An information system owner has supplied a new requirement to the development team that calls for increased non-repudiation within the application. After undergoing several audits, the owner determined that current levels of non-repudiation were insufficient. Which of the following capabilities would be MOST appropriate to consider implementing is response to the new requirement?

• A.Symmetric encryption
• B.Two-factor authentication
• C.Digital signatures
• D.One-time passwords
• E.Transitive trust

Comment: *

Name: *

Email: *

Verification: *

Confidential corporate data was recently stolen by an attacker who exploited data transport protections. Which of the following vulnerabilities is the MOST likely cause of this data breach?

• A.Improper input handling on the FTP site
• B.Weak SSL cipher strength
• C.Resource exhaustion on the VPN concentrators
• D.Race condition on the packet inspection firewall

Comment: *

Name: *

Email: *

Verification: *

A dumpster diver was able 10 retrieve hard drives from a competitor's trash bin. After installing the and hard drives and running common date recovery software. Sensitive information was recovered. In which of the following ways did the competitor apply media sanitation?

• A.Encrypting
• B.Pulverizing
• C.Formatting
• D.Degaussing

Comment: *

Name: *

Email: *

Verification: *

An incident responder is preparing to acquire images and files from a workstation that has been compromised. The workstation is still powered on and running. Which of the following should be acquired LAST?

• A.Processor cache
• B.Application fries on hard disk
• C.Swap space
• D.Processes in running memory

Comment: *

Name: *

Email: *

Verification: *

Which of the following types of keys is found in a key escrow?

• A.Session
• B.Shared
• C.Public
• D.Private

Comment: *

Name: *

Email: *

Verification: *