You are conducting an account management review. Which of the following is not a good practice? (Wentz QOTD)
A. Select all accounts for review
B. Assess the list of carefully selected accounts by system administrators
C. Verify former employees’ accounts
D. Review the paper trail or records for specific accounts
Which of the following is the primary target or fundamental unit that the NIST Risk Management Framework protects? (Wentz QOTD)
A. Common controls
B. Personal data and privacy
C. The information system in question
D. Data processed by the information system
According to The American Bar Association, to begin preparing for trial, both sides engage in discovery, a formal process of exchanging information between the parties about the witnesses and evidence they will present at trial. Which of the following is not a common type of discovery device? (Wentz QOTD)
A. Deposition
B. Interrogatories
C. Information governance
D. Request for production of documents
Which of the following firewalls tracks the state of connections and blocks packets that deviate from the expected state based on a state table? (Wentz QOTD)
A. SOCKS proxies
B. TCP Wrappers
C. Application firewalls
D. Circuit-level gateways
According to GDPR, which of the following statements about personal data is correct? (Wentz QOTD)
A. Controller can be a joint party of the natural or legal person or public authority
B. Processor can be a joint party of the natural or legal person or public authority
C. Profiling is not limited to automated processing of personal data
D. Processing may include collection, storage, alteration, retrieval except for consultation
Which of the following refers to the CMMI level where processes are planned, documented, performed, monitored, and controlled at the project level and often reactive? (Wentz QOTD)
A. Initial
B. Repeatable
C. Managed
D. Defined
Which of the following should be identified or determined first when implementing the NIST Risk Management Framework? (Wentz QOTD)
A. The system-specific risks
B. The assessor or assessment team
C. The impact of the information system in question
D. The high watermark of the impact of Information types
Which of the following statements is correct about a Wi-Fi Protected Access 3 (WPA3) network? (Wentz QOTD)
A. Open networks of WPA3 in coffee shops are unauthenticated but encrypted.
B. WPA3-Personal profile is resistant to online dictionary attacks.
C. WPA3-Enterprise authentication is quantum-resistant.
D. Simultaneous Authentication of Equals (SAE) is implemented in open networks.
Which of the following is the most fundamental cryptographic primitive used by WPA3 in a wireless network? (Wentz QOTD)
A. Rijndael
B. Galois/Counter Mode
C. Counter Mode CBC-MAC Protocol (CCMP)
D. Advanced Encryption Standard (AES)
