CYBERSECURITY MANAGEMENT I - STRATEGIC - C727 UCERTIFY PRACTICE TEST (B)|UPDATED&VERIFIED|100% SOLVED|GUARANTEED SUCCESS

Question 1 :To which type of attack are wireless networks particularly susceptible? emanations capturing ___________backdoors in applications that are designed by the application developers to perform maintenance tasks. It enables code to be executed without the usual security checks. Maintenance hooks are ___________ occurs when too much data is transmitted to an application or operating system. A buffer overflow __________, or a time-of-check/time-of-use (TOC/TOU) attack, happens when an attacker interrupts a task and changes something to direct the result. An asynchronous attack Question 2 :What is TEMPEST? D a United States government program that reduces electronic equipment emanations Question 3 :Security personnel have report that your organization's fingerprint biometric system is granting access to unauthorized users. What is the most appropriate reason for this occurrence? The biometric system has high type 2 error rate and allows the authentication of unauthorized users. __________implies that unauthorized people are being falsely authenticated by the biometric system and that intruders could access critical resources. A high type 2 error valid Your organization has deployed a hand geometry scan biometric system that will control access to the data processing center. Which characteristic are NOT evaluated by this biometric system? Each correct answer represents a complete solution. Choose all that apply. ridge endings skin tone of the hand Question 5 :A military research institution is planning to implement a biometric system to ensure complete privacy and confidentiality within the institution. Four different vendors have given the specifications of their biometric systems. Considering the following specifications, which option is recommended for the institution? Vendor A: Type 1 errors 80%, Type 2 errors 1 %, CER 4% ___________ is the most critical measurement to measure the accuracy of the system. A CER value of 5 is better than a CER value of 10. For example, a voice pattern-based biometric system has the highest CER value. The CER rating for a biometric system ____________ implies that many valid authentication attempts are being rejected, and the employees' productivity could be negatively affected, causing less user acceptance A high value of type 1 error Question 6 :You need to improve the user accountability for your company's network. Which feature(s) will provide this? Each correct answer represents a complete solution. Choose all that apply. access control lists (ACLs) audit logs Question 7 :You need to determine which users are accessing a Windows Server 2008 computer from the network. Which audit category should you enable? Audit Privilege Use Question 8 :Your company has several UNIX servers on its network. These servers were configured before your employment in the company and prior to the company establishing a server security policy. You are concerned about the root account on these UNIX servers. Which security guidelines should you follow? Only allow root login via the local console. Limit administrator access to the root account. Question 9 :You discover that a computer in your network has been infected by the C2MyAzz application. What is an effect of this attack? It captures user passwords as they are entered. Question 10 :You are implementing new password policies on your company's network. You need to ensure that users must use 20 new passwords before reusing an old one. Which password policy setting should you implement? password history Question 11 :Your organization uses the Kerberos protocol to authenticate users on the network. Which statement is true of the Key Distribution Center (KDC) when this protocol is used? The KEY DISTRIBUTION CENTER KDC is used to store, distribute, and maintain cryptographic session keys. Question 12 :Which statement is NOT true of cross certification? Cross certification checks the authenticity of the certificates in the certification path. The primary purpose of __________ is to build a trust relationship between different certification hierarchies when users belonging to different hierarchies are required to communicate and might require authentication for legitimate connections cross certification Question 13 :Your company currently deploys Kerberos to provide authentication for all users on the network. Management has recently heard of security weaknesses in the Kerberos protocol. They have asked you to implement an authentication protocol that addresses the weaknesses in Kerberos. Which protocol should you deploy? SESAME Unlike Kerberos, __________uses both symmetric and asymmetric encryption to protect data exchange and to authenticate subjects. SESAME uses a trusted authentication server at each host. It incorporates two certificates or tickets, one for authentication and one defining access privileges. It uses public key cryptography for the distribution of secret keys. SESAME