Assessment Test xxxiii
- An individual presents herself at your office claiming to be a service technician. She is
attempting to discuss technical details of your environment such as applications, hardware,
and personnel used to manage it. This may be an example of what type of attack?
A. Social engineering
B. Access control
C. Perimeter screening
D. Behavioral engineering - Which of the following is a major security problem with the FTP protocol?
A. Password files are stored in an unsecure area on disk.
B. Memory traces can corrupt file access.
C. User IDs and passwords are unencrypted.
D. FTP sites are unregistered. - Which system would you install to provide detective capabilities within a network?
A. NIDS
B. HIDS
C. NIPS
D. HIPS - The process of maintaining the integrity of evidence and ensuring no gaps in possession
occur is known as?
A. Security investigation
B. Chain of custody
C. Three A’s of investigation
D. Security policy - What encryption process uses one piece of information as a carrier for another?
A. Steganography
B. Hashing
C. MDA
D. Cryptointelligence - Which policy dictates how assets can be used by employees of a company?
A. Security policy
B. User policy
C. Use policy
D. Enforcement policy
E. Acceptable use policy
flast.indd 33 22-07-2014 11:36:26