Management establishes a policy that requires that all information technology professionals must have a college degree with a core emphasis on information technology, and that all system administrators must have a security certification from an accredited program. By doing so, management has established what?

Which of the following term describes the creation, maintenance, anddeactivation of user objects and attributes as they exist in one or more systems,directories, or applications, in response to business processes?

Your company has hired a risk management firm to evaluate the organizations overall health and risks. One area that is quickly identified is a small warehouse in a heavily populated area that holds valuable assets. The warehouse has no perimeter defenses. This lack of protection would be characterized as a ________.

Capability tables are bound to what?

The Kerberos technology has some issues that need to be understood before access control implementation.. Which of the following are issues pertaining to Kerberos?

i.The KDC can be a single point of failure. If the KDC goes down, no one canaccess needed resources. Redundancy is necessary for the KDC.
ii. The KDC must be able to handle the number of requests it receives in a timelymanner. It must be scalable.
iii. Secret keys are temporarily stored on the users’ workstations, which means itis possible for an intruder to obtain these cryptographic keys.
iv. Session keys are decrypted and reside on the users’ workstations, either in acache or in a key table. Again, an intruder can capture these keys.

Which matches the following definition, "The use of needles to remove the outerprotective material on the cards circuits, by using ultrasonic vibration. Once thisis completed then data can be accessed and manipulated by directly tapping into thecards ROM chips"?

If John books his flight on Southwest, the web site asks him if he wants to alsobook a hotel room. If he clicks "Yes," he could then be brought to the Hilton website, which provides him with information on the closest hotel to the airport he isflying into. Now, to book a room he does not have to log in again. What type offunctionality are these websites using?

An attack that changes the source IP address of a ICMP ECHO request packet so itappears as though it came from the victim and is broadcasted to an amplifyingnetwork can be called all of the following except:

Recently passed over for an executive promotion, Carol is anxious to hear abouta major company announcement which will most likely reveal the new hire. Knowingthat the PR department does not regularly shred documents, she snoops around thehallways after hours, and finds a memo next to the printer that gives her theinformation that will be released to the public next week. What kind of attack has Carol committed?

An attack in which the attacker spoofs the source IP address in an ICMP ECHO broadcast packet so it seems to have originated at the victims system, in order to flood it with REPLY packets, is called a: