How can minimizing single points of failure or vulnerabilities of a common disaster best be controlled?
Correct Answer: B
Section: Protection of Information Assets Explanation/Reference: Explanation: Minimizing single points of failure or vulnerabilities of a common disaster is mitigated by geographically dispersing resources.
Question 722
An investment advisor e-mails periodic newsletters to clients and wants reasonable assurance that no one has modified the newsletter. This objective can be achieved by:
Correct Answer: A
Section: Protection of Information Assets Explanation: There is no attempt on the part of the investment advisor to prove their identity or to keep the newsletter confidential. The objective is to assure the receivers that it came to them without any modification, i.e., it has message integrity. Choice A is correct because the hash is encrypted using the advisor's private key. The recipients can open the newsletter, recompute the hash and decrypt the received hash using the advisor's public key. If the two hashes are equal, the newsletter was not modified in transit. Choice B is not feasible, for no one other than the investment advisor can open it. Choice C addresses sender authentication but not message integrity. Choice D addresses confidentiality, but not message integrity, because anyone can obtain the investment advisor's public key, decrypt the newsletter, modify it and send it to others. The interceptor will not be able to use the advisor's private key, because they do not have it. Anything encrypted using the interceptor's private key can be decrypted by the receiver only by using their public key.
Question 723
Which of the following validation techniques would BEST prevent duplicate electronic vouchers?
Correct Answer: B
Question 724
The knowledge base of an expert system that uses questionnaires to lead the user through a series of choices before a conclusion is reached is known as:
Correct Answer: B
Explanation/Reference: Explanation: Decision trees use questionnaires to lead a user through a series of choices until a conclusion is reached. Rules refer to the expression of declarative knowledge through the use of if-then relationships. Semantic nets consist of a graph in which nodes represent physical or conceptual objects and the arcs describe the relationship between the nodes. Semantic nets resemble a dataflow diagram and make use of an inheritance mechanism to prevent duplication of data.
Question 725
If the recovery time objective (RTO) increases:
Correct Answer: A
Section: Protection of Information Assets Explanation: The longer the recovery time objective (RTO), the higher disaster tolerance and the lower the recovery cost. It cannot be concluded that a cold site is inappropriate or that the frequency of data backup would increase.
