ITN 260 FINAL EXAM QUESTIONS AND ANSWERS ALL CORRECT

ITN 260 FINAL EXAM QUESTIONS AND
ANSWERS ALL CORRECT

Which statement about Rule-Based Access Control is true? - Answer- c. It dynamically
assigns roles to subjects based on rules.

Which of the following is NOT a problem associated with log management? - Answer- c.
Time-stamped log data

Blaise needs to create a document that is a linear-style checklist of required manual
steps and actions needed to successfully respond to a specific type of incident. What
does she need to create? - Answer- d. Playbook

Cheryl has been asked to set up a user account explicitly to provide a security context
for services running on a server. What type of account will she create? - Answer- b.
Service account

Which of the following is a Linux utility that displays the contents of system memory? -
Answer- c. memdump

Raul has been asked to serve as the individual to whom day-to-day actions have been
assigned by the owner. What role is Raul taking? - Answer- d. Data custodian/steward

Which type of access control scheme uses predefined rules that makes it the most
flexible scheme? - Answer- a. ABAC

Which of the following is the most fragile and should be captured first in a forensics
investigation? - Answer- d. CPU cache

Which of the following should be performed in advance of an incident? - Answer- b.
Segmentation

Ella wants to research an attack framework that incorporates adversary, infrastructure,
capability, and victim. Which of the following would she choose? - Answer- a. Diamond
Model of Intrusion Analysis

Which tool is an open source utility for UNIX devices that includes content filtering? -
Answer- c. syslog-ng

Which of these is NOT an incident response process step? - Answer- c. Reporting

,Which of the following is a packet sampling protocol that gives a statistical sample
instead of the actual flow of packets? - Answer- c. sFlow

What is a definition of RPO? - Answer- c. The maximum length of time that can be
tolerated between backups

Margaux is reviewing the corporate policy that stipulates the processes to be followed
for implementing system changes. Which policy is she reviewing? - Answer- d. Change
control policy

Which of the following is NOT an element that should be part of a BCP? - Answer- b.
Robustness

Mary Alice has been asked to help develop an outline of procedures to be followed in
the event of a major IT incident or an incident that directly impacts IT. What type of
planning is this? - Answer- b. Disaster recovery planning

Which type of site is essentially a duplicate of the production site and has all the
equipment needed for an organization to continue running? - Answer- a. Hot site

Which of the following will a BIA NOT help determine? - Answer- b. Percentage
availability of systems

Which of the following is NOT true about RAID? - Answer- a. It is designed primarily to
backup data.

Which of the following is a federal initiative that is designed to encourage organizations
to address how critical operations will continue under a broad range of negative
circumstances? - Answer- c. COOP

Which of the following is NOT used to identify or enforce what mobile devices can do
based on the location of the device? - Answer- b. Geo-spatial

Linnea is researching a type of storage that uses a single storage device to serve files
over a network and is relatively inexpensive. What type of storage is Linnea
researching? - Answer- b. NAS

Which of these is NOT a factor in determining restoration order? - Answer- a. Speed of
implementation

What device is always running off its battery while the main power runs the battery
charger? - Answer- a. Online UPS

What is the average amount of time that it will take a device to recover from a failure
that is not a terminal failure? - Answer- b. MTTR

, Which commercial data classification level would be applied to a data set of the number
of current employees at an organization and would only cause a small amount of harm if
disclosed? - Answer- b. Public

What does an incremental backup do? - Answer- a. Copies all files changed since the
last full or incremental backup

Thea has received a security alert that someone in London attempted to access the
email account of Sigrid, who had accessed it in Los Angeles one hour before. What
feature determined an issue and send this alert to Thea? - Answer- a. Impossible Travel

A BIA can be a foundation for which of the following? - Answer- d. Functional recovery
plan

Which of the following is a document that outlines specific requirements or rules that
must be met? - Answer- a. Policy

Which of the following can a UPS NOT perform? - Answer- a. Prevent certain
applications from launching that will consume too much power

Molly needs to access a setting in Microsoft Windows Group Policy to change the type
of a network to which a computer is attached. Which setting must Molly change? -
Answer- d. Network Location

What is a list of potential threats and associated risks? - Answer- a. Risk register

Sergio has been asked to make a set of data that was once restricted now available to
any users. What data type will Sergio apply to this set of data? - Answer- d. Public

Which of the following threats would be classified as the actions of a hactivist? -
Answer- d. External threat

Which of the following is NOT true about data sovereignty? - Answer- d. Governments
cannot force companies to store data within specific countries.

In which of the following threat classifications would a power blackout be classified? -
Answer- d. Operational

Which of the following is not a legally enforceable agreement but is still more formal
than an unwritten agreement? - Answer- b. MOU

Emiliano needs to determine the expected monetary loss every time a risk occurs.
Which formula will he use? - Answer- b. SLE