Tag: security

Questions Related to security

Which mitigation technique is the best match for the elevation of privilege threat type?
technology security

  1. Authentication

  2. Authorization

  3. Auditing

  4. Confidentiality

Show answer
Correct Option: B

Which mitigation technique is the best match for the tampering threat type?
technology security

  1. Integrity

  2. Availability

  3. Auditing

  4. Confidentiality

Show answer
Correct Option: A

Which of the following is used to preserve confidentiality in software?
technology security

  1. Encryption

  2. Hashing

  3. Recovery

  4. Redundancy

Show answer
Correct Option: A

Files temporarily created by applications can expose confidential data if:
technology security

  1. Special characters are not used in the filename to keep the file hidden

  2. The existence of the file exceeds three seconds

  3. File permissions are not set appropriately

  4. Special characters indicating this is a system file are not used in the filename

Show answer
Correct Option: C
Explanation:

To solve this question, the user needs to understand the concept of file security and how confidential data can be exposed.

Option A is incorrect because using special characters in the filename does not necessarily keep the file hidden or secure. The filename is just a label for the file and does not affect the file's contents or accessibility.

Option B is incorrect because the amount of time the file exists does not determine the file's security. Even temporary files can contain confidential data, and it is essential to ensure that they are adequately secured.

Option D is also incorrect because using special characters in the filename does not necessarily indicate that the file is a system file or secure. The filename is just a label and does not affect the file's contents or accessibility.

Option C is correct because file permissions play a crucial role in determining who can access or modify a file. If the permissions are not set appropriately, anyone can access the file, including unauthorized users, resulting in confidential data exposure.

Therefore, the answer is: C.

One of the main disadvantages of integrating cryptography into applications is:
technology security

  1. Increased stability as the programs are protected against viral attack

  2. Enhanced reliability as users can no longer modify source code

  3. Reduced breaches of policy due to disclosure of information

  4. Possible denial of service if the keys are corrupted

Show answer
Correct Option: D
Explanation:

To solve this question, the user needs to know about the advantages and disadvantages of integrating cryptography into applications.

Option A is incorrect because it states cryptography brings increased stability as the programs are protected against viral attack. Cryptography can help protect against viral attacks to some extent, but it does not guarantee increased stability.

Option B is incorrect because it states that cryptography enhances reliability since users can no longer modify source code. This is not true as cryptography does not prevent users from modifying source code, but rather it helps protect sensitive data.

Option C is also incorrect because it states that cryptography reduces breaches of policy due to disclosure of information. Cryptography can help protect against data breaches but does not prevent them entirely.

Option D is the correct answer because possible denial of service (DoS) attacks can occur if the keys used for cryptography are corrupted. Once the keys are corrupted, the system will be unable to decrypt messages, which can lead to a DoS attack.

Therefore, the correct answer is:

The Answer is: D. Possible denial of service if the keys are corrupted

Which type of network component typically lacks sufficient accountability controls?
technology security

  1. Workstations

  2. Servers

  3. Switches

  4. Database management systems

Show answer
Correct Option: C

The correlation of system time among network components is important for what purpose?
technology security

  1. Availability

  2. Network connectivity

  3. Backups

  4. Audit log review

Show answer
Correct Option: D

Which group characteristic or practice should be avoided?
technology security

  1. Account groupings based on duties

  2. Group accounts

  3. Distribution of privileges to members of the group

  4. Assigning an account to multiple groups

Show answer
Correct Option: B

Which type of users should be allowed to use system accounts?
technology security

  1. Ordinary users

  2. Security administrators

  3. System administrators

  4. None of the above

Show answer
Correct Option: D

Wireless network traffic is the best security with which of the following protocols
technology security

  1. Wireless Encryption Protocol (WEP)

  2. Wired Equivalent Privacy (WEP)

  3. Wi-Fi Protected Access (WPA)

  4. Wireless Protected Access (WPA)

Show answer
Correct Option: C