Self Test Appendix • Appendix  765


                 Figure 1.16 Sample Vendor Certificate































                      A. Syngress
                      B. Thawte
                      C. Microsoft
                      D. All of the above
                  B.Thawte is listed as the issuer of the certificate.As such, you would have to trust Thawte as a
                    CA in order for this certificate to be valid.
                    Answer A is incorrect because Syngress is the holder of the certificate, not the CA.Answer C
                    is incorrect because Microsoft is the vendor for the operating system, but is not the CA.Answer
                    D is incorrect because answers A and C are not correct.
                  9.  You have been brought in to analyze the overall security strength of a banking organization.
                      As part of your analysis, you work with the existing security administrator to see what issues
                      she has to deal with on a daily basis. She receives a help desk ticket stating that a teller issued
                      a credit to his own account then authorized the credit so that he was able to prevent
                      bouncing a check.According to the human resources department who called in the ticket, he
                      said that he planned on removing the credit later after he got paid.The security administrator
                      made a change to the security policies around one of the following areas. If she analyzed the
                      issue correctly, which area did she change the policy for?









                                                                              www.syngress.com