IS3230 Final Exam Answers Shorten
b. Information
d. Policy, procedure, and tool
a. Regulating interaction between a subject and an object
d. Type of correlation and the number of authentication factors
b. 100 percent access control threats cannot be eliminated.
b. Security of each network component (NOT SURE)
c. Social engineering
d. Patch management software
a. unnecessary to place access controls on each asset
a. access control systems with a significant degree of overlap between several defensive areas
c. users with specific job roles and valid need to access the information
b. FOIA
b. Federal government
a. Risk avoidance and competitive advantage
d. Operational efficiency
b. Encryption of private health information on public networks
a. 3, 2, 1, 4
d. Policies, guidelines, standards, and procedures
c. DoS attacks
b. Deterrents to data theft
b. Disallows unauthorized disclosure of data by circumventing an organization’s technology
c. Allow customers to amend and update the account of their family members
b. Separation of responsibilities
b. AUP
d. Communication
26. Separation of duties, periodic vacation, and job rotation are the ways to reduce human risk factors within an organizational structure.
a. True
d. Active Directory
b. Delete
29. UNIX-based permissions can have an octal notation value of zero.
a. True
d. Hash
b. False
a. Sensitivity of the object only (NOT SURE)
d. Role authentication
34. Kerberos is an example of a single sign-on system providing enterprises with scalability and flexibility.
a. True
c. SSID
36. The two-factor authentication generally combines “something you have” and “something you know” or “something you have” and “something you are.”
a. True
b. RAS
d. Enables tracking of system usage
b. IKE
40. RADIUS provides flexibility for network administrators by implementing AAA components in stages as opposed to all at once.
b. False
a. virtual private networking
a. Signing server
c. It ensures that the end user can be trusted.
c. Authentication Service
b. Non-repudiation
d.
d. Policy, procedure, and tool
a. Regulating interaction between a subject and an object
d. Type of correlation and the number of authentication factors
b. 100 percent access control threats cannot be eliminated.
b. Security of each network component (NOT SURE)
c. Social engineering
d. Patch management software
a. unnecessary to place access controls on each asset
a. access control systems with a significant degree of overlap between several defensive areas
c. users with specific job roles and valid need to access the information
b. FOIA
b. Federal government
a. Risk avoidance and competitive advantage
d. Operational efficiency
b. Encryption of private health information on public networks
a. 3, 2, 1, 4
d. Policies, guidelines, standards, and procedures
c. DoS attacks
b. Deterrents to data theft
b. Disallows unauthorized disclosure of data by circumventing an organization’s technology
c. Allow customers to amend and update the account of their family members
b. Separation of responsibilities
b. AUP
d. Communication
26. Separation of duties, periodic vacation, and job rotation are the ways to reduce human risk factors within an organizational structure.
a. True
d. Active Directory
b. Delete
29. UNIX-based permissions can have an octal notation value of zero.
a. True
d. Hash
b. False
a. Sensitivity of the object only (NOT SURE)
d. Role authentication
34. Kerberos is an example of a single sign-on system providing enterprises with scalability and flexibility.
a. True
c. SSID
36. The two-factor authentication generally combines “something you have” and “something you know” or “something you have” and “something you are.”
a. True
b. RAS
d. Enables tracking of system usage
b. IKE
40. RADIUS provides flexibility for network administrators by implementing AAA components in stages as opposed to all at once.
b. False
a. virtual private networking
a. Signing server
c. It ensures that the end user can be trusted.
c. Authentication Service
b. Non-repudiation
d.