CSIA 300 Final Prep Exam 2024

CSIA 300 Final Prep Exam 2024 Which of the following phases of a system development life-cycle is most concerned with authenticating users and processes to ensure appropriate access control decisions? -Answer- Operation and maintenance What is the effective key size of DES? -Answer-56 bit What are two types of ciphers? -Answer-Transposition and substitution When block chaining cryptography is used, what type of code is calculated and appended to the data to ensure authenticity? -Answer-Message authentication code Which of the following is the most secure form of triple-DES encryption? -Answer-DES-EDE3 Cryptography does not help in -Answer-Detecting fraudulent disclosure All of the following statements about a security incident plan are correct EXCEPT -Answer-The plan should be published annually Two separate employees are required to open a safe containing sensitive information. One employee has part of the safe combination, and a second employee has another part of the safe combination. This arrangement follows the principle of -Answer-Split custody Within the realm of IT security, which of the following combinations best defines risk? -Answer-Threat coupled with a vulnerability The purpose of a security incident debrief is all of the following EXCEPT: -Answer-Review of log files The primary impact of a pandemic on an organization is: -Answer-Long periods of employee absenteeism that impact the organization's ability to provide services In what phase of a business continuity plan does a company proceed when it is ready to move back into its original site or a new site? -Answer-Reconstitution phase The process of erasing magnetic media through the use of a strong magnetic field is known as: - Answer-Degaussing A security manager has instructed a system administrator to wipe files on a hard disk. This means that the administrator needs to: -Answer-Use a tool to overwrite files multiple times Which of the following processes is concerned with not only identifying the root cause but also addressing the underlying issue? -Answer-Problem Management What is the minimum and customary practice of responsible protection of assets that affects a community or societal norm? -Answer-Due care What is one disadvantage of content-dependent protection of information? -Answer-increases processing overhead In the event of a security incident, one of the primary objectives of the operations staff is to ensure that.. -Answer-there is minimal disruption to the organization's mission Which of the following statements pertaining to block ciphers is incorrect? -Answer-Plain text is encrypted with a public key and decrypted with a private key. Cryptography does not help in: -Answer-Detecting fraudulent disclosure Where is firmware primarily stored on a computer system? -Answer-Read-only memory What size is an MD5 message digest (hash)? -Answer-128 bits Which of the following mail standards relies on a "Web of Trust" ? -Answer-Pretty Good Privacy (PGP How many bits is the effective length of the key of the Data Encryption Standard Algorithm? - Answer-56 A demilitarized zone on a computer network exists for all of the following reasons except: - Answer-Reduces the load on firewalls The primary advantage of the use of a central management console for anti-virus is: -Answer- Consolidation of reporting and centralized signature file distribution Which attack is primarily based on the fragmentation implementation of IP and uses large ICMP packets? -Answer-Ping of Death TCP and UDP use port numbers of what length? -Answer-16 bit