laws protecting their information are the most severe.

              36.  What type of detected incident allows the most time for an
                    investigation?


                    A.  Compromise

                    B.  Denial of service

                    C.  Malicious code

                    D.  Scanning

              37.  If you want to restrict access into or out of a facility, which would
                    you choose?

                    A.  Gate

                    B.  Turnstile

                    C.  Fence

                    D.  Mantrap


              38.  What is the point of a secondary verification system?

                    A.  To verify the identity of a user

                    B.  To verify the activities of a user

                    C.  To verify the completeness of a system

                    D.  To verify the correctness of a system

              39.  Spamming attacks occur when numerous unsolicited messages are
                    sent to a victim. Because enough data is sent to the victim to
                    prevent legitimate activity, it is also known as what?

                    A.  Sniffing


                    B.  Denial of service

                    C.  Brute-force attack

                    D.  Buffer overflow attack

              40.  Which type of intrusion detection system (IDS) can be considered
                    an expert system?

                    A.  Host-based