网友您好, 请在下方输入框内输入要搜索的题目:
题目内容
(请给出正确答案)
A timely review of system access audit records would be an example of which of the basic security functions? 及时的复审系统访问审计记录是以下哪个安全功能的例子?()
- A、prevention.预防
- B、avoidance.避免
- C、detection.检测
- D、deterrence.威慑
参考答案
更多 “A timely review of system access audit records would be an example of which of the basic security functions? 及时的复审系统访问审计记录是以下哪个安全功能的例子?()A、prevention.预防B、avoidance.避免C、detection.检测D、deterrence.威慑” 相关考题
考题
In the fields of physical security and information security, access control is the selective restriction of access to a place or other resource. The act of accessing may mean consuming, entering, or using. Permission to access a resource is called authorization (授权).
An access control mechanism (71) between a user (or a process executing on behalf of a user) and system resources, such as applications, operating systems, firewalls, routers, files, and databases. The system must first authenticate(验证)a user seeking access. Typically the authentication function determines whether the user is (72) to access the system at all. Then the access control function determines if the specific requested access by this user is permitted. A security administrator maintains an authorization database that specifies what type of access to which resources is allowed for this user. The access control function consults this database to determine whether to(73)access. An auditing function monitors and keeps a record of user accesses to system resources.
In practice, a number of(74)may cooperatively share the access control function. All operating systems have at least a rudimentary(基本的), and in many cases a quite robust, access control component. Add-on security packages can add to the(75)access control capabilities of the OS. Particular applications or utilities, such as a database management system, also incorporate access control functions. External devices, such as firewalls, can also provide access control services.A.open
B.monitor
C.grant
D.seek
考题
The objective of (71) is to determine what parts of the application software will be assigned to what hardware. The major software components of the system being developed have to be identified and then allocated to the various hardware components on which the system will operate. All software systems can be divided into four basic functions. The first is (72). Most information systems require data to be stored and retrieved, whether a small file, such as a memo produced by a word processor, or a large database, such as one that stores an organization's accounting records. The second function is the (请作答此空), the processing required to access data, which often means database queries in Structured Query Language. The third function is the (74), which is the logic documented in the DFDs, use cases, and functional requirements. The fourth function is the presentation logic, the display of information to the user and the acceptance of the user's commands. The three primary hardware components of a system are (75).
A. data persistence
B .data access objects
C. database connection
D. data access logic
考题
The objective of()is to determine what parts of the application software will be assigned to what hardware. The major software components of the system being developed have to be identified and then allocated to the various hardware components on which the system will operate. All software systems can be divided into four basic functions. The first is().Most information systems require data to be stored and retrieved, whether a small file,such as a memo produced by a word processor, or a large database, such as one that stores an organization's accounting records.The second function is the(请作答此空),the processing required to access data, which often means database queries in Structured Query Language. The third function is the (),which is the logic documented in the DFDs, use cases,and functional requirements.The fourth function is the presentation logic,the display of information to the user and the acceptance of the user's commands.The three primary hardware components of a system are ().
A. data persistence
B. data access objects
C. database connection
D.data access logic
考题
In discretionary access environments, which of the following entities is authorized to grant information access to other people?在自主访问环境下,下列哪个实体有权授予其他人信息访问权限?()A、Data Owner数据的所有者B、Manager经理人员C、Security Manager安全经理D、Group Leader小组领导
考题
Which of the following are necessary components of a Multi-Level Security Policy?下列哪一项是多级安全策略必需的组件?()A、Sensitivity Labels for subjects objects and a "system high" evaluation.对主体和客体实施敏感性标识以及对其进行系统高的评价B、Security Clearances for subjects Security Labels for objects and Mandatory Access Control.对主体和客体安全标识的安全许可以及强制访问控制C、Sensitivity Labels for only objects and Mandatory Access Control.只针对客体的敏感性标识和强制访问控制D、Sensitivity Labels for subjects objects and Discretionary Access Control.对主体及客体的敏感性表情和自主访问控制
考题
Which of the following are necessary components of a Multi-Level Security Policy? 下面哪项是多级安全策略的必要组成部分吗?()A、Sensitivity Labels for only objects and Mandatory Access Control.适合于唯一客体的敏感标记和强制访问控制。B、Sensitivity Labels for subjectsobjects anda"system high"evaluation.适合于主体与客体的敏感标记以及“高级别系统”评价。C、Security Clearances for subjectsSecurity Labels for objects and Mandatory Access Control.主体安全声明适合于唯一客体的敏感标记和强制访问控制。D、Sensitivity Labels for subjectsobjects and Discretionary Access Control.适合于主体与客体的敏感标记和自主访问控制。
考题
Which Cisco product is a software component that blocks unwanted connections and provides other gateway security functions for small business?()A、Cisco Firewall Services Module (FWSM)B、Cisco Secure Access Control Server (ACS)C、Cisco Private Internet Exchange (PIX) FirewallD、Cisco Internetwork Operating System (IOS) Firewall
考题
For the following options ,which one accurately matches the CLI command(s) to the equivalent SDM wizardthat performs similar configuration functions?()A、aaa configuration commands and the SDM Basic Firewall wizardB、setup exec command and the SDM Security Audit wizardC、auto secure exec command and the SDM One-Step Lockdown wizardD、Cisco Common Classification Policy Language configuration commands and the SDM Site-to- Site VPN
考题
Which Cisco product is a software component that blocks unwanted connections and provides other gateway security functions for small business?()A、Cisco Internetwork Operating System (IOS) FirewallB、Cisco Secure Access Control Server (ACS)C、Cisco Firewall Services Module (FWSM)D、Cisco Private Internet Exchange (PIX) Firewall
考题
Which of the following would be the correct location to access when enabling Driver Signature Verification?()A、On the hardware tab in System Properties.B、In the Security Center applet in Control Panel.C、In Device Manager under the File menu and options.D、In Computer Management.
考题
Which two commands can be used to monitor firewall user authentication?()A、show access firewall-authenticationB、show security firewall-authentication usersC、show security audit logD、show security firewall-authentication history
考题
Your company has an Active Directory directory service domain. All servers run Windows Server 2003. You are developing a security monitoring plan. You must monitor the files that are stored in a specific directory on a member server. You have the following requirements. Log all attempts to access the files.Retain log information until the full weekly backup occurs. You need to ensure that the security monitoring plan meets the requirements. What should your plan include?()A、 Configure a directory service access audit policy. Increase the maximum size of the security log.B、 Configure a directory service access audit policy. Set the system log to overwrite events older than 7 days.C、 Configure an object access audit policy for the directory. Increase the maximum size of the system log.D、 Configure an object access audit policy for the directory. Set the security log to overwrite events older than 7 days.
考题
It is a violation of the "separation of duties" principle when which of the fol-lowing individuals access the software on systems implementing security? 下列哪项个人访问对系统安全软件,是违反了“职责分离原则?()A、systems auditor 系统审计员B、systems programmer 系统程序员C、security analyst 安全分析员D、security administrator 安全管理员
考题
Which of the following is needed for System Accountability? 以下哪个是系统问责所需要的?()A、Authorization.授权B、Formal verification of system design.系统设计的形式验证C、Documented design as laid out in the Common Criteria.用通用标准陈列设计的文档D、Audit mechanisms.审计机制
考题
What security procedure would force/require an employee to work in collusion with another employee of the company in order to have access to unauthorized da-ta or to defeat the company security mechanisms? 什么样的安全程序会迫使雇员与其他的雇员勾结,来访问未经授权的数据,从而绕过公司的安全机制?()A、Security personel monitoring of audit logs. 安全人员监控审计日志B、Periodically reviewing subject's access rights. 定期审查主体的访问C、Limiting the specific accesses of operations personnel. 限制操作人员的特定访问D、Job rotation of people through different assignments. 通过人员的工作轮换
考题
Which of the following would be an example of a biometric device?()A、USB security keyB、smart card readerC、thumb print readerD、encryption password
考题
Which of the following would be used to monitor unauthorized access to data files?()A、Performance Log and AlertsB、Event ViewerC、Security Configuration and AnalysisD、IP Security Monitor
考题
A System p administrator is investigating a possible security breech and wants to review information about failed login attempts to the system. Which of the following commands will show this()A、fwtmp /etc/security/failedloginB、cat /etc/security/failedloginC、whoD、alog -f /etc/security/failedlogin -o
考题
以下哪几项关于安全审计和安全审计系统的描述是正确的?()A、对入侵和攻击行为只能起到威慑作用B、安全审计不能有助于提高系统的抗抵赖性C、安全审计是对系统记录和活动的独立审查和检验D、安全审计系统可提供侦破辅助和取证功能
考题
Certkiller .com has organizational units in the Active Directory domain. There are 10 servers in the organizational unit called Security. As an administrator at Certkiller .com, you generate a Group Policy Object (GPO) and link it to the Security organizational unit. What should you do to monitor the network connections to the servers in Security organizational unit()A、Start the Audit Object Access optionB、Start the Audit System Events optionC、Start the Audit Logon Events optionD、Start the Audit process tracking optionE、All of the above
考题
单选题Which of the following are necessary components of a Multi-Level Security Policy?下列哪一项是多级安全策略必需的组件?()A
Sensitivity Labels for subjects objects and a system high evaluation.对主体和客体实施敏感性标识以及对其进行系统高的评价B
Security Clearances for subjects Security Labels for objects and Mandatory Access Control.对主体和客体安全标识的安全许可以及强制访问控制C
Sensitivity Labels for only objects and Mandatory Access Control.只针对客体的敏感性标识和强制访问控制D
Sensitivity Labels for subjects objects and Discretionary Access Control.对主体及客体的敏感性表情和自主访问控制
考题
单选题What security procedure would force/require an employee to work in collusion with another employee of the company in order to have access to unauthorized da-ta or to defeat the company security mechanisms? 什么样的安全程序会迫使雇员与其他的雇员勾结,来访问未经授权的数据,从而绕过公司的安全机制?()A
Security personel monitoring of audit logs. 安全人员监控审计日志B
Periodically reviewing subject's access rights. 定期审查主体的访问C
Limiting the specific accesses of operations personnel. 限制操作人员的特定访问D
Job rotation of people through different assignments. 通过人员的工作轮换
考题
单选题Which Cisco product is a software component that blocks unwanted connections and provides other gateway security functions for small business?()A
Cisco Internetwork Operating System (IOS) FirewallB
Cisco Secure Access Control Server (ACS)C
Cisco Firewall Services Module (FWSM)D
Cisco Private Internet Exchange (PIX) Firewall
考题
单选题A timely review of system access audit records would be an example of which of the basic security functions? 及时的复审系统访问审计记录是以下哪个安全功能的例子?()A
prevention.预防B
avoidance.避免C
detection.检测D
deterrence.威慑
考题
单选题It is a violation of the "separation of duties" principle when which of the fol-lowing individuals access the software on systems implementing security? 下列哪项个人访问对系统安全软件,是违反了“职责分离原则?()A
systems auditor 系统审计员B
systems programmer 系统程序员C
security analyst 安全分析员D
security administrator 安全管理员
热门标签
最新试卷