Which of the following are enterprise administrative controls? (Choose TWO.)
Which type of Business Continuity Plan (BCP) test involves practicing aspects of the BCP, without actually interrupting operations or bringing an alternate site on-line?
_________ is a smaller, enhanced version of the X.500 protocol. It is used to provide directory-service information. (Choose the BEST answer.)
_______ intrusion detection involves comparing traffic to known characteristics of malicious traffic, known as attack signatures.
You are considering purchasing a VPN solution to protect your organization's information assets. The solution you are reviewing uses RFC-compliant and open-standards encryption schemes. The vendor has submitted the system to a variety of recognized testing authorities. The vendor does not make the source code available to testing authorities. Does this solution adhere to the secure design principle of open design?
Digital signatures are typically provided by a ____________________, where a third party verifies a key's authenticity.
Which TWO of the following items should be accomplished, when interviewing candidates for a position within an organization?
Which principle of secure design states that a security mechanism's methods must be testable?
Why does the (ISC)2 access-control systems and methodology functional domain address both the confidentiality and integrity aspects of the Information Security Triad? Access-control systems and methodologies:
____________________ educate(s) security administrators and end users about organizations' security policies.
