Interested to Buy Any Domain ? << Click Here >> for more details...
An organization is proposing to install a single sign-on
facility giving access to all systems. The organization
should be aware that:
A. Maximum unauthorized access would be possible if a
password is disclosed.
B. User access rights would be restricted by the additional
security parameters.
C. The security administrator?s workload would increase.
D. User access rights would be increased.
- 1 Answers
- 10556 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: A
If a password is disclosed when single sign-on is enabled,
there is a risk that unauthorized access to all systems will
be possible. User access rights should remain unchanged by
single sign-on as additional security parameters are not
necessarily implemented. One of the intended benefits of
single sign-on is that security administration would be
simplified and an increased workload is unlikely.
| Is This Answer Correct ? | 10 Yes | 0 No |
An advantage in using a bottom-up versus a top-down approach to software testing is that: A. interface errors are detected earlier. B. confidence in the system is achieved earlier. C. errors in critical modules are detected earlier. D. major functions and processing are tested earlier.
Which of the following programs would a sound information security policy MOST likely include to handle suspected intrusions? A. Response B. Correction C. Detection D. Monitoring
In a web server, a common gateway interface (CGI) is MOST often used as a(n): A. consistent way for transferring data to the application program and back to the user. B. computer graphics imaging method for movies and TV. C. graphic user interface for web design. D. interface to access the private gateway domain.
If the decision has been made to acquire software rather than develop it internally, this decision is normally made during the: A. requirements definition phase of the project. B. feasibility study phase of the project. C. detailed design phase of the project. D. programming phase of the project.
A company performs full backup of data and programs on a regular basis. The primary purpose of this practice is to: A. maintain data integrity in the applications. B. restore application processing after a disruption. C. prevent unauthorized changes to programs and data. D. ensure recovery of data processing in case of a disaster.
To detect attack attempts that the firewall is unable to recognize, an IS auditor should recommend placing a network intrusion detection system (IDS) between the:
During which of the following phases in systems development would user acceptance test plans normally be prepared? A. Feasibility study B. Requirements definition C. Implementation planning D. Post-implementation review
When performing a general controls review, an IS auditor checks the relative location of the computer room inside the building. What potential threat is the IS auditor trying to identify? A. Social engineering B. Windstorm C. Earthquake D. Flooding
An enterprise has established a steering committee to oversee its e-business program. The steering committee would MOST likely be involved in the: A. documentation of requirements. B. escalation of project issues. C. design of interface controls. D. specification of reports.
IT governance ensures that an organization aligns its IT strategy with: A. Enterprise objectives. B. IT objectives. C. Audit objectives. D. Finance objectives.
Which of the following environmental controls is appropriate to protect computer equipment against short-term reductions in electrical power? A. Power line conditioners B. A surge protective device C. An alternative power supply D. An interruptible power supply
In a TCP/IP-based network, an IP address specifies a: A. network connection. B. router/gateway. C. computer in the network. D. device on the network.
Cisco Certifications 
