This document provides a guide to the CIS 349 Final Exam with questions on various cybersecurity domains and controls. It covers topics like access control models, separation of duties, risk assessments, encryption, VPNs, monitoring protocols, backup strategies, and responsibilities for verifying organizational policies. The guide contains 25 multiple choice questions to help students prepare for the final exam.

1. CIS 349 Final Exam Guide Set 2
To Purchase This Material Click below Link
http://www.cis349rank.com/product-33-CIS-349-Final-Exam-Guide-Set-2
FOR MORE CLASSES VISIT
www.cis349rank.com
CIS 349 Final Exam Guide Set 2
1) Which type of access control defines permissions based on roles, or groups, and
allows object owners and administrators to grant access rights at their discretion?
2) What is meant by business drivers?
3) The first step in the implementation of separation of duties is to use access
controls to prevent unauthorized data access. The ultimate goal is to define access
control where each user has the permissions to carry out assigned tasks and nothing
else. This is known as the principle of:
4) ___________ are the components, including people, information, and conditions,
that support business objectives.
5) ___________ is the process of providing additional credentials that match the
user ID or username.
6) Which of the following is the definition of authorization?

2. 7) An organization wants to determine how well it adheres to its security policy and
determine if any “holes” exist. What type of analysis or assessment does it perform?
8) What is meant by availability?
9) There are two common types of monitoring tools available for monitoring
LANs, __________ and network software log files.
10) Which control is used in the LAN Domain to protect the confidentiality of data?
11) Which of the following is not typically a LAN Domain component?
12) Which of the following is not a step to ensuring only authorized users can see
confidential data in the LAN Domain?
13) A nonintrusive penetration test ____________.
14) What is a corrective control in the LAN-to-WAN Domain?
15) One particular type of network security testing simulates actions an attacker
would take to attack your network. This is known as:
16) The __________ is a generic description for how computers use seven layers of
protocol rules to communicate across a network.
17) Although __________ are not optimal for high bandwidth, large-volume
network transfers, they work very well in most environments where you need to
maintain connections between several other networks.

3. 18) What is the primary type of control used to protect data in the WAN Domain?
19) The Remote Access Domain server components also generally reside in the
___________ environment, even though they still belong to the Remote Access
Domain.
20) The most common control for protecting data privacy in untrusted
environments is encryption. There are three main strategies for encrypting data to
send to remote users. One strategy does not require any application intervention or
changes at all. The connection with the remote user handles the encryption. The
most common way to implement system connection encryption is by setting up a
secure virtual private network (VPN). This is:
21) You want to configure devices to send an alert to the network manager when
remote users connect to your network. Which protocol is the best choice for
monitoring network devices?
22) Security controls in the System/Application Domain generally fall into salient
categories. The need to create backup copies of data or other strategies to protect
the organization from data or functionality loss.
23) From the perspective of application architectures, which of the following is
generally not considered a critical application resource?
24) Which plan would address steps to take when a water main break interrupts
water flow to your main office?
25) Who is responsible for verifying and testing an organization’s code of conduct?