Practice Test Questions

20 Apr

Posted at 14:47h in Practice Test Questions by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Ed is working with functional units in his organization to document the maximum amount of time that they could be without a critical IT service during a disaster. What metric should he use to document this requirement? A. RTO B. RPO C. MTTR D. MTBF Correct Answer: A The recovery time objective (RTO) is the amount of time that the business can tolerate an outage during a disaster, making it our correct answer. The recovery point objective (RPO) is the amount of tolerable data loss, which is not what we are looking for here. The mean time to repair (MTTR) is the amount of time required to repair a damaged system, while the mean time between failures (MTBF) describes the frequency of failures, neither of which are correct answers.   Interested in more practice test questions?   Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

20 Apr

Posted at 14:43h in Practice Test Questions by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Dylan and Liam are using symmetric cryptography to communicate with each other. They have a shared secret key that no other person knows. What goal of cryptography is impossible for them to achieve? A. Confidentiality B. Non-Repudiation C. Integrity D. Authentication Correct Answer: B Dylan and Liam can easily achieve confidentiality and integrity by using the key to encrypt and decrypt messages, which is not what we are looking for here. They can also achieve authentication because they know that if a message decrypts with the key, it must have been encrypted by the only other person with knowledge of the key. They cannot, however, achieve non-repudiation because they have no way to prove to a third party that a message came from the other party and wasn't forged by themselves.   Interested in more practice test questions?   Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

01 Feb

Posted at 16:16h in Practice Test Questions by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Vickie recently gathered digital evidence and would like to be able to provide future users of that evidence with the ability to verify non-repudiation. How can she provide this? A. Generate a hash value from the evidence B. Digitally sign the evidence C. Encrypt the evidence D. Generate a checksum from the evidence Correct Answer: B Using a hash value or checksum can verify that the evidence was not altered, but does not provide non-repudiation. Encrypting the evidence protects it from unauthorized disclosure and also verifies integrity, but it does not provide non-repudiation. Vickie can provide non-repudiation by digitally signing the evidence with her private key.   Interested in more practice test questions?   Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...