In order to implement a true separation of duties approach the bank could:
A bank requires tellers to get manager approval when a customer wants to open a new account. A
recent audit shows that there have been four cases in the previous year where tellers opened
accounts without management approval. The bank president thought separation of duties would
prevent this from happening. In order to implement a true separation of duties approach the bank
could:
Which of the following could the security administrator implement to reduce the risk associated with the findi
A security administrator has been tasked with improving the overall security posture related to
desktop machines on the network. An auditor has recently that several machines with confidential
customer information displayed in the screens are left unattended during the course of the day.
Which of the following could the security administrator implement to reduce the risk associated
with the finding?
Which of the following technical controls MUST be in place in order to promote the use of passphrases?
Company policy requires the use if passphrases instead if passwords. Which of the following
technical controls MUST be in place in order to promote the use of passphrases?
Which of the following could best prevent this from occurring again?
During a routine audit, it is discovered that someone has been using a stale administrator account
to log into a seldom used server. The person has been using the server to view inappropriate
websites that are prohibited to end users. Which of the following could best prevent this from
occurring again?
Which of the following should identify critical systems and components?
Which of the following should identify critical systems and components?
Which of the following works by implanting software on systems but delays execution until a specific set of co
Which of the following works by implanting software on systems but delays execution until a
specific set of conditions is met?
which of the following attacks?
A web application is configured to target browsers and allow access to bank accounts to siphon
money to a foreign account. This is an example of which of the following attacks?
Which of the following should be implemented to correct this issue?
Technicians working with servers hosted at the company’s datacenter are increasingly
complaining of electric shocks when touching metal items which have been linked to hard drive
failures. Which of the following should be implemented to correct this issue?
Which of the following is the BEST course of action to ensure data confidentiality?
A portable data storage device has been determined to have malicious firmware. Which of the
following is the BEST course of action to ensure data confidentiality?
Which of the following MUST be implemented to support this requirement?
A security administrator must implement a system to ensure that invalid certificates are not used
by a custom developed application. The system must be able to check the validity of certificates
even when internet access is unavailable. Which of the following MUST be implemented to
support this requirement?