CSIA 300 Final Prep 2024 With 100% c0rrect answers

CSIA 300 Final Prep 2024
With 100% c0rrect answers


Which of the following phases of a system development life-cycle is most concerned with authenticating
users and processes to ensure appropriate access control decisions? - ✔✔✔Operation and
maintenance



What is the effective key size of DES? - ✔✔✔56 bit



What are two types of ciphers? - ✔✔✔Transposition and substitution



When block chaining cryptography is used, what type of code is calculated and appended to the data to
ensure authenticity? - ✔✔✔Message authentication code



Which of the following is the most secure form of triple-DES encryption? - ✔✔✔DES-EDE3



Cryptography does not help in - ✔✔✔Detecting fraudulent disclosure



All of the following statements about a security incident plan are correct EXCEPT - ✔✔✔The plan
should be published annually



Two separate employees are required to open a safe containing sensitive information. One employee
has part of the safe combination, and a second employee has another part of the safe combination. This
arrangement follows the principle of - ✔✔✔Split custody



Within the realm of IT security, which of the following combinations best defines

risk? - ✔✔✔Threat coupled with a vulnerability

,The purpose of a security incident debrief is all of the following EXCEPT: - ✔✔✔Review of log files



The primary impact of a pandemic on an organization is: - ✔✔✔Long periods of employee absenteeism
that impact the organization's ability to provide services



In what phase of a business continuity plan does a company proceed when it is ready to move back into
its original site or a new site? - ✔✔✔Reconstitution phase



The process of erasing magnetic media through the use of a strong magnetic field is known as: - ✔✔✔
Degaussing



A security manager has instructed a system administrator to wipe files on a hard disk. This means that
the administrator needs to: - ✔✔✔Use a tool to overwrite files multiple times



Which of the following processes is concerned with not only identifying the root cause but also
addressing the underlying issue? - ✔✔✔Problem Management



What is the minimum and customary practice of responsible protection of assets that affects a
community or societal norm? - ✔✔✔Due care



What is one disadvantage of content-dependent protection of information? - ✔✔✔increases
processing overhead



In the event of a security incident, one of the primary objectives of the operations staff is to ensure
that.. - ✔✔✔there is minimal disruption to the organization's mission



Which of the following statements pertaining to block ciphers is incorrect? - ✔✔✔Plain text is
encrypted with a public key and decrypted with a private key.

, Cryptography does not help in: - ✔✔✔Detecting fraudulent disclosure



Where is firmware primarily stored on a computer system? - ✔✔✔Read-only memory



What size is an MD5 message digest (hash)? - ✔✔✔128 bits



Which of the following mail standards relies on a "Web of Trust" ? - ✔✔✔Pretty Good Privacy (PGP



How many bits is the effective length of the key of the Data Encryption Standard Algorithm? - ✔✔✔56



A demilitarized zone on a computer network exists for all of the following reasons except: - ✔✔✔
Reduces the load on firewalls



The primary advantage of the use of a central management console for anti-virus is: - ✔✔✔
Consolidation of reporting and centralized signature file distribution



Which attack is primarily based on the fragmentation implementation of IP and uses large ICMP
packets? - ✔✔✔Ping of Death



TCP and UDP use port numbers of what length? - ✔✔✔16 bits



A screening router can perform packet filtering based on which type of data? - ✔✔✔Source and
destination addresses and port numbers.



In the OSI model, at what level are TCP and UDP provided? - ✔✔✔Transport