The amount of damage an asset would incur each time a given risk occurs. The _____ is the product of the AV and the EF.

The amount of damage an asset would incur each time a given risk occurs. The _____ is the product of the AV and the EF. Answer: single loss expectancy...

The amount of damage an asset would incur each year from a given risk. ______ is also the product of the ARO and SLE.

The amount of damage an asset would incur each year from a given risk. ______ is also the product of the ARO and SLE. Answer: annualized loss...

Which one of the following Web security solutions is designed to function in a connectionless manner?

Which one of the following Web security solutions is designed to function in a connectionless manner? a. SSL b. SET c. S-HTTP d. SAM Answer: c....

Which one of the following Web security solutions is supported by most popular Web browsers?

Which one of the following Web security solutions is supported by most popular Web browsers? a. SSL b. SET c. S-HTTP d. SAM Answer: a. SS...

Richard suspects that a denial of service attack is taking place on his network that utilizes a large amount of SSL communications. He wishes to monitor network activity using a packet sniffer to determine whether this traffic is present on his network. What destination port should he look for in the packet sniffer output to confirm the presence of this traffic?

Richard suspects that a denial of service attack is taking place on his network that utilizes a large amount of SSL communications. He wishes to monitor...

Which two flags are used in the three-way handshaking process used to terminate a TCP connection?

Which two flags are used in the three-way handshaking process used to terminate a TCP connection? a. SYN b. RST c. FIN d. ACK Answer: b. RST c....

Jim suspects that a fragmentation attack may be taking place on his network and wishes to conduct packet analysis to diagnose the problem. What specific headers will provide him with information useful in detecting a fragmentation attack?

Jim suspects that a fragmentation attack may be taking place on his network and wishes to conduct packet analysis to diagnose the problem. What specific...

When moving a computer from one network to another, which of the following characteristics may change?

When moving a computer from one network to another, which of the following characteristics may change?  (Choose all that apply.) a. Computer...

If two computers are configured identically and attached to networks that differ only in the fact that one network utilizes twisted-pair cabling and the other uses fiber-optic cabling, which layer(s) of the OSI model are different between the two systems?

If two computers are configured identically and attached to networks that differ only in the fact that one network utilizes twisted-pair cabling and...

Which layer of the OSI model may contain vulnerabilities that make a system susceptible to fragmentation attacks?

Which layer of the OSI model may contain vulnerabilities that make a system susceptible to fragmentation attacks? a. Session b. Transport c. Network d....

What type of malicious activity involves carefully constructing a series of actions to interfere with the way memory is allocated in a system?

What type of malicious activity involves carefully constructing a series of actions to interfere with the way memory is allocated in a system? a. SYN...

What layer of the OSI model includes the encryption and decryption of data transmitted over the network?

What layer of the OSI model includes the encryption and decryption of data transmitted over the network? a. Application b. Presentation c. Transport d....

Which protocol is utilized by the ping command to determine whether a host is active on a network?

Which protocol is utilized by the ping command to determine whether a host is active on a network? a. UDP b. ICMP c. FTP d. IP Answer: b. I...

Which one of the following terms is not normally used to describe the Transmission Control Protocol (TCP)?

Which one of the following terms is not normally used to describe the Transmission Control Protocol (TCP)? a. Reliable b. Connectionless c. Error-checking d....

Which two flags are used in the three-way handshaking process that establishes a TCP connection?

Which two flags are used in the three-way handshaking process that establishes a TCP connection? a. SYN b. RST c. FIN d. ACK a. SYN, Answer: b....

How many packets are used in the typical handshaking process that establishes a TCP connection?

How many packets are used in the typical handshaking process that establishes a TCP connection? a. 1 b. 2 c. 3 d. 4 Answer: c. ...

What protocol is responsible for fragmenting datagrams that exceed the maximum length permissible on a network?

What protocol is responsible for fragmenting datagrams that exceed the maximum length permissible on a network? a. TCP b. UDP c. ICMP d. IP Answer: d....

Which organization is responsible for maintaining the Request for Comments (RFC) documents that define Internet protocol standards?

Which organization is responsible for maintaining the Request for Comments (RFC) documents that define Internet protocol standards? a. DOD b. IANA c....

Joe received a digitally signed message from Grace What cryptographic key should he use to verify that digital signature?

Joe received a digitally signed message from Grace What cryptographic key should he use to verify that digital signature? a. Grace's public key b....

Grace would like to send a message to Joe using digital signature technology. What cryptographic key should she use to create the digital signature?

Grace would like to send a message to Joe using digital signature technology. What cryptographic key should she use to create the digital signature? a....

Grace would like to send a message to Joe using digital signature technology. What portion of the message should she sign in order to obtain digital signature?

Grace would like to send a message to Joe using digital signature technology. What portion of the message should she sign in order to obtain digital...

Which of the following hash functions contains demonstrated collision vulnerabilities and is not considered secure?

Which of the following hash functions contains demonstrated collision vulnerabilities and is not considered secure? a. SHA-256 b. SHA-512 c. MD2 d....

Which of the following hash functions is optimized for use on systems with 8-bit processors?

Which of the following hash functions is optimized for use on systems with 8-bit processors? a. SHA-256 b. SHA-512 c. MD2 d. MD4 Answer: c....

Which of the following situations would be the best environment for use of a symmetric cryptosystem?

Which of the following situations would be the best environment for use of a symmetric cryptosystem? a. Corporate e-mail system b. Site-to-site VPN c....

What cryptographic algorithm was designed to replace the outdated Data Encryption Standard?

What cryptographic algorithm was designed to replace the outdated Data Encryption Standard? a. RSA b. IDEA c. PGP d. AES Answer: d. AE...

Assume you have developed a new cryptosystem that uses 8-bit keys. How many possible keys exist in your cryptosystem?

Assume you have developed a new cryptosystem that uses 8-bit keys. How many possible keys exist in your cryptosystem? a. 128 b. 256 c. 512 d. 1,024 Answer: b....

What is the effective cryptographic key length provided by the Triple DES (3DES) algorithm when used with two independent keys?

What is the effective cryptographic key length provided by the Triple DES (3DES) algorithm when used with two independent keys? a. 112 bits b. 128...

What is the effective cryptographic key length used by the Data Encryption Standard algorithm?

What is the effective cryptographic key length used by the Data Encryption Standard algorithm? a. 56 bits b. 112 bits c. 128 bits d. 168 bits Answer: a....

James recently received a secret message from Martha containing an order for custom services. He would like to be able to prove that Martha sent the message and that is could not be forged. What cryptographic goal is James attempting to achieve?

James recently received a secret message from Martha containing an order for custom services. He would like to be able to prove that Martha sent the...

_____________ cryptographic algorithms operate faster than _______________ cryptographic algorithms when using the same length key.

_____________ cryptographic algorithms operate faster than _______________ cryptographic algorithms when using the same length key. Answer: Symm...

Which of the following cryptographic concepts has been widely discredited among the information security community?

Which of the following cryptographic concepts has been widely discredited among the information security community? a. Confidentiality b. Nonrepudiation c....

Richard received a message from Matthew that was encrypted using a symmetric cryptosystem. What key should Richard use to decrypt the message?

Richard received a message from Matthew that was encrypted using a symmetric cryptosystem. What key should Richard use to decrypt the message? a. Matthew's...

Matthew would like to send a private message to Richard using a symmetric cryptosystem. What key should Matthew use to encrypt the message?

Matthew would like to send a private message to Richard using a symmetric cryptosystem. What key should Matthew use to encrypt the message? a. Matthew's...

Richard received a message from Matthew that was encrypted using an asymmetric cryptosystem. What key should Richard use to decrypt the message?

Richard received a message from Matthew that was encrypted using an asymmetric cryptosystem. What key should Richard use to decrypt the message? a....

Matthew would like to send a private message to Richard using an asymmetric cryptosystem. What key should Matthew use to encrypt the message?

Matthew would like to send a private message to Richard using an asymmetric cryptosystem. What key should Matthew use to encrypt the message? a. Matthew's...

Which of the following key lengths is not available in an AES cryptosystem?

Which of the following key lengths is not available in an AES cryptosystem? a. 128 bits b. 192 bits c. 256 bits d. 512 bits Answer: d. 512 ...

Which cryptographic goal may not be achieved by symmetric cryptosystems?

Which cryptographic goal may not be achieved by symmetric cryptosystems? a. Integrity b. Confidentiality c. Nonrepudiation d. Authentication Answer: c....

Which goal of cryptography is concerned with ensuring that the contents of a message are not revealed to third parties?

Which goal of cryptography is concerned with ensuring that the contents of a message are not revealed to third parties? a. Integrity b. Confidentiality c....

What classification label is often applied to highly sensitive corporate secrets that the company does not want publicly disclosed?

What classification label is often applied to highly sensitive corporate secrets that the company does not want publicly disclosed? a. Company confidential b....

What type of disaster recovery facility contains only the environmental support systems and telecommunications circuits necessary to establish an operational facility but none of the computing resources?

What type of disaster recovery facility contains only the environmental support systems and telecommunications circuits necessary to establish an operational...

What individuals in an organization should have the authority to declare a disaster and activate the DRP?

What individuals in an organization should have the authority to declare a disaster and activate the DRP? a. All individuals b. Security personnel...

Under a data classification system, a user's access to data is determined by his or her _______________ and _____________.

Under a data classification system, a user's access to data is determined by his or her _______________ and _____________. Answer: Security clea...

Which one of the following formulas best describes the relationship among the concepts of risk, threat, and vulnerability?

Which one of the following formulas best describes the relationship among the concepts of risk, threat, and vulnerability? a. Threat = Vulnerability...

The risks that fall in which quadrant represent the most serious risks facing an organization?

The risks that fall in which quadrant represent the most serious risks facing an organization? a. Lower left b. Lower right c. Upper left d. Upper...

Under the Children's Online Privacy Protection Act, what is the minimum age that an organization may collect information from without requiring special privacy safeguards?

Under the Children's Online Privacy Protection Act, what is the minimum age that an organization may collect information from without requiring special...

Which one of the following security-related laws provides specific guidance that impacts firms in the financial industry?

Which one of the following security-related laws provides specific guidance that impacts firms in the financial industry? a. Gramm-Leach- Bliley Act b....

Jan needs to build the business case for the implementation of a new firewall. She's confident that she can show that the new firewall will require less attention from the security staff and will result in significant manpower savings. She does not expect that there will be any change in the security posture of the organization based on this implementation, What type of approach is best suited to building the business case for this firewall?

Jan needs to build the business case for the implementation of a new firewall. She's confident that she can show that the new firewall will require...

What government information security classification involves data that may not directly impact national security if disclosed?

What government information security classification involves data that may not directly impact national security if disclosed? a. Sensitive but Unclassified b....

What type of alternate processing facility generally contains all of the hardware, software, and data necessary to assume primary data processing responsibility for the organization in the event of a disaster?

What type of alternate processing facility generally contains all of the hardware, software, and data necessary to assume primary data processing responsibility...

Which of the following is one of the primary goals of an organization's disaster recovery plan?

Which of the following is one of the primary goals of an organization's disaster recovery plan? a. Minimize the impact of a disaster on the organization. b....

The _____________ plans takes effect when the ______________ plan fails and a disaster impacts the ongoing functioning of the business.

The _____________ plans takes effect when the ______________ plan fails and a disaster impacts the ongoing functioning of the business. Answer: ...

Which one of the following disaster recovery plan tests may be conducted without requiring team members to gather in a centralized location?

Which one of the following disaster recovery plan tests may be conducted without requiring team members to gather in a centralized location? a. Soft...

What government security classification applies to materials that, if compromised, would cause serious damage to national security?

What government security classification applies to materials that, if compromised, would cause serious damage to national security? a. Sensitive but...

The process of preparing an organization to continue operations uninterrupted in the face of disaster.

The process of preparing an organization to continue operations uninterrupted in the face of disaster. Answer: business continuity pla...

What type of fire extinguisher should be used on fires involving flammable liquid sources?

What type of fire extinguisher should be used on fires involving flammable liquid sources? a. Class A b. Class B c. Class C d. Class D Answer: b....

What term is used to describe the condition where users change roles within an organization by retain the access rights of their previous positions?

What term is used to describe the condition where users change roles within an organization by retain the access rights of their previous positions? a....

Finalization of critical financial transactions should require the authorization of ________________ to deter fraud.

Finalization of critical financial transactions should require the authorization of ________________ to deter fraud. Answer: two separate us...

What chemical was commonly used for data processing facility fire suppression but is no longer as common due to environmental concerns?

What chemical was commonly used for data processing facility fire suppression but is no longer as common due to environmental concerns? a. Halon b....

What type of fire extinguisher is specifically designed for use on fires with an electrical origin?

What type of fire extinguisher is specifically designed for use on fires with an electrical origin? a. Class A b. Class B c. Class C d. Class D Answer: c....

Which one of the following is NOT a key component of a thorough personnel security program?

Which one of the following is NOT a key component of a thorough personnel security program? a. Background investigations b. Fire protection c. Exit...

What general security principle, when applied to information security, would suggest the use of biometric access controls to safeguard extremely sensitive areas within a larger physical facility?

What general security principle, when applied to information security, would suggest the use of biometric access controls to safeguard extremely sensitive...

Which one of the following physical security threats can be reduced through the use of shielding technologies?

Which one of the following physical security threats can be reduced through the use of shielding technologies? a. Fire b. Electronic emanations c....

What type of security planning tool is often used to ensure the security of routine tasks like system configuration?

What type of security planning tool is often used to ensure the security of routine tasks like system configuration? a. Access control list b. Matrix c....

Which of the following types of individuals are normally included on the information security policy development committee? (Choose all that apply.)

Which of the following types of individuals are normally included on the information security policy development committee? (Choose all that apply.) a....

The two types of information security policy training that should be part of an education program are ______________ and ______________.

The two types of information security policy training that should be part of an education program are ______________ and ______________. Answer: Initial...

What types of organizations should consider implementing a wireless device security policy?

What types of organizations should consider implementing a wireless device security policy? Answer: Every organizati...

An organization's data retention policy should, at minimum, cover which of the following topics?

An organization's data retention policy should, at minimum, cover which of the following topics? (Choose all that apply.) a. Minimum length of time...

What type of information security policy document should define the procedures users should follow if they suspect misuse of corporate computing resources by an employee or other affiliate?

What type of information security policy document should define the procedures users should follow if they suspect misuse of corporate computing resources...

A properly developed security policy should provide users with an understanding of both the ____________ and the ___________ of the regulations contained within it.

A properly developed security policy should provide users with an understanding of both the ____________ and the ___________ of the regulations contained...

Which part of a well-designed cryptographic system is responsible for maintaining the secrecy of communications?

Which part of a well-designed cryptographic system is responsible for maintaining the secrecy of communications? a. Identity of sender b. Algorithm c....

The two main causes of violations of the principle of least privilege are ______________ and _____________.

The two main causes of violations of the principle of least privilege are ______________ and _____________. Answer: Administrator inattention, Privilege...

Which one of the following security principles explains a practice that security administrators should NOT follow when designing an information security program for their organization?

Which one of the following security principles explains a practice that security administrators should NOT follow when designing an information security...

The practice of layering multiple security mechanisms to achieve a comprehensive defense posture known as _________________.

The practice of layering multiple security mechanisms to achieve a comprehensive defense posture known as _________________. Answer: defense...

Which general security principle dictated that no single user should have enough authority to commit a serious computer crime?

Which general security principle dictated that no single user should have enough authority to commit a serious computer crime? a. Defense in depth b....

Which statement best describes the principle of least privilege?

Which statement best describes the principle of least privilege? a. Only allow the minimum number of defined users to access a system. b. An object...

Access and activity monitoring supports what security principle?

Access and activity monitoring supports what security principle? a. Availability b. Least privilege c. Accountability d. Liability Answer: c....

What are two types of non discretionary access control?

What are two types of non discretionary access control? a. Role-based access control b. Identity-based access control c. Rule-based access control d....

What type of model is identity-based access control?

What type of model is identity-based access control? a. Mandatory access control b. Discretionary access control c. Nondiscretionary access control d....

What two terms mean access control defined by the security clearance of the subject and the security label of the object?

What two terms mean access control defined by the security clearance of the subject and the security label of the object? a. Discretionary access control b....

Which of the following are logical controls? (Choose all that apply.)

Which of the following are logical controls? (Choose all that apply.) a. Hiring practices b. Encryption c. Walls d. User identification and authentication Answer: b....

What is a control?

What is a control? a. Any potential barrier that protects your information from unauthorized access b. Any data source that contains sensitive data c....

Which type of attack uses a list of common passwords?

Which type of attack uses a list of common passwords? a. Brute force attack b. Spoofing attack c. Dictionary attack d. Smurf attack c. Dictionary...

Who is ultimately responsible for the protection of data?

Who is ultimately responsible for the protection of data? a. Data user b. Data custodian c. Data owner d. Data security administrator Answer: c....

What is an SSO system?

What is an SSO system? a. Single sign-on b. Single secure opening c. Secure signal operation d. Single secure operation Answer: a. Single s...

What is the rate at which a biometric device rejects valid subjects?

What is the rate at which a biometric device rejects valid subjects? a. FAR b. FRR c. CER d. CDC Answer: b. FR...

What types of authentication do you use when you withdraw cash from an automated teller machine (ATM)?

What types of authentication do you use when you withdraw cash from an automated teller machine (ATM)? a. Type 1 and Type 2 b. Type 1 and Type 3 c....

What is the best definition for the term authentication?

What is the best definition for the term authentication? a. A subject presents credentials to claim an identity. b. The access control system looks...

Which access control models primarily support data integrity?

Which access control models primarily support data integrity? (Choose all that apply.) a. Bell-LaPadula b. Biba c. Clark-Wilson d. State machine b....

What is the access control subject?

What is the access control subject? a. The passive entity that is the target of an access request b. The active entity that initiates an access request c....

Which of the following threats is commonly considered to be the most dangerous?

Which of the following threats is commonly considered to be the most dangerous? a. Hackers b. Malicious code c. Insiders d. Natural disasters Answer: c....

Which of the following terms describes the expected loss each time a given risk occurs?

Which of the following terms describes the expected loss each time a given risk occurs? a. ALE b. AV c. SLE d. EF e. ARO Answer: c. SL...

Which of the following terms describes the number of times per year that managers expect a risk to occur?

Which of the following terms describes the number of times per year that managers expect a risk to occur? a. ALE b. AV c. SLE d. EF e. ARO Answer: e....

Which of the following terms describes the percentage of an asset that managers expect to be destroyed as the result of a given risk?

Which of the following terms describes the percentage of an asset that managers expect to be destroyed as the result of a given risk? a. ALE b. AV c....

Alex is the network administrator for an organization. He decides to implement a new firewall on the company's broadband Internet connection to prevent hackers from entering the network. What risk management technique is Alex practicing?

Alex is the network administrator for an organization. He decides to implement a new firewall on the company's broadband Internet connection to prevent...

Richard is responsible for evaluating whether his company should develop and host a Web site on the corporate network. He decides that the risk posed to the site by hackers overwhelms the benefit that would be gained from having the site and decides not to develop the site. What risk management technique is Richard practicing?

Richard is responsible for evaluating whether his company should develop and host a Web site on the corporate network. He decides that the risk posed...

Beth evaluated the potential risk of a hacker entering a specific system and decided that it did not justify the cost of purchasing an expensive intrusion detection system. What type of risk management is Beth practicing?

Beth evaluated the potential risk of a hacker entering a specific system and decided that it did not justify the cost of purchasing an expensive intrusion...

Jim decides to purchase a business insurance policy to protect himself against liability from hacker attack. What risk management technique is Jim practicing?

Jim decides to purchase a business insurance policy to protect himself against liability from hacker attack. What risk management technique is Jim practicing? a....

The failure of a security administrator to apply the most recent security patches to a system is an example of ________________.

The failure of a security administrator to apply the most recent security patches to a system is an example of ________________. a. threat b. risk c....

Which one of the following asset valuation techniques does not place dollar values on assets?

Which one of the following asset valuation techniques does not place dollar values on assets? a. Depreciated valuation b. Replacement cost valuation c....

Which of the following types of attacks is not normally considered a malicious code object?

Which of the following types of attacks is not normally considered a malicious code object? a. Virus b. DoS c. Worm d. Trojan horse Answer: b....

DDoS attacks are a manifestation of which component of the DAD triad model of malicious activity?

DDoS attacks are a manifestation of which component of the DAD triad model of malicious activity? a. Disclosure b. Denial c. Alteration Answer: b....

Which one of the following DAD triad components is related to the CIA triad goal of integrity?

Which one of the following DAD triad components is related to the CIA triad goal of integrity? a. Disclosure b. Denial c. Alteration Answer: c....

A janitor cleaning the floor of an organization's data center accidentally tripped over a power cord and cut the power to a critical file server. Users who depend on that data to complete their job functions are unable to access it and must take time off from work until IT personnel arrive and restore power to the computer. What security principle is most involved in this incident?

A janitor cleaning the floor of an organization's data center accidentally tripped over a power cord and cut the power to a critical file server. Users...

Matthew's manager Renee recently informed him that she was concerned about the possibility of a hacker tapping into their corporate database and altering customer records. What security goal is Renee concerned about achieving?

Matthew's manager Renee recently informed him that she was concerned about the possibility of a hacker tapping into their corporate database and altering...

Your organization is preparing to deploy a web-based application, which will accept user input. Which of the following will test the reliability of this application to maintain availability and data integrity?

Your organization is preparing to deploy a web-based application, which will accept user input. Which of the following will test the reliability of...

A security tester is sending random data to a program. What does this describe?

A security tester is sending random data to a program. What does this describe? A. Fuzzing B. Buffer overflow C. Integer overflow D. Command injection Answer: A....

Your organization hosts a web site within a DMZ and the web site accesses a database server in the internal network. ACLs on firewalls prevent any connections to the database server except from the web server. Database fields holding customer data are encrypted and all data in transit between the web site server and the database server are encrypted. Which of the following represents the GREATEST risk to the data on the server?

Your organization hosts a web site within a DMZ and the web site accesses a database server in the internal network. ACLs on firewalls prevent any connections...

Which of the following is an attack against servers hosting a directory service?

Which of the following is an attack against servers hosting a directory service? A. XSS B. LDAP C. XSRF D. Fuzzing Answer: B. LDA...

Homer recently received an email thanking him for a purchase that he did not make. He asked an administrator about it and the administrator noticed a pop-up window, which included the following code:

Homer recently received an email thanking him for a purchase that he did not make. He asked an administrator about it and the administrator noticed...

While creating a web application, a developer adds code to limit data provided by users. The code prevents users from entering special characters. Which of the following attacks will this code MOST likely prevent?

While creating a web application, a developer adds code to limit data provided by users. The code prevents users from entering special characters. Which...

Attackers have attacked an online web server using a SQL injection attack. Which of the following BEST describes this?

Attackers have attacked an online web server using a SQL injection attack. Which of the following BEST describes this? A. The attacker is attempting...

An application on one of your database servers has crashed several times recently. Examining detailed debugging logs, you discover that just prior to crashing, the database application is receiving a long series of x90 characters. What is MOST likely occurring?

An application on one of your database servers has crashed several times recently. Examining detailed debugging logs, you discover that just prior to...

While reviewing logs for a web application, a developer notices that it has crashed several times reporting a memory error. Shortly after it crashes, the logs show malicious code that isn't part of a known application. What is MOST likely occurring?

While reviewing logs for a web application, a developer notices that it has crashed several times reporting a memory error. Shortly after it crashes,...

Web developers are implementing error and exception handling in a web site application. Which of the following represents a best practice for this?

Web developers are implementing error and exception handling in a web site application. Which of the following represents a best practice for this? A....

An attacker is bypassing client-side input validation by intercepting and modifying data within the HTTP POST command. Which of the following does the attacker use in this attack?

An attacker is bypassing client-side input validation by intercepting and modifying data within the HTTP POST command. Which of the following does the...

Which of the following developer techniques results in significant security vulnerabilities for online web site applications?

Which of the following developer techniques results in significant security vulnerabilities for online web site applications? A. Buffer overflow B....

An attacker recently attacked a web server hosted by your company. After investigation, security professionals determined that the attacker used a previously unknown application exploit. Which of the following BEST identifies this attack?

An attacker recently attacked a web server hosted by your company. After investigation, security professionals determined that the attacker used a previously...

Security analysts recently discovered that users in your organization are inadvertently installing malware on their systems after visiting the comptai.org web site. Users have a legitimate requirement to visit the comptia.org web site. What is the MOST likely explanation for this activity?

Security analysts recently discovered that users in your organization are inadvertently installing malware on their systems after visiting the comptai.org...

A user complains that his system is no longer able to access the blogs.getcertifiedgetahead.com site. Instead, his browser goes to a different site. After investigation, you notice the following entries in the user's hosts file:

A user complains that his system is no longer able to access the blogs.getcertifiedgetahead.com site. Instead, his browser goes to a different site....

An application stores user passwords in a hashed format. Which of the following can decrease the likelihood that attackers can discover these passwords?

An application stores user passwords in a hashed format. Which of the following can decrease the likelihood that attackers can discover these passwords? A....

Which of the following is the BEST method to protect against someone trying to guess the correct PIN to withdraw money from an ATM?

Which of the following is the BEST method to protect against someone trying to guess the correct PIN to withdraw money from an ATM? A. Account lockout B....

Some protocols include timestamps and sequence numbers. These components help protect against what type of attacks?

Some protocols include timestamps and sequence numbers. These components help protect against what type of attacks? A. Smurf B. Replay C. Flood guards D....

A network administrator needs to ensure the company's network is protected against smurf attacks. What should the network administrator do?

A network administrator needs to ensure the company's network is protected against smurf attacks. What should the network administrator do? A. Install...

An IDS alerts on increased traffic. Upon investigation, you realize it is due to a spike in network traffic from several sources. Assuming this is malicious, what is the MOST likely explanation?

An IDS alerts on increased traffic. Upon investigation, you realize it is due to a spike in network traffic from several sources. Assuming this is malicious,...