What is the MAIN purpose of a security assessment plan?
B
What are the first two components of logical access control?
B
If traveling abroad and a customs official demands to examine a personal computer, which of the
following should be assumed?
C
Spyware is BEST described as
B
At its core, spyware is definitely an information gathering technique. Its primary function is to collect data. Cyber-terrorism is typically defined by its intent to cause widespread disruption, fear, or harm with political or ideological motivations. While spyware could be used in a cyber-terrorism campaign (e.g., to gather intelligence for a larger attack), it's not inherently an act of cyber-terrorism itself.
a large organization uses biometrics to allow access to its facilities. It adjusts the biometric value for
incorrectly granting or denying access so that the two numbers are the same.
What is this value called?
C
The EER is the point where the FRR and FAR are equal. It's an important metric for evaluating the overall accuracy of a biometric system.
The EER is the point where the FRR and FAR are equal. It's an important metric for evaluating the overall accuracy of a biometric system.
Which of the following would be considered an incident if reported by a security information and
event management (SIEM) system?
C
At which phase of the software assurance life cycle should risks associated with software acquisition
strategies be identified?
C
The risks associated with software acquisition strategies should be identified in the Planning phase of the software assurance life cycle.
Here's why: Early Identification: Identifying risks early in the process allows for proactive mitigation and informed decision-making. Addressing potential problems upfront is always more efficient and cost-effective than trying to fix them later.
Foundation for Success: The planning phase sets the stage for the entire acquisition process. By identifying risks associated with different acquisition strategies (e.g., buying off-the-shelf vs. custom development), you can choose the approach that best balances your needs and risk tolerance. Comprehensive Assessment: A thorough risk assessment in the planning phase should consider various factors, including:
Security Risks: Vulnerabilities, lack of vendor support, potential for backdoors. Legal and Compliance Risks: Licensing issues, intellectual property concerns, data privacy regulations.
Which of the following are the B EST characteristics of security metrics?
D
What is the P R IM A R Y reason criminal law is difficult to enforce when dealing with cyber-crime?
D
After the INITIAL input o f a user identification (ID) and password, what is an authentication system
that prompts the user for a different response each time the user logs on?
C
Which of the following terms BEST describes a system which allows a user to log in and access
multiple related servers and applications?
B
Which of the following MUST the administrator of a security information and event management
(SIEM) system ensure?
C
Which of the following addresses requirements of security assessment during software acquisition?
B
A recent information security risk assessment identified weak system access controls on mobile
devices as a high me In order to address this risk and ensure only authorized staff access company
information, which of the following should the organization implement?
B
Which of the following attack types can be used to compromise the integrity of data during
transmission?
B