Which statement describes an example of a poor security practice?

		An organization hires employees that challenge personnel without proper ID.
		An organization allows their users to load software with the knowledge and assistance of administrators.
		An organization allows flower and pizza deliveries to a guards desk only.
		An employee creates a good password and then uses it for all accounts.

What is the best defense against phishing and other social engineering attacks?

		A memorandum of understanding (MOU)
		An educated and aware body of employees
		An intrusion detection system (IDS)
		A Faraday cage

What is the most common physical access control device that has been around in some form for centuries?

		Video surveillance
		Lock
		Fingerprinting
		Simple access control log

Which statement describes an advantage of using biometrics for physical access control?

		The individual always has the biometric in their possession.
		Biometrics are 100 percent effective.
		Hand geometry requires a fairly small device.
		Biometrics is a less sophisticated access control approach.

What is a good way to reduce the chance of a successful social engineering attack?

		Lock all doors to the organizations building.
		Implement a strong security education and awareness training program.
		Use security guards at the building entry point.
		Use biometric security controls.

Which statement describes how piggybacking is accomplished?

		An attacker modifies local host files, which are used to convert URLs to the appropriate IP address.
		An attacker attempts to find little bits of information in a target trash can.
		An attacker follows closely behind a person who has just used their own access card or PIN to gain physical access to a room or building.
		An attacker masquerades as a trusted entity in an e-mail or instant message sent to a large group of often random users.