Practice Test Questions

30 Apr

Posted at 17:24h in Practice Test Questions by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Roland's company requires that supervisors approve payment requests entered by accounting clerks when the total amount of the payment is over $10,000. What type of control is this? A. Least privilege B. Separation of duties C. Job rotation D. Two-person control Correct Answer: D Two-person control requires the concurrence of two individuals for sensitive actions. That is the scenario described here. Separation of duties says that an individual should not have both permissions necessary to perform a sensitive action. This is a closely related, but distinct principle. There is no evidence given that supervisors do not have the ability to create payments, so separation of duties is not in play here. Interested in more practice test questions? Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

30 Apr

Posted at 17:20h in Practice Test Questions by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Gail is a software developer who recently completed the coding of a new module that will be incorporated into one of her organization's products. Now that her work is complete, she is ready to request that the code be moved to the next environment. Where should the code go next? A. Staging environment B. Test environment C. Production environment D. Development environment Correct Answer: B Development environments are designed for active use by developers who are creating new code. These environments are the only location where code should be modified. Once code is ready for testing, it is released from the development environment into a test environment for software testing. After the completion of user acceptance testing, the code is moved from the test environment into a staging environment where it is prepared for final deployment into the production environment. Developers should never have permission to move code themselves but should only be able to move code between environments through the use of a managed change control system. Interested in more practice test questions? Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

28 Apr

Posted at 21:19h in Practice Test Questions by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. What protocol is normally used for communication between an authenticator and authentication server on a network using 802.1x authentication? A. RADIUS B. TACACS C. TACACS+ D. XTACACS Correct Answer: A In 802.1x authentication, the end user's system contains a component called the supplicant that initiates the authentication process. The supplicant connects to the authenticator, normally a network switch or wireless access point, that then reaches out to an authentication server to confirm the user's identity. The communication between the authenticator and authentication server normally takes place using the RADIUS and EAP protocols. Interested in more practice test questions? Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...