Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
53 Cards in this Set
- Front
- Back
|
The control of communications test equipment should be clearly addressed by security policy for which of the following reasons?
a. Test equipment must always be available for the maintenance personnel. b. Test equipment is easily damaged. c. Test equipment is difficult to replace if lost or stolen. d. Test equipment can be used to browse information passing on a network. |
d. Test equipment can be used to browse information passing on a network.
|
|
|
Operations Security seeks to primarily protect against which of the following?
a. compromising emanations b. facility disaster c. object reuse d. asset threats |
d. asset threats
|
|
|
Within the realm of IT security, which of the following combinations best defines risk?
a. Threat coupled with a breach of security b. Vulnerability coupled with an attack c. Threat coupled with a vulnerability d. Threat coupled with a breach |
c. threat coupled with a vulnerability
|
|
|
Which of the following groups represents the leading source of computer crime losses?
a. Hackers b. Employees c. Foreign intelligence officers d. Industrial saboteurs |
b. employees
|
|
|
When backing up an applications system's data, which of the following is a key question to be answered first?
a. When to make backups b. Where to keep backups c. What records to backup d. How to store backups |
c. what records to backup
|
|
|
Which must bear the primary responsibility for determining the level of protection needed for information systems resources?
a. systems Auditors b. IS security specialists c. Senior Management d. Senior security analysts |
c. Senior Management
|
|
|
What is opposite of the C.I.A. in risk management:
a. authorization, non-repudiation, integrity b. misuse, exposure, destruction c. disclosure, alteration, destruction d. confidentiality, integrity, availability |
c. disclosure, alteration, destruction
|
|
|
The number of violations that will be accepted or forgiven before a violation record is produced is called which of the following?
a. acceptance level b. clipping level c. forgiveness level d. logging level |
b. clipping level
|
|
|
Operation security requires the implementation of physical security to control which of the following?
a. unauthorized personnel access b. incoming hardware c. contingency conditions d. evacuation procedures |
a. unauthorized personnel access
|
|
|
Which of the following is the most reliable, secure means of removing data from magnetic storage media such as a magnetic tape, or a cassette?
a. Degaussing b. Parity Bit Manipulation c. Buffer overflow d. Zeroization |
a. Degaussing
|
|
|
Which of the following is considered the weakest link in a security system?
a. Communications b. Hardware c. Software d. People |
d. people
|
|
|
Which of the following components are considered part of the Trusted Computing Base (from the Orange Book)?
a. trusted computer operators and system managers b. trusted hardware, software and firmware c. trusted hardware and firmware d. trusted hardware and software |
b. trusted hardware, software and firmware
|
|
|
Which one of the following represents an ALE calculation?
a. asset value x loss expectancy. b. gross loss expectancy x loss frequency. c. actual replacement cost - proceeds of salvage. d. single loss expectancy x annualized rate of occurrence. |
d. single loss expectancy x annualized rate of occurrence
|
|
|
Which of the following is true related to network sniffing?
a. Sniffers allow an attacker to monitor data passing across a network. b. Sniffers send IP fragments to a system that overlap with each other. c. Sniffers take over network connections. d. Sniffers alter the source address of a computer to disguise and exploit weak authentication methods. |
a. sniffers allow an attacker to monitor data passing across a network
|
|
|
Which Orange Book evaluation level is described as "Verified Design"?
a. A1 b. B1 c. B3 d. B2 |
a. A1
|
|
|
An Architecture where there are more than two execution domains or privilege levels is called:
a. Network Environment b. Ring Architecture c. Ring Layering d. Security Models |
b. ring architecture
|
|
|
Which of the following classes is defined in the TCSEC (Orange Book) as discretionary protection?
a. A b. C c. B d. D |
b. C
|
|
|
What does it mean if a system uses "Trusted Recovery"?
a. A failure or crash of the system cannot be used to breach security b. There is no such principle as "Trusted Recovery" in security c. The recovery process is done from media that have been locked in a safe d. A single account on the system has the administrative rights to recover or reboot the system after a crash |
a. a failure or crash of the system cannot be used to breach security
|
|
|
Memory management in TCSEC levels B3 and A1 operating systems may utilize "data hiding". What does this mean?
a. It is a form of strong encryption cipher b. System functions are layered, and none of the functions in a given layer can access data outside that layer c. Only security processes are allowed to write to ring zero memory d. Auditing processes and their memory addresses cannot be accessed by user processes |
b. System functions are layered, and none of the functions in a given layer can access data outside that layer
|
|
|
Which of the following can be used as a covert channel?
a. Storage and permissions b. Storage and classification c. Storage and timing d. Storage and low bits |
c. storage and timing
|
|
|
The Orange Book is founded upon which security policy model?
a. The Biba Model b. TEMPEST c. Clark-Wilson Model d. The Bell LaPadula Model |
d. the Bell LaPadula Model
|
|
|
Which of the following is a straightforward approach that provides access rights to subjects for objects?
a. Bell-LaPadula model b. Biba model c. Take-Grant model d. Access Matrix model |
d. Access Matrix model
|
|
|
If an operating system permits shared resources such as memory to be used sequentially by multiple users/application or subjects without a refresh of the objects/memory area, what security problem is most likely to exist?
a. denial of service through a deadly embrace b. data leakage through covert channels c. disclosure of residual data d. unauthorized obtaining of a privileged execution state |
c. disclosure of residual data
|
|
|
What mechanism does a system use to compare the security labels of a subject and an object?
a. Security Module b. Clearance Check c. Reference Monitor d. Validation Module |
c. Reference Monitor
|
|
|
Which of the following is the lowest TCSEC class wherein the system must protect against covert storage channels (but not necessarily covert timing channels)?
a. B2 b. A1 c. B1 d. B3 |
a. B2
|
|
|
Which of the following is the lowest TCSEC class wherein the systems must support separate operator and system administrator roles?
a. A2 b. A1 c. B1 d. B2 |
d. B2
|
|
|
Which of the following places the Orange Book classifications in order from most secure to least secure?
a. D, C, B, A b. A, B, C, D c. C, D, B, A d. D, B, A, C |
b. A, B, C, D
|
|
|
Which Orange Book evaluation level is described as "Labeled Security Protection"?
a. A1 b. B1 c. B2 d. B3 |
b. B1
|
|
|
Mandatory Access requires that sensitivity labels be attached to all objects. Which of the following would be designated as objects on a MAC system?
a. files, directories, and print queue b. devices, processes, I/O pipe, and sockets c. users, windows, and programs d. files, directories, processes, and sockets |
a. files, directories, and print queue
|
|
|
Which of the following classes is defined in the TCSEC (Orange Book) as minimal protection?
|
D
|
|
|
Which Orange Book evaluation level is described as "Controlled Access Protection"?
a. B3 b. C2 c. B1 d. A1 |
b. C2
|
|
|
Which of the following classes is defined in the TCSEC (Orange Book) as mandatory protection?
a. B b. D c. C d. A |
a. B
|
|
|
The Information Technology Security Evaluation Criteria (ITSEC) was written to address which of the following that the Orange Book did not address?
a. none of the above b. integrity and confidentiality c. confidentiality and availability d. integrity and availability |
d. integrity and availability
|
|
|
The Orange Book describes four hierarchical levels to categorize security systems. Which of the following levels require mandatory protection?
a. B and D b. A, B, and C c. A and B d. B and C |
c. A and B
|
|
|
Operations Security seeks to primarily protect against which of the following?
a. object reuse b. facility disaster c. asset threats d. compromising emanations |
c. asset threats
|
|
|
Which of the following is commonly used for retrofitting multilevel security to a database management system?
a. trusted back-end. b. kernel. c. controller. d. trusted front-end. |
d. trusted front-end
|
|
|
Which of the following is an advantage of using a high-level programming language?
a. It requires programmer-controlled storage management b. It enforces coding standards c. It decreases execution times for programs d. It allows programmers to define syntax |
b. it enforces coding standards
|
|
|
The information security staff's participation in which of the following system development life cycle phases provides maximum benefit to the organization?
a. system design specifications phase b. in parallel with every phase throughout the project c. project initiation and planning phase d. development and documentation phase |
b. in parallel with every phase throughout the project
|
|
|
Which of the following virus types changes some of its characteristics as it spreads?
a. Parasitic b. Stealth c. Boot Sector d. Polymorphic |
d. polymorphic
|
|
|
What is the appropriate role of the security analyst in the application system development or acquisition project?
a. policeman b. application user c. data owner d. Control evaluator and consultant |
d. control evaluator and consultant
|
|
|
Please complete the following sentence: A TCP SYN attack...
a. is not something system users would notice. b. may result in elevation of privileges. c. takes advantage of the way a TCP session is established. d. requires a synchronized effort by multiple attackers |
c. takes advantage of the way a TCP session is established.
|
|
|
Which of the following is based on the premise that the quality of a software product is a direct function of the quality of its associated software development and maintenance processes?
a. Expert Systems Model b. The Waterfall Model c. The Spiral Model d. The Software Capability Maturity Model (CMM) |
d. the Software Capability Maturity Model (CMM)
|
|
|
Operation security requires the implementation of physical security to control which of the following?
a. unauthorized personnel access b. contingency conditions c. incoming hardware d. evacuation procedures |
a. unauthorized personnel access
|
|
|
Which of the following is the act of performing tests and evaluations to test a system's security level to see if it complies with the design specifications and security requirements?
a. accuracy b. assessment c. verification d. validation |
c. verification
|
|
|
The security of a computer application is most effective and economical in which of the following cases?
a. The system is originally designed to provide the necessary security. b. The system is optimized prior to the addition of security. c. The system is procured off-the-shelf. d. The system is customized to meet the specific security threat. |
a. the system is originally designed to provide the necessary security.
|
|
|
Which of the following is NOT true concerning Application Control?
a. Particular usage of the application can be recorded for audit purposes b. Only specific records can be requested through the application controls c. It limits end users use of applications in such a way that only particular screens are visible. d. It is non-transparent to the endpoint applications so changes are needed to the applications and databases involved |
d. It is non-transparent to the endpoint applications so changes are needed to the applications and databases involved
|
|
|
The description of the database is called a schema, and the schema is defined by which of the following?
a. Data Identification Language (DIL). b. Data Definition Language (DDL). c. Data Connection Language (DCL). d. Data Encapsulation Language (DEL). |
b. Data Definition Language (DDL)
|
|
|
With SQL Relational databases where is the actual data stored?
a. Index-sequential tables b. Schemas and sub-schemas c. Tables d. Views |
c. tables
|
|
|
Which of the following determines that the product developed meets the projects goals?
a. accuracy b. concurrence c. validation d. verification |
c. validation
|
|
|
The object-relational and object-oriented models are better suited to managing complex data such as required for which of the following?
a. computer-aided design and imaging. b. computer-aided processing and imaging. c. computer-aided duplexing and imaging. d. computer-aided development and imaging. |
a. computer-aided design and imaging
|
|
|
Who can best determine if technical security controls are adequate in a computer-based application system in regards to the protection of the data being used, the criticality of the data, and it's sensitivity ?
a. data or information user b. system manager c. data or information owner d. system auditor |
c. data or information owner
|
|
|
Which of the following is one of the oldest and most common problems in software development and programming and is still very prevalent today?
a. Unassembled reversable DOS instructions. b. Code injection for machine language c. Social Engineering d. Buffer Overflow |
d. buffer overflow
|
|
|
A persistent collection of interrelated data items can be defined as which of the following?
a. database management system b. database security c. database shadowing d. database |
d. database
|
