Uncategorized

26 Nov

Posted at 14:08h in Uncategorized by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Renee would like to send Jackie a message bearing her digital signature. What key should Renee use to create the digital signature?A. Jackie’s Public Key B. Jackie’s Private Key C. Renee’s Public Key D. Renee’s Private Key Correct Answer: D When we're talking about digital signatures, the keys involved are the public and private keys belonging to the person signing the message. So we can immediately eliminate both of Jackie's keys as answer choices here because Jackie is not creating the signature. Next, we need to remember how the digital signature process works. In a digital signature, the signer is the one who needs to use some secret information because nobody other than the authentic signer should be able to create a digital signature. Anyone should be able to verify the digital signature, so the signature should be verifiable with public information. That leads us to the correct answer: Renee would create the signature using her own private key. Then Jackie, or anyone else, can verify the signature by using Renee's public key. Interested in more practice test questions? Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

28 Sep

Posted at 15:26h in Uncategorized by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Riley would like to improve the security of a current password-based authentication system. Which one of the following, if added to the current approach, would NOT allow her to describe the system as multi-factor authentication? A. ID card scan B. Retinal scan C. Login confirmation on a smartphone app D. Answering security questions pulled from her credit report Correct Answer: D Multifactor authentication requires mixing two factors. The existing password is a "something you know" factor, so we need to use factors from another category to achieve multifactor authentication. Now remember, you need to read these questions carefully. This question is asking you which one of these factors would NOT create multifactor authentication, so we're going to eliminate the choices that WOULD create multifactor authentication. It would be appropriate to add a "something you are" factor, such as a retinal scan, so we can eliminate that choice. We could also use a "something you have" factor, such as an ID card or smartphone. On the other hand, adding another "something you know" factor, such as security questions, would not qualify as multifactor authentication, so that's our correct answer here. Interested in more practice test questions? Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

28 Sep

Posted at 15:21h in Uncategorized by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Helen is the compliance officer for a healthcare system that treats patients, accepts credit cards for payment, and also provides financing for patients who cannot pay immediately. Which one of the following regulations is least likely to apply to Helen's organization? A. PCI DSS B. GLBA C. HIPAA D. FERPA Correct Answer: D As a healthcare provider, Helen's organization is almost certainly covered by HIPAA, so that's not the correct answer here. Remember, we're looking for the regulation that does NOT apply. Accepting credit cards makes Helen's organization subject to PCI DSS and extending financing likely makes them a financial institution regulated by GLBA. The healthcare system is less likely to be covered by FERPA, which regulates educational institutions. Interested in more practice test questions? Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...