Cybersecurity Management I - Strategic - C727 UCertify Practice Test (B) With Complete Solution

Cybersecurity Management I - Strategic - C727 UCertify Practice Test (B) With Complete Solution Question 1 :To which type of attack are wireless networks particularly susceptible? - emanations capturing ___________backdoors in applications that are designed by the application developers to perform maintenance tasks. It enables code to be executed without the usual security checks. - Maintenance hooks are ___________ occurs when too much data is transmitted to an application or operating system. - A buffer overflow __________, or a time-of-check/time-of-use (TOC/TOU) attack, happens when an attacker interrupts a task and changes something to direct the result. - An asynchronous attack Question 2 :What is TEMPEST? - D a United States government program that reduces electronic equipment emanations Question 3 :Security personnel have report that your organization's fingerprint biometric system is granting access to unauthorized users. What is the most appropriate reason for this occurrence? - The biometric system has high type 2 error rate and allows the authentication of unauthorized users. __________implies that unauthorized people are being falsely authenticated by the biometric system and that intruders could access critical resources. - A high type 2 error valid Your organization has deployed a hand geometry scan biometric system that will control access to the data processing center. Which characteristic are NOT evaluated by this biometric system? Each correct answer represents a complete solution. Choose all that apply. - ridge endings skin tone of the hand Question 5 :A military research institution is planning to implement a biometric system to ensure complete privacy and confidentiality within the institution. Four different vendors have given the specifications of their biometric systems. Considering the following specifications, which option is recommended for the institution? - Vendor A: Type 1 errors 80%, Type 2 errors 1 %, CER 4% ___________ is the most critical measurement to measure the accuracy of the system. A CER value of 5 is better than a CER value of 10. For example, a voice pattern-based biometric system has the highest CER value. - The CER rating for a biometric system ____________ implies that many valid authentication attempts are being rejected, and the employees' productivity could be negatively affected, causing less user acceptance - A high value of type 1 error Question 6 :You need to improve the user accountability for your company's network. Which feature(s) will provide this? Each correct answer represents a complete solution. Choose all that apply. - access control lists (ACLs) audit logs Question 7 :You need to determine which users are accessing a Windows Server 2008 computer from the network. Which audit category should you enable? - Audit Privilege Use Question 8 :Your company has several UNIX servers on its network. These servers were configured before your employment in the company and prior to the company establishing a server security policy. You are concerned about the root account on these UNIX servers. Which security guidelines should you follow? - Only allow root login via the local console. Limit administrator access to the root account. Question 9 :You discover that a computer in your network has been infected by the C2MyAzz application. What is an effect of this attack? - It captures user passwords as they are entered. Question 10 :You are implementing new password policies on your company's network. You need to ensure that users must use 20 new passwords before reusing an old one. Which password policy setting should you implement? - password history Question 11 :Your organization uses the Kerberos protocol to authenticate users on the network. Which statement is true of the Key Distribution Center (KDC) when this protocol is used? - The KEY DISTRIBUTION CENTER KDC is used to store, distribute, and maintain cryptographic session keys. Question 12 :Which statement is NOT true of cross certification? - Cross certification checks the authenticity of the certificates in the certification path. The primary purpose of __________ is to build a trust relationship between different certification hierarchies when users belonging to different hierarchies are required to communicate and might require authentication for legitimate connections - cross certification Question 13 :Your company currently deploys Kerberos to provide authentication for all users on the network. Management has recently heard of security weaknesses in the Kerberos protocol. They have asked you to implement an authentication protocol that addresses the weaknesses in Kerberos. Which protocol should you deploy? - SESAME Unlike Kerberos, __________uses both symmetric and asymmetric encryption to protect data exchange and to authenticate subjects. SESAME uses a trusted authentication server at each host. It incorporates two certificates or tickets, one for authentication and one defining access privileges. It uses public key cryptography for the distribution of secret keys. - SESAME ______________ are all authentication protocols for remote users. None of these services was developed to improve on the weaknesses in Kerberos. - RADIUS, TACACS, and XTACACS ___________ provide a centralized entity used to authenticate users. This same entity is responsible for helping to ensure that subjects are properly authorized using tokens or tickets. Therefore, both services address authorization and authentication. - Kerberos and SESAME Question 14 :Your company has several UNIX servers on its network. An IT co-worker has notified you that he noticed that all of these UNIX servers have an /etc/shadow file. What is the best description of the purpose of this file? - to store user passwords in a protected format Which password type is usually the easiest to remember? - pass phrase Question 16 :You have been asked to implement a new password management policy that includes using cognitive passwords to verify a user's identity. What is the most correct explanation of this type of password? - a password that is based on some personal fact or opinion Question 17 :Which password types are usually the hardest to remember? - Dynamic and Software generated Question 18 :You have been hired as a security consultant by a manufacturing company. During your tenure, you suggest that the company implement a single sign-on system to prevent users from having to remember multiple user IDs and passwords when accessing remote systems. Which technologies could the organization implement? - Kerberos SESAME Active Directory ____________ is a dial-up and virtual private network (VPN) user authentication protocol used to authenticate remote users. It provides centralized authentication and accounting features. Alone, it does not provide single sign-on authentication. - Remote Authentication Dial-In User Service (RADIUS) Question 19 :You have been asked to implement a RADIUS solution that allows the usage of Voice over IP (VoIP) and wireless services. Which RAIDUS implementation should you use? - Diameter Question 20 :Your company network has reached such a large size that it is becoming increasingly difficult to manage user accounts and passwords. Management has asked you to investigate a cloud solution that you could deploy to make administration easier and to implement single sign-on. Which cloud deployment solution should you suggest? - Identity as a Service (IDaaS) Question 21 :Your organization is considering launching an Identity as a Service (IDaaS) solution via a cloud provider. You need IDaaS to provide the following services: Which are usually included as part of this solution? - single sign-on provisioning password management access governance Question 22 :You are implementing enterprise access management for your company. You need to ensure that the system you implement allows you to configure a trust with another company such that your users can access the other company's network without logging in again. What should you implement to ensure that this trust can be configured? - federated identity management Question 23 :Recently, users in your organization have started complaining about the number of user IDs and passwords that they must remember to access different resources on your network. Management has asked you to implement a system whereby users are granted access to all resources after the initial domain authentication. Which technology should you implement? - single sign-on