An IS auditor reviewing wireless network security determines that the Dynamic Host Configuration Protocol is disabled at all wireless access points. This practice:

An IS auditor reviewing wireless network security determines that the Dynamic Host Configuration Protocol is disabled at all wireless access points. This practice: reduces the risk of unauthorized access to…

Continue ReadingAn IS auditor reviewing wireless network security determines that the Dynamic Host Configuration Protocol is disabled at all wireless access points. This practice:

An investment advisor e-mails periodic newsletters to clients and wants reasonable assurance that no one has modified the newsletter. This objective can be achieved by:

An investment advisor e-mails periodic newsletters to clients and wants reasonable assurance that no one has modified the newsletter. This objective can be achieved by: encrypting the hash of the…

Continue ReadingAn investment advisor e-mails periodic newsletters to clients and wants reasonable assurance that no one has modified the newsletter. This objective can be achieved by:

An organization can ensure that the recipients of e-mails from its employees can authenticate the identity of the sender by:

An organization can ensure that the recipients of e-mails from its employees can authenticate the identity of the sender by: digitally signing all e-mail messages. encrypting all e-mail messages. compressing…

Continue ReadingAn organization can ensure that the recipients of e-mails from its employees can authenticate the identity of the sender by:

Sending a message and a message hash encrypted by the sender’s private key will ensure:

Sending a message and a message hash encrypted by the sender's private key will ensure: authenticity and integrity. authenticity and privacy. integrity and privacy. privacy and nonrepudiation. Explanation:  If the…

Continue ReadingSending a message and a message hash encrypted by the sender’s private key will ensure:

Two-factor authentication can be circumvented through which of the following attacks?

Two-factor authentication can be circumvented through which of the following attacks? Denial-of-service Man-in-the-middle Key logging Brute force Explanation:  A man-in-the-middle attack is similar to piggybacking, in that the attacker pretends…

Continue ReadingTwo-factor authentication can be circumvented through which of the following attacks?

which of the following approaches would BEST enable the conductor of the test to remain undetected on the network?

When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected on the network? Use…

Continue Readingwhich of the following approaches would BEST enable the conductor of the test to remain undetected on the network?

Active radio frequency ID (RFID) tags are subject to which of the following exposures?

Active radio frequency ID (RFID) tags are subject to which of the following exposures? Session hijacking Eavesdropping Malicious code Phishing Explanation:  Like wireless devices, active RFID tags are subject to…

Continue ReadingActive radio frequency ID (RFID) tags are subject to which of the following exposures?

Which of the following public key infrastructure (PKI) elements provides detailed descriptions for dealing with a compromised private key?

Which of the following public key infrastructure (PKI) elements provides detailed descriptions for dealing with a compromised private key? Certificate revocation list (CRL) Certification practice statement (CPS) Certificate policy (CP)…

Continue ReadingWhich of the following public key infrastructure (PKI) elements provides detailed descriptions for dealing with a compromised private key?