Your browser does not support JavaScript!

Information Assurance and Security 1

Showing 301-375 of 405 answers

The definition andenforcement of permitted capabilities for a person or entity whose identity hasbeen established.
  • Authentication Correct
The emphasis should still be on retrofitting tools to meet current safety requirements, not development.
  • True
  • False Correct
The end-user device is typically called the local host and communicates to the remote host over the Internet, and is the second computer running the FTP program.
  • True Correct
  • False
The engineering method of formal verification, which explicitly correlates with concept checking, requires network cables
  • True
  • False Correct
The firewall can ____________ any traffic or all traffic, depending on the firewall policy of the company.
  • Absolutely allow
  • Rarely disallow
  • Rarely allow
  • Absolutely disallow Correct
The focus of physical security is on the planning, _________________, and protection of countermeasures that can secure a company's physical capital.
  • imposition
  • importation
  • implantation
  • implementation Correct
The following are SNMP Agent's key functions except ____________.
  • Acts as a proxy for some non-SNMP manageable network node
  • Stores and retrieves management information
  • Acknowledges asynchronous events Correct
  • Collects management information about its local environment
The following are SNMP Manager's key functions except ________.
  • Queries agent
  • Get responses from agents
  • Signals an event Correct
  • Sets variables in agents
The following are the types of firewalls except _________.
  • Stateful Packet Filtering
  • Packet Filtering
  • Proxy
  • Whitelisting Correct
The following securityspecifics appropriate to the security architecture must be addressed withineach phase in addition to the generic phase activities. What phase is that?
  • Phase A: Architecture Vision Correct
The goal of this step is to understand what data could cause harm to your organization.
  • Identification of Critical Information Correct
  • Analysis of Vulnerabilities
  • Analysis of Threat
  • Assessment of Risk
The ideas behind the CIA triad are influenced by industry-standard cybersecurity systems like those of NIST.
  • True Correct
  • False
The infected file can be used by the self-execution facility tolaunch the malware code, or it can be executed by the user himself;
  • Exploitation Correct
The level of secrecy effect of the PII varies from mild, moderate, or extreme to reflect the possible damage that could happen to a person or entity if the data is obtained, used, or released.
  • True Correct
  • False
The main advantage of security architecture is its standardization, which makes it affordable. Security architecture is cost-effective due to the reuse of controls described in the architecture.
  • Form
  • Benefits Correct
  • Financial
  • Driver
The main ways of transport are e-mails (attachment of infected files), web platforms (running malware scripts), or removable USB memories;
  • Delivery Correct
The management team applies a series of security measures on the basis of the assessment to___________________ within their climate.
  • maximize risk
  • maximize exposure
  • minimize risk Correct
  • minimize exposure
The method of scanning an environment for weak points and prioritizing remediation based on risk is _____________.
  • accelerate management
  • international management
  • vulnerability management Correct
  • creative management
The more software an organization deploys, the more bugs it creates.
  • True Correct
  • False
The OPSEC mechanism helps in the production of technological and non-technical steps to minimize cybersecurity threats, first-party threats, third-party risks, and fourth-party risks
  • True Correct
  • False
The organization'sattitude and tolerance for risk.
  • Risk Management Correct
The Parkerian Hexad added elements are:
  • control, possession, utility
  • possession, honesty, alliance
  • control, authenticity, utility Correct
  • idd, html, intel
The position of software in applications has also decreased, such that the majority of functionality is now managed by software, rendering the effect of multiple breaches more important.
  • True
  • False Correct
The practice of avoiding unauthorized entry, use, dissemination, disturbance, alteration, inspection, monitoring or destruction of information is essentially __________________________.
  • Ledger Security
  • System Security
  • Network Security
  • Information Security Correct
The probability of human error must also be taken into account, as demonstrated by the error committed by a power system worker that triggered an hour-long blackout in cities in the Pacific Southwest in 2013.
  • True
  • False Correct
The process where individual pieces of data are grouped to form a bigger picture.
  • Sorting
  • Classification
  • Analysis
  • Aggregation Correct
The protection ofinformation assets from loss or unintended disclosure, and resources fromunauthorized and unintended use.
  • Asset Protection Correct
The purpose and role of information management can be broken down into three key categories include:
  • Central Security Service
  • making available data freely to those who need access to it Correct
  • The aspects in which information is covered varies depending on the need and the volume of data and the kinds of threats that are expected to be posed by the sensitive data
  • For any enterprise that uses the five pillars to secure knowledge, the same is true
The security architect needs to draft knowledge of the organization's infrastructure to learn who has access to where weak points can occur.
  • True
  • False Correct
The security architecture must secure the entire IT infrastructure.
  • True Correct
  • False
The Security Manager guarantees that the management and staff are aware of their security responsibilities, support security efforts, and accept small inconveniences that are invariably part of system transition and development.
  • True Correct
  • False
The security manager is responsible for achieving balance and effectively supporting corporate security.
  • True Correct
  • False
The smallest and most common type of network, consisting of a wireless modem, a computer or two, computers, printers, tablets, etc. In one building, it circles one person.
  • PAN Correct
  • WAN
  • TAN
  • LAN
The state of beingprotected against the criminal or unauthorized use of electronic data, or themeasures taken to achieve this.
  • cyber security Correct
The subdivision's fundamental principle is that the risk of compromise is more significant when the threat is very competent and committed, while friendly organizations are concurrently revealed.
  • True Correct
  • False
The substantiation ofthe identity of a person or entity related to the enterprise or system in someway.
  • Authentication Correct
The terms protection of information, cyber protection, and information assurance are also used interchangeably.
  • True Correct
  • False
The transformation of wage data from one currency into an incorrect currency.
  • Availability
  • Integrity
  • Confidentiality
  • Utility Correct
The vulnerability process is intended to find exploitable flaws in a company's data network.
  • True
  • False Correct
The word __________________ was invented by the United States Army during the Vietnam War as a part of military operations led by a team called Purple Dragon.
  • firewall display
  • virtual private network
  • security assurance
  • operation security Correct
The word cyberspace has become a ____________________________ and the complex society of the Internet.
  • interconnected information technology and the interdependent network of information technology
  • collection of sculptures and photographs entitled 'sensory spaces'
  • the standard way of representing everything related to the internet Correct
  • social connections involved than by its technological application
The_______________ is a symmetric key algorithm used to safeguard secret government records. 
  • HTTP
  • AFS
  • CTO
  • AES Correct
There are ________ types of firewall policies which are widely used.
  • 2 Correct
  • 3
  • 4
  • 5
These actions typically consist of collecting information, modifyingdata integrity, or attacking the availability of services and devices, but thevictim system can also be used as a starting point for infecting other systemsor for expanding access to the local network.
  • Action on objective Correct
These are constantly creating and implementing new securitytools to help enterprise users better secure their data.
  • cloud providers Correct
These are the packet's intended location at the receiving end of a transmission.
  • The source IP address of the outgoing packets
  • The type of IP the pocket contains
  • The source IP address of the incoming packets
  • Destination IP addresses Correct
These network forms are developed and operated by organizations who want to link their separate locations and connect computing resources safely.
  • LPN
  • EPN Correct
  • VPN
  • HAN
This acts as a deterrent against deliberate misconfigurations.
  • Automation
  • Change Management Process
  • Operational Security Policy Correct
  • Dual Control
This assured that theinformation is authentic and complete.
  • integrity Correct
This involves enforcing security measures to ensure that data cannot be changed or destroyed by, or in an undetected way by, an unauthorized user.
  • data validation
  • data system
  • data authentication
  • data integrity Correct
This involves ensuring that the are who they say are and one of the most famous method to secure this is by using
  • authentication Correct
This involves preserving information in its right shape and avoiding it from being wrongly changed, either by mistake or maliciously.
  • Inclusion
  • Indulgence
  • Integrity Correct
  • Informative
This is an assurance that the systems responsible fordelivering, storing, and processing information are accessible when needed, bythose who need them.
  • availability Correct
This is not a type of application security.
  • photo enhancement Correct
This is roughly equivalent to.
  • confidentiality Correct
This keeps the potential enemies from discovering critical DOD information, such as when units are mobilizing, traveling, or what processes are involved.
  • Operation Security Correct
  • People Security
  • Physical Security
  • IT Security
This kind of network enables you to cover an area from few miles to tens of miles, depending on the kind of setup.
  • LAN
  • MAN Correct
  • WLAN
  • CAN
This means that only thoseauthorized to view information are allowed access to it.
  • confidentiality Correct
This step uses multiple sources, such as intelligence activities, law enforcement, and open source information to identify likely adversaries to a planned operation and prioritize their degree of threat.
  • Application of Appropriate Countermeasures
  • Assessment of Risk
  • Analysis of Threat Correct
  • Analysis of Vulnerabilities
This version improves security and privacy.
  • SNMPv2
  • SNMPv3 Correct
  • SNMPv1
  • SNMPv4
This was the first implementation, which was carried out under the structure management information specification This was the first implementation, which was carried out under the structure management information specification.
  • SNMPv2
  • SNMPv3
  • SNMPv4
  • SNMPv1 Correct
Those stakeholderswho will be affected by security capabilities and who are in groups ofcommunities
  • Identify communities involved Correct
Those units outsidethe scoped enterprise who will need to enhance their security architecture forinteroperability purposes
  • Identify extended enterprise Correct
Those who are mostaffected and achieve most value from the security work
  • Identify core enterprise Correct
Those who will seechange to their capability and work with core units but are otherwise notdirectly affected
  • Identify soft enterprise Correct
Threat assessments reflect the totality of the intelligence collection effort targeting the organization inaccurately.
  • True
  • False Correct
Three distinct levels:
  • Physical, Perceptual, Desired Effects Correct
Three Features of Security
  • Confidentiality, Integrity and Availability Correct
To access the FTP server, we do not need to log in with the username and password. Therefore, we can say that FTP is vulnerable.
  • True
  • False Correct
To affect thetechnical performance and the  capabilityof physical systems, to disrupt the  capabilitiesof the defender.
  • Desired Effects Correct
To enforce the safety specifications, the engineers build the device verification to assure that the configuration satisfies the safety evidence.
  • True
  • False Correct
Transmitting the weapon to the target environment.
  • Delivery Correct
True or False:  Identify coreenterprise (units) - those who are most affected and achieve most value fromthe security work
  • TRUE Correct
True or False: Business rules regarding handling of data/information assets
  • TRUE Correct
True or False: Codifieddata/information asset ownership and custody
  • TRUE Correct
All courses