A software or hardware device that allows only authorized network traffic in or out of a computer or
network is called a:

Which of the following access decisions are based on a Mandatory Access Control (MAC)
environment?

Which of the following is a best practice for managing user rights and privileges?

The concept that a web script is run in its own environment and cannot interfere with any other
process is known as a:

During a live response to an unauthorized access, a forensics specialist executes a command on
the computer being investigated. Which of the following commands would be used to display the
current network connections on the local computer?

Choose the malicious code which can distribute itself without using having to attach to a host file.

Which of the following is a suppression method for a Class C fire?

A computer system containing personal identification information is being implemented by a
company’s sales department. The sales department has requested that the system become
operational before a security review can be completed. Which of the following can be used to
explain the reasons a security review must be completed?

The first step in risk identification would be to identify:

You work as the security administrator. You want to reduce the likelihood of certpaper.com
employees misusing your ORG. e-mail.
How will you accomplish the task?