Business > QUESTIONS & ANSWERS > ECIHv2 Practice Questions with Complete Solutions (All)

ECIHv2 Practice Questions with Complete Solutions

Document Content and Description Below

ECIHv2 Practice Questions with Complete Solutions Which element of information security includes the trustworthiness of data or resources in terms of preventing improper or unauthorized changes? a.) Confidentiality b.) Authenticity c.) Availability d.) Integrity -Answer- B _________ is a security strategy in which several protection layers are placed throughout an information system. a.) Defense-in-depth b.) Non-repudiation c.) Information security d.) Offense-in-depth -Answer- A Security policies are the foundation of the security infrastructure that defines the basic security requirements and rules to be implemented in order to protect and secure an organization's information systems. Which of the following is NOT something security policies can accomplish? a.) They reduce or eliminate legal liability of employees and third parties b.) They protect confidential and proprietary information from theft, misuses, unauthorized disclosure, or modification c.) They prevent wastage of the company's computing resources d.) They can still be effective when added as an afterthought -Answer- D Anna created her company's security policy to accept the majority of internet traffic, excluding several known dangerous services and attacks. Which type of security policy did Anna put into place? a.) Permissive Policy b.) Promiscuous Policy c.) Prudent Policy d.) Paranoid Policy -Answer- A A(n) ___________ policy defines a standard to handle application traffic, such as web or email. a.) Remote access b.) Network connection c.) Firewall management d.) Access control -Answer- C What kind of policy contains a set of rules that defines authorized connections? a.) User account b.) Special access c.) Remote access d.) Password -Answer- C Motive (Goal) + Method + Vulnerability = ____________ a.) Security policy b.) Attacks c.) Defense-in-depth d.) Access control -Answer- B Dwayne wants to acquire account information from a competitor company, so he sends an illegitimate email to the Payroll Specialist claiming to be the CEO. What type of security attack would this be? a.) IoT threats b.) Web application threats c.) Phishing d.) Ransomware -Answer- C Spoofing, Session Hijacking, DoS Attacks, Firewall and IDS Attacks are all considered what type of information security threat? a.) Network threat b.) Application threat c.) Host threat d.) System threat -Answer- A Which of the following is NOT a common cause for system vulnerabilities? a.) Software bugs b.) Strong passwords c.) Use of broken algorithms d.) Complexity of the system -Answer- B Which phase of the risk management process includes a strategical approach to prepare for handling risks and reduce its impact on organizations? This phase addresses and treats the risk according to their severity level. a.) Risk assessment b.) Risk mitigation c.) Risk management plan evaluation d.) Risk determination -Answer- B

[Show More]

Last updated: 3 years ago

Preview 1 out of 20 pages

Buy Now

Instant download

We Accept: