Pete, a security analyst, has been informed that the development team has plans to develop an application which does not meet the company's password policy. Which of the following should Pete do NEXT?
A. Contact the Chief Information Officer and ask them to change the company password policy so that the application is made compliant.
B. Tell the application development manager to code the application to adhere to the company's password policy.
C. Ask the application development manager to submit a risk acceptance memo so that the issue can be documented.
D. Inform the Chief Information Officer of non-adherence to the security policy so that the developers can be reprimanded.
Answer: B
Learn More :
Network Security
- The use of computer analysis techniques to gather evidence for criminal and/or civil trials is known as:
- To snare intruders, many organizations now use _________ techniques.
- A fundamental technique to determine if an intrusion is in progress in a stable network is: a. anomaly detection b. armoring cable c. RSA algorithm d. patching e. scanning a user's fingerprint Answer: a. anomaly detection
- Which of the following is not a type of intrusion prevention system?
- Which of the following is not true about one-time passwords?
- Which of the following is a mode that is used by IPSec?
- IP Security Protocol:
- A __________ is a trusted organization that can vouch for the authenticity of the person or the organization using the authentication.
- __________ provide authentication which can legally prove who sent a message over a network.
- DES:
- A brute force attack against an encryption system:
- A symmetric encryption system has two parts: the key and the ____________.
- Encryption is the process of:
- A way to prevent intrusion by disguising information through algorithms is:
- Spyware, adware and DDOS agents are three types of:
- A security hole is a(n):
- A(n) _________ is a type of application level firewall that is transparent so that no other computer notices that it is on the network.
- A(n) ____________ acts an intermediate host computer or gateway between the Internet and the rest of the organization's networks.
- IP spoofing means to:
- A(n) ____________ examines the source and destination address of every network packet that passes through it.
- A __________ is a router or special purpose computer that examines packets flowing into and out of a network and restricts access to the organization's network.
- __________ refers to the process of translating between one set of private addresses inside a network and a set of public address outside the network.
- With ANI security control, the network manager:
- The use of a(n) _________ prevents unauthorized intruders from accessing a computer network because the host or server will only permit access via inbound calling from prespecified phone numbers.
- A sniffer program is a: