单选题David is preparing a server room at a new branch office. What locking mechanisms should he use for the primary and secondary server room entry doors?
单选题Cross-site scripting (XSS) is an application security vulnerability usually found in Web applications. What type of XSS vulnerability occurs when a victim is tricked into opening a URL programmed with a rogue script to steal sensitive information?
单选题The common law system is broken down into which of the following categories?
单选题The relay agent on a mail server plays a role in spam prevention. Which of the following incorrectly describes mail relays?
单选题The integrity of data is not related to which of the following?
单选题Sam is the security manager of a company that makes most of its revenue from its intellectual property. Sam has implemented a process improvement program that has been certified by an outside entity. His company received a Level 2 during an appraisal process, and he is putting in steps to increase this to a Level 3. A year ago when Sam carried out a risk analysis, he determined that the company was at too much of a risk when it came to potentially losing trade secrets. The countermeasure his team implemented reduced this risk, and Sam determined that the annualized loss expectancy of the risk of a trade secret being stolen once in a hundred-year period is now $400.
单选题There are several types of volumetric IDSs. What type of IDS emits a measurable magnetic field that it monitors for disruptions?
单选题The NIST organization has defined best practices for creating continuity plans. Which of the following phases deals with identifying and prioritizing critical functions and systems?
单选题______is a set of extensions to DNS that provides to DNS clients (resolvers) origin authentication of DNS data to reduce the threat of DNS poisoning, spoofing, and similar attack types.
单选题Several teams should be involved in carrying out the business continuity plan. Which team is responsible for starting the recovery of the original site?
单选题WhichtypeofWANtunnelingprotocolismissingfromthetablethatfollows?
单选题Authorization creep is to access controls what scope creep is to software development. Which of the following is not true of authorization creep?
单选题There are several types of intrusion detection systems (IDSs). What type of IDS builds a profile of an environment"s normal activities and assigns an anomaly score to packets based on the profile?
单选题A change management process should include a number of procedures. Which of the following incorrectly describes a characteristic or component of a change control policy?
单选题Paisley is helping her company identify potential site locations for a new facility. Which of the following is not an important factor when choosing a location?
单选题Whattechnologywithinidentitymanagementisillustratedinthegraphicthatfollows?
单选题Which of the following is not an effective countermeasure against spam?
单选题The following scenario is to be used for questions 30, 31, and 32.Greg is the security facility officer of a financial institution. His boss has told him that visitors need a secondary screening before they are allowed into sensitive areas within the building. Greg has also been told by the network administrators that after the new HVAC system was installed throughout the facility, they have noticed that power voltage to the systems in the data center sags.
单选题Robert has been given the responsibility of installing doors that provide different types of protection. He has been told to install doors that provide failsafe, fail-secure, and fail-soft protection. Which of the following statements is true about secure door types?
单选题Which of the following statements does not correctly describe SOAP and Remote Procedure Calls?