Chapter 11: Practice Test 3 433
- B. A cognitive password authenticates users based on a series of facts or answers to
questions that they know. Preset questions for cognitive passwords typically rely on
common information about a user like their mother’s maiden name or the name of their
pet, and that information can frequently be found on the Internet. The best cognitive
password systems let users make up their own questions. - B. The Linux tool dd creates a bit-by-bit copy of the target drive that is well suited to
forensic use, and special forensic versions of dd exist that can provide even more forensic
features. Simply copying files using a tool like xcopy does not create a forensically sound
copy. DBAN is a drive wiping tool and would cause Megan to lose the data she is seeking
to copy. ImageMagik is a graphics manipulation and editing program. - C. The blacklist approach to application control blocks certain prohibited packages but
allows the installation of other software on systems. The whitelist approach uses the
reverse philosophy and only allows approved software. Antivirus software would only
detect the installation of malicious software after the fact. Heuristic detection is a variant
of antivirus software. - C. Personal health information (PHI) is specifically defined by HIPAA to include
information about an individual’s medical bills. PCI could refer to the payment card
industry’s security standard but would only apply in relation to credit cards. PII is a
broadly defined term for personally identifiable information, and personal billing data
isn’t a broadly used industry term. - D. Yagis, panel antennas, cantennas, and parabolic antennas are all types of directional
antennas. Omnidirectional antennas radiate in all directions, whereas these types of
antennas are not necessarily signal boosting. Finally, rubber duck antennas are a type of
omnidirectional pole antenna. - A. When someone is forced to perform an action under threat, it is known as duress.
- B. Organizations should train at least two individuals on every business continuity plan
task. This provides a backup in the event the primary responder is not available. - B. In this scenario, all of the files on the server will be backed up on Monday evening
during the full backup. Tuesday’s incremental backup will include all files changed since
Monday’s full backup: files 1, 2, and 5. Wednesday’s incremental backup will then include
all files modified since Tuesday’s incremental backup: files 3 and 6.