CIS 558 Week 2 Assessment 3 and 4, Discussion Question

$20.00

Category: Tag:

Description

CIS 558 Week 2 Assessment 3, Quiz Chapter 3 – Audit process

  1. Which of the following processes quantifies the aggregate risk exposure for the project by assigning numeric probabilities to risks and their impacts on project objectives?
  2. Which of the following is the most important step in the test data validation process?
  3. What should be the role of an auditor when a company applies CSA?
  4. Which of the following risks comes with an authorized program?
  5. Which of the following documents is an output of the plan risk management process?
  6. In which of the following risks does an auditor conclude that no risk exists, but in real, the risk exists?
  7. Which of the following is the MOST significant security risk in a research company?
CIS 558 Week 2 Assessment 4 Quiz Chapter 7, Protecting Information Assets
  1. Which of the following malicious applications changes the file’s date and time to hide itself?
  2. Which of the following applications is an e-mail-enabled Visual Basic Script virus?
  3. Which-of the following malicious applications works as a virus and uses the Unicode exploit to infect IIS Web servers?
  4. Which of the following is NOT a man-made threat?
  5. Which-of the following information classifications needs not be safeguarded against disclosure, but must be safeguarded against tampering and destruction?
  6. Which of the following is most likely cause of account lockouts?
  7. Which-of the following protocols allows applications to communicate across a network in a way designed to prevent eavesdropping and message forgery.
  8. Which of the following is not a major concern in traditional business transactions as compared to online transactions?
  9. In _______, attackers capture packets containing passwords or digital signatures whenever packets pass between two hosts on a network.
  10. Which of the following worms performs random scanning?
  11. Which of the following malicious applications works as a boot sector virus?
  12. Security awareness training, strong password policies, and robust pre-employment checks come under __________.
  13. Which of the following is the correct syntax to create a null session?
  14. Which of the following tools can be …..to protect an application from buffer overflows?
  15. Netbus is a famous Trojan, which is ….in Delphi by Carl-Fredrik Neikter, a Swedish programmer, in March 1998. Which-of the following statements is NOT true about Netbus?
  16. Which of the following policies checks whether all external regulations and laws are being addressed?
  17. Which of the following policies checks whether firewalls are effectively configured and utilized?
  18. NetStumbler is NOT ….for _______.
  19. Which of the following tools is not used for wireless sniffing?
  20. Which of the following features does NOT put up with KFSensor?
  21. In which of the following protocols must one party present a question and another party provide a valid answer to be authenticated?
  22. Which of the following is a hardware tool to protect the system from buffer overflow attacks?
  23. Which of the following policies defines the logical and physical configuration standards of servers, firewalls, routers, and so on?
  24. Wi-Fi Protected Access (WPA) uses ________.
  25. Which of the following is not a biometrics technology for authentication?
  26. The 802.11b wireless standard has a data transfer speed of up to ________.
  27. Which of the following steps will you take to stop phishing attacks?
  28. Which of the following processes removes data from the media so that it is difficult to restore cis 558 week 2 
  29. What are packet sniffers?
  30. In _______ model, the data owner has the right to decide who can access the data.
  31. Which of the following access control models allows the resource owner to control other users’ accesses to the resource?
  32. Which of the following controls will you use if you are authorized to access only the information that is essential for your work?
  33. Cryptography is the science of:
  34. Which of the following are provided by digital signatures?
  35. “Certificate revocation is the process of revoking a certificate before it expires
  36. Which of the following elements are required to be performed during access control to achieve accountability for actions performed by a user?
  37. Which of the following is a type of risk under separation of duties?
  38. “A Public Key Infrastructure (PKI) consists of client software, server software, such as a certificate authority, hardware (e.g., smart cards) and operational procedures.”
  39. Which of the following tasks is NOT performed by antiviruses?
  40. Which of the following conditions is NOT valid to insert a malicious code to perform a string buffer overflow attack?
  41. ________ provides message content security in the form of data encryption and digital signature.
  42. Which of the following protocols supports data encryption?
  43. “Certificate revocation is the process of revoking a certificate before it expires.”
  44. Which encryption category uses the same key for both encryption and decryption?
  45. SHA algorithm produces a _____-bit hash value cis 558 week 2
  46. Which of the following is a stream-based cipher?
  47. Which of the following statements is NOT true of Production honeypots?
  48. On which of the following encryption algorithms is WEP based?
  49. Which of the following is NOT a WEP authentication method?
  50. The MAC address consists of _______ pair of hexadecimal numbers.
  51. Which of the following statements about RC2 (Rivest Cipher 2) is true?
  52. IEEE 802.1x supports a _________ encryption key length cis 558 week 2
  53. Which of the following encryption techniques does wired encryption privacy use?
  54. Which of the following authentication methods is …..by wireless LANs and follows the IEEE 802.11 standard?
  55. You are defining the password policy for a network. Which of the following should be the least considered?
  56. Which of the following statements regarding Telnet is not true?
  57. What is VeriSign?
  58. Which of the following authentication techniques has the lowest cost?
  59. Which of the following factors determines the strength of the encryption?
  60. “Encrypted files are …..if a user copies or moves them to a FAT volume.”
  61. Which of the following uses a secret key for encryption?
  62. “In Windows 2000, system files can be …..by EFS.”
  63. Which of the following statements is NOT true of Encrypting File System (EFS)?
  64. The method used to encrypt messages by transposing or scrambling the characters in a certain manner is ___.
  65. Which of the following statements is true of triple DES (Data Encryption Standard)?
  66. “CFB is a stream cipher that can be ….to encrypt individual characters.”
  67. “Availability is a term that ….to the reliable and timely access to data and resources that you are authorized to use.”
  68. Which of the following is raw information that Intrusion Detection Systems (IDS) use to detect attacks?
  69. Hashing algorithm is also ________.
  70. Which of the following statements is true of IDEA (International Data Encryption Algorithm)?
  71. “Rivest Cipher 5 is a block-based cipher.”
  72. Which of the following statements is true of DES (Data Encryption Standard)?
  73. International Data Encryption Algorithm (IDEA) is a __________ block cipher cis 558 week 2
  74. Which of the following is a second layer encryption ….in the Windows operating system?
  75. What level of encryption does SYSKEY use to encrypt passwords?
  76. Which of the following is commonly …..for one-way encryption?
  77. If a password is seven characters or less, the second half of the LM hash is always ___________________.
  78. Which of the following tools works as a file integrity checker?
  79. Which of the following layers is NOT a valid Wireless Application Protocol layer?
  80. Bluetooth uses the _________ specification in the ________ band with FHSS technology.
  81. Which of the following tools is a wireless sniffer and analyzer that works on the Windows operating system?
  82. Which protocol enables wireless devices to connect to a wired network and to each other?

CIS 558 Week 2 Discussion, Developing and ERM Plan

  • From a management perspective, decide which key policies and procedures one should consider as the starting point when developing an ERM plan for an organization. Defend your position.
  • Provide a list of essential personnel whom you believe ….in creating and maintaining an ERM plan for an organization. Describe the role of each person. Suggest a timeline for establishing an ERM plan, giving your opinion on how frequently the plan should be reviewed.cis 558 week 2