Information Technology Reference
In-Depth Information
8.
D. Cisco DMVPN provides encrypted point-to-point GRE tunnels. GRE-based VPNs
do not use encryption.
9.
A, B, and C. Evaluating security breaches, using locks or alarms, and assessing the
impact of stolen resources are all physical security guidelines to consider for a secure
infrastructure.
10. B. Security management solutions provide ways to provision network security policies
for eas e of deploy ment.
Q&A
1.
C. Encryption can protect data transported between sites over the Internet.
2.
A. Firewalls have the capabilities to protect database servers in DMZ segments.
3.
D. Encryption is a security technique for protecting the data confidentiality
of information.
4.
A and B. The use of ACLs and rate limiting can alleviate the effects of a DoS attack
being performed.
5.
A and D. DoS, reconnaissance, and gaining unauthorized access are security threats.
6.
Tr ue. IPs ec c an en s ure data inte g r it y and confident ialit y ac ro s s the Inter net.
7.
C. SOX focuses on the accuracy and controls imposed on a company's financial
records.
8.
A, B, and C. Managing the security infrastructure has components that include the
overall security management policy, incident-handling policy, and network access con-
trol policy.
9.
C. EU Data Protection Directive calls for the protection of the people's right to priva-
cy with respect to the processing of personal data.
10. D. Attackers can use password-cracking utilities, capture network traffic, and use
social engineering to obtain sensitive information.
11. D. Data integrity allows only authorized users to modify data, ensuring that the data
is authentic.
12. B. Accounting provides an audit trail of activities by logging the actions of the user.
13. DHCP snooping authenticates valid DHCP servers, thereby preventing rouge DHCP
servers from interfering with real production servers.
14. The security policy contains the organization's procedures, guidelines, and standards.
15. D. Access control can be enforced by restricting access using VLANs, OS-based
controls, and encryption techniques.
16. An acceptable-use policy describes roles and responsibilities.
17.
Search WWH ::




Custom Search