CIS 349 All Assignments CIS 349 All Assignments | Page 2

6) What is meant by availability?
7)
Which of the following is the definition of authorization?
8)
An organization wants to determine how well it adheres to its security policy and
determine if any “holes” exist. What type of analysis or assessment does it perform?
9)
Which of the following is not a step to ensuring only authorized users can see
confidential data in the LAN Domain?
10) Which of the following is not typically a LAN Domain component?
11) Which control is used in the LAN Domain to protect the confidentiality of data?
12) The following are LAN Domain controls except:
13)
Here is a common flow a penetration tester follows to develop attacks: This step
collects as much information about the target environment as possible. At this stage, the
attacker is collecting both technical and nontechnical information. Both types of information
can help the attacker determine how the organization operates, where it operates, and which
characteristics the organization and its customers’ value. This is:
14)
A nonintrusive penetration test ____________.
15)
One particular type of network security testing simulates actions an attacker would take
to attack your network. This is known as: