items.

• C. The user cannot write up to a higher level.

• D. If a user has admission to ane side of the wall, he does not take access to data on the other side of the wall.

Quick Answer: 192
Detailed Answer: 202

Which of the post-obit refers to the process of creation, maintenance, and deletion of user objects?

• A. Identification

• B. Verification

• C. Authentication

• D. Provisioning

Quick Answer: 192
Detailed Respond: 202

Object reuse tin exist an important outcome when because which of the following?

• A. RAM scraping attacks

• B. Authentication method

• C. Type of biometric system used

• D. Forcefulness of a password

Quick Answer: 192
Detailed Answer: 202

Which form of admission control has a many-to-many relationship and makes employ of mapping betwixt a user and a subset of goals?

• A. MAC

• B. DAC

• C. Rule-based access command

• D. Core RBAC

Quick Answer: 192
Detailed Respond: 202

Which of the following is the best case of capabilities tables?

• A. Memory cards

• B. Kerberos

• C. Constrained user interface

• D. Router ACL

Quick Respond: 192
Detailed Answer: 202

Which of the following provides an upgrade path from RADIUS?

• A. Diameter

• B. TACACS

• C. Kerberos

• D. NetSP

Quick Answer: 192
Detailed Answer: 203

Investigations are a skillful example of which of the post-obit?

• A. Detective control

• B. Preventive control

• C. Deterrent control

• D. Proactive command

Quick Respond: 192
Detailed Answer: 203

Although an authorized sniffer has been connected to a network switch, the user can only see traffic directed to the device and some broadcast traffic. What might be the problem?

• A. An IDS is blocking the traffic.

• B. The switch port must be spanned.

• C. The switch detected the sniffer.

• D. The sniffer is misconfigured.

Quick Answer: 192
Detailed Answer: 203

Which type of assault makes use of a fourth dimension-memory tradeoff?

• A. Dominion-based

• B. Lexicon

• C. Rainbow tabular array

• D. Brute-force

Quick Answer: 192
Detailed Answer: 203

saundersquelly.blogspot.com

Source: https://www.pearsonitcertification.com/articles/article.aspx?p=2738310

Share this post