12.  B. Although availability is a key aspect of security in general, it is
                    the least important aspect of security systems for internet-

                    delivered email.

               13.  D. The backup method is not an important factor to discuss with
                    end users regarding email retention.

               14.  B. Mail-bombing is the use of email as an attack mechanism.
                    Flooding a system with messages causes a denial of service.

               15.  B. It is often difficult to stop spam because the source of the
                    messages is usually spoofed.

               16.  B. A permanent virtual circuit (PVC) can be described as a logical

                    circuit that always exists and is waiting for the customer to send
                    data.

               17.  B. Changing default passwords on PBX systems provides the most
                    effective increase in security.

              18.  C. Social engineering can often be used to bypass even the most
                    effective physical and logical controls. Whatever activity the
                    attacker convinces the victim to perform, it is usually directed

                    toward opening a back door that the attacker can use to gain access
                    to the network.

               19.  C. A brute-force attack is not considered a DoS.

              20.  A. Password Authentication Protocol (PAP) is a standardized
                    authentication protocol for PPP. PAP transmits usernames and
                    passwords in the clear. It offers no form of encryption. It simply
                    provides a means to transport the logon credentials from the client
                    to the authentication server.