Virtual corporations typically use a(n) _______ for maintaining centralized information assets.
A. Off-line repository
B. Floppy disk
C. Data warehouse
D. CD-ROM burner
E. Colocation
Why should the number of services on a server be limited to required services?
A. Every open service represents a potential vulnerability.
B. Closed systems require special connectivity services.
C. Running extra services makes machines more efficient.
D. All services are inherently stable and secure.
E. Additional services make machines more secure.
_______ intrusion detection involves comparing traffic to known characteristics of malicious traffic, known as attack signatures.
A. Pattern matching
B. Statistical anomaly
C. Behavioral analysis
D. Host
E. Network
To comply with the secure design principle of fail-safe defaults, what must a system do if it receives an instruction it does not understand? The system should:
A. send the instruction to a peer server, to see if the peer can execute.
B. not attempt to execute the instruction.
C. close the connection, and refuse all further traffic from the originator.
D. not launch its debugging features, and attempt to resolve the instruction.
E. search for a close match in the instruction set it understands.
Which of these metrics measure how a biometric device performs, when attempting to authenticate subjects? (Choose THREE.)
A. False Rejection Rate
B. User Acceptance Rate
C. Crossover Error Rate
D. False Acceptance Rate
E. Enrollment Failure Rate
Which of the following is the MOST important consideration, when developing security- awareness training materials?
A. Training material should be accessible and attractive.
B. Delivery mechanisms should allow easy development of additional materials, to complement core material.
C. Security-awareness training materials should never contradict an organizational security policy.
D. Appropriate language should be used to facilitate localization, should training materials require translation.
E. Written documentation should be archived, in case of disaster.
Which of the following tests provides testing teams some information about hosts or networks?
A. Partial-knowledge test
B. Full-knowledge test
C. Zero-knowledge test
_______ can mimic the symptoms of a denial-of-service attack, and the resulting loss in productivity can be no less devastating to an organization.
A. ICMP traffic
B. Peak traffic
C. Fragmented packets
D. Insufficient bandwidth
E. Burst traffic
Which of the following statements about the maintenance and review of information security policies is NOT true?
A. The review and maintenance of security policies should be tied to the performance evaluations of accountable individuals.
B. Review requirements should be included in the security policies themselves.
C. When business requirements change, security policies should be reviewed to confirm that policies reflect the new business requirements.
D. Functional users and information custodians are ultimately responsible for the accuracy and relevance of information security policies.
E. In the absence of changes to business requirements and processes, information-security policy reviews should be annual.
Which of the following is a cost-effective solution for securely transmitting data between remote offices?
A. Standard e-mail
B. Fax machine
C. Virtual private network
D. Bonded courier
E. Telephone
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-110 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.