New Year Sale Special - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

examout.co

Which of the following honeypots provides an attacker access to the real operating system without any restriction and collects a vast amount of information about the attacker?

A.

Medium-interaction honeypot

B.

Honeyd

C.

High-interaction honeypot

D.

Low-interaction honeypot

Which of the following is a list of specific actions being taken to deal with specific risks associated with the threats?

A.

Risk acceptance

B.

Risk transference

C.

Risk avoidance

D.

Risk mitigation

You work as an Information Security Manager for uCertify Inc. You need to create the documentation on information security management system (ISMS). Which of the following is the governing principle behind ISMS?

A.

An organization should design, implement, and maintain a coherent set of policies to ensure proper marketing of products.

B.

An organization should design, implement, and maintain a coherent set of policies, processes, and systems to manage risks to its information assets.

C.

An organization should apply encryption to its information assets.

D.

An organization should implement and maintain IDS to manage risks to the network.

You work as the Network Administrator for a defense contractor. Your company works with sensitive materials and all IT personnel have at least a secret level clearance. You are still concerned that one individual could perhaps compromise the network (intentionally or unintentionally) by setting up improper or unauthorized remote access. What is the best way to avoid this problem?

A.

Implement least privileges.

B.

Implement RBAC.

C.

Implement three way authentication.

D.

Implement separation of duties.

By gaining full control of a router, hackers often acquire full control of the network. Which of the following methods are commonly used to attack routers?

Each correct answer represents a complete solution. Choose all that apply.

A.

Launching a Max Age attack

B.

Route table poisoning

C.

Launching a Sequence++ attack

D.

Launching a social engineering attack

Which of the following are the primary rules defined for RBAC?

Each correct answer represents a complete solution. Choose all that apply.

A.

Role authorization

B.

Transaction authorization

C.

Role assignment

D.

Transaction assignment

You work as an Information Security Manager for uCertify Inc. You are working on asset management. You need to differentiate various assets of your organization. Which of the following is an intangible asset?

A.

Equipment

B.

Electricity

C.

Reputation of the company

D.

Personal data

You work as an Information Security Manager for uCertify Inc. You are working on asset management. You need to assign ownership of some assets of the organization. Which of the following statements correctly describe the responsibilities of an asset owner?

Each correct answer represents a complete solution. Choose all that apply.

A.

The owner is allowed to delegate accountability of the asset.

B.

The owner should have a document describing the security controls for the asset.

C.

The owner is allowed to delegate responsibility for maintaining the asset.

D.

The owner has property rights to the asset.

Fill in the blank with an appropriate phrase.

The______ is concerned with rebuilding production processing and determining the criticality of data.

A.

recovery team

Your company is covered under a liability insurance policy, which provides various liability coverage for information security risks, including any physical damage of assets, hacking attacks, etc. Which of the following risk management techniques is your company using?

A.

Risk transfer

B.

Risk mitigation

C.

Risk avoidance

D.

Risk acceptance