Posts by Admin

 

Which of the following attack could be avoided by creating more security awareness in the organization and provide adequate security knowledge to all employees?

Posted on by

Which of the following attack could be avoided by creating more security awareness in the organization and provide adequate security knowledge to all employees? surf attack Traffic analysis Phishing Interrupt attack Explanation: Phishing techniques include social engineering, link manipulation, spear phishing, whaling, dishing, or web site forgery techniques. For your exam you should know the […]
Continue reading…

 

Which of the following biometrics methods provides the HIGHEST accuracy and is LEAST accepted by users?

Posted on by

Which of the following biometrics methods provides the HIGHEST accuracy and is LEAST accepted by users? Palm Scan Hand Geometry Fingerprint Retina scan Explanation: Retina based biometric involves analyzing the layer of blood vessels situated at the back of the eye. An established technology, this technique involves using a low-intensity light source through an optical […]
Continue reading…

 

Which of the following attack is MOSTLY performed by an attacker to steal the identity information of a user such as credit card number, passwords, etc?

Posted on by

Which of the following attack is MOSTLY performed by an attacker to steal the identity information of a user such as credit card number, passwords, etc? Smurf attack Traffic analysis Harming Interrupt attack Explanation: Harming is a cyber attack intended to redirect a website’s traffic to another, bogus site. Harming can be conducted either by […]
Continue reading…

 

Which of the following attack includes social engineering, link manipulation or web site forgery techniques?

Posted on by

Which of the following attack includes social engineering, link manipulation or web site forgery techniques? surf attack Traffic analysis Phishing Interrupt attack Explanation: Phishing technique include social engineering, link manipulation or web site forgery techniques. For your exam you should know the information below: Phishing is the attempt to acquire sensitive information such as usernames, […]
Continue reading…

 

Which of the following is MOST important for an information security manager to consider when identifying information security resource requirements?

Posted on by

Which of the following is MOST important for an information security manager to consider when identifying information security resource requirements? Information security incidents Information security strategy Current resourcing levels Availability of potential resources
Continue reading…

 

Which of the following is the MOST effective way for an organization to ensure its third-party service providers are aware of information security requirements and expectations?

Posted on by

Which of the following is the MOST effective way for an organization to ensure its third-party service providers are aware of information security requirements and expectations? Auditing the service delivery of third-party providers Including information security clauses within contracts Providing information security training to third-party personnel Requiring third parties to sign confidentiality agreements
Continue reading…

 

Which of the following attack occurs when a malicious action is performed by invoking the operating system to execute a particular system call?

Posted on by

Which of the following attack occurs when a malicious action is performed by invoking the operating system to execute a particular system call? Eavesdropping Traffic analysis Masquerading Interrupt attack Explanation: An Interrupt attack occurs when a malicious action is performed by invoking the operating system to execute a particular system call. Example: A boot sector […]
Continue reading…

 

Which of the following attack is also known as Time of Check(TOC)/Time of Use(TOU)?

Posted on by

Which of the following attack is also known as Time of Check(TOC)/Time of Use(TOU)? Eavesdropping Traffic analysis Masquerading Race Condition Explanation: A Race Condition attack is also known as Time of Check(TOC)/Time of Use(TOU). A race condition is when processes carry out their tasks on a shared resource in an incorrect order. A race condition […]
Continue reading…

 

When evaluating vendors for sensitive data processing, which of the following should be the FIRST step to ensure the correct level of information security is provided?

Posted on by

When evaluating vendors for sensitive data processing, which of the following should be the FIRST step to ensure the correct level of information security is provided? Include information security clauses in the vendor contract. Review third-party reports of potential vendors. Include information security criteria as part of vendor selection. Develop metrics for vendor performance.
Continue reading…

 

Which of the following technique an attacker could user to force authorization step before authentication?

Posted on by

During an IS audit, auditor has observed that authentication and authorization steps are split into two functions and there is a possibility to force the authorization step to be completed before the authentication step. Which of the following technique an attacker could user to force authorization step before authentication? Eavesdropping Traffic analysis Masquerading Race Condition […]
Continue reading…

 

Which of the following attack involves sending forged ICMP Echo Request packets to the broadcast address on multiple gateways in order to illicit responses from the computers behind the gateway where they all respond back with ICMP Echo Reply packets to the source IP address of the ICMP Echo Request packets?

Posted on by

Which of the following attack involves sending forged ICMP Echo Request packets to the broadcast address on multiple gateways in order to illicit responses from the computers behind the gateway where they all respond back with ICMP Echo Reply packets to the source IP address of the ICMP Echo Request packets? Reflected attack Brute force […]
Continue reading…