Which of the following describes a component of Public Key Infrastructure (PKI) where a copy of a private key is stored to provide third-party access and to facilitate recovery operations?
A. Key registry
B. Recovery agent
D. Key escrow
Which tool would be used to collect wireless packet data?
B. John the Ripper
Which of the following processes evaluates the adherence of an organization to its stated security policy?
A. Vulnerability assessment
B. Penetration testing
C. Risk assessment
D. Security auditing
Which of the following.statements.are true regarding N-tier architecture? (Choose two.)
A. Each layer must be able to exist on a physically independent system.
B. The N-tier architecture must have at least one logical layer.
C. Each layer should exchange information only with the layers above and below it..
D. When a layer is changed or updated,the other layers must.also be.recompiled or modified.
Some passwords are stored using specialized encryption algorithms known as hashes. Why is this an appropriate method?
A. It is impossible to crack hashed user passwords.unless the key used to encrypt them is obtained.
B. If a user forgets the password,it can be easily retrieved using the hash key stored by administrators.
C. Hashing is faster compared to more traditional encryption algorithms.
D. Passwords stored using hashes are non-reversible,making finding the password much more difficult.
What is the main disadvantage of the scripting languages as opposed to compiled programming languages?
A. Scripting languages are hard to learn.
B. Scripting languages are not object-oriented.
C. Scripting languages cannot be used to create graphical user interfaces.
D. Scripting languages are slower because they require an interpreter to run the code.
Which of the following are password cracking tools? (Choose.three.)
B. John the Ripper
E. Cain and Abel
Which of the following techniques can be used to mitigate the risk of an on-site attacker from connecting to an unused network port and gaining full access to.the network? (Choose three.)
A. Port Security
B. IPSec Encryption
C. Network Admission Control (NAC)
D. 802.1q Port Based Authentication
E. 802.1x Port Based Authentication
F. Intrusion Detection System (IDS)
When does the Payment Card Industry Data Security Standard (PCI-DSS) require organizations to perform external and internal penetration testing?
A. At least once a year and after any significant upgrade or modification
B. At least once every three years or after any significant upgrade or modification
C. At least.twice a year or after any significant upgrade or modification
D. At least once.every.two.years and after any significant upgrade or modification
Which.type of.antenna is used in wireless communication?