Question 1

Providing your mother's maiden name as verification is an example of which of the following?

Accepted Answer

A)  Multilayer authentication 
B)  One-time passcode 
C)  Multifactor authentication 
D)  Cognitive password 
A)  Multilayer authentication 
B)  One-time passcode 
C)  Multifactor authentication 
D)  Cognitive password D

Question 2

The Internet is an example of which of the following network types?

Accepted Answer

A)  Guest network 
B)  Untrusted network 
C)  Enclave network 
D)  DMZ 
A)  Guest network 
B)  Untrusted network 
C)  Enclave network 
D)  DMZ B

Question 3

Which of the following statements best describes object capability?

Accepted Answer

A)  Mandatory access controls embedded in object and subject properties 
B)  Used to determine access based on a combination of specific criteria 
C)  Used programmatically and based on a combination of an unforgettable reference and an operational message 
D)  The process of assigning authenticated subjects permission to carry out a specific task 
A)  Mandatory access controls embedded in object and subject properties 
B)  Used to determine access based on a combination of specific criteria 
C)  Used programmatically and based on a combination of an unforgettable reference and an operational message 
D)  The process of assigning authenticated subjects permission to carry out a specific task C

Question 4

Which of the following is an example of authentication by characteristic?

Accepted Answer

A)  Smartcard 
B)  Fingerprint scan 
C)  One-time passcode 
D)  Cognitive password 
A)  Smartcard 
B)  Fingerprint scan 
C)  One-time passcode 
D)  Cognitive password

Question 5

Which of the following best describes a firewall?

Accepted Answer

A)  Passive device that analyzes network traffic to detect unauthorized access 
B)  Active device that sits inline with traffic and can respond to intrusions by disabling the connection, dropping the packet, or deleting the malicious content 
C)  A software or hardware device that can filter incoming or outgoing traffic based on specific rules 
D)  A device that monitors the characteristics of a single host and the events occurring on that host 
A)  Passive device that analyzes network traffic to detect unauthorized access 
B)  Active device that sits inline with traffic and can respond to intrusions by disabling the connection, dropping the packet, or deleting the malicious content 
C)  A software or hardware device that can filter incoming or outgoing traffic based on specific rules 
D)  A device that monitors the characteristics of a single host and the events occurring on that host

Question 6

Which of the following refers to security features that govern how users and processes communicate and interact with systems and resources?

Accepted Answer

A)  Security posture 
B)  Access controls 
C)  Secure authentication 
D)  Identity management 
A)  Security posture 
B)  Access controls 
C)  Secure authentication 
D)  Identity management

Question 7

Which of the following statements best describes segregation of duties?

Accepted Answer

A)  Two individuals complete the same task simultaneously. 
B)  No one individual can control a process from start to finish. 
C)  Two individuals must both complete their half of a specific task. 
D)  Two individuals complete different tasks at the same time. 
A)  Two individuals complete the same task simultaneously. 
B)  No one individual can control a process from start to finish. 
C)  Two individuals must both complete their half of a specific task. 
D)  Two individuals complete different tasks at the same time.

Question 8

Which of the following provides access to one or more applications through a single centralized interface?

Accepted Answer

A)  Remote access portal 
B)  Virtual private network 
C)  DMZ 
D)  Network access control system 
A)  Remote access portal 
B)  Virtual private network 
C)  DMZ 
D)  Network access control system

Question 9

Which of the following is the most dangerous and unwanted IDS/IPS decision state?

Accepted Answer

A)  False positive 
B)  False negative 
C)  True positive 
D)  True negative 
A)  False positive 
B)  False negative 
C)  True positive 
D)  True negative

Question 10

Which of the following network types is a segment of the internal network that requires a high degree of protection?

Accepted Answer

A)  Enclave network 
B)  Trusted network 
C)  DMZ 
D)  Guest network 
A)  Enclave network 
B)  Trusted network 
C)  DMZ 
D)  Guest network

Question 11

Which of the following is an access control that is based on a specific job role or function?

Accepted Answer

A)  Mandatory access control 
B)  Discretionary access control 
C)  Role-based access control 
D)  Rule-based access control 
A)  Mandatory access control 
B)  Discretionary access control 
C)  Role-based access control 
D)  Rule-based access control

Question 12

Which common attribute of all access controls is used to identify unique records in a set, such as a username?

Accepted Answer

A)  Identification scheme 
B)  Authentication method 
C)  Authorization model 
D)  None of the above 
A)  Identification scheme 
B)  Authentication method 
C)  Authorization model 
D)  None of the above

Question 13

Which of the following best describes an intrusion prevention system?

Accepted Answer

A)  Passive device that analyzes network traffic to detect unauthorized access 
B)  Active device that sits inline with traffic flow and can respond to intrusions by disabling the connection, dropping the packet, or deleting the malicious content 
C)  A software or hardware device that can filter incoming or outgoing traffic based on specific rules 
D)  A device that monitors the characteristics of a single host and the events occurring on that host 
A)  Passive device that analyzes network traffic to detect unauthorized access 
B)  Active device that sits inline with traffic flow and can respond to intrusions by disabling the connection, dropping the packet, or deleting the malicious content 
C)  A software or hardware device that can filter incoming or outgoing traffic based on specific rules 
D)  A device that monitors the characteristics of a single host and the events occurring on that host

Question 14

Which of the following is not an example of authentication by knowledge?

Accepted Answer

A)  Cognitive password 
B)  PIN 
C)  One-time passcode 
D)  Password 
A)  Cognitive password 
B)  PIN 
C)  One-time passcode 
D)  Password

Question 15

Using a smartcard and a one-time passcode is an example of which of the following authentication methods?

Accepted Answer

A)  Single-factor authentication 
B)  Multifactor authentication 
C)  Multilayer authentication 
D)  Cognitive password authentication 
A)  Single-factor authentication 
B)  Multifactor authentication 
C)  Multilayer authentication 
D)  Cognitive password authentication

Question 16

Which of the following statements best describes an administrative account control called dual control?

Accepted Answer

A)  Two individuals complete the same task simultaneously. 
B)  No one individual can control a process from start to finish. 
C)  Two individuals must both complete their half of a specific task. 
D)  Two individuals complete different tasks at the same time. 
A)  Two individuals complete the same task simultaneously. 
B)  No one individual can control a process from start to finish. 
C)  Two individuals must both complete their half of a specific task. 
D)  Two individuals complete different tasks at the same time.

Question 17

Which of the following provides a secure tunnel for transmitting data through an insecure network such as the Internet?

Accepted Answer

A)  Remote access portal 
B)  DMZ 
C)  Network access control system 
D)  Virtual private network 
A)  Remote access portal 
B)  DMZ 
C)  Network access control system 
D)  Virtual private network

Question 18

Using a palm scan for authentication is an example of which of the following?

Accepted Answer

A)  Authentication by knowledge 
B)  Authentication by ownership 
C)  Authentication by characteristic 
D)  Authentication by possession 
A)  Authentication by knowledge 
B)  Authentication by ownership 
C)  Authentication by characteristic 
D)  Authentication by possession

Providing your mother's maiden name as verification is an example of which of the following?

The Internet is an example of which of the following network types?

Which of the following statements best describes object capability?

Which of the following is an example of authentication by characteristic?

Which of the following best describes a firewall?

Which of the following refers to security features that govern how users and processes communicate and interact with systems and resources?

Which of the following statements best describes segregation of duties?

Which of the following provides access to one or more applications through a single centralized interface?

Which of the following is the most dangerous and unwanted IDS/IPS decision state?

Which of the following network types is a segment of the internal network that requires a high degree of protection?

Which of the following is an access control that is based on a specific job role or function?

Which common attribute of all access controls is used to identify unique records in a set, such as a username?

Which of the following best describes an intrusion prevention system?

Which of the following is not an example of authentication by knowledge?

Using a smartcard and a one-time passcode is an example of which of the following authentication methods?

Which of the following statements best describes an administrative account control called dual control?

Which of the following provides a secure tunnel for transmitting data through an insecure network such as the Internet?

Using a palm scan for authentication is an example of which of the following?

Understanding Cybersecurity Policy and Governance

Cybersecurity Policy Organization, Format, and Styles

Cybersecurity Framework

Governance and Risk Management

Asset Management and Data Loss Prevention

Human Resources Security

Physical and Environmental Security

Communications and Operations Security

Information Systems Acquisition, Development, and Maintenance

Cybersecurity Incident Response

Business Continuity Management

Regulatory Compliance for Financial Institutions

Regulatory Compliance for the Health-Care Sector

PCI Compliance for Merchants

Nist Cybersecurity Framework

Filters

Exam 9: Access Control Management

Providing your mother's maiden name as verification is an example of which of the following?

The Internet is an example of which of the following network types?

Which of the following statements best describes object capability?

Which of the following is an example of authentication by characteristic?

Which of the following best describes a firewall?

Which of the following refers to security features that govern how users and processes communicate and interact with systems and resources?

Which of the following statements best describes segregation of duties?

Which of the following provides access to one or more applications through a single centralized interface?

Which of the following is the most dangerous and unwanted IDS/IPS decision state?

Which of the following network types is a segment of the internal network that requires a high degree of protection?

Which of the following is an access control that is based on a specific job role or function?

Which common attribute of all access controls is used to identify unique records in a set, such as a username?

Which of the following best describes an intrusion prevention system?

Which of the following is not an example of authentication by knowledge?

Using a smartcard and a one-time passcode is an example of which of the following authentication methods?

Which of the following statements best describes an administrative account control called dual control?

Which of the following provides a secure tunnel for transmitting data through an insecure network such as the Internet?

Using a palm scan for authentication is an example of which of the following?

Understanding Cybersecurity Policy and Governance

Cybersecurity Policy Organization, Format, and Styles

Cybersecurity Framework

Governance and Risk Management

Asset Management and Data Loss Prevention

Human Resources Security

Physical and Environmental Security

Communications and Operations Security

Information Systems Acquisition, Development, and Maintenance

Cybersecurity Incident Response

Business Continuity Management

Regulatory Compliance for Financial Institutions

Regulatory Compliance for the Health-Care Sector

PCI Compliance for Merchants

Nist Cybersecurity Framework

Filters