Q(5)

Hi there,

Please answer all the five multiple choice questions. No written explanation needed for all the questions.  Thank you in advance. 

[26] During RADIUS authentication, what type of packet includes information such as identification of a specific AP that is sending the packet and the username and password?

A. accounting request                     B. access request

C. verification request                     D. authentication request

[27] Which of the following controls can be implemented so an organization can configure multiple computers by setting a single policy for enforcement?

A. group-based access control    B. computer-based access control

C.  role-based access control       D. system access control

[28] A database administrator contacts a security administrator to request firewall changes for a connection to a new internal application. The security administrator notices that the new application uses a port typically monopolized by a virus. The security administrator denies the request and suggests a new port or service be used to complete the application's task. Which of the following is the security administrator practicing in this example?

A. Explicit deny     B. Port security   C. Access control lists   D. Implicit deny?

[29] To help prevent unauthorized access to PCs, a security administrator implements screen savers that lock the PC after five minutes of inactivity. Which of the following controls is being described in this situation?

A. Management              B. Administrative    C. Technical   D. Operational

[30] An internal auditor is concerned with privilege creep that is associated with transfers inside the company. Which mitigation measure would detect and correct this?

A. User rights reviews   B. Least privilege and job rotation

C. Change management         D. Change Control