121. In an information system that authenticates users based on userid and password, the primary reason for storing a hash of the password instead of storing the encrypted password is:
No one, even system administrators, can derive the password
Hashing algorithms are less CPU-intensive than encryption algorithms
Hashed passwords require less storage space than encrypted passwords
Support personnel can more easily reset a user's password when it is hashed
Correct answer: (A) No one, even system administrators, can derive the password
122. In modulo arithmetic, when A – B < 0, then:
26 is subtracted from the result
100 is added to the result
26 is added to the result
32 is added to the result
Correct answer: (C) 26 is added to the result
123. In what sequence should a disaster recovery planning project be performed?
Business Impact Analysis, Maximum Tolerable Downtime, Recovery Point Objective, Recovery Time Objective, training, testing
Survey business processes, threat and risk analysis, develop recovery targets, criticality analysis
Project plan, risk assessment, statements of impact, criticality analysis, recovery targets, test recovery plans
Project plan, Business Impact Analysis, develop recovery plans, train personnel, test recovery plans
Correct answer: (D) Project plan, Business Impact Analysis, develop recovery plans, train personnel, test recovery plans
124. On a TCP/IP network, a station's IP address is 10.0.25.200, the subnet mask is 255.255.252.0, and the default gateway is 10.0.25.1. How will the station send a packet to another station whose IP address is 10.0.24.10?
It will send the packet directly to the station
It will send the packet to the default gateway at 10.0.25.1
It will send a Proxy ARP packet to find the IP address of another default gateway
It cannot send a packet to the station
Correct answer: (A) It will send the packet directly to the station
125. One disadvantage of the use of digital certificates as a means for two- factor authentication is NOT:
Digital certificates may not be portable across different types of machines
The password used to unlock the certificate may be weak and easily guessed
It may be possible to steal the certificate and use it on another computer
A digital certificate can theoretically be copied, unlike tokens and smart cards which are not easily cloned
Correct answer: (A) Digital certificates may not be portable across different types of machines
126. One reason an organization would consider a distributed application is:
Some components are easier to operate
Distributed applications have a simpler architecture than other types of applications
Some application components are owned and operated by other organizations
Distributed applications are easier to secure
Correct answer: (C) Some application components are owned and operated by other organizations
127. Organizations that implement two-factor authentication often do not adequately plan. One result of this is:
Some users will lose their tokens, smart cards, or USB keys
Some users will store their tokens, smart cards, or USB keys with their computers, thereby defeating one of the advantages of two-factor authentication
Users will have trouble understanding how to use two-factor authentication
The cost of implementation and support can easily exceed the cost of the product itself
Correct answer: (D) The cost of implementation and support can easily exceed the cost of the product itself
128. Palm scan, fingerprint scan, and iris scan are forms of:
Strong authentication
Two-factor authentication
Biometric authentication
Single sign-on
Correct answer: (C) Biometric authentication
129. Process management, resource management, access management, and event management are examples of:
Security processes
Functions of a database management system
Functions of an operating system
Types of operating systems
Correct answer: (C) Functions of an operating system
130. Provided it is permitted by local fire codes, which type of fire sprinkler system is most preferred for computer rooms?