Get this Security+ CertiGuide for your own computer.
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Also available: 300-question Security+ practice test!
Get It Here!

Custom Search

Table Of Contents  CertiGuide to Security+
 9  Chapter 7:  Practice Exam Answers

Previous Topic/Section
Answers to Questions 91-95
Previous Page
Pages in Current Topic/Section
Next Page
Next Topic/Section

Answers to Questions 96-100

96. What is the most common threat to physical security that is also considered highly effective?

A. Hijacking

B. Tailgating

C. Dumpster diving

D. All of the above

E. None of the above

Explanation: While a second person following through a door after the first person has uses an access key (tailgating or piggybacking) is a security concern, dumpster diving is the most serious threat because of the amount of information that can be discovered.

& Section 5.1: Physical Security


97. What utilities need to be considered in disaster planning?

A. Power

B. Water

C. Communications

D. Safety

Explanation: Of the choices listed only safety is incorrect. While human safety is always the #1 concern, safety is not a utility. Power and communications may be obvious, and some people over look water issues. Typically as in how do you make it go away? A sprinkler system that is running may do more harm then good. Experienced site technicians have a 'key' to stop a defective sprinkler head.

& Section 5.3.1: Utilities (Business Continuity)


98. When a business cannot afford interruptions, availability choices include

A. Mirror sites

B. RAID based hard drives

C. Hot-swappable computer components

D. Clustered computer systems

E. All choices are correct

Explanation: There is no single correct choice for all forms of business. All the choices listed are options to consider. Mirror sites can be used to compensate for the unavailability of the main site. RAID subsystems can be used to guard against drive failures. Hot-swappable components allow for replacements to be made without powering down the system. Clustered systems allow another system to transparently take over for one that has failed.

& Section 5.3.2:.High Availability / Fault Tolerance


99. Security procedures should include:

A. Doing things the most efficient way possible

B. Users should be assigned the least level of privileges they need to do their jobs

C. Business keeping up with capital investments that improve their business

D. All choices are correct

E. No choice is correct

Explanation: "Least privilege: [The] principle requiring that each subject be granted the most restrictive set of privileges needed for the performance of authorized tasks." -- Telcom Glossary

In many cases, this will result in increased efficiency, but that is not always the case.

& Section Need to Know (Security Policy)

100. You're in charge of password management for a large user base. A good labor saving solution to install would be:

A. A self-service password reset facility (Example: answer your secret question and your password will be reset and emailed to you)

B. Biometric hardware

C. Both choices are correct

D. Neither choice is correct

Explanation: The traditional helpdesk activities associated with password management can be automated by offering a self-service interface that users can adopt to solve the problems associated with forgetting and expiration of passwords.

Biometric hardware may be an interesting idea to investigate for physically-centralized networks, but installation time and cost could be prohibitive for large and/or widely distributed networks.

& Section Password Management (Security Policy)

Previous Topic/Section
Answers to Questions 91-95
Previous Page
Pages in Current Topic/Section
Next Page
Next Topic/Section

If you find useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $

Home - Table Of Contents - Contact Us

CertiGuide for Security+ ( on
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al. Version Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.