Information Technology Reference
In-Depth Information
Define the following key terms from this chapter, and check your answers in the glossary:
U.S. P ublic Company Account ing Refor m and Inve stor P rotec t ion Ac t of 2002,
Gramm-Leach-Bliley Financial Services Modernization Act of 1999 (GLBA), U.S.
Health Insurance Portability and Accountability Act (HIPAA), EU Data Protection
Directive 95/46/EC, reconnaissance, gaining unauthorized access, denial of service
(DoS), NMAP, Superscan, DHCP snooping, Dynamic ARP Inspection, Unicast RPF,
access control lists (ACLs), rate limiting, NetStumbler, Kismet, acceptable-use policy,
network access control policy, security management policy, incident-handling policy,
secure, monitor, test, improve, authentication, authorization, accounting, Adaptive
Security Appliance (ASA), routers, Catalyst switches
The answers to these questions appear in Appendix A. For more practice with exam for-
mat questions, use the exam engine on the CD-ROM.
1.
What technique can be used to protect private information that is transported over
the Internet between the headquarters and branch office? (Select the best answer.)
a.
Authentication
b.
Log all data
c.
Encryption
d.
Accounting
2.
What would be recommended to protect database servers connected to or accessible
from the Internet? (Select all that apply.)
a.
Firewall
b.
Server load balancing (SLB)
c.
Syslog
d.
SPAN
3.
What network security issue does 3DES encryption aim to solve?
a.
Data integrity
b.
User authentication
c.
Data authentication
d.
Data confidentiality
