C845 - Information Systems
Security QUESTIONS AND
VERIFIED CORRECT
ANSWERS GRADED A+
LATEST 100% GUARANTEED
PASS
Two-Man Rule - CORRECT ANSWER-A procedure popular in very high-security locations and
situations. It features two individuals who must agree upon action yet are physically separated
and must therefore take action independent of the other
Types of Security Awareness Education Programs - CORRECT ANSWER-New Hire Orientation
Mandatory Security Training
Corporate-Wide Security Training
Specialty Security Training
Mitigation - CORRECT ANSWER-The act of limiting risk
Physical Controls - CORRECT ANSWER-Restrict or prohibit access to the physical components of
the infrastructure; usually independent of computer hardware, software, and communication
systems
Usually the first line of defense
,Include doors, locks, and fences.
Logical Controls - CORRECT ANSWER-Any network device or software that protects the network
hardware and digital information assets of the company
These include an access control list (ACL), an intrusion detection system (IDS), firewalls, routers,
virus protection software, and activity logging mechanisms.
Administrative Controls - CORRECT ANSWER-Consist of policies, directives, regulations, and
rules set up by a company to govern activities taken by individuals or to establish operating
procedures.
These include banners, signs, policies or procedures, directives, rules or regulations, and
documents or log-on screens.
Types of Assets - CORRECT ANSWER-Digital - Data stored on IT systems
Information - Content represented by the digital data
Physical - Tangible things
Assurance Procedures - CORRECT ANSWER-Procedures that ensure that the access control
mechanisms correctly implement the security policy
Defense-in-Depth Strategy - CORRECT ANSWER-Relies on two concepts: discouraging the attack
and slowing the attacker
,Subject - CORRECT ANSWER-The user or entity taking the action or accessing a resource such as
a database; always active
Object - CORRECT ANSWER-The item or resource being acted upon; always passive
Access Control Lists (ACLs) - CORRECT ANSWER-Contain the identity and access authority for
every user (subject)
Compatibility Table - CORRECT ANSWER-A type of ACL; maintains the permissions assigned to
the USER
Authorized Use Policy (AUP) - CORRECT ANSWER-Specifies how the user must behave when
using the networks, information, and IT products of the company. May be a signed policy in a
new-hire folder as well as a logon screen stating appropriate system use.
False Positive - CORRECT ANSWER-Refers to a condition where an unknown user has been
identified and authenticated and allowed access to a system
False Negative - CORRECT ANSWER-Refers to a condition where a known good user is denied
access to the system
Error Rate - CORRECT ANSWER-The frequency of false positives and false negatives
Factors of Authentication - CORRECT ANSWER-1. Something You Know
2. Something You Have
3. Something You Are
4. Somewhere You Are
5. Something You Do
, Reference Profile - CORRECT ANSWER-Initial recording a specific biometric sample into the
system;
Also called a biometric signature.
Weight Recognition - CORRECT ANSWER-Has been utilized in mantraps to both authenticate an
individual and alert authorities in the event of two persons in the mantrap, called
"piggybacking."
Retinography - CORRECT ANSWER-A process for identifying people by the pattern of blood
vessels on the innermost tissue coat of the back part of the eye
One-to-One Search - CORRECT ANSWER-Database search where only specific data points of the
acquired sample information are compared against similar data points stored in the system to
speed the sort
Biometric Error Types - CORRECT ANSWER-• False Rejection Rate (FRR)
• False Acceptance Rate (FAR)
• Crossover Error Rate (CER)
False Rejection Rate (FRR) - CORRECT ANSWER-Referred to as a Type I error.
Percentage of time a biometric system rejects a known good user
False Acceptance Rate (FAR) - CORRECT ANSWER-Referred to as a Type II error.
Security QUESTIONS AND
VERIFIED CORRECT
ANSWERS GRADED A+
LATEST 100% GUARANTEED
PASS
Two-Man Rule - CORRECT ANSWER-A procedure popular in very high-security locations and
situations. It features two individuals who must agree upon action yet are physically separated
and must therefore take action independent of the other
Types of Security Awareness Education Programs - CORRECT ANSWER-New Hire Orientation
Mandatory Security Training
Corporate-Wide Security Training
Specialty Security Training
Mitigation - CORRECT ANSWER-The act of limiting risk
Physical Controls - CORRECT ANSWER-Restrict or prohibit access to the physical components of
the infrastructure; usually independent of computer hardware, software, and communication
systems
Usually the first line of defense
,Include doors, locks, and fences.
Logical Controls - CORRECT ANSWER-Any network device or software that protects the network
hardware and digital information assets of the company
These include an access control list (ACL), an intrusion detection system (IDS), firewalls, routers,
virus protection software, and activity logging mechanisms.
Administrative Controls - CORRECT ANSWER-Consist of policies, directives, regulations, and
rules set up by a company to govern activities taken by individuals or to establish operating
procedures.
These include banners, signs, policies or procedures, directives, rules or regulations, and
documents or log-on screens.
Types of Assets - CORRECT ANSWER-Digital - Data stored on IT systems
Information - Content represented by the digital data
Physical - Tangible things
Assurance Procedures - CORRECT ANSWER-Procedures that ensure that the access control
mechanisms correctly implement the security policy
Defense-in-Depth Strategy - CORRECT ANSWER-Relies on two concepts: discouraging the attack
and slowing the attacker
,Subject - CORRECT ANSWER-The user or entity taking the action or accessing a resource such as
a database; always active
Object - CORRECT ANSWER-The item or resource being acted upon; always passive
Access Control Lists (ACLs) - CORRECT ANSWER-Contain the identity and access authority for
every user (subject)
Compatibility Table - CORRECT ANSWER-A type of ACL; maintains the permissions assigned to
the USER
Authorized Use Policy (AUP) - CORRECT ANSWER-Specifies how the user must behave when
using the networks, information, and IT products of the company. May be a signed policy in a
new-hire folder as well as a logon screen stating appropriate system use.
False Positive - CORRECT ANSWER-Refers to a condition where an unknown user has been
identified and authenticated and allowed access to a system
False Negative - CORRECT ANSWER-Refers to a condition where a known good user is denied
access to the system
Error Rate - CORRECT ANSWER-The frequency of false positives and false negatives
Factors of Authentication - CORRECT ANSWER-1. Something You Know
2. Something You Have
3. Something You Are
4. Somewhere You Are
5. Something You Do
, Reference Profile - CORRECT ANSWER-Initial recording a specific biometric sample into the
system;
Also called a biometric signature.
Weight Recognition - CORRECT ANSWER-Has been utilized in mantraps to both authenticate an
individual and alert authorities in the event of two persons in the mantrap, called
"piggybacking."
Retinography - CORRECT ANSWER-A process for identifying people by the pattern of blood
vessels on the innermost tissue coat of the back part of the eye
One-to-One Search - CORRECT ANSWER-Database search where only specific data points of the
acquired sample information are compared against similar data points stored in the system to
speed the sort
Biometric Error Types - CORRECT ANSWER-• False Rejection Rate (FRR)
• False Acceptance Rate (FAR)
• Crossover Error Rate (CER)
False Rejection Rate (FRR) - CORRECT ANSWER-Referred to as a Type I error.
Percentage of time a biometric system rejects a known good user
False Acceptance Rate (FAR) - CORRECT ANSWER-Referred to as a Type II error.
