multi test d

Card Set Information

Author:
johnnystevens
ID:
10950
Filename:
multi test d
Updated:
2010-03-17 12:58:25
Tags:
testing
Folders:

Description:
multiple choice upload test
Show Answers:

Home > Flashcards > Print Preview

The flashcards below were created by user johnnystevens on FreezingBlue Flashcards. What would you like to do?


  1. 301 Which of the following reduces the effectiveness of telephone social engineering?

    A. Automatic callback
    B. Awareness training
    C. Use of VoIP
    D. Monitoring outbound calls
    B. Awareness training
    (this multiple choice question has been scrambled)
  2. 302 Which of the following will execute malicious code at a pre-specified time?

    A. Logic Bomb
    B. DoS
    C. Worm
    D. Rootkit
    A. Logic Bomb
    (this multiple choice question has been scrambled)
  3. 303 All of the following are weaknesses of WEP EXCEPT:

    A. lack of strong keys
    B. replay attacks
    C. lack of integrity checking
    D. initialization vector
    C. lack of integrity checking
    (this multiple choice question has been scrambled)
  4. 304 Which of the following is LEAST likely to help reduce single points of failure?

    A. Mandatory vacations
    B. Cross training
    C. Clustered servers
    D. Disaster recovery exercises
    A. Mandatory vacations
    (this multiple choice question has been scrambled)
  5. 305 Which of the following reduces the attack surface of an operating system?

    A. Installing HIDS
    B. Patch management
    C. Installing antivirus
    D. Disabling unused services
    D. Disabling unused services
    (this multiple choice question has been scrambled)
  6. 306 Which of the following is LEAST effective when hardening an operating system?

    A. Limiting administrative privileges
    B. Install a software firewall
    C. Configuration baselines
    D. Installing HIDS
    D. Installing HIDS
    (this multiple choice question has been scrambled)
  7. 307 Which of the following provides the MOST control when deploying patches?

    A. Patch management
    B. Hotfix
    C. Remote desktop
    D. Service packs
    A. Patch management
    (this multiple choice question has been scrambled)
  8. 308 If a technician wants to know when a computer application is accessing the network, which of the following logs should be reviewed?

    A. Host firewall log
    B. Performance log
    C. Antivirus log
    D. RADIUS log
    A. Host firewall log
    (this multiple choice question has been scrambled)
  9. 309 All of the following are components of IPSec EXCEPT:

    A. Internet key exchange
    B. encapsulating security payload
    C. authentication header (AH)
    D. temporal key interchange protocol
    D. temporal key interchange protocol
    (this multiple choice question has been scrambled)
  10. 310 IPSec connection parameters are stored in which of the following?

    A. Security association database
    B. Security parameter index
    C. Security payload index
    D. Certificate authority
    A. Security association database
    (this multiple choice question has been scrambled)
  11. 311 Which of the following will provide a 128-bit hash?

    A. SHA-1
    B. AES128
    C. MD5
    D. ROT13
    C. MD5
    (this multiple choice question has been scrambled)
  12. 312 Which of the following describes a hash algorithms ability to avoid the same output from two guessed inputs?

    A. Collision resistance
    B. Collision avoidance
    C. Collision strength
    D. Collision metric
    A. Collision resistance
    (this multiple choice question has been scrambled)
  13. 313 Which of the following should be included in a forensic toolkit?

    A. Compressed air
    B. Fingerprint cards
    C. Tape recorder
    D. Digital camera
    D. Digital camera
    (this multiple choice question has been scrambled)
  14. 314 Which of the following BEST describes the form used while transferring evidence?

    A. Evidence log
    B. Chain of custody
    C. Booking slip
    D. Affidavit
    B. Chain of custody
    (this multiple choice question has been scrambled)
  15. 315 Which of the following is the primary incident response function of a first responder?

    A. To gather evidence and write reports
    B. To secure the scene and preserve evidence
    C. To evaluate the scene and determine the cause
    D. To evaluate the scene and repair the problem
    B. To secure the scene and preserve evidence
    (this multiple choice question has been scrambled)
  16. 316 Which of the following is the GREATEST problem with low humidity in a server room?

    A. Brown out
    B. Power surge
    C. Electromagnetic interference
    D. Static electricity
    D. Static electricity
    (this multiple choice question has been scrambled)
  17. 317 Which of the following protocols is used to ensure secure transmissions on port 443?

    A. SFTP
    B. SHTTP
    C. HTTPS
    D. Telnet
    C. HTTPS
    (this multiple choice question has been scrambled)
  18. 318 When should a technician perform disaster recovery testing?

    A. After the network is stable and online
    B. In accordance with the disaster recovery plan
    C. Once a month, during peak business hours
    D. Immediately following lessons learned sessions
    B. In accordance with the disaster recovery plan
    (this multiple choice question has been scrambled)
  19. 319 Which of the following is the BEST backup method to restore the entire operating system and all related software?

    A. Incremental
    B. Differential
    C. Weekly
    D. Disk Image
    D. Disk Image
    (this multiple choice question has been scrambled)
  20. 320 How many keys are utilized in symmetric cryptography?

    A. Three
    B. One
    C. Four
    D. Two
    B. One
    (this multiple choice question has been scrambled)
  21. 321 Which of the following terms is BEST associated with public key infrastructure (PKI)?

    A. Symmetric algorithm
    B. Symmetric key
    C. Digital signatures
    D. MD5 hashing
    C. Digital signatures
    (this multiple choice question has been scrambled)
  22. 322 Which of the following is the LAST step to granting access to specific domain resources?

    A. Validate the user
    B. Authenticate the user
    C. Verify the user
    D. Authorize the user
    D. Authorize the user
    (this multiple choice question has been scrambled)
  23. 323 After an attacker has successfully gained remote access to a server with minimal privileges, which of the following is their next step?

    A. Begin key recovery
    B. Capture private keys
    C. Elevate system privileges
    D. Monitor network traffic
    C. Elevate system privileges
    (this multiple choice question has been scrambled)
  24. 324 Which of the following should the technician recommend as a way to logically separate various internal networks from each other?

    A. NAT
    B. VLAN
    C. NIDS
    D. HIDS
    B. VLAN
    (this multiple choice question has been scrambled)
  25. 325 An organization has requested the ability to monitor all network traffic as it traverses their network. Which of the following should a technician implement?

    A. Protocol analyzer
    B. HIDS
    C. Content filter
    D. Honeypot
    A. Protocol analyzer
    (this multiple choice question has been scrambled)
  26. 326 A large amount of viruses have been found on numerous domain workstations. Which of the following should the technician implement?

    A. Spyware detection
    B. Host based intrusion detection
    C. Centralized antivirus
    D. Decentralized antivirus
    C. Centralized antivirus
    (this multiple choice question has been scrambled)
  27. 327 Which of the following is the MOST difficult security concern to detect when contractors enter a secured facility?

    A. Rogue access points being installed
    B. Copying sensitive information with cellular phones
    C. Removing mass storage iSCSI drives
    D. Removing network attached storage
    B. Copying sensitive information with cellular phones
    (this multiple choice question has been scrambled)
  28. 328 When are port scanners generally used on systems?

    A. At the beginning of a vulnerability assessment
    B. At the end of a penetration test assessment
    C. At the middle of a vulnerability assessment
    D. When there is a need to document vulnerabilities
    A. At the beginning of a vulnerability assessment
    (this multiple choice question has been scrambled)
  29. 329 The staff must be cross-trained in different functional areas so that fraud can be detected. Which of the following is this an example of?

    A. Implicit deny
    B. Least privilege
    C. Separation of duties
    D. Job rotation
    D. Job rotation
    (this multiple choice question has been scrambled)
  30. 330 Human Resources has requested that staff members be moved to different parts of the country into new positions. Which of the following is this an example of?

    A. Implicit deny
    B. Separation of duties
    C. Least privilege
    D. Job rotation
    D. Job rotation
    (this multiple choice question has been scrambled)
  31. 331 An administrator is worried about an attacker using a compromised user account to gain administrator access to a system. Which of the following is this an example of?

    A. Protocol analysis
    B. Privilege escalation
    C. Cross-site scripting
    D. Man-in-the-middle attack
    B. Privilege escalation
    (this multiple choice question has been scrambled)
  32. 332 Which of the following is used to deny authorized users access to services?

    A. Spyware
    B. Trojans
    C. Adware
    D. Botnets
    D. Botnets
    (this multiple choice question has been scrambled)
  33. 333 An administrator recommends implementing whitelisting, blacklisting, closing-open relays, and strong authentication techniques to a server administrator. Which of the following threats are being addressed?

    A. Spyware
    B. Viruses
    C. Adware
    D. Spam
    D. Spam
    (this multiple choice question has been scrambled)
  34. 334 An administrator is asked to improve the physical security of a data center located inside the office building. The data center already maintains a physical access log and has a video surveillance system. Which of the following additional controls could be implemented?


    A. Mantrap
    B. Logical token
    C. Defense-in-depth
    D. ACL
    A. Mantrap
    (this multiple choice question has been scrambled)
  35. 335 In regards to physical security, which of the following BEST describes an access control system which implements a non-trusted but secure zone immediately outside of the secure zone?

    A. Mantrap
    B. Smart card
    C. Defense-in-depth
    D. DMZ
    A. Mantrap
    (this multiple choice question has been scrambled)
  36. 336 A technician notices delays in mail delivery on the mail server. Which of the following tools could be used to determine the cause of the service degradation?

    A. Port scanner
    B. Performance monitor
    C. TFTP
    D. ipconfig /all
    B. Performance monitor
    (this multiple choice question has been scrambled)
  37. 337 Penetration testing should only be used once which of the following items is in place?

    A. Service level agreement
    B. Data retention and disclosure policy
    C. Written permission
    D. Acceptable use policy
    C. Written permission
    (this multiple choice question has been scrambled)
  38. 338 An administrator recommends that management establish a trusted third party central repository to maintain all employees? private keys. Which of the following BEST describes the administrator?s recommendation?

    A. Recovery agent
    B. Key escrow
    C. Certificate authority
    D. Registration
    B. Key escrow
    (this multiple choice question has been scrambled)
  39. 339 To combat transaction fraud, a bank has implemented a requirement that all bank customers enter a different, unique code to confirm every transaction. Which of the following is the MOST effective method to accomplish this?

    A. One-time password
    B. ATM PIN code
    C. Digital certificate
    D. Elliptic curve
    A. One-time password
    (this multiple choice question has been scrambled)
  40. 340 All of the following should be identified within the penetration testing scope of work EXCEPT:

    A. a complete list of all network vulnerabilities
    B. a list of acceptable testing techniques and tools to be utilized
    C. IP addresses of machines from which penetration testing will be executed
    D. handling of information collected by the penetration testing team
    A. a complete list of all network vulnerabilities
    (this multiple choice question has been scrambled)
  41. 341 Which of the following is the MOST efficient way that an administrator can restrict network access to certain ports enterprise wide?

    A. Personal software firewall
    B. NIDS
    C. HIDS
    D. ACL
    D. ACL
    (this multiple choice question has been scrambled)
  42. 342 An administrator is responsible for a server which has been attacked repeatedly in the past. The only recourse has been to reload the server from scratch. Which of the following techniques could be used to decrease the recovery time following an incident?

    A. Load balance between two identical servers
    B. Implement the server as a virtual server instance
    C. Implement the server as a honeypot
    D. Install the server on a separate VLAN segment
    B. Implement the server as a virtual server instance
    (this multiple choice question has been scrambled)
  43. 343 Validating the users claimed identity is called which of the following?

    A. Authentication
    B. Validation
    C. Verification
    D. Identification
    A. Authentication
    (this multiple choice question has been scrambled)
  44. 344 Which of the following is planted on an infected system and deployed at a predetermined time?

    A. Worm
    B. Trojan horse
    C. Rootkit
    D. Logic bomb
    D. Logic bomb
    (this multiple choice question has been scrambled)
  45. 345 Which of the following allows a user to float a domain registration for a maximum of five days?

    A. Kiting
    B. Domain hijacking
    C. DNS poisoning
    D. Spoofing
    A. Kiting
    (this multiple choice question has been scrambled)
  46. 346 According to company policy an administrator must logically keep the Human Resources department separated from the Accounting department. Which of the following would be the simplest way to accomplish this?

    A. NIDS
    B. NAT
    C. DMZ
    D. VLAN
    D. VLAN
    (this multiple choice question has been scrambled)
  47. 347 Which of the following is an attack which is launched from multiple zombie machines in attempt to bring down a service?

    A. TCP/IP hijacking
    B. Man-in-the-middle
    C. DDoS
    D. DoS
    C. DDoS
    (this multiple choice question has been scrambled)
  48. 348 Which of the following will MOST likely allow an attacker to make a switch function like a hub?

    A. MAC flooding
    B. DNS spoofing
    C. DNS poisoning
    D. ARP poisoning
    A. MAC flooding
    (this multiple choice question has been scrambled)
  49. 349 Which of the following is commonly programmed into an application for ease of administration?

    A. Back door
    B. Worm
    C. Trojan
    D. Zombie
    A. Back door
    (this multiple choice question has been scrambled)
  50. 350 Which of the following is a technique used by hackers to identify unsecured wireless network locations to other hackers?

    A. War chalking
    B. Bluesnarfing
    C. War dialing
    D. War driving
    A. War chalking
    (this multiple choice question has been scrambled)
  51. 351 Which of the following authentication models uses a KDC?

    A. PKI
    B. PGP
    C. Kerberos
    D. CHAP
    C. Kerberos
    (this multiple choice question has been scrambled)
  52. 352 Which of the following disaster recovery components is a location that is completely empty, but allows the infrastructure to be built if the live site goes down?

    A. Mirrored site
    B. Hot site
    C. Warm site
    D. Cold site
    D. Cold site
    (this multiple choice question has been scrambled)
  53. 353 Which of the following should be done if an organization intends to prosecute an attacker once an attack has been completed?

    A. Restore missing files on the affected system
    B. Apply proper forensic techniques
    C. Update antivirus definitions
    D. Disconnect the entire network from the Internet
    B. Apply proper forensic techniques
    (this multiple choice question has been scrambled)
  54. 354 Which of the following documents specifies the uptime guarantee of a web server?

    A. Service level agreement
    B. Due diligence
    C. Scope of work
    D. Due process
    A. Service level agreement
    (this multiple choice question has been scrambled)
  55. 355 Which of the following authentication models uses a time stamp to prevent the risks associated with a replay attack?

    A. Kerberos
    B. Two-factor authentication
    C. LDAP
    D. RADIUS
    A. Kerberos
    (this multiple choice question has been scrambled)
  56. 356 Which of the following protocols can be implemented as an alternative to the overhead of a VPN?

    A. SSH
    B. SSL
    C. PPTP
    D. L2TP
    B. SSL
    (this multiple choice question has been scrambled)
  57. 357 Which of the following will set an account to lockout for 30 minutes after the maximum number attempts have failed?

    A. Account lockout threshold
    B. Password complexity requirements
    C. Account lockout duration
    D. Key distribution center
    C. Account lockout duration
    (this multiple choice question has been scrambled)
  58. 358 Which of the following logs would reveal activities related to an ACL?

    A. Transaction
    B. Performance
    C. Firewall
    D. Mobile device
    C. Firewall
    (this multiple choice question has been scrambled)
  59. 359 Which of the following encryption algorithms has the largest overhead?

    A. AES
    B. 3DES
    C. AES256
    D. RSA
    B. 3DES
    (this multiple choice question has been scrambled)
  60. 360 Which of the following hashing algorithms is the MOST secure?

    A. MD5
    B. SHA-1
    C. CHAP
    D. LANMAN
    A. MD5
    (this multiple choice question has been scrambled)
  61. 361 Which of the following would allow a technician to compile a visual view of an infrastructure?

    A. Protocol analyzer
    B. Security log
    C. Port scanner
    D. Network mapper
    D. Network mapper
    (this multiple choice question has been scrambled)
  62. 362 Which of the following creates separate logical networks?

    A. DMZ
    B. NAT
    C. NAC
    D. Subnetting
    D. Subnetting
    (this multiple choice question has been scrambled)
  63. 363 Which of the following is an area of the network infrastructure that allows a technician to place public facing systems into it without compromising the entire infrastructure?

    A. DMZ
    B. VPN
    C. NAT
    D. VLAN
    A. DMZ
    (this multiple choice question has been scrambled)
  64. 364 Which of the following attacks commonly result in a buffer overflow?

    A. ARP Poisoning
    B. DoS
    C. Replay
    D. DNS Poisoning
    B. DoS
    (this multiple choice question has been scrambled)
  65. 365 Which of the following type of attacks is TCP/IP hijacking?

    A. Birthday
    B. Man-in-the-middle
    C. ARP poisoning
    D. MAC flooding
    B. Man-in-the-middle
    (this multiple choice question has been scrambled)
  66. 366 Which of the following ports does SNMP run on?

    A. 110
    B. 161
    C. 25
    D. 443
    B. 161
    (this multiple choice question has been scrambled)
  67. 367 Which of the following is a collection of servers that is setup to attract hackers?

    A. Honeypot
    B. Honeynet
    C. VLAN
    D. DMZ
    B. Honeynet
    (this multiple choice question has been scrambled)
  68. 368 Which of the following could be used to determine which flags are set in a TCP/IP handshake?

    A. Protocol analyzer
    B. FIN/RST
    C. SYN/ACK
    D. Network mapper
    A. Protocol analyzer
    (this multiple choice question has been scrambled)
  69. 369 Which of the following would be the BEST choice to ensure only ports 25, 80 and 443 were open from outside of the network?

    A. Firewall
    B. DMZ
    C. Proxy
    D. VLAN
    A. Firewall
    (this multiple choice question has been scrambled)
  70. 370 Which of the following media is LEAST susceptible to a tap being placed on the line?

    A. Coaxial
    B. Fiber
    C. UTP
    D. STP
    B. Fiber
    (this multiple choice question has been scrambled)
  71. 371 Which of the following is responsible for establishing trust models?

    A. The key escrow agent
    B. The certificate authority
    C. The firewall
    D. The information security officer
    B. The certificate authority
    (this multiple choice question has been scrambled)
  72. 372 Which of the following allows attackers to gain control over the web camera of a system?

    A. XML
    B. SQL injection
    C. Cross-site scripting
    D. ActiveX component
    D. ActiveX component
    (this multiple choice question has been scrambled)
  73. 373 Which of the following type of attacks sends out numerous MAC resolution requests to create a buffer overflow attack?

    A. ARP poisoning
    B. DNS poisoning
    C. Smurf
    D. DDoS
    A. ARP poisoning
    (this multiple choice question has been scrambled)
  74. 374 Which of the following would a former employee MOST likely plant on a server that is not traceable?

    A. Worm
    B. Logic bomb
    C. Trojan
    D. Virus
    B. Logic bomb
    (this multiple choice question has been scrambled)
  75. 375 Which of the following would be MOST effective in stopping phishing attempts?

    A. User training
    B. HIDS
    C. NIDS
    D. Antivirus
    A. User training
    (this multiple choice question has been scrambled)
  76. 376 Which of the following consists of markings outside a building that indicate the connection speed of a nearby unsecured wireless network?

    A. War chalking
    B. War driving
    C. Blue jacking
    D. Bluesnarfing
    A. War chalking
    (this multiple choice question has been scrambled)
  77. 377 Which of the following would be of MOST interest to someone that is dumpster diving?

    A. List of expired usernames
    B. User education manual
    C. Receipts from the supply store
    D. Business card of computer contractor
    D. Business card of computer contractor
    (this multiple choice question has been scrambled)
  78. 378 Which of the following could involve moving physical locations every two years to help mitigate security risks?

    A. Least privilege
    B. Job rotation
    C. Separation of duties
    D. Implicit deny
    B. Job rotation
    (this multiple choice question has been scrambled)
  79. 379 Which of the following could be used to capture website GET requests?

    A. Network mapper
    B. Protocol analyzer
    C. Port scanner
    D. Vulnerability scanner
    B. Protocol analyzer
    (this multiple choice question has been scrambled)
  80. 380 Which of the following does the process of least privilege fall under?

    A. Non-repudiation
    B. Integrity
    C. Confidentiality
    D. Availability
    C. Confidentiality
    (this multiple choice question has been scrambled)
  81. 381 Which of the following hashing algorithms is the LEAST secure?

    A. LANMAN
    B. NTLM
    C. SHA-1
    D. MD5
    A. LANMAN
    (this multiple choice question has been scrambled)
  82. 382 Which of the following is the MOST secure transmission algorithm?

    A. AES
    B. AES256
    C. TKIP
    D. 3DES
    C. TKIP
    (this multiple choice question has been scrambled)
  83. 383 Which of the following protocols is used for encryption between email servers?

    A. L2TP
    B. TLS
    C. PPTP
    D. S/MIME
    B. TLS
    (this multiple choice question has been scrambled)
  84. 384 Which of the following scenarios would a penetration test BEST be used for?

    A. When conducting performance monitoring
    B. When performing network mapping
    C. When providing a proof of concept demonstration for a vulnerability
    D. While in the reconnaissance phase
    C. When providing a proof of concept demonstration for a vulnerability
    (this multiple choice question has been scrambled)
  85. 385 Which of the following would be the easiest to use in detection of a DDoS attack?

    A. Protocol analyzer
    B. Application log
    C. Performance monitor
    D. System log
    C. Performance monitor
    (this multiple choice question has been scrambled)
  86. 386 Which of the following implements the strongest hashing algorithm?

    A. VLAN
    B. NTLM
    C. LANMAN
    D. NTLMv2
    D. NTLMv2
    (this multiple choice question has been scrambled)
  87. 387 Which of the following is BEST used to determine whether network utilization is abnormal?

    A. Performance baseline
    B. Systems monitor
    C. Security log
    D. Application log
    A. Performance baseline
    (this multiple choice question has been scrambled)
  88. 388 Which of the following is the BEST solution to implement to reduce unsolicited email?

    A. Personal software firewall
    B. Anti-spam
    C. Antivirus
    D. Pop-up blocker
    B. Anti-spam
    (this multiple choice question has been scrambled)
  89. 389 Identification is a critical component of the authentication process because it is:

    A. when the user is verified
    B. used to prevent authorized access
    C. when the user is authorized
    D. used to confirm the privileges of a user
    A. when the user is verified
    (this multiple choice question has been scrambled)
  90. 390 Identity proofing occurs during which phase of identification and authentication?

    A. Authentication
    B. Verification
    C. Identification
    D. Testing
    C. Identification
    (this multiple choice question has been scrambled)
  91. 391 Which of the following BEST describes the practice of dumpster diving?

    A. Sorting through the garbage of an organization to obtain information used for a subsequent attack
    B. Sorting through the trash of an organization to obtain information found on their intranet
    C. Sorting through the trash of an organization to recover an old user ID badge previously used for an attack
    D. Sorting through the garbage of an organization to obtain information used for configuration management
    A. Sorting through the garbage of an organization to obtain information used for a subsequent attack
    (this multiple choice question has been scrambled)
  92. 392 Implementation of proper environmental controls should be considered by administrators when recommending facility security controls because of which of the following?

    A. Proper environmental controls provide integrity to IT systems
    B. Proper environmental controls help ensure availability of IT systems
    C. Proper environmental controls provide redundancy to the facility
    D. Proper environmental controls make authentication simpler
    B. Proper environmental controls help ensure availability of IT systems
    (this multiple choice question has been scrambled)
  93. 393 An administrator is asked to recommend the most secure transmission media. Which of the following should be recommended?

    A. Coaxial cable
    B. Unshielded twisted pair cable
    C. Ethernet CAT5 cable
    D. Fiber optic cable
    D. Fiber optic cable
    (this multiple choice question has been scrambled)
  94. 394 An administrator is selecting a device to secure an internal network segment from traffic external to the segment. Which of the following devices could be selected to provide security to the network segment?

    A. DMZ
    B. HIDS
    C. NIPS
    D. Internet content filter
    C. NIPS
    (this multiple choice question has been scrambled)
  95. 395 Which of the following devices should be deployed to protect a network against attacks launched from a business to business intranet? (Select TWO).

    A. NIPS
    B. Content filter
    C. HIPS
    D. Firewall
    E. NIDS
    • A. NIPS
    • D. Firewall
  96. 396 To prevent the use of previously issued PKI credentials which have expired or otherwise become invalid, administrators should always design programs to check which of the following?

    A. PKI
    B. CRL
    C. Escrow
    D. CA
    B. CRL
    (this multiple choice question has been scrambled)
  97. 397 To prevent the use of stolen PKI certificates on web servers, which of the following should an administrator ensure is available to their web servers?

    A. Key escrow
    B. CRL
    C. Registration
    D. CA
    B. CRL
    (this multiple choice question has been scrambled)
  98. 398 Which of the following describes an implementation of PKI where a copy of a user?s private key is stored to provide third party access and to facilitate recovery operations?

    A. Asymmetric
    B. Recovery agent
    C. Registration
    D. Key escrow
    D. Key escrow
    (this multiple choice question has been scrambled)
  99. 399 A security administrator has been asked to deploy a biometric authentication system in a corporation. Which of the following devices is the MOST reliable and has the lowest cross over error rate?


    A. Iris scanner
    B. Handprint scanner
    C. Fingerprint scanner
    D. Retina scanner
    D. Retina scanner
    (this multiple choice question has been scrambled)
  100. 400 To increase the security of the network authentication process, an administrator decides to implement three-factor authentication. Which of the following authentication combinations is a three-factor system?

    A. A retina scanner, PKI enabled smart card and a six-digit PIN
    B. An Iris scanner, a user generated pass phrase and a palm reader
    C. A PKI enabled smart card, strong password and 12-digit PIN
    D. A fingerprint scanner, PKI enabled smart card and badge proximity reader
    A. A retina scanner, PKI enabled smart card and a six-digit PIN
    (this multiple choice question has been scrambled)

What would you like to do?

Home > Flashcards > Print Preview