November 2020

Article

16 Nov

Posted at 14:32h in Practice Test Questions by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Frank would like to set his organization's password length requirements to align with industry best practices. What should he set as the maximum password length? A. No maximum B. 8 characters C. 16 characters D. 255 characters Correct Answer: A The best source for guidance on passwords and other authentication techniques is NIST Special Publication 800-63B: Digital Identity Guidelines. In the most recent revision of this document, NIST states that users should not be subjected to a maximum password length requirement and should be allowed to choose passwords as lengthy as they would like.   Interested in more practice test questions?   Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

16 Nov

Posted at 14:27h in Practice Test Questions by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Gavin is managing the access control system for his organization. Users often change jobs and he would like to select an approach that will make it easy to reassign permissions when users move around the organization. Which access control model is best suited for his needs? A. ABAC B. DAC C. MAC D. RBAC Correct Answer: D This situation calls for role-based access control, where authorizations are assigned based upon a user's role in the organization. This approach would allow Gavin to simply change a user's role when they switch jobs and then the permissions would automatically update based upon the user's new role. Interested in more practice test questions? Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

16 Nov

Posted at 14:24h in Practice Test Questions by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. What term is used to describe a network of decoy systems used to attract and study the activity of intruders? A. Honeynet B. Honeypot C. Darknet D. Darkpot Correct Answer: A Honeynets are networks of decoy systems designed to attract intruders so that security analysts may study their activity. Honeypots are single systems designed for the same purpose. Darknets are unused portions of IP address space designed to detect scanning activity when a scanner attempts to access those unused addresses. Darkpots are what occur when I attempt to cook and leave a pot unattended on the stove for too long. Interested in more practice test questions? Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

In Archive