# Assessing System Security

Ports 1 through 1024 are NOT assigned and used for well-known protocols

> False

You should have a document that lists the physical security in place

> True

All employees within a company must have access to the server room.

> False

Virus attacks utilize uncommon ports to gain access to a system.

> True (my note: debatable)

Open Web Application Security Project is the standard for risk assessment.

> False

Which of the following best describes risk assessment.

> Evaluating the security of a network

Which of the following is the least necessary security device/software

> Encryption for all internal transmissions

All visitors to the building must be logged in and escorted by an employee at all times.

> True

Which of the following is the most fundamental aspect of security?

> Patching the operating system

What is NOT a primary reason for documenting your security activity and audits?

> To demonstrate how much work the network administrators usually do