book quizzes

Card Set Information

Author:
slmckissack
ID:
296438
Filename:
book quizzes
Updated:
2015-04-01 16:59:41
Tags:
book quizzes
Folders:

Description:
book Quizzes
Show Answers:

Home > Flashcards > Print Preview

The flashcards below were created by user slmckissack on FreezingBlue Flashcards. What would you like to do?


  1. after a few incidents where customer data was transmitted to a third party, your organization is required to create and adhere to a policy that describes the distribution, protection, and confidentiality of customer data. which of the following policies do you create?
    A. Privacy
    B. Acceptable Use
    C. Service level agreement
    D. Due Care
    A. Privacy

    A Privacy Policy concerns the protection and distribution of private customer data. Any company, especially one engaged in online activities or e-commerce, has a responsibility to adopt and implement a policy for protecting the privacy of individually identifiable information.
    (this multiple choice question has been scrambled)
  2. You are performing a risk analysis for a complex web-based application. Based on your conclusion regarding the probability, impact, and mitigation cost of an attack based on domain name service (DNS) manipulation or poisoning against your web domain, you decide to place the responsibility of the risk on your Internet service provider (ISP), who handles your DNS services. Which risk management option is this an example of?
    A. Acceptance
    B. Deterrance
    C. Avoidance
    D. Transference
    D. Transference

    This risk of DNS attacks occurring against your web domain is something that can only be assumed by your ISP, who takes care of your DNS service. In this part of your risk analysis, you are transferring the responsibility of the risk to your ISP to protect your web services from DNS-based attack.
    (this multiple choice question has been scrambled)
  3. As the centralized management location from which you provide internet-based application services to several external clients, which of the following policies do you provide to your clients as an agreement for service uptime?
    A. Due Care
    B. SLA
    C. Code of ethics
    D. Privacy
    B. SLA Service Level Agreement

    A service level agreement (SLA) is an understanding among a supplier of service and the clients of those services that the service in question will be available for a specific percentage of time. In this case, you may guarantee your clients a 99.5 percent uptime of communications services.
    (this multiple choice question has been scrambled)
  4. There is a suspicion that a specific employee is performing illegal activities on your company's networks. In an effort to gather evidence about his activities, which of the following principles and techniques could you employ?
    A. Password Rotation
    B. Mandatory Vacation
    C. Need-to-know
    D. Separation of duties
    B. Mandatory Vacation

    When a user is forced to take a vacation, his activities can be audited, and suspicious behavior will be more likely to be noticed and detected because the user is not there to prevent its discovery. You may also discover that the illegal activities completely cease while the user is away and then resume when he returns.
    (this multiple choice question has been scrambled)
  5. As part of a risk analysis of a very large and extensive back-end database, you need to calculate the probability and impact of data corruption to the data. Which of the following impact factors allows you to calculate your annualized losses due to data corruption?
    A. ARO
    B. SLE
    C. SLA
    D. ALE
    D. A/LE

    ALE (Annual Loss Expectancy) describes how much money you expect to lose on an annual basis because of the impact from an occurrence of a specific risk. ALE is calculated by multiplying the annual rate of occurrence (ARO) by the single loss expectancy (SLE)
    (this multiple choice question has been scrambled)
  6. You need to create an overall policy for your organization that describes how your users can properly make use of company communications services, such as web browsing, email, and File Transfer Protocol (FTP) services. Which of the following policies do you implement?
    A. Due Care
    B. Service Level Agreement
    C. Acceptable Use Policy
    D. Privacy Policy
    C. Acceptable Use Policy

    An acceptable use policy establishes rules for the appropriate use of computer networks within your organization. The policy describes the terms, conditions, and rules of using the Internet and its various services within the company's networks.
    (this multiple choice question has been scrambled)
  7. After the initial configuration of an anti spam email filtering appliance on your network, users are complaining that too many legitimate messages are being flagged as spam in their mailboxes. Which o the following concepts is this an example of?
    A. False Positive
    B. Baseline threshold
    C. False Negative
    D. Legitimate Positive
    A. False Positive

    A false positive is a legitimate action that is perceived as a risk or threat. A false positive is a term often used in e-mail security scanning to indicate legitimate mail that was classified a spam.
    (this multiple choice question has been scrambled)
  8. Your organization deals with sensitive health insurance information for patients that is covered by the HIPAA compliance policies. Which of the following DLP security techniques would you implement to help protect the confidentiality and privacy of your patient's health insurance data when communicating the information between health care facilities?
    A. Encryption of outbound data containing health insurance information.
    B. A firewall to protect against inbound network attacks
    C. Antivirus scanning of patient data
    D. Strong physical access control of your facility
    • A. Encryption of outbound data containing health insurance information
    •  
    • To comply with the HIPAA regulations, you must protect the confidentiality of your patient's health insurance information. When communicating this data, you must encrypt it to ensure that it cannot be read if intercepted or stolen.
  9. It has been discovered that a former member of the IT department who switched to the development team still has administrative access to many major network infrastructure devices and services. Which of the following mitigation techniques should be implemented to help reduce the risk of this event recurring?
    A. Incident Management and response policy
    B. DLP
    C. Regular user permission and rights reviews.
    D. Change management notifications
    C. Regular user permission and rights reviews.

    User rights and permissions must be constantly reviewed to make sure that users have only the rights they require for their current responsibilities. When users change roles and responsibilities in the organization, you must review their permissions and modify their access accordingly.
    (this multiple choice question has been scrambled)
  10. Two friends have decided to go into business together to create a new gadget. They do not have existing businesses and wish to share the decisions and profits equally between the two. which type of agreement is most appropriate to begin the business?
    A. ISA
    B. SLA
    C. MOA
    D. BPA
    D. BPA

    A BPA is most appropriate, as the potential owners do not have existing businesses to interconnect and need to establish the ground rules and responsibilities for ownership, including how they will resolve differences and split any profits.
    (this multiple choice question has been scrambled)
  11. SLA
    Service Level Agreement

    is an understanding among a supplier of services and the users of those services that the service in question will be available for a certain percentage of time.
  12. BPA
    Business Partners Agreement

    describes how a new business will be conducted among partners.
  13. are agreements that protect individually identifiable information in an online or electronic commerce environment.
    Privacy Policy
  14. ISA
    Interconnection security agreement

    details a technical framework in which two information systems--even those owned by a single organization--will directly connect and share data securely.
  15. MOA
    Memorandums of agreement and understanding

    are common within the government sector, and relate terms of cooperation between two organization wishing to seek a common goal, such as a joint continuity of operations site.
  16. Taking responsibility for all activities that take place in corporate facilities.
    Due Care
  17. Implementing and maintaining these security procedures at all times to protect company's facilities, assets, and employees.
    Due diligence
  18. ensures that in the event of a security issue by an employee, the employee receives an impartial and fair inquiry into the incident to ensure the employee's rights
    due process
  19. ALE
    Annual Loss Expectancy

    Is a calculation multiplying the ARO and SLE together.
  20. ARO
    Annual Rate of Occurrence

    The chance of a risk occurring
  21. SLE
    Single loss expectancy

    the potential loss of revenue based on a specific period of downtime.
  22. You have enacted a new policy to combat the issue of confidential data and documents being stolen or leaked internally within the office after a user had confidential HR papers taken from his office. Which of the following policies helps prevent these security issues?
    A. Tailgating Policy
    B. Clean Desk policy
    C. Antiphishing policy
    D. Acceptable Use Policy
    B. Clean Desk Policy

    A clean desk policy means that users should not leave out any documents or devices with confidential data on them on their desk when they are away from their work area. These items should be locked within a drawer or file cabinet and only brought out when required.
    (this multiple choice question has been scrambled)
  23. You are the first responder to a security incident in which a database server has been compromised and has crashed. Which of the following should be performed to help preserve evidence of the incident?
    A. Restart the system to restore operations
    B. Save access logs and a current memory dump.
    C. Preform a backup of the database.
    D. Perform a restore of the database.
    B. Save access logs and a current memory dump.

    Any current logs and memory dumps should be saved to make sure you have evidence of all activity during the time of the incident. If you reboot the server to get it functioning again, you can lose valuable log data or data residing in memory.
    (this multiple choice question has been scrambled)
  24. You are collecting forensic evidence from a recent network intrusion, including firewall logs, access logs, and screen captures of the intruder's activity. Which of the following concepts describes the procedures for preserving the legal ownership history of evidence from the security incident?
    A. Damage control
    B. Escalation
    C. Audit trail
    D. Chain of custody
    D. Chain of Custody

    Keeping a chain of custody requires all evidence to be properly labeled with information on who secured and validated the evidence. This can ensure the evidence wasn't tampered with in any way since the time it was collected.
    (this multiple choice question has been scrambled)
  25. A network administrator has discovered the company's file transfer protocol (FTP) server has been hacked. Which of the following items would be the most important to collect and preserve as evidence?
    A. Access Activity Log
    B. List of files on the FTP server
    C. Server memory dump
    D. List of user accounts
    A. Access Activity Log

    The activity log will show what times the attacker was performing having activities and what those activities were. The evidence might be able to be used in court to help prosecute the attacker if he is caught.
    (this multiple choice question has been scrambled)
  26. You have been contacted by your company's CEO after he received a personalized but suspicious email message from the company's bank asking for detailed personal and financial information. After receiving the message, you determine that it did not originate from the legitimate bank. Which of the following security issues does the scenario describe?
    A. Vishing
    B. Phishing
    C. Whaling
    D. Dumpster Diving
    C. Whaling

    Whaling is a type of phishing attack that is targeted at a specific higher-level user. The victim is usually a high-profile member of the organization who has much more critical information to lose than the average user. These messages are usually crafted and personalized toward the specific victim user.
    (this multiple choice question has been scrambled)
  27. During your user awareness training, which of the following actions would be the best security practice for your users to help prevent malware installation from phishing messages?
    A. Replying to a message to check its legitmacy
    B. Not clicking links in suspicious messages
    C. Checking email headers
    D. forwarding suspicious message to other users.
    B. Not Clicking links in suspicious messages

    To help prevent malware from being installed, it is a best practice to make your users aware that they should never click links in a suspicious message. The link can take the user to a malicious website that could automatically install malware on their computer through their web browser.
    (this multiple choice question has been scrambled)
  28. After recent security issues with certain types of developments being leaked out of the organization, what security policy can you implement to help improve user awareness to what types of documents can be transmitted outside of the organization?
    A. Tailgating policy
    B. antiphishing policy
    C. Document security classification
    D. Clean desk policy
    C. Document Security Classification

    By classifying all your documents, you will inform users as to which types of documents are marked "confidential" and must never be transmitted outside of the organization through email, fax, or other communications. Other document types that do not contain confidential information can be marked as "public" and freely distributed.
    (this multiple choice question has been scrambled)
  29. A web server recently crashed because of a denial-of-service attack against it. Based on the order of volatility, which of the following pieces of evidence would you preserve would you preserve first?
    A. Printout of web access logs
    B. Web server configuration files
    C. Screen capture of crash error message
    D. Website data
    C. Screen capture of crash error message

    When collecting forensic data evidence, be aware that certain types of data are more volatile over time. In this case, the error message on the web server should be captured as a screen shot before restarting the server. The message will disappear, and unless it appears in the logs, you may have no other record of it.
    (this multiple choice question has been scrambled)
  30. After collecting several log files as evidence for a hacking incident against your web server, what should you do to help preserve the legal integrity of the logs to prove they have not been tampered with?
    A. Encrypt the logs
    B. Save the logs to backup tape.
    C. Print a hard copy of the log files
    D. Perform a hash on each file
    D. perform a hash on each file

    You must be able to prove that the log files have not been tampered with since they were captured. You can create an MD5 hash of the file immediately after the incident to create a "fingerprint" for a message that you can compare to the original file at a later time.
    (this multiple choice question has been scrambled)
  31. A helpdesk technician receives a report of a user's system printing streams of garbled text to the local area network (LAN) printer. The user is sure that she did not initiate a printer job. What should the technician do?
    A. Call the printer manufacturer
    B. Consult the organization's incident response policy.
    C. Escalate the issue to management
    D. Put a helpdesk ticket in for a system restore.
    B. Consult the organization's incident response policy

    The first step should be to consult the incident response procedure for the organization. It is possible that the user has contracted a virus, or there may be more innocent reason. Performing the incident response procedures ensures that the appropriate measures are taken and no malicious activity is written off as innocuous.
    (this multiple choice question has been scrambled)
  32. Your chief information officer (CIO) has asked you to evaluate options for an alternative site in the event of a crisis. Availability of data is the main priority, and funding is not an issue. Rank the solutions in the following list:
    A. Cold site
    B. Hot site
    C. No alternative
    D. Warm site
    A. a,b,c,d
    B.b,a,c,d,
    C.d,a,c,b
    D. a,d,b,c
    B. b,a,c,d

    A hot site contains enough networking and server equipment to continue your business operations in case a disaster strikes your primary facility. Warm sites and cold sites contain little to no existing equipment or infrastructure. Having no alternative could risk days or weeks of downtime in a crisis where infrastructure and data are lost.
    (this multiple choice question has been scrambled)
  33. A business is hosting a high-demand content in an earthquake-prone zone. the cheif information security officer has asked his leadership to prioritize what should be focused on in the event of a disaster. what should be the highest priority?
    A. Availability of high-demand data
    B. Safety of personnel.
    C.Integrity of organization database
    D. Confidentiality of sensitive information
    B. safety of personnel
    (this multiple choice question has been scrambled)
  34. You have implemented a backup plan for your critical file servers, including proper media rotation, backup frequency, and offsite storage. Which of the following must be performed on a regular basis to ensure the validity and integrity of your backup system?
    A. Updating the backup application software.
    B. Purchasing of new media
    C. Periodic testing of restores
    D. Multiple monthly backup media
    C. Periodic testing of restores

    Regularly testing your backups by performing a test restore is the only way to ensure that your backup data is valid and the data intact. If the information cannot be restored, your backup plan is not providing any benefit for a disaster recovery scenario.
    (this multiple choice question has been scrambled)
  35. You are installing network cabling for the main backbone of a manufacturing facility network. The manufacturing machinery generates a significant amount of EMI. Which of the following network cabling types should you use?
    A. UTP
    B. Fiber optic
    C. STP
    D. Coaxial Cable
    B. Fiber Optic

    Because fiber-optic cabling uses light to transfer information over the cables, they aren't susceptible to electromagnetic interference.
    (this multiple choice question has been scrambled)
  36. Which of the following protocols would you use for message authentication and integrity in your encryption systems.
    A. Elliptical Curve
    B. One-time pad
    C. Steganography
    D. HMAC
    D. HMAC

    HMAC (hash-based message authentication code) is used to authenticate a message and provide data integrity. The message authentication code (MAC) is sent along with the message itself so that the receive can authenticate the sender of the message and verify integrity of the message contents.
    (this multiple choice question has been scrambled)
  37. view or list the contents of a file or directory and execute accessible files.
    Read and Execute
  38. View or list the contents of a file or directory
    Read
  39. Read wirte execute or delete a file or directory
    Modify
  40. Read, wirte, execute, modify, or delete a file or directory
    Full control
  41. You are creating an access control model that will allow you to base specific access policies depending on which network a user is one and not necessarily on the actual identity of the specific user. Which privilege management access control model would you use?
    A. mandatory access control
    B. Discretionary access control
    C. Role-based access control
    D. Rule-based access control
    D. Rule-based access contol

    Rule-based access control is defined with an access control list (ACL) which specifies a set of rules that must be followed before access is granted. Rule based access control does not neccessarily have to be tied to an authorized identiy and could involve access permissions based on network location, content of messages (such as email text or attachments), and other types of content filtering
    (this multiple choice question has been scrambled)
  42. A web services provider has suggested improving their security through the implementation of two-factor authentication. What would the most likely authentication method be?
    A. TOTP
    B. SAML
    C. ISDN
    D. TACACS
    A. TOTP Time-based One Time Passwords

    these allow users to log into a system with a user name and password combination and then a one-time token, usually generated from a separate device.
    (this multiple choice question has been scrambled)
  43. SAML implementations have three basic roles: the identity, the identity provider, and the _________.
    A. Service provider
    B. Authorization provider
    C. Internet provider
    D. Authentication provider
    A. Service provider

    The service provider take the token passed from the identity provider and either accepts and provides services to the user or denies the request and does not.
    (this multiple choice question has been scrambled)
  44. You are installing a database server that requires several hard drives in a RAID array. In the event one of the drives fails, you need to be able to swap out a failed hard drive with no downtime. Which of the following types of hard drives do you requires?
    A. Suspend swap
    B. Warm swap
    C. Cold swap
    D. Hot swap
    D. Hot Swap

    A hot swap device, such as a hard drive, can be inserted or removed without the need to shut down the server. This enables you to retain the availability of the services on that server.
    (this multiple choice question has been scrambled)
  45. Your company is in the middle of budgeting for disaster recovery. You have been asked to justify the cost for offsite backup media storage. What is the primary security purpose of storing backup media at an offsite storage facility?
    A. So that the facility can copy the data to a RAID system.
    B. So that if the primary site is down, the offsite storage can reload your systems from backup at their facility.
    C. For proper archive labeling and storage
    D. To prevent a disaster onsite from destroying the only copies of your backup media.
    D. To prevent a disaster onsite from destroying the only copies of your backup media.

    All backup plans should require backup media to be sent to an offsite storage facility. If a disaster destroys your physical location, the backup media will be safe.
    (this multiple choice question has been scrambled)
  46. As part of your organization's contingency plan in the event of a disaster, which of the following would be the primary component of the organization to make functional after an initial disaster incident?
    A. Retrieve all backup tapes from the offsite storage facility.
    B. Ensure basic communications such as phone and Internet connectivity are functional.
    C. Ensure that web servers are able to accept requests from customers.
    D. Check all file servers and make sure they are running.
    B. Ensure basic communications such as phone and Internet connectivity are functional.

    The most important part of the company to get operational is basic communications, such as phones, networking connectivity, and email. Until these communication lines are functional, the ability to coordinate the disaster recovery effort will be greatly reduced.
    (this multiple choice question has been scrambled)
  47. You must ensure that power is always available (24/7) for critical web and database server that accepts customer orders and processes transactions. Which of the following devices should be installed?
    A. Power generator
    B. Redundant power supply
    C. UPS
    D. Power conditioner
    A. Power generator

    A power generator is required to ensure that there is always power from your server. A UPS battery typically contains only enough power to run a system for about 10 to 20 minutes, while a power conditioner or redundant power supply will not help if there is no power to run them.
    (this multiple choice question has been scrambled)
  48. You are installing network cabling for the main backbone of a manufacturing facility network. The manufacturing machinery generates a significant amount of EMI. Which of the following network cabling types should you use?
    A. Fiber Optic
    B. Coaxial Cable
    C. STP
    D. UTP
    A. Fiber Optic

    Because Fiber Optic cabling uses light to transfer information over the cables, they aren't susceptible to electromagnetic interference.
    (this multiple choice question has been scrambled)
  49. You are performing a risk analysis of the environmental factor for your primary server equipment room. Which of the following environmental issues is most likely to affect an enclosed server room?
    A. High Temperatures
    B. Cool temperatures
    C. Average humidity levels
    D. Flooding
    A. High Temperatures

    Server rooms can quickly rise in temperature with so many systems running in an enclosed area. At high temperatures, CPUs and hard drives can shut down due to the excessive heat. Most server rooms contain air conditioning systems that keep the temperature regulated and cooler than normal. If this air conditioning system fails, the heat can dramatically rise within minutes.
    (this multiple choice question has been scrambled)
  50. During disaster recovery planning, you must ensure you have plans in place for succession planning. Which of the following concepts describes succession planning?
    A. Having an alternate hot site facility in place.
    B. Replacing key employees who are unavailable during a disaster.
    C. Organizing an emergency contact list
    D. Availability of onsite spare parts and servers.
    B. Replacing key employees who are unavailable during a disaster.

    Succession planning makes sure that you have replacements for key employees in the event they are unavailable during the disaster security clearance and be able to immediately take over the responsibilities of another employee's position.
    (this multiple choice question has been scrambled)
  51. You have encrypted an email message that is only meant to be seen by the recipient. A hacker has intercepted the message.  When he views the message, what does he see?
    A. The plain text of the email
    B. One-way hash of the message
    C. Ciphertext
    D. The recipient's certificate information
    C. Ciphertext

    Clear text is transformed into ciphertext after being put through some type of cipher or encryption algorithm system. The ciphertext is unreadable unless it is decrypted back into clear-text form.
    (this multiple choice question has been scrambled)
  52. You have been tasked with implementing information assurance principles within your organization's security and encryption functions. Which of the following isn't a function of information assurance within encryption systems?
    A. Integrity
    B. Confidentiality
    C. Nonrepudiation
    D. Efficiency
    D. Efficiency

    Efficiency is not a function of information assurance within encryption systems. The four basic functions pertaining to information assurance are confidentiality, integrity, authentication, and nonrepudiation.
    (this multiple choice question has been scrambled)
  53. You have sent your friend a secret, encrypted message. The key you used to encrypt the message is the same key with which your friend will decrypt the message. What type of encryption scheme is used?
    A. RSA
    B. Diffie-Hellman
    C. Symmetric
    D. Asymmetric
    C. Symmetic

    In a symmetric encryption scheme, both parties use the same key for encryption and decryption purposes. Both users must possess the same key to send encrypted messages to each other.
    (this multiple choice question has been scrambled)
  54. Which of the following encryption schemes would you use if your company wants to create an invisible watermark hidden within the images on their website to identify the images if they are used by another company?
    A. One-way hash
    B. One-time pad
    C. Steganography
    D. Elliptical curve
    C. Steganography

    Steganography hides data in another type of media that effectively conceals the existence of the data.
    (this multiple choice question has been scrambled)
  55. Your organization wants you to implement an encryption system that ensures the sender and receiver of the encrypted message use different keys for encryption and decryption. Which type of encryption scheme would you use?
    A. Elliptical Curve
    B. Asymmetric
    C. Nonsymmetric
    D. Symmetric
    B. Asymmetric

    An Asymmetric encryption scheme relies on the sender and receiver of a message to use different keys for encryption and decryption. The keys are mathematically related, but can't be derived from each other.
    (this multiple choice question has been scrambled)
  56. Which of the following protocols would you use for message authentication and integrity in your encryption systems?
    A. Elliptical curve
    B. HMAC
    C. Steganography
    D. One-time pad
    B. HMAC

    HMAC (hash-based message authentication code) is used to authenticate a message and provide data integrity. The Message Authentication Code (MAC) is sent along with the message itself so that the receiver can authenticate the sender of the message and verify the integrity of the message contents.
    (this multiple choice question has been scrambled)
  57. You have been asked to implement hashing protocols that have a low possibility of a hashing collision. Which of the following describes a hashing collision?
    A. An invalid digital signature
    B. That the hash values of two different messages result in the same value.
    C. The greater probability that two or more people in a group of 23 share the same birthday.
    D. When a 128-bit message digest is mixed with a 256-bit message digest.
    B. A collision occurs within a hashing algorithm when the hashed values of two different messages result in the same value. Collisions can be used to aid in cracking a hacking algorithm.
    (this multiple choice question has been scrambled)
  58. When you connect to a secure website, you are asked to accept the server certificate. What is the function of the digital certificate?
    A. Securely validates the identity of the server and its public key.
    B. Allows you to encrypt your web sessions.
    C. Provides your ID required by the government to request a public key
    D. Identifies you to a certificate authority
    A. Securely validates the identity of the server and its public key.

    A digital certificate is a credential required by PKI systems that can securely identify an organization's server, as well as create an association between the server's authenticated identity and its public keys.
    (this multiple choice question has been scrambled)
  59. You want to start a secure web session to your banking website to prevent your credentials and financial information from passing as clear text. Which of the following protocols do you use?
    A. HTTPS
    B. SSH
    C. HTTP
    D. SSL
    A. HTTPS

    HTTP communications send all data in clear-text form. For secure web communications, HTTPS is a secure means of communicating HTTP data between a web browser and a web server. HTTPS protects the communication channel by using SSL to provide encrypted and protected communications.
    (this multiple choice question has been scrambled)
  60. The following lists some of the steps for a connection to an online banking transaction. Put them in the correct order.
      a. A digital certificate establishes the website identity to the browser
      b. SSL is activated between the client and the server.
      c. The browser accepts the certificate from the web server.
      d. Banking transactions accepted.
    A. a, c, b, d

    When a client connects to the secure HTTPS site, the web server sends a certificate to the web browser to establish its identity. If the browser accepts the certificate and finds no validation issues with it, SSL is activated between the server and client. No other communication can occur between the server and client until the certificate is validated and accepted.
  61. An organization is using OCSP to validate certificates within their PKI infrastructure. What is NOT a legitimate response to a validation request?
    A. Revoked
    B. Validated
    C. Good
    D. Unknown
    B. Validated

    Within the OCSP framework, the legitimate responses from the OCSP responder are "good," and "unknown."
    (this multiple choice question has been scrambled)
  62. For your organization's encryption systems, which of the following should you implement to act as a centralized server to store and distribute your public and private keys?
    A. Key management server
    B. CRL
    C. Digital Certificate
    D. Certificate Authority
    A. Key Management Server

    A key management server is centralized storage system that takes care of the process of distributing, storing, and backing up keys for users of an enterprise network.
    (this multiple choice question has been scrambled)
  63. To improve the integrity and authentication of your encryption systems, you have contracted a certificate authority to generate which of the following items for you?
    A. Secret key for local encryption server.
    B. Public key and a private hash
    C. Private key and a certificate
    D. Digital certificate and public/private key pair.
    D. Digital certificate and public/private key pair.

    When a users identification is established, the CA generates public and private keys for the user. A certificate is then generated with the identification and public key information embedded within it. Once the user is registered and receives his certificate, he can begin using his certificate to send encrypted messages.
    (this multiple choice question has been scrambled)
  64. You need to store your company's private key is a safe, secure place. Which of the following would you use?
    A. Save it on a hard drive in plain text.
    B. Store it on a portable USB device in plain-text.
    C. Encrypt it on a flash memory device
    D. Seal it in an envelope and store it at your home office.
    C. Encrypt it on a flash memory device.

    Private keys should never be stored in plain text. If they're stolen, an unauthorized user will be able to use them to decrypt messages and files.
    (this multiple choice question has been scrambled)
  65. You have started using a third-party key escrow company to protect your encryption keys. Which of the following do you send to them?
    A. Encryption key to decrypt a private key file
    B. Encryption key to decrypt a public key file.
    C. Copy of a certificate.
    D. Copy of a public key
    A. Encryption key to decrypt a private key file.

    In a key escrow storage scheme, an encryption key used to encrypt and decrypt the private key file is stored offsite with a third party. If access is needed to the backup copy of the private key, the encryption key needs to be obtained from the third-party company after you've been properly authenticated.
    (this multiple choice question has been scrambled)

What would you like to do?

Home > Flashcards > Print Preview