Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
48 Cards in this Set
- Front
- Back
|
1. If an intruder is able to circumvent physical access security and is able to take over control of internal systems, what principle of security is violated?
|
Integrity
|
|
|
2. Which of the following is not a threat to physical security?
|
c. Brute force password attacks (technical threat)
|
|
|
3. Which of the following is not considered a form of physical access control?
|
d. CCTV (Technical control)
|
|
|
4. Which of the following is an example of a physical security administrative control?
|
d. security guards (both a personnel [administrative] and a guard [physical] control)
|
|
|
5. Which of the following is not an example of a physical security technical control?
|
b. personnel controls (administrative control)
|
|
|
6. Which of the following is an example of a physical security technical control?
|
c. fire detection and suppression (detection and alerting are technical controls, fire and safety are physical/environmental issues)
|
|
|
7. Physical security is maintained through three types of controls. Which of the following is not one of these?
|
a. Defensive (all controls integrate to provide defense and protective barriers supporting human life and the C-I-A Triad)
|
|
|
8. The study of the facility infrastructure to determine what elements are essential to the support of physical security is known as?
|
a. Risk analysis (part of the BIA involves identifying all of the critical elements)
|
|
|
9. Which of the following is not a physical security administrative control?
|
c. Intrusion detection systems (technical control)
|
|
|
10. When evaluating the security of a new facility or site, which of the following is the least important?
|
10. When evaluating the security of a new facility or site, which of the following is the least important?
|
|
|
11. Which of the following is the least important aspect of a secured server room?
|
b. human compatibility (many secure locations are not designed with human accessible components under operation)
|
|
|
12. When evaluating, selecting, and deploying physical security access controls, what is always the most important?
|
c. protection of human safety (Human life and wellbeing is always a primary consideration)
|
|
|
13. Which of the following is not a physical security physical control?
|
c. Data backups (technical control)
|
|
|
14. Which of the following is the least important aspect to consider when selecting a physical location for a highly secured facility?
|
d. Proximity to airport flight path (With the exception of securing actual material against airplane impact, such as at a nuclear reactor, proximity to the flight path is unlikely to impact security compared to the other three aspects.)
|
|
|
15. When constructing a new building for a secure site, which of the following is the least important issue to consider in regards to security?
|
d. The size of the facility (As long as the facility is adequate to house the necessary equipment, its size is unrelated to security measures.)
|
|
|
16. Which of the following is not an example of a physical security physical control?
|
d. data backups (Technical control)
|
|
|
17. Which of the following is an example of a physical security physical control?
|
a. security guards (the other three are technical and environmental controls)
|
|
|
18. Which of the following is the least important aspect to consider when selecting a security
|
b. cost (cost is not generally a factor in the measure of security of a location)
|
|
|
19. When should hardware be replaced to maintain availability?
|
d. Before the mean time between failures (tech refresh should occur before expected end of life)
|
|
|
20. Which of the following is not an example of a physical security administrative control?
|
d. alarms (physical security technical control)
|
|
|
21. Which of the following is not a benefit of a human incompatible server/computer room?
|
a. An emergency shelter (Human incompatible server rooms lack facilities for human occupancy)
|
|
|
22. When physical security is violated and damage occurs to the computer hardware itself, this is a violation of what principle of security?
|
c. Size (As long as the facility is adequate to house the necessary equipment, its size is unrelated to security measures.)
|
|
|
24. Which of the following is the least important aspect to consider when designing the interior of a security facility?
|
d. consistency in decorating scheme (Decorating schemes are a factor of aesthetics, not of security design.)
|
|
|
25. Which of the following is not an important physical security factor when considering the security of windows?
|
a. UV reflection or blocking (Unless the protected assets are UV sensitive, this protection is not a factor in security protections.)
|
|
|
26. What is the principle of least privilege?
|
c. Users are assigned only enough access to accomplish their work tasks (Default being none, security is granted only to the degree required.)
|
|
|
c. Users are assigned only enough access to accomplish their work tasks (Default being none, security is granted only to the degree required.)
|
d. Take-grant model (A directed graph, whose vertices are labeled to indicate the rights a source has over another object)
|
|
|
28. If the operating system fails to establish boundaries for the size and type of data that can be inputted, what malicious event or activity can occur?
|
c. Buffer overflow (A state that occurs when input overflows buffer storage into application memory space.)
|
|
|
29. Which operating state represents a process in normal execution?
|
c. Supervisory state (In older IBM mainframes, the Supervisory State is one of two operational states, providing full functionality while the Problem State is limited in functional availability - such as lacking in I/O. In modern computers, Supervisory State is associated with elevated privilege such as running under root/SUDO.)
|
|
|
30. In order for an OS to remain stable, what must it be able to accomplish or perform?
|
c. Protect itself from users and software (Stability requires constraints on type and form of input.)
|
|
|
31. What mode of operation exists when all users have the authorization and need-to-know to access all resources?
|
a. Dedicated security mode (In dedicated security mode, all users have clearance and authorization to access all resources handled by that system or service. An example might be a dedicated outstanding warrants database, equally available to all law enforcement officers due to the clearance provided by their employment.)
|
|
|
32. At which Ring of protection do device drivers operate?
|
c. Ring 2 (Device drivers operate at ring 2, with the kernel at ring 1 atop a hypervisor.)
|
|
|
33. What mechanism is used for a lower protection ring entity to communicate with a higher protection ring entity?
|
d. System call (A system call allows a process to request a service outside of its permission set.)
|
|
|
34. Of the four possible operating states of a system, which represents the state within which an application is being actively processed?
|
d. Supervisory state (Unlike the ready and wait states, where processes are pending execution, Supervisory State operations are normal processes running with elevated privilege, Problem state processes run with limited functionality.)
|
|
|
35. The orange book security classifications such as C2 and B1 are focused on what?
|
b. The trusted computer base (The Rainbow Series of books define the Trusted Computer System Evaluation Criteria.)
|
|
|
36. Secondary storage is?
|
a. Nonvolatile storage, such as a hard drive (Secondary storage refers to any durable storage medium.)
|
|
|
37. What is the most trusted component of a computer?
|
b. CPU (The CPU’s instruction set is hard-coded and unable to be changed after manufacture.)
|
|
|
38. A buffer overflow can cause all but which of the following?
|
a. network throttling (Buffer overflows allow injection of code into executable memory space, and are highly unlikely to affect the network rate of transmission.)
|
|
|
39. Once data has been processed by the CPU for a program, it is moved into memory areas known as?
|
a. primary storage (CPU post-processing output is written to primary storage, typically RAM although some architectures will include Caches and/or on-motherboard FLASH storage, until transferred to secondary storage or returned to the CPU for further processing.)
|
|
|
40. What type of memory storage requires constant updates because the data it stores dissipates and decays?
|
c. Dynamic RAM or Random Access Memory (Dram requires a refresh to retain its stored values, releasing all data when power is removed or the refresh cycle interrupted.)
|
|
|
41. Which of the following is the fastest form of memory
|
d. cache (The cache is both the fastest form of memory outside of the CPU’s registers, as well as the closest-connected physically and so enjoying the lowest latency for communication.)
|
|
|
42. For security to be effective which of the following should not be true?
|
a. security is added to a product after its initial development (So-called “bolt on” security is never fully integrated at a product’s deepest levels.)
|
|
|
43. Once security is implemented into the design of a product, it should also be all but which of the following?
|
b. disabled (Disabling the security effectively removes its protections.)
|
|
|
44. If the operating system or an application fails to set boundaries on input data, what problem can occur?
|
c. buffer overflow (Buffer overflows allow data to be written into executable memory space past the input buffer’s allocated area.)
|
|
|
45. When a buffer overflow occurs, the extra data may flow into the CPU and cause what?
|
a. Data hiding (Also sometimes referred to as data segmentation or data sequestration.)
|
|
|
47. Which of the following security models is focused on protecting confidentiality?
|
b. Bell-LaPadula model (Protects confidentiality by enforcing access controls based on security labels and clearances.)
|
|
|
48. Which of the books from the Rainbow series is concerned with the interactions of computers over a communication medium?
|
c. Red (The “Red Book” from the Rainbow Series is focused on Trusted Network Interpretation.)
|
|
|
49. The ability for a single processor computer system to execute more than one process simultaneously is known as?
|
b. Multitasking (The ability of a CPU to rapidly switch between task elements, to allow near-simultaneous completion of more than a single process by swapping operational tasks during process wait states and timeslicing.)
|
|
|
50. The _______________ a security system, the _______________ it provides.
|
c. more complex, less assurance (As is often said of plumbing, “The more complex the pipes, the easier to stop up the drain.” Complexity requires greater testing for any change and can produce undesirable combinatory functions arising out of unexpected timing or uncontrolled process competition such as race conditions.)
|
