Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

Theeravuth > Set 05 > Flashcards

Set 05 Flashcards

(15 cards)

Start Studying
1
Q

Q51: Which is not a Good Security Metric?
A. Consistently measured without subjective criteria
B. Cheap to gather preferably in an automated way
C. Express results with quantitative label units of measure
D. Contextually specific and relevant enough to decision makers that they can take a decision

A

C. Express results with quantitative label units of measure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q 
Q52: Which on is NOT part of the risk governance model?
A. Emblematic
B. Transparent
C. Secisiontic
D. Technocratic
A

A. Emblematic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Q53: Which is NOT an aspect of RISK Communication with relation to compliance and accountability
A. Password Policies
B. Training and Inducement behavior Change
C. Education
D. Involvement

A

C. Education

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q 
Q54: Which is a valuable framework for the system engineers and who probe deficiencies and vulnerabilities within such system?
A. Procedures
B. Policies
C. IT Service Management
D. Code of conduct
A

D. Code of conduct

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q 
Q55A: Which principle states that controls need to define and enable operations that can positively be identified as below in accordance with a security policy and reject all others?
A. Penetration testing
B. Complete Mediation
C. Open Design
D. Fail Safe Defaults
A

D. Fail Safe Defaults

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q 
Q56: Situations where risk are less clear cut there may be a need to include a broad set of evidence and consider a comparative approach such as cost benefit analysis and cost effectiveness.  This is all true with regards
A. Ambiguous Risks
B. Uncertain Risks
C. Complex Risk
D. Routine Risks
A

C. Complex Risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q 
Q57: \_\_\_\_\_ is the result of a threat exploiting a vulnerability, which has a negative effect on the success on the objectives for which we are assessing the risk
A. Impact
B. Likelihodd
C. Attack
D. Threat
A

A. Impact

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q 
Q58: Which of the following is no done by Cyber Criminals?
A. Mass attack using Trojans and Botnets
B. Unauthorized around Access
C. e-Mal spoofing and spamming
D. Report vulnerability in any system.
A

D. Report vulnerability in any system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q 
Q59: In legal research, the term can refer to any systematized collection of primary legislation, secondary legislation, model laws or merely a set of rules published publics or private organizations
A. Codes
B. Ethics
C. Compliance
D. Contracts
A

A. Codes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Q60: TLS guarantees both the validation to the server to the client and the privacy of the exchange over the network. But it is difficult to evaluate the payload of pockets. The solution is to put a supplementary dedicated box next to the application server, usually name as Hardware Security Module (HSM)
What is the purpose of HSM?
A. The HSM is designed to establish the TLS session beforehand the application server delivers any information
B. HSM transfers the burden of establishing the TLS session external the application server.
C. TSL secured traffic is encrypted and decrypted at the HSM and strams in clear to the server and triggers IDPSec and WAFs to evaluate traffic
D. All the Options A, B, & C include the working functionally of the HSM

A

D. All the Options A, B, & C include the working functionally of the HSM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q 
Q55B: Experts proposed a framework to systematize the attribution efforts of cyberattacks which of the following is NOT a layer of the framework
A. Operational
B. Analytical
C. Strategic
D. Tactical
A

D. Tactical

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q 
Q55C: What is the good example of a security measure made ineffective due to its 0.1% utilization and that has been around for over 20 years?
A. Log Management
B. Email Encryption
C. Software Encryption
D. Data backup
A

B. Email Encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q 
Q55D: Which of the following is not a NIST architecture strategy?
A. The Reference Monitor Concept
B. Defense in Depth
C. Isolation
D. Behavior
A

D. Behavior

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Q56D: The third Dimension generally applies to only persistent malware based on the layers that include firmware, boot-sector, operating system kernel, drivers and application programming interfaces (API’s) and user applications.
All the above mentioned layers are presented in which order?
A. All are in order in which they are implemented.
B. They are in random order.
C. In the context of persistent malware the order of system stack layers does not matter.
D. All layer of the system slack are mentioned in ascending order.

A

D. All layer of the system slack are mentioned in ascending order.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Q56E: As Netflow was designed by the network equipment providers it is exceptionally well implemented in networks and extensively used for network management jobs. It is standardized and even nonetheless the commercial names vary alike. Information is gathered by the manufacturers that are supportive of this technology.
Controlling packets to calculate Netflow Counters Requires access to what?
A. GPU Designed for visual AI
B. Router CPU
C. Transit Gateway CPU

A

B. Router CPU

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Theeravuth (10 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions