Why should the number of services on a server be limited to required services?

A. Every open service represents a potential vulnerability.

B. Closed systems require special connectivity services.

C. Running extra services makes machines more efficient.

D. All services are inherently stable and secure.

E. Additional services make machines more secure.

Which of the following are common failures that should be addressed in an organization's Business Continuity Plan (BCP) ? (Choose THREE.)

A. Connectivity failures

B. Accounting failures

C. Hardware failures

D. Utility failures

E. Personal failures

A _______ _______ posture provides many levels of security possibilities, for access control.

A. Layered defensive

B. Multiple offensive

C. Flat defensive

D. Reactive defensive

E. Proactive offensive

Organizations _______ risk, when they convince another entity to assume the risk for them.

A. Elevate

B. Assume

C. Deny

D. Transfer

E. Mitigate

The items listed below are examples of ___________________ controls.

*Smart cards *Access control lists *Authentication servers *Auditing

A. Role-based

B. Administrative

C. Technical

D. Physical

E. Mandatory

Which of the following is NOT a concern for enterprise physical security?

A. Network Intrusion Detection Systems

B. Social engineering

C. Dumpster diving

D. Property theft

E. Unauthorized access to a facility

How is bogus information disseminated?

A. Adversaries sort through trash to find information.

B. Adversaries use anomalous traffic patterns as indicators of unusual activity. They will employ other methods, such as social engineering, to discover the cause of the noise.

C. Adversaries use movement patterns as indicators of activity.

D. Adversaries take advantage of a person's trust and goodwill.

E. Seemingly, unimportant pieces of data may yield enough information to an adversary, for him to disseminate incorrect information and sound authoritative.

You are preparing a machine that will be used as a dedicated Web server. Which of the following services should NOT be removed?

A. E. IRC

B. SMTP

C. FTP

D. HTTP

E. PVP

Which encryption algorithm has the highest bit strength?

A. AES

B. Blowfish

C. DES

D. CAST

E. Triple DES

_________________ is a type of cryptography, where letters of an original message are systematically rearranged into another sequence.

A. Symmetric-key exchange

B. Steganography

C. Transposition cipher

D. Asymmetric-key encryption

E. Simple substitution cipher