Black Friday Sale - Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70dumps

Note: This exam is available on Demand only. You can Pre-Order this Exam and we will arrange this for you. Buy Now

156-110 Questions and Answers

Question # 6

Which of these choices correctly describe denial-of-service (DoS) attacks? (Choose THREE.)

A.

DoS attacks do not require attackers to have any privileges on a target system.

B.

DoS attacks are nearly impossible to stop, once they begin.

C.

DoS attacks free the target system of excessive overhead.

D.

DoS ties up a system with so many requests, system resources are consumed, and performance degrades.

E.

DoS attacks cause the attacked system to accept legitimate access requests.

Full Access
Question # 7

Which of the following should be included in an enterprise Business Continuity Plan (BCP)? (Choose THREE.)

A.

Accidental or intentional data deletion

B.

Severe weather disasters

C.

Employee terminations

D.

Employee administrative leave

E.

Minor power outages

Full Access
Question # 8

If e-mail is subject to review by individuals other than the sender and recipient, what should be clearly stated in the organization's e-mail policy?

A.

Technologies and methods used to monitor and enforce the organization's policies

B.

Senior management and business-unit owner responsibilities and delegation options

C.

Clear, legally defensible definition of what constitutes a business record

D.

Consequences for violation of the organization's acceptable-use policy

E.

No expectation of privacy for e-mail communications, using the organization's resources

Full Access
Question # 9

Digital signatures are typically provided by a ____________________, where a third party verifies a key's authenticity.

A.

Network firewall

B.

Security administrator

C.

Domain controller

D.

Certificate Authority

E.

Hash function

Full Access
Question # 10

Maintenance of the Business Continuity Plan (BCP) must be integrated with an organization's _______________ process.

A.

Change-control

B.

Disaster-recovery

C.

Inventory-maintenance

D.

Discretionary-budget

E.

Compensation-review

Full Access
Question # 11

A(n) __________________________ is issued by senior management, and defines an organization's security goals.

A.

Records-retention procedure

B.

Acceptable-use policy

C.

Organizational security policy

D.

Security policy mission statement

E.

Service level agreement

Full Access
Question # 12

_______ intrusion detection involves comparing traffic to known characteristics of malicious traffic, known as attack signatures.

A.

Pattern matching

B.

Statistical anomaly

C.

Behavioral analysis

D.

Host

E.

Network

Full Access
Question # 13

Public servers are typically placed in the _______, to enhance security.

A.

Restricted Entry Zone

B.

Open Zone

C.

Internet Zone

D.

Demilitarized Zone

E.

Public Entry Zone

Full Access
Question # 14

When attempting to identify OPSEC indicators, information-security professionals must: (Choose THREE.)

A.

Discover the information daily activities yield.

B.

Meet with adversaries.

C.

Perform business impact analysis surveys.

D.

Scrutinize their organizations' daily activities.

E.

Analyze indicators, to determine the information an adversary can glean ?both from routine and nonroutine activities.

Full Access
Question # 15

A(n) _______________ is an unintended communication path that can be used to violate a system security policy.

A.

Covert channel

B.

Integrity axiom

C.

Simple rule violation

D.

Inferred fact

E.

Aggregated data set

Full Access