This page contains a Flash digital edition of a book.
6. A company takes orders exclusively over the Internet. Customers submit orders via a web-based application running on the external web server which is located on Network A. Warehouse employees use an internal application, on its own server, to pick and ship orders, located on Network B. Any changes made after the order is placed are handled by a customer service representative using the same internal application. All information is stored in a database, which is also located on Network B. The company uses these four sets of user rights: - NONE - ADD (read existing data, write new data) - CHANGE (read, write and change existing data) - READ (read existing data) The company has 2 different network zones: - Network A, the DMZ, a public accessible network - Network B, the internal LAN, accessible from company systems only The company wants to restrict warehouse employee access. Which of the following permissions is the MOST appropriate for the warehouse employees? A. READ on Network B, NONE on Network A B. ADD on Network A, NONE on Network B C. CHANGE on Network A, ADD on Network B D. READ on Network A and B Answer: A


7. Which of the following may be an indication of a possible system compromise? A. A port monitor utility shows that there are many connections to port 80 on the Internet facing web server. B. A performance monitor indicates a recent and ongoing drop in speed, disk space or memory utilization from the baseline. C. A protocol analyzer records a high number of UDP packets to a streaming media server on the Internet. D. The certificate for one of the web servers has expired and transactions on that server begins to drop rapidly. Answer: B


8. Which of the following logical access controls would be MOST appropriate to use when creating an account for a temporary worker? A. ACL B. Account expiration C. Time of day restrictions D. Logical tokens Answer: B


9. All of the following can be found in the document retention policy EXCEPT: A. type of storage media. B. password complexity rules. C. physical access controls. D. retention periods. Answer: B


10. Which of the following should a technician recommend to prevent physical access to individual office areas? (Select TWO). A. Video surveillance B. Blockade C. Key card readers D. Mantrap E. Perimeter fence Answer: CD


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7
Produced with Yudu - www.yudu.com