Exam 7: Infromation System Controls for Systems Reliability

The trust services framework identifies four essential criteria for successfully implementing each of the principles that contribute to systems reliability.Which of the following is not one of those four essential criteria?

The final layer of preventive controls.

This determines which packets are allowed entry and which are dropped..

Which of the following is the most effective method of protecting against social engineering attacks on a computer system?

Perimeter defense is an example of which of the following preventive controls that are necessary to provide adequate security.

These systems use the same key to encrypt and to decrypt.

This protocol specifies the procedures for dividing files and documents into packets to be sent over the Internet.

Explain social engineering.

Asymmetric key encryption combined with the information provided by a certificate authority allows unique identification of

Information technology managers are often in a bind when a new exploit is discovered in the wild.They can respond by updating the affected software or hardware with new code provided by the manufacturer,which runs the risk that a flaw in the update will break the system.Or they can wait until the new code has been extensively tested,but that runs the risk that they will be compromised by the exploit during the testing period.Dealing with these issues is referred to as

What is a penetration test?

The process of turning off unnecessary features in the system is known as

In 2007,a major U.S.financial institution hired a security firm to attempt to compromise its computer network.A week later,the firm reported that it had successfully entered the system without apparent detection and presented an analysis of the vulnerabilities that had been found.This is an example of a

A special purpose hardware device or software running on a general purpose computer which filters information that is allowed to enter and leave the organization's information system.

The process of transforming normal text into cipher text

Encryption has a remarkably long and varied history.Spies have been using it to convey secret messages ever since there were secret messages to convey.One powerful method of encryption uses random digits.Two documents are prepared with the same random sequence of numbers.The spy is sent out with one and the spy master retains the other.The digits are used as follows.Suppose that the word to be encrypted is SPY and the random digits are 352.Then S becomes V (three letters after S),P becomes U (five letters after P),and Y becomes A (two letters after Y,restarting at A after Z).The spy would encrypt a message and then destroy the document used to encrypt it.This is an early example of

Which of the following describes one weakness of encryption?

The most common input-related vulnerability is

A process that takes plaintext of any length and transforms it into a short code.

Which of the following is not a requirement of effective passwords?