Answer: C

A smart card addresses what the user has. This is generally
used in conjunction with testing what the user knows, e.g.,
a key board password or personal identification number
(PIN). Proving who the user is usually requires a biometrics
method, such as finger print, iris scan or voice
verification, to prove biology. This is not a two-factor
user authentication because it proves only who the user is.
A global positioning system (GPS) receiver reports on where
the user is. An ID and password (what the user knows), is a
single-factor user authentication.

Answer: A

A screened subnet firewall would provide the best
protection. The screening router can be a commercial router
or a node with routing capabilities and the ability to allow
or avoid traffic between nets or nodes based on addresses,
ports, protocols, interfaces, etc. Application-level
gateways are mediators between two entities that want to
communicate, also known as proxy gateways. The application
level (proxy) works at the application level, not only at a
package level. The screening controls at package level,
addresses, ports, etc. but does not see the contents of the
package. A packet filtering router examines the header of
every packet or data traveling between the Internet and the
corporate network.

Answer: C

A scheduled daily scan of all network drives will detect the
presence of a virus after the infection has occurred. All of
the other choices are controls designed to prevent a
computer virus from infecting the system.

Answer: A

A ring or loop topology would enable messages to be rerouted
should the network cabling be severed at any point or a
hardware element fail. With the correct settings in network
hardware, the loss of any link would be invisible to the
users. In line and bus networks, which are essentially the
same thing, terminals are connected to a single cable. If
this cable is severed, all terminals beyond the point of
severance will be unavailable. A star network clusters
terminals around hubs, connected to the server by separate
lines in the form of a star. If any line is severed, all
terminals in the cluster at the end of that line would be
disconnected.

Answer: A

A review of the parameter settings will provide a good basis
for comparison of the actual configuration to the security
policy and will provide audit evidence documentation. The
other choices do not provide as strong audit evidence as
choice A.

Answer: B

A retention date will ensure that a file cannot be
overwritten before that date has passed. The retention date
will not affect the ability to read the file. Backup copies
would be expected to have a different retention date and
therefore may well be retained after the file has been
overwritten. The creation date, not the retention date, will
differentiate files with the same name.

Answer: A

A redundancy check detects transmission errors by appending
calculated bits onto the end of each segment of data. A
reasonableness check compares data to predefined
reasonability limits or occurrence rates established for the
data. A parity check is a hardware control that detects data
errors when data are read from one computer to another, from
memory or during transmission. Check digits detect
transposition and transcription errors.

This describes REDUNDANCY CHECK. Choice C. Previous answer 
is wrong.

Answer: B

A reasonableness check is a data validation edit and
control, used to ensure that data conforms to predetermined
criteria. Before and after image reporting is a control over
data files that makes it possible to trace changes. Online
access controls are designed to prevent unauthorized access
to the system and data. A hash total is a total of any
numeric data field or series of data elements in a data
file. This total is checked against a control total of the
same field or fields to ensure completeness of processing.

Answer: A

A RA is an entity that is responsible for identification and
authentication of certificate subjects, but the RA does not
sign or issue certificates. The certificate subject usually
interacts with the RA for completing the process of
subscribing to the services of the certification authority
in terms of getting identity validated with standard
identification documents, as detailed in the certificate
policies of the CA. In the context of a particular
certificate, the issuing CA is the CA that issued the
certificate. In the context of a particular CA certificate,
the subject CA is the CA whose public key is certified in
the certificate.

Answer: B

A quality plan is an essential element of all projects. It
is critical that the contracted supplier be required to
produce such a plan. The quality plan for the proposed
development contract should be comprehensive and encompass
all phases of the development and include which business
functions will be included and when. Acceptance is normally
managed by the user area, since they must be satisfied that
the new system will meet their requirements. If the system
is large, a phased-in approach to implementing the
application is a reasonable approach. Prototyping is a valid
method of ensuring that the system will meet business
requirements.

B. A quality plan is not part of the contracted deliverables

Answer: B

A protective cover over the switch would allow it to be
accessible and visible, but would prevent accidental
activation. Relocating the shut off switch would defeat the
purpose of having it readily accessible. Escorting the
personnel moving the equipment may not have prevented this
incident and logging of environmental failures would provide
management with a report of incidents, but reporting alone
would not prevent a reoccurrence.

B. Install protective covers.

Answer: B

A preparedness test is performed by each local office/area
to test the adequacy of the preparedness of local operations
for the disaster recovery. A paper test is a structured
walkthrough of the DRP and should be conducted before a
preparedness test. A full operational test is conducted
after the paper and preparedness test. A regression test is
not a DRP test and is used in software maintenance.

B. Preparedness test

Answer: C

A preparedness test is a localized version of a full test,
wherein resources are expended in the simulation of a system
crash. This test is performed regularly on different aspects
of the plan and can be a cost-effective way to gradually
obtain evidence about the plan's effectiveness. It also
provides a means to improve the plan in increments. A paper
test is a walkthrough of the plan, involving major players
in the plan's execution who attempt to determine what might
happen in a particular type of service disruption. A paper
test usually precedes the preparedness test. A post-test is
actually a test phase and is comprised of a group of
activities, such as returning all resources to their proper
place, disconnecting equipment, returning personnel and
deleting all company data from third-party systems. A
walk-through is a test involving a simulated disaster
situation that tests the preparedness and understanding of
management and staff, rather than the actual resources.

C. Preparedness test

Answer: D

A polymorphic virus has the capability of changing its own
code, enabling it to have many different variants. Since
they have no consistent binary pattern, such viruses are
hard to identify. A logic bomb is code that is hidden in a
program or system which will cause something to happen when
the user performs a certain action or when certain
conditions are met. A logic bomb, which can be downloaded
along with a corrupted shareware or freeware program, may
destroy data, violate system security, or erase the hard
drive. A stealth virus is a virus that hides itself by
intercepting disk access requests. When an antivirus program
tries to read files or boot sectors to find the virus, the
stealth virus feeds the antivirus program a clean image of
the file or boot sector. A trojan horse is a virus program
that appears to be useful and harmless but which has harmful
side effects such as destroying data or breaking the
security of the system on which it is run.

D. polymorphic virus.

Answer: C

A policy statement reflects the intent and support provided
by executive management for proper security and establishes
a starting point for developing the security program.

C. adoption of a corporate information security policy
statement.