3) The first step in the implementation of separation of duties is to
use access controls to prevent unauthorized data access. The
ultimate goal is to define access control where each user has the
permissions to carry out assigned tasks and nothing else. This is
known as the principle of:
4) ___________ are the components, including people, information,
and conditions, that support business objectives.
5) ___________ is the process of providing additional credentials
that match the user ID or username.
6) Which of the following is the definition of authorization?
7) An organization wants to determine how well it adheres to its
security policy and determine if any “holes” exist. What type of
analysis or assessment does it perform?
8) What is meant by availability?
9)
There are two common types of monitoring tools available
for monitoring LANs, __________ and network software log files.
10) Which control is used in the LAN Domain to protect the
confidentiality of data?
11) Which of the following is not typically a LAN Domain
component?
12) Which of the following is not a step to ensuring only authorized
users can see confidential data in the LAN Domain?
13) A nonintrusive penetration test ____________.
14) What is a corrective control in the LAN-to-WAN Domain?
15) One particular type of network security testing simulates actions
an attacker would take to attack your network. This is known as: