ITN 260 FINAL EXAM QUESTIONS AND ANSWERS ALL CORRECT
5 views 0 purchase
Course
ITN 260
Institution
ITN 260
ITN 260 FINAL EXAM QUESTIONS AND ANSWERS ALL CORRECT
Which statement about Rule-Based Access Control is true? - Answer- c. It dynamically assigns roles to subjects based on rules.
Which of the following is NOT a problem associated with log management? - Answer- c. Time-stamped log data
Blai...
ITN 260 FINAL EXAM QUESTIONS AND
ANSWERS ALL CORRECT
Which statement about Rule-Based Access Control is true? - Answer- c. It dynamically
assigns roles to subjects based on rules.
Which of the following is NOT a problem associated with log management? - Answer- c.
Time-stamped log data
Blaise needs to create a document that is a linear-style checklist of required manual
steps and actions needed to successfully respond to a specific type of incident. What
does she need to create? - Answer- d. Playbook
Cheryl has been asked to set up a user account explicitly to provide a security context
for services running on a server. What type of account will she create? - Answer- b.
Service account
Which of the following is a Linux utility that displays the contents of system memory? -
Answer- c. memdump
Raul has been asked to serve as the individual to whom day-to-day actions have been
assigned by the owner. What role is Raul taking? - Answer- d. Data custodian/steward
Which type of access control scheme uses predefined rules that makes it the most
flexible scheme? - Answer- a. ABAC
Which of the following is the most fragile and should be captured first in a forensics
investigation? - Answer- d. CPU cache
Which of the following should be performed in advance of an incident? - Answer- b.
Segmentation
Ella wants to research an attack framework that incorporates adversary, infrastructure,
capability, and victim. Which of the following would she choose? - Answer- a. Diamond
Model of Intrusion Analysis
Which tool is an open source utility for UNIX devices that includes content filtering? -
Answer- c. syslog-ng
Which of these is NOT an incident response process step? - Answer- c. Reporting
,Which of the following is a packet sampling protocol that gives a statistical sample
instead of the actual flow of packets? - Answer- c. sFlow
What is a definition of RPO? - Answer- c. The maximum length of time that can be
tolerated between backups
Margaux is reviewing the corporate policy that stipulates the processes to be followed
for implementing system changes. Which policy is she reviewing? - Answer- d. Change
control policy
Which of the following is NOT an element that should be part of a BCP? - Answer- b.
Robustness
Mary Alice has been asked to help develop an outline of procedures to be followed in
the event of a major IT incident or an incident that directly impacts IT. What type of
planning is this? - Answer- b. Disaster recovery planning
Which type of site is essentially a duplicate of the production site and has all the
equipment needed for an organization to continue running? - Answer- a. Hot site
Which of the following will a BIA NOT help determine? - Answer- b. Percentage
availability of systems
Which of the following is NOT true about RAID? - Answer- a. It is designed primarily to
backup data.
Which of the following is a federal initiative that is designed to encourage organizations
to address how critical operations will continue under a broad range of negative
circumstances? - Answer- c. COOP
Which of the following is NOT used to identify or enforce what mobile devices can do
based on the location of the device? - Answer- b. Geo-spatial
Linnea is researching a type of storage that uses a single storage device to serve files
over a network and is relatively inexpensive. What type of storage is Linnea
researching? - Answer- b. NAS
Which of these is NOT a factor in determining restoration order? - Answer- a. Speed of
implementation
What device is always running off its battery while the main power runs the battery
charger? - Answer- a. Online UPS
What is the average amount of time that it will take a device to recover from a failure
that is not a terminal failure? - Answer- b. MTTR
, Which commercial data classification level would be applied to a data set of the number
of current employees at an organization and would only cause a small amount of harm if
disclosed? - Answer- b. Public
What does an incremental backup do? - Answer- a. Copies all files changed since the
last full or incremental backup
Thea has received a security alert that someone in London attempted to access the
email account of Sigrid, who had accessed it in Los Angeles one hour before. What
feature determined an issue and send this alert to Thea? - Answer- a. Impossible Travel
A BIA can be a foundation for which of the following? - Answer- d. Functional recovery
plan
Which of the following is a document that outlines specific requirements or rules that
must be met? - Answer- a. Policy
Which of the following can a UPS NOT perform? - Answer- a. Prevent certain
applications from launching that will consume too much power
Molly needs to access a setting in Microsoft Windows Group Policy to change the type
of a network to which a computer is attached. Which setting must Molly change? -
Answer- d. Network Location
What is a list of potential threats and associated risks? - Answer- a. Risk register
Sergio has been asked to make a set of data that was once restricted now available to
any users. What data type will Sergio apply to this set of data? - Answer- d. Public
Which of the following threats would be classified as the actions of a hactivist? -
Answer- d. External threat
Which of the following is NOT true about data sovereignty? - Answer- d. Governments
cannot force companies to store data within specific countries.
In which of the following threat classifications would a power blackout be classified? -
Answer- d. Operational
Which of the following is not a legally enforceable agreement but is still more formal
than an unwritten agreement? - Answer- b. MOU
Emiliano needs to determine the expected monetary loss every time a risk occurs.
Which formula will he use? - Answer- b. SLE
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Scholarsstudyguide. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.49. You're not tied to anything after your purchase.