Selected Answer: secret Correct Answer: secret Question 22 3.35 out of 3.35 points The term ________________ denotes data that is being stored on devices like a universal serial bus (USB) thumb drive, laptop, server, DVD, CD, or server. The term ______________ denotes data that exists in a mobile state on the network, such as data on the Internet, wireless networks, or a private network. Selected Answer: data at rest, data in transit Correct Answer: data at rest, data in transit Question 23 3.35 out of 3.35 points There are particular tools and techniques that the IRT utilizes to gather forensic evidence, including ____________________, which articulates the manner used to document and protect evidence. Selected Answer: chain of custody Correct Answer: chain of custody Question 24 3.35 out of 3.35 points
SQL injections are attacks that result from the absence of separating high-risk assets on their own network segments. Selected Answer: False Correct Answer: False Question 25 0 out of 3.35 points ___________________ are attacks that obtain access by means of remote services, such as vendor networks, employee remote access tools, and point-of sale (POS) devices. Selected Answer: Improperly segmented network environment Correct Answer: Insecure remote access Question 26 3.35 out of 3.35 points When constructing policies regarding data _______________, it is important that these policies offer particular guidance on separation of duties (SOD), and that there are procedures that verify SOD requirements. Selected Answer: access Correct Answer: access Question 27 0 out of 3.35 points While the amount of data known as mission-critical depends on the organization and industry, such data should only represent less than ____________ percent of the data population.
Selected Answer: 50 Correct Answer: 15 Question 28 3.35 out of 3.35 points If a vulnerability is not fixed at the root cause, there is a possibility that another route of attack can emerge. This route is known as the ____________________. Selected Answer: attack vector Correct Answer: attack vector Question 29 3.35 out of 3.35 points To measure the effectiveness of the IRT, which of the following does not need to be evaluated? Selected Answer: the tests provided to employees to ensure their response to incidents Correct Answer: the tests provided to employees to ensure their response to incidents Question 30 0 out of 3.35 points The Federal Information Security Management Act (FISMA) mandates that the government use the National Institute of Standards and Technology (NIST) Special Publication 800-61 to categorize incidents into a range of events on a network or system. These events include malicious code, which is an exploit to secure access, and denial of service, a code that quickly causes infections in other machines.
Selected Answer: True Correct Answer: False
You've reached the end of your free preview.
Want to read all 11 pages?
- Spring '17