הכנה למבחן בניהול אבטחת מידע
- 131 שאלות
- 20 תגובות
- 0% הושלמו
- equalizer סטטיסטיקות
- share שתף
Discuss, Learn and be Happy דיון בשאלות
help
brightness_4
brightness_7
format_textdirection_r_to_l
format_textdirection_l_to_r
Granting of access privileges to certain files is:
1
| done | ||
Be careful not to confuse authentication with authorization.
Authentication is the process of verifying the identity of the sender and/or
receiver of information. Authorization establishes what the user is allowed
to do once the user has been identified and authenticated by the system.
Another “A” term sometimes misinterpreted is accountability, which is the
ability to track actions to users.
מיין לפי
What is the best method of reducing a brute-force denial-of-service attack against a password file?
1
| done | ||
Denial-of-service attack, whereby the perpetrator is able to lock
out many users by discovering their user identifications and entering a
specified number of invalid passwords, is minimized.
מיין לפי
Which of the following is a characteristic of a synchronous token?
1
| done | ||
Counter-based token that combines the base secret with a synchronized
counter to generate the OTP.
מיין לפי
Which of the following is NOT a common attack performed against smart cards?
1
| done | ||
There are several weaknesses and types of attacks against smart
cards, including answers b, c, and d.
מיין לפי
Important elements in choosing a biometric system include all of the following EXCEPT:
1
| done | ||
Important elements of biometric devices are accuracy, processing
speed, and user acceptability.
מיין לפי
TACACS+ has a “watchdog” function to prevent what kind of attacks?
1
| done |
The watchdog function is used to validate TCP sessions when
data is not sent for extended periods of time. This functionality is often
referred to as TOC/TOU (Time of Check versus Time of Use) validation.
מיין לפי
What is a security benefit related to thin-client architecture?
1
מיין לפי
Discretionary access control (DAC) involves:
1
| done | ||
DACs permit resource owners to specify who has access and
what privileges other users will have.
מיין לפי
Mandatory access control (MAC) requires all of the following EXCEPT:
1
| done |
Access decisions are based on the owner’s authorization, the
subject’s label, the object’s label, and the security policy.
What is the most secure method for controlling privileged access to a system available for use in a public area?
1
| done |
Constrained user interfaces restrict user access to specific system
resources by not allowing them to request the function, information,
or access to specific system resources.
מיין לפי