Security Policy

Who is responsible for implementing physical security?

A

All employees

B

Board members

C

IT administrators

D

Software development staff

Answer

A

Security Policy

Which of the following authentication approaches matches only with the concerned person himself/herself?

A

Date of Birth

B

Biometric authentication

C

Blood type

D

Psychological authentication

Answer

B

Cracking

Which of the following is a technique used to avoid SQL injections by invalidating special characters?

A

Compiling

B

Filtering

C

Sanitizing

D

Translating

Answer

C

Cracking

Which of the following is a public key encryption system based on the presumed difficulty of factoring large integers?

A

3DES

B

AES

C

SHA-1

D

RSA

Answer

D

Infrastructure

Which of the following is true about the authentication protocol that is extended based on RADIUS for mobile IP?

A

DIAMETER

B

UDP

C

NAS

D

TACACS

Answer

A

Infrastructure

SSID is used as an identifier of access points in a wireless LAN. However security cannot be ensured only with SSID. Which of the following best describes that reason?

A

The length of SSID is limited to 64 bits

B

The length of SSID is limited to 32 bits

C

SSID is transferred in clear text

D

SSID identifies station not network

Answer

C

Literacy

Which of the following is NOT true about IDS and IPS?

A

IDS detects and blocks illegal access and then reports to administrator

B

IPS is an extended function of IDS

C

There are “Network type” and “Host type” in both IDS and IPS

D

IPS blocks connection in real-time when there is an intrusion

Answer

A

Literacy

According to the audit log an unspecified user had accessed the server using his/her own ID and carried out what was only authorized to administrators. Which of the following appears to have been done by that user?

A

Elimination of Policy

B

Elimination of File

C

Installation of Trojan Horse

D

Enhancement of Privilege

Answer

D