Which of the following is a characteristic of a challenge/response authentication process?
Correct Answer: A
Question 262
Which of the following is currently the most recommended water system for a computer room?
Correct Answer: A
The answer: Preaction combines both the dry and wet pipe systems and allows manual intervention before a full discharge of water on the equipment occurs. Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, page 334.
Question 263
Which choice MOST accurately describes the difference between the role of a data owner versus the role of a data custodian?
Correct Answer: B
Question 264
Which of the following teams should NOT be included in an organization's contingency plan?
Correct Answer: C
According to NIST's Special publication 800-34, a capable recovery strategy will require some or all of the following functional groups: Senior management official, management team, damage assessment team, operating system administration team, systems software team, server recovery team, LAN/WAN recovery team, database recovery team, network operations recovery team, telecommunications team, hardware salvage team, alternate site recovery coordination team, original site restoration/salvage coordination team, test team, administrative support team, transportation and relocation team, media relations team, legal affairs team, physical/personal security team, procurements team. Ideally, these teams would be staffed with the personnel responsible for the same or similar operation under normal conditions. A tiger team, originally a U.S. military jargon term, defines a team (of sneakers) whose purpose is to penetrate security, and thus test security measures. Used today for teams performing ethical hacking. Source: SWANSON, Marianne, & al., National Institute of Standards and Technology (NIST), NIST Special Publication 800-34, Contingency Planning Guide for Information Technology Systems, December 2001 (page 23).
Question 265
Within the OSI model, at what layer are some of the SLIP, CSLIP, PPP control functions provided?
Correct Answer: A
RFC 1661 - The Point-to-Point Protocol (PPP) specifies that the Point-to- Point Protocol (PPP) provides a standard method for transporting multi-protocol datagrams over point-to-point links. PPP is comprised of three main components: 1 A method for encapsulating multi-protocol datagrams. 2 A Link Control Protocol (LCP) for establishing, configuring, and testing the data-link connection. 3 A family of Network Control Protocols (NCPs) for establishing and configuring different network-layer protocols.