--Which of the following grants users and systems a predetermined level of acces

Question

--Which of the following grants users and systems a predetermined level of access?

Accountability

Authentication

Authorization

Assurance

--Which of the following is a behavioral control that can be used to safeguard against the loss of integrity?

Rotation of duties

Log analysis

Code testing

Digital signatures

--Which of the following is a type of access control that is defined by a policy and cannot be changed by the information owner?

Mandatory access control

Discretionary access control

Role-based access control

Rule-based access control

--Which of the following is the most common web application vulnerability?

Failure to validate output

Failure to validate input

Dynamic data validation

Static data validation

--Which of the following statements about symmetric key cryptography is not true?

Symmetric key cryptography uses one shared key.

Symmetric algorithms can provide confidentiality.

Symmetric algorithms can provide nonrepudiation and authenticity.

Symmetric key cryptography uses a single secret key.

--Which of the following business continuity plans focus on the immediate and near-term alternative workplace and business processes?

Response plans

Contingency plans

Recovery plans

Resumption plans

--Which of the following best describes full-scale testing?

Testing conducted at the enterprise level with a full simulation of a disaster with suspending all operations

Scenario-driven exercises but limited in scope to simulate a failure of a critical business function

A discussion-based exercise that does not involve deploying equipment or other resources

A systematic walkthrough of the procedures to determine disaster readiness

Explanation / Answer

ques) Which of the following grants users and systems a predetermined level of access?

Answer) Authorization

Explanation:Authorization involves the act of defining access-rights for subjects. An authorization policy specifies the operations that subjects are allowed to execute within a system.

Ques)Which of the following is a behavioral control that can be used to safeguard against the loss of integrity?

Answer) Digital signatures

Explanation: Digital signatures protect against the loss of integrity.

Ques)Which of the following is a type of access control that is defined by a policy and cannot be changed by the information owner?

Answer)Discretionary Access Control

Ques) Which of the following is the most common web application vulnerability?

Answer) Failure to validate input

Explanation: The most common web application security weakness is the failure to properly validate input coming from the client or from the environment before using it. This weakness leads to almost all of the major vulnerabilities
in web applications, such as cross site scripting, SQL injection, interpreter injection, locale/Unicode attacks, file system attacks, and buffer overflows.

Ques) Which of the following statements about symmetric key cryptography is not true?

Answer) Symmetric algorithms can provide confidentiality.

Let me know if you have any doubt.

ques) Which of the following business continuity plans focus on the immediate and near-term alternative workplace and business processes?

Answer) Contingency plans

Related Questions

Navigate

• Browse (All)
• Browse #
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.