All R/Q Flashcards
- Which of the following contains the primary goals and objectives of security?
A. A network’s border perimeter
B. The CIA Triad
C. A Stand-alone system
D. The internet
Answer: B The primary goals and objectives of security are confidentiality, integrity, and availability, commonly referred to as the CIA Triad.
- Vulnerabilities and risks are evaluated based on their threats against which of the following?
A. One or more of the CIA Triad principles
B. Data Usefulness
C. Due care
D. Extent of liability
Answer: A Vulnerabilities and risks are evaluated based on their threats against one or more of the CIA Triad principles.
- Which of the following is a principle of the CIA Triad that means authorized subjects are granted timely and uninterrupted access to objects?
A. Identification
B. Availability
C. Encryption
D. Layering
Answer: B Availability means that authorized subjects are granted timely and uninterrupted access to objects.
- Which of the following is not considered a violation of confidentiality?
A. Stealing passwords
B. Eavesdropping
C. Hardware destruction
D. Social engineering
Answer: C Hardware destruction is a violation of availability and possibly integrity. Violations of confidentiality include capturing network traffic, stealing password files, social engineering, port scanning, shoulder surfing, eavesdropping, and sniffing.
- Which of the following is not true?
A. Violations of confidentiality include human error.
B. Violations of confidentiality include management oversight.
C. Violations of confidentiality are limited to direct intentional attacks.
D. Violations of confidentiality can occur when a transmission is not properly encrypted.
Answer: C Violations of confidentiality are not limited to direct intentional attacks. Many instances of unauthorized disclosure of sensitive or confidential information are due to human error, oversight, or ineptitude.
- STRIDE is often used in relation to assessing threats against applications or operating systems. Which of the following is not an element of STRIDE?
A. Spoofing
B. Elevation of privilege
C. Repudiation
D. Disclosure
Answer: D Disclosure is not an element of STRIDE. The elements of STRIDE are spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of privilege.
- If a security mechanism offers availability, then it offers a high level of assurance that authorized subjects can ___________ the data, objects, and resources.
A. Control
B. Audit
C. Access
D. Repudiate
Answer: C Accessibility of data, objects, and resources is the goal of availability. If a security mechanism offers availability, then it is highly likely that the data, objects, and resources are accessible to authorized subjects.
- _________ refers to keeping information confidential that is personally identifiable or which might cause harm, embarrassment, or disgrace to someone if revealed.
A. Seclusion
B. Concealment
C. Privacy
D. Criticality
Answer: C Privacy refers to keeping information confidential that is personally identifiable or which might cause harm, embarrassment, or disgrace to someone if revealed. Seclusion is to store something in an out of the way location. Concealment is the act of hiding or preventing disclosure. The level to which information is mission critical is its measure of criticality.
- All but which of the following items require awareness for all individuals affected?
A. Restricting personal email
B. Recording phone conversations
C. Gathering information about surfing habits
D. The backup mechanism used to retain email messages
Answer: D Users should be aware that email messages are retained, but the backup mechanism used to perform this operation does not need to be disclosed to them.
- What element of data categorization management can override all other forms of access control?
A. Classification
B. Physical access
C. Custodian responsibilities
D. Taking ownership
Answer: D Ownership grants an entity full capabilities and privileges over the object they own. The ability to take ownership is often granted to the most powerful accounts in an operating system because it can be used to overstep any access control limitations otherwise implemented.
- What ensures that the subject of an activity or event cannot deny that the event occurred?
A. CIA Triad
B. Abstraction
C. Nonrepudiation
D. Hash totals
Answer: C Nonrepudiation ensures that the subject of an activity or event cannot deny that the event occurred.
- Which of the following is the most important and distinctive concept in relation to layered security?
A. Multiple
B. Series
C. Parallel
D. Filter
Answer: B Layering is the deployment of multiple security mechanisms in a series. When security restrictions are performed in a series, they are performed one after the other in a linear fashion. Therefore, a single failure of a security control does not render the entire solution ineffective.
- Which of the following is not considered an example of data hiding?
A. Preventing an authorized reader of an object from deleting that object
B. Keeping a database from being accessed by unauthorized visitors
C. Restricting a subject at a lower classification level from accessing data at a higher classification level
D. Preventing an application from accessing hardware directly
Answer: A Preventing an authorized reader of an object from deleting that object is just an example of access control, not data hiding. If you can read an object, it is not hidden from you.
14 What is the primary goal of change management?
A. Maintaining documentation
B. Keeping users informed of changes
C. Allowing rollback of failed changes
D. Preventing security compromises
Answer: D The prevention of security compromises is the primary goal of change management.
- What is the primary objective of data classification schemes?
A. To control access to objects for authorized subjects
B. To formalize and stratify the process of securing data based on assigned labels of importance and sensitivity
C. To establish a transaction trail for auditing accountability
D. To manipulate access controls to provide for the most efficient means to grant or restrict functionality
Answer: B The primary objective of data classification schemes is to formalize and stratify the process of securing data based on assigned labels of importance and sensitivity.
- Which of the following is typically not a characteristic considered when classifying data?
A. Value
B. Size of object
C. Useful lifetime
D. National security implications
Answer: B Size is not a criterion for establishing data classification. When classifying an object, you should take value, lifetime, and security implications into consideration.
- What are the two common data classification schemes?
A. Military and private sector
B. Personal and government
C. Private sector and unrestricted sector
D. Classified and unclassified
Answer: A Military (or government) and private sector (or commercial business) are the two common data classification schemes.
- Which of the following is the lowest military data classification for classified data?
A. Sensitive
B. Secret
C. Proprietary
D. Private
Answer: B Of the options listed, secret is the lowest classified military data classification. Keep in mind that items labeled as confidential, secret, and top secret are collectively known as classified, and confidential is below secret in the list.
- Which commercial business/private sector data classification is used to control information about individuals within an organization?
A. Confidential
B. Private
C. Sensitive
D. Proprietary
Answer: B The commercial business/private sector data classification of private is used to protect information about individuals.
- Data classifications are used to focus security controls over all but which of the following?
A. Storage
B. Processing
C. Layering
D. Transfer
Answer: C Layering is a core aspect of security mechanisms, but it is not a focus of data classifications.
- Which of the following is the weakest element in any security solution?
A. Software products
B. Internet connections
C. Security policies
D. Humans
Answer: D Regardless of the specifics of a security solution, humans are the weakest element.
- When seeking to hire new employees, what is the first step?
A. Create a job description.
B. Set position classification.
C. Screen candidates.
D. Request resumes.
Answer: A The first step in hiring new employees is to create a job description. Without a job description, there is no consensus on what type of individual needs to be found and hired.
- Which of the following is a primary purpose of an exit interview?
A. To return the exiting employee’s personal belongings
B. To review the nondisclosure agreement
C. To evaluate the exiting employee’s performance
D. To cancel the exiting employee’s network access accounts
Answer: B The primary purpose of an exit interview is to review the nondisclosure agreement (NDA) and other liabilities and restrictions placed on the former employee based on the employment agreement and any other security-related documentation.
- When an employee is to be terminated, which of the following should be done?
A. Inform the employee a few hours before they are officially terminated.
B. Disable the employee’s network access just as they are informed of the termination.
C. Send out a broadcast email informing everyone that a specific employee is to be terminated.
D. Wait until you and the employee are the only people remaining in the building before announcing the termination.
Answer: B You should remove or disable the employee’s network user account immediately before or at the same time they are informed of their termination.
- If an organization contracts with outside entities to provide key business functions or services, such as account or technical support, what is the process called that is used to ensure that these entities support sufficient security?
A. Asset identification
B. Third-party governance
C. Exit interview
D. Qualitative analysis
Answer: B Third-party governance is the application of security oversight on third parties that your organization relies on.
- A portion of the _________ is the logical and practical investigation of business processes and organizational policies. This process/policy review ensures that the stated and implemented business tasks, systems, and methodologies are practical, efficient, cost-effective, but most of all (at least in relation to security governance) that they support security through the reduction of vulnerabilities and the avoidance, reduction, or mitigation of risk.
A. Hybrid assessment
B. Risk aversion process
C. Countermeasure selection
D. Documentation review
Answer: D A portion of the documentation review is the logical and practical investigation of business processes and organizational policies.
- Which of the following statements is not true?
A. IT security can provide protection only against logical or technical attacks.
B. The process by which the goals of risk management are achieved is known as risk analysis.
C. Risks to an IT infrastructure are all computer based.
D. An asset is anything used in a business process or task.
Answer: C Risks to an IT infrastructure are not all computer based. In fact, many risks come from noncomputer sources. It is important to consider all possible risks when performing risk evaluation for an organization. Failing to properly evaluate and respond to all forms of risk, a company remains vulnerable.
- Which of the following is not an element of the risk analysis process?
A. Analyzing an environment for risks
B. Creating a cost/benefit report for safeguards to present to upper management
C. Selecting appropriate safeguards and implementing them
D. Evaluating each threat event as to its likelihood of occurring and cost of the resulting damage
Answer: C Risk analysis includes analyzing an environment for risks, evaluating each threat event as to its likelihood of occurring and the cost of the damage it would cause, assessing the cost of various countermeasures for each risk, and creating a cost/benefit report for safeguards to present to upper management. Selecting safeguards is a task of upper management based on the results of risk analysis. It is a task that falls under risk management, but it is not part of the risk analysis process.
- Which of the following would generally not be considered an asset in a risk analysis?
A. A development process
B. An IT infrastructure
C. A proprietary system resource
D. Users’ personal files
Answer: D The personal files of users are not usually considered assets of the organization and thus are not considered in a risk analysis.
- Which of the following represents accidental or intentional exploitations of vulnerabilities?
A. Threat events
B. Risks
C. Threat agents
D. Breaches
Answer: A Threat events are accidental or intentional exploitations of vulnerabilities.
- When a safeguard or a countermeasure is not present or is not sufficient, what remains?
A. Vulnerability
B. Exposure
C. Risk
D. Penetration
Answer: A A vulnerability is the absence or weakness of a safeguard or countermeasure.
- Which of the following is not a valid definition for risk?
A. An assessment of probability, possibility, or chance
B. Anything that removes a vulnerability or protects against one or more specific threats
C. Risk = threat * vulnerability
D. Every instance of exposure
Answer: B Anything that removes a vulnerability or protects against one or more specific threats is considered a safeguard or a countermeasure, not a risk.
- When evaluating safeguards, what is the rule that should be followed in most cases?
A. The expected annual cost of asset loss should not exceed the annual costs of safeguards.
B. The annual costs of safeguards should equal the value of the asset.
C. The annual costs of safeguards should not exceed the expected annual cost of asset loss.
D. The annual costs of safeguards should not exceed 10 percent of the security budget.
Answer: C The annual costs of safeguards should not exceed the expected annual cost of asset loss.
- How is single loss expectancy (SLE) calculated?
A. Threat + vulnerability
B. Asset value ($) * exposure factor
C. Annualized rate of occurrence * vulnerability
D. Annualized rate of occurrence * asset value * exposure factor
Answer: B SLE is calculated using the formula SLE = asset value ($) * exposure factor (SLE = AV * EF).
- How is the value of a safeguard to a company calculated?
A. ALE before safeguard - ALE after implementing the safeguard - annual cost of safeguard
B. ALE before safeguard * ARO of safeguard
C. ALE after implementing safeguard + annual cost of safeguard - controls gap
D. Total risk - controls gap
Answer: A The value of a safeguard to an organization is calculated by ALE before safeguard – ALE after implementing the safeguard – annual cost of safeguard [(ALE1 – ALE2) – ACS].
- What security control is directly focused on preventing collusion?
A. Principle of least privilege
B. Job descriptions
C. Separation of duties
D. Qualitative risk analysis
Answer: C The likelihood that a co-worker will be willing to collaborate on an illegal or abusive scheme is reduced because of the higher risk of detection created by the combination of separation of duties, restricted job responsibilities, and job rotation.
- What process or event is typically hosted by an organization and is targeted to groups of employees with similar job functions?
A. Education
B. Awareness
C. Training
D. Termination
Answer: C Training is teaching employees to perform their work tasks and to comply with the security policy. Training is typically hosted by an organization and is targeted to groups of employees with similar job functions.
- Which of the following is not specifically or directly related to managing the security function of an organization?
A. Worker job satisfaction
B. Metrics
C. Information security strategies
D. Budget
Answer: A Managing the security function often includes assessment of budget, metrics, resources, information security strategies, and assessing the completeness and effectiveness of the security program.
- While performing a risk analysis, you identify a threat of fire and a vulnerability because there are no fire extinguishers. Based on this information, which of the following is a possible risk?
A. Virus infection
B. Damage to equipment
C. System malfunction
D. Unauthorized access to confidential information
Answer: B The threat of a fire and the vulnerability of a lack of fire extinguishers lead to the risk of damage to equipment.
- You’ve performed a basic quantitative risk analysis on a specific threat/vulnerability/risk relation. You select a possible countermeasure. When performing the calculations again, which of the following factors will change?
A. Exposure factor
B. Single loss expectancy
C. Asset value
D. Annualized rate of occurrence
Answer: D A countermeasure directly affects the annualized rate of occurrence, primarily because the countermeasure is designed to prevent the occurrence of the risk, thus reducing its frequency per year.
- What is the first step that individuals responsible for the development of a business continuity plan should perform?
A. BCP team selection
B. Business organization analysis
C. Resource requirements analysis
D. Legal and regulatory assessment
Answer: B The business organization analysis helps the initial planners select appropriate BCP team members and then guides the overall BCP process.
- Once the BCP team is selected, what should be the first item placed on the team’s agenda?
A. Business impact assessment
B. Business organization analysis
C. Resource requirements analysis
D. Legal and regulatory assessment
Answer: B The first task of the BCP team should be the review and validation of the business organization analysis initially performed by those individuals responsible for spearheading the BCP effort. This ensures that the initial effort, undertaken by a small group of individuals, reflects the beliefs of the entire BCP team.
- What is the term used to describe the responsibility of a firm’s officers and directors to ensure that adequate measures are in place to minimize the effect of a disaster on the organization’s continued viability?
A. Corporate responsibility
B. Disaster requirement
C. Due diligence
D. Going concern responsibility
Answer: C A firm’s officers and directors are legally bound to exercise due diligence in conducting their activities. This concept creates a fiduciary responsibility on their part to ensure that adequate business continuity plans are in place.
- What will be the major resource consumed by the BCP process during the BCP phase?
A. Hardware
B. Software
C. Processing time
D. Personnel
Answer: D During the planning phase, the most significant resource utilization will be the time dedicated by members of the BCP team to the planning process itself. This represents a significant use of business resources and is another reason that buy-in from senior management is essential.
- What unit of measurement should be used to assign quantitative values to assets in the priority identification phase of the business impact assessment?
A. Monetary
B. Utility
C. Importance
D. Time
Answer: A The quantitative portion of the priority identification should assign asset values in monetary units.
- Which one of the following BIA terms identifies the amount of money a business expects to lose to a given risk each year?
A. ARO
B. SLE
C. ALE
D. EF
Answer: C The annualized loss expectancy (ALE) represents the amount of money a business expects to lose to a given risk each year. This figure is quite useful when performing a quantitative prioritization of business continuity resource allocation.
- What BIA metric can be used to express the longest time a business function can be unavailable without causing irreparable harm to the organization?
A. SLE
B. EF
C. MTD
D. ARO
Answer: C The maximum tolerable downtime (MTD) represents the longest period a business function can be unavailable before causing irreparable harm to the business. This figure is useful when determining the level of business continuity resources to assign to a particular function.
- You are concerned about the risk that an avalanche poses to your $3 million shipping facility. Based on expert opinion, you determine that there is a 5 percent chance that an avalanche will occur each year. Experts advise you that an avalanche would completely destroy your building and require you to rebuild on the same land. Ninety percent of the $3 million value of the facility is attributed to the building and 10 percent is attributed to the land itself. What is the single loss expectancy of your shipping facility to avalanches?
A. $3,000,000
B. $2,700,000
C. $270,000
D. $135,000
Answer: B The SLE is the product of the AV and the EF. From the scenario, you know that the AV is $3,000,000 and the EF is 90 percent, based on that the same land can be used to rebuild the facility. This yields an SLE of $2,700,000.
- (8) You are concerned about the risk that an avalanche poses to your $3 million shipping facility. Based on expert opinion, you determine that there is a 5 percent chance that an avalanche will occur each year. Experts advise you that an avalanche would completely destroy your building and require you to rebuild on the same land. Ninety percent of the $3 million value of the facility is attributed to the building and 10 percent is attributed to the land itself. What is the single loss expectancy of your shipping facility to avalanches?Referring to the scenario in question 8, what is the annualized loss expectancy?
A. $3,000,000
B. $2,700,000
C. $270,000
D. $135,000
Answer: D This problem requires you to compute the ALE, which is the product of the SLE and the ARO. From the scenario, you know that the ARO is 0.05 (or 5 percent). From question 8, you know that the SLE is $2,700,000. This yields an SLE of $135,000.
- You are concerned about the risk that a hurricane poses to your corporate headquarters in South Florida. The building itself is valued at $15 million. After consulting with the National Weather Service, you determine that there is a 10 percent likelihood that a hurricane will strike over the course of a year. You hired a team of architects and engineers who determined that the average hurricane would destroy approximately 50 percent of the building. What is the annualized loss expectancy (ALE)?
A. $750,000
B. $1.5 million
C. $7.5 million
D. $15 million
Answer: A This problem requires you to compute the ALE, which is the product of the SLE and ARO. From the scenario, you know that the ARO is 0.10 (or 10 percent). From the scenario presented, you know that the SLE is $7.5 million. This yields an SLE of $750,000.
- Which task of BCP bridges the gap between the business impact assessment and the continuity planning phases?
A. Resource prioritization
B. Likelihood assessment
C. Strategy development
D. Provisions and processes
Answer: C The strategy development task bridges the gap between business impact assessment and continuity planning by analyzing the prioritized list of risks developed during the BIA and determining which risks will be addressed by the BCP.
- Which resource should you protect first when designing continuity plan provisions and processes?
A. Physical plant
B. Infrastructure
C. Financial
D. People
Answer: D The safety of human life must always be the paramount concern in business continuity planning. Be sure that your plan reflects this priority, especially in the written documentation that is disseminated to your organization’s employees!
- Which one of the following concerns is not suitable for quantitative measurement during the business impact assessment?
A. Loss of a plant
B. Damage to a vehicle
C. Negative publicity
D. Power outage
Answer: C It is very difficult to put a dollar figure on the business lost because of negative publicity. Therefore, this type of concern is better evaluated through a qualitative analysis.
- Lighter Than Air Industries expects that it would lose $10 million if a tornado struck its aircraft operations facility. It expects that a tornado might strike the facility once every 100 years. What is the single loss expectancy for this scenario?
A. 0.01
B. $10,000,000
C. $100,000
D. 0.10
Answer: B The single loss expectancy (SLE) is the amount of damage that would be caused by a single occurrence of the risk. In this case, the SLE is $10 million, the expected damage from one tornado. The fact that a tornado occurs only once every 100 years is not reflected in the SLE but would be reflected in the annualized loss expectancy (ALE).
- (14) Lighter Than Air Industries expects that it would lose $10 million if a tornado struck its aircraft operations facility. It expects that a tornado might strike the facility once every 100 years. What is the single loss expectancy for this scenario?Referring to the scenario in question 14, what is the annualized loss expectancy?
A. 0.01
B. $10,000,000
C. $100,000
D. 0.10
Answer: C The annualized loss expectancy (ALE) is computed by taking the product of the single loss expectancy (SLE), which was $10 million in this scenario, and the annualized rate of occurrence (ARO), which was 0.01 in this example. These figures yield an ALE of $100,000.
- In which business continuity planning task would you actually design procedures and mechanisms to mitigate risks deemed unacceptable by the BCP team?
A. Strategy development
B. Business impact assessment
C. Provisions and processes
D. Resource prioritization
Answer: C In the provisions and processes phase, the BCP team actually designs the procedures and mechanisms to mitigate risks that were deemed unacceptable during the strategy development phase.
- What type of mitigation provision is utilized when redundant communications links are installed?
A. Hardening systems
B. Defining systems
C. Reducing systems
D. Alternative systems
Answer: D This is an example of alternative systems. Redundant communications circuits provide backup links that may be used when the primary circuits are unavailable.
- What type of plan outlines the procedures to follow when a disaster interrupts the normal operations of a business?
A. Business continuity plan
B. Business impact assessment
C. Disaster recovery plan
D. Vulnerability assessment
Answer: C Disaster recovery plans pick up where business continuity plans leave off. After a disaster strikes and the business is interrupted, the disaster recovery plan guides response teams in their efforts to quickly restore business operations to normal levels.
- What is the formula used to compute the single loss expectancy for a risk scenario?
A. SLE = AV × EF
B. SLE = RO × EF
C. SLE = AV × ARO
D. SLE = EF × ARO
Answer: A The single loss expectancy (SLE) is computed as the product of the asset value (AV) and the exposure factor (EF). The other formulas displayed here do not accurately reflect this calculation.
- Of the individuals listed, who would provide the best endorsement for a business continuity plan’s statement of importance?
A. Vice president of business operations
B. Chief information officer
C. Chief executive officer
D. Business continuity manager
Answer: C You should strive to have the highest-ranking person possible sign the BCP’s statement of importance. Of the choices given, the chief executive officer is the highest ranking.
- Which criminal law was the first to implement penalties for the creators of viruses, worms, and other types of malicious code that cause harm to computer system(s)?
A. Computer Security Act
B. National Infrastructure Protection Act
C. Computer Fraud and Abuse Act
D. Electronic Communications Privacy Act
Answer: C The Computer Fraud and Abuse Act, as amended, provides criminal and civil penalties for those individuals convicted of using viruses, worms, Trojan horses, and other types of malicious code to cause damage to computer system(s).
- Which law first required operators of federal interest computer systems to undergo periodic training in computer security issues?
A. Computer Security Act
B. National Infrastructure Protection Act
C. Computer Fraud and Abuse Act
D. Electronic Communications Privacy Act
Answer: A The Computer Security Act requires mandatory periodic training for all people involved in managing, using, or operating federal computer systems that contain sensitive information.
- What type of law does not require an act of Congress to implement at the federal level but rather is enacted by the executive branch in the form of regulations, policies, and procedures?
A. Criminal law
B. Common law
C. Civil law
D. Administrative law
Answer: D Administrative laws do not require an act of the legislative branch to implement at the federal level. Administrative laws consist of the policies, procedures, and regulations promulgated by agencies of the executive branch of government. Although they do not require an act of Congress, these laws are subject to judicial review and must comply with criminal and civil laws enacted by the legislative branch.
- Which federal government agency has responsibility for ensuring the security of government computer systems that are not used to process sensitive and/or classified information?
A. National Security Agency
B. Federal Bureau of Investigation
C. National Institute of Standards and Technology
D. Secret Service
Answer: C The National Institute of Standards and Technology (NIST) is charged with the security management of all federal government computer systems that are not used to process sensitive national security information. The National Security Agency (part of the Department of Defense) is responsible for managing those systems that do process classified and/or sensitive information.
- What is the broadest category of computer systems protected by the Computer Fraud and Abuse Act, as amended?
A. Government-owned systems
B. Federal interest systems
C. Systems used in interstate commerce
D. Systems located in the United States
Answer: C The original Computer Fraud and Abuse Act of 1984 covered only systems used by the government and financial institutions. The act was broadened in 1986 to include all federal interest systems. The Computer Abuse Amendments Act of 1994 further amended the CFAA to cover all systems that are used in interstate commerce, including a large portion (but not all) of the computer systems in the United States.
- What law protects the right of citizens to privacy by placing restrictions on the authority granted to government agencies to search private residences and facilities?
A. Privacy Act
B. Fourth Amendment
C. Second Amendment
D. Gramm-Leach-Bliley Act
Answer: B The Fourth Amendment to the U.S. Constitution sets the “probable cause” standard that law enforcement officers must follow when conducting searches and/or seizures of private property. It also states that those officers must obtain a warrant before gaining involuntary access to such property.
- Matthew recently authored an innovative algorithm for solving a mathematical problem, and he wants to share it with the world. However, prior to publishing the software code in a technical journal, he wants to obtain some sort of intellectual property protection. Which type of protection is best suited to his needs?
A. Copyright
B. Trademark
C. Patent
D. Trade secret
Answer: A Copyright law is the only type of intellectual property protection available to Matthew. It covers only the specific software code that Matthew used. It does not cover the process or ideas behind the software. Trademark protection is not appropriate for this type of situation. Patent protection does not apply to mathematical algorithms. Matthew can’t seek trade secret protection because he plans to publish the algorithm in a public technical journal.
- Mary is the cofounder of Acme Widgets, a manufacturing firm. Together with her partner, Joe, she has developed a special oil that will dramatically improve the widget manufacturing process. To keep the formula secret, Mary and Joe plan to make large quantities of the oil by themselves in the plant after the other workers have left. They want to protect this formula for as long as possible. What type of intellectual property protection best suits their needs?
A. Copyright
B. Trademark
C. Patent
D. Trade secret
Answer: D Mary and Joe should treat their oil formula as a trade secret. As long as they do not publicly disclose the formula, they can keep it a company secret indefinitely.
- Richard recently developed a great name for a new product that he plans to begin using immediately. He spoke with his attorney and filed the appropriate application to protect his product name but has not yet received a response from the government regarding his application. He wants to begin using the name immediately. What symbol should he use next to the name to indicate its protected status?
A. ©
B. ®
C. ™
D. †
Answer: C Richard’s product name should be protected under trademark law. Until his registration is granted, he can use the ™ symbol next to it to inform others that it is protected under trademark law. Once his application is approved, the name becomes a registered trademark and Richard can begin using the ® symbol.
- What law prevents government agencies from disclosing personal information that an individual supplies to the government under protected circumstances?
A. Privacy Act
B. Electronic Communications Privacy Act
C. Health Insurance Portability and Accountability Act
D. Gramm-Leach-Bliley Act
Answer: A The Privacy Act of 1974 limits the ways government agencies may use information that private citizens disclose to them under certain circumstances.
- What law formalizes many licensing arrangements used by the software industry and attempts to standardize their use from state to state?
A. Computer Security Act
B. Uniform Computer Information Transactions Act
C. Digital Millennium Copyright Act
D. Gramm-Leach-Bliley Act
Answer: B The Uniform Computer Information Transactions Act (UCITA) attempts to implement a standard framework of laws regarding computer transactions to be adopted by all states. One of the issues addressed by UCITA is the legality of various types of software license agreements.
- The Children’s Online Privacy Protection Act was designed to protect the privacy of children using the Internet. What is the minimum age a child must be before companies can collect personal identifying information from them without parental consent?
A. 13
B. 14
C. 15
D. 16
Answer: A The Children’s Online Privacy Protection Act (COPPA) provides severe penalties for companies that collect information from young children without parental consent. COPPA states that this consent must be obtained from the parents of children younger than the age of 13 before any information is collected (other than basic information required to obtain that consent).
- Which one of the following is not a requirement that Internet service providers must satisfy in order to gain protection under the “transitory activities” clause of the Digital Millennium Copyright Act?
A. The service provider and the originator of the message must be located in different states.
B. The transmission, routing, provision of connections, or copying must be carried out by an automated technical process without selection of material by the service provider.
C. Any intermediate copies must not ordinarily be accessible to anyone other than anticipated recipients and must not be retained for longer than reasonably necessary.
D. The transmission must be originated by a person other than the provider.
Answer: A The Digital Millennium Copyright Act does not include any geographical location requirements for protection under the “transitory activities” exemption. The other options are three of the five mandatory requirements. The other two requirements are that the service provider must not determine the recipients of the material and the material must be transmitted with no modification to its content.
- Which one of the following laws is not designed to protect the privacy rights of consumers and Internet users?
A. Health Insurance Portability and Accountability Act
B. Identity Theft Assumption and Deterrence Act
C. USA PATRIOT Act
D. Gramm-Leach-Bliley Act
Answer: C The USA PATRIOT Act was adopted in the wake of the September 11, 2001, terrorist attacks. It broadens the powers of the government to monitor communications between private citizens and therefore actually weakens the privacy rights of consumers and Internet users. The other laws mentioned all contain provisions designed to enhance individual privacy rights.
- Which one of the following types of licensing agreements does not require that the user acknowledge that they have read the agreement prior to executing it?
A. Standard license agreement
B. Shrink-wrap agreement
C. Click-wrap agreement
D. Verbal agreement
Answer: B Shrink-wrap license agreements become effective when the user opens a software package. Click-wrap agreements require the user to click a button during the installation process to accept the terms of the license agreement. Standard license agreements require that the user sign a written agreement prior to using the software. Verbal agreements are not normally used for software licensing but also require some active degree of participation by the software user.
- What industry is most directly impacted by the provisions of the Gramm-Leach-Bliley Act?
A. Health care
B. Banking
C. Law enforcement
D. Defense contractors
Answer: B The Gramm-Leach-Bliley Act provides, among other things, regulations regarding the way financial institutions can handle private information belonging to their customers.
- What is the standard duration of patent protection in the United States?
A. 14 years from the application date
B. 14 years from the date the patent is granted
C. 20 years from the application date
D. 20 years from the date the patent is granted
Answer: C U.S. patent law provides for an exclusivity period of 20 years beginning at the time the patent application is submitted to the Patent and Trademark Office.
- Which one of the following is not a valid legal reason for processing information about an individual under the European Union’s data privacy directive?
A. Contract
B. Legal obligation
C. Marketing needs
D. Consent
Answer: C Marketing needs are not a valid reason for processing personal information, as defined by the European Union privacy directive.
- What compliance obligation relates to the processing of credit card information?
A. SOX
B. HIPAA
C. PCI DSS
D. FERPA
Answer: C The Payment Card Industry Data Security Standard (PCI DSS) applies to organizations involved in the storage, transmission, and processing of credit card information.
- What act updated the privacy and security requirements of the Health Insurance Portability and Accountability Act (HIPAA)?
A. HITECH
B. CALEA
C. CFAA
D. CCCA
Answer: A The Health Information Technology for Economic and Clinical Health Act (HITECH) of 2009 amended the privacy and security requirements of HIPAA.
- Which one of the following identifies the primary a purpose of information classification processes?
A. Define the requirements for protecting sensitive data.
B. Define the requirements for backing up data.
C. Define the requirements for storing data.
D. Define the requirements for transmitting data.
Answer: A A primary purpose of information classification processes is to identify security classifications for sensitive data and define the requirements to protect sensitive data. Information classification processes will typically include requirements to protect sensitive data at rest (in backups and stored on media), but not requirements for backing up and storing any data. Similarly, information classification processes will typically include requirements to protect sensitive data in transit, but not any data.
- When determining the classification of data, which one of the following is the most important consideration?
A. Processing system
B. Value
C. Storage media
D. Accessibility
Answer: B Data is classified based on its value to the organization. In some cases, it is classified based on the potential negative impact if unauthorized personnel can access it, which represents a negative value. It is not classified based on the processing system, but the processing system is classified based on the data it processes. Similarly, the storage media is classified based on the data classification, but the data is not classified based on where it is stored. Accessibility is affected by the classification, but the accessibility does not determine the classification. Personnel implement controls to limit accessibility of sensitive data.
- Which of the following answers would not be included as sensitive data?
A. Personally identifiable information (PII)
B. Protected health information (PHI)
C. Proprietary data
D. Data posted on a website
Answer: D Data posted on a website is not sensitive, but PII, PHI, and proprietary data are all sensitive data.
- What is the most important aspect of marking media?
A. Data labeling
B. Content description
C. Electronic labeling
D. Classification
Answer: D Classification is the most important aspect of marking media because it clearly identifies the value of the media and users know how to protect it based on the classification. Including information such as the date and a description of the content isn’t as important as marking the classification. Electronic labels or marks can be used, but when they are used, the most important information is still the classification of the data.
- Which would an administrator do to classified media before reusing it in a less secure environment?
A. Erasing
B. Clearing
C. Purging
D. Overwriting
Answer: C Purging media removes all data by writing over existing data multiple times to ensure that the data is not recoverable using any known methods. Purged media can then be reused in less secure environments. Erasing the media performs a delete, but the data remains and can easily be restored. Clearing, or overwriting, writes unclassified data over existing data, but some sophisticated forensics techniques may be able to recover the original data, so this method should not be used to reduce the classification of media.
- Which of the following statements correctly identifies a problem with sanitization methods?
A. Methods are not available to remove data ensuring that unauthorized personnel cannot retrieve data.
B. Even fully incinerated media can offer extractable data.
C. Personnel can perform sanitization steps improperly.
D. Stored data is physically etched into the media.
Answer: C Sanitization can be unreliable because personnel can perform the purging, degaussing, or other processes improperly. When done properly, purged data is not recoverable using any known methods. Data cannot be retrieved from incinerated, or burned, media. Data is not physically etched into the media.
- Which of the following choices is the most reliable method of destroying data on a solid state drive?
A. Erasing
B. Degaussing
C. Deleting
D. Purging
Answer: D Purging is the most reliable method of the given choices. Purging overwrites the media with random bits multiple times and includes additional steps to ensure data is removed. While not an available answer choice, destruction of the drive is a more reliable method. Erasing or deleting processes rarely remove the data from media, but instead mark it for deletion. Solid state drives (SSDs) do not have magnetic flux so degaussing an SSD doesn’t destroy data.
- Which of the following is the most secure method of deleting data on a DVD?
A. Formatting
B. Deleting
C. Destruction
D. Degaussing
Answer: C Physical destruction is the most secure method of deleting data on optical media such as a DVD. Formatting and deleting processes rarely remove the data from any media. DVDs do not have magnetic flux so degaussing a DVD doesn’t destroy data.
- Which of the following does not erase data?
A. Clearing
B. Purging
C. Overwriting
D. Remanence
Answer: D Data remanence refers to data remnants that remain on a hard drive as residual magnetic flux. Clearing, purging, and overwriting are valid methods of erasing data.
- Which one of the following is based on Blowfish and helps protect against rainbow table attacks?
A. 3DES
B. AES
C. Bcrypt
D. SCP
Answer: C Linux systems use bcrypt to encrypt passwords, and bcrypt is based on Blowfish. Bcrypt adds 128 additional bits as a salt to protect against rainbow table attacks. Advanced Encryption Standard (AES) and Triple DES (or 3DES) are separate symmetric encryption protocols, and neither one is based on Blowfish, or directly related to protecting against rainbow table attacks. Secure Copy (SCP) uses Secure Shell (SSH) to encrypt data transmitted over a network.
- Which one of the following would administrators use to connect to a remote server securely for administration?
A. Telnet
B. Secure File Transfer Protocol (SFTP)
C. Secure Copy (SCP)
D. Secure Shell (SSH)
Answer: D SSH is a secure alternative to Telnet because it encrypts data transmitted over a network. In contrast, Telnet transmits data in cleartext. SFTP and SCP are good methods for transmitting sensitive data over a network, but not for administration purposes.
- Which one of the following tasks would a custodian most likely perform?
A. Access the data
B. Classify the data
C. Assign permissions to the data
D. Back up data
Answer: D A data custodian performs day to day tasks to protect the integrity security of data and this includes backing it up. Users access the data. Owners classify the data. Administrators assign permissions to the data.
- Which one of the following data roles is most likely to assign permissions to grant users access to data?
A. Administrator
B. Custodian
C. Owner
D. User
Answer: A The administrator assigns permissions based on the principles of least privilege and need to know. A custodian protects the integrity and security of the data. Owners have ultimate responsibility for the data and ensure that it is classified properly, and owners provide guidance to administrators on who can have access, but owners do not assign permissions. Users simply access the data.
- Which of the following best defines “rules of behavior” established by a data owner?
A. Ensuring users are granted access to only what they need
B. Determining who has access to a system
C. Identifying appropriate use and protection of data
D. Applying security controls to a system
Answer: C The rules of behavior identify the rules for appropriate use and protection of data. Least privilege ensures users are granted access to only what they need. A data owner determines who has access to a system, but that is not rules of behavior. Rules of behavior apply to users, not systems or security controls.
- Within the context of the European Union (EU) Data Protection law, what is a data processor?
A. The entity that processes personal data on behalf of the data controller
B. The entity that controls processing of data
C. The computing system that processes data
D. The network that processes data
Answer: A The EU Data Protection law defines a data processor as “a natural or legal person which processes personal data solely on behalf of the data controller.” The data controller is the entity that controls processing of the data and directs the data processor. Within the context of the EU Data Protection law, the data processor is not a computing system or network.
16. What do the principles of notice, choice, onward transfer, and access closely apply to? A. Privacy B. Identification C. Retention D. Classification
Answer: A These are the first four principles in the Safe Harbor principles and they apply to maintaining the privacy of data. They do not address identification or retention of data. They primarily refer to privacy data such as personally identifiable information (PII), and while that may be considered a classification, classification isn’t the primary purpose of the seven Safe Harbor principles.
- An organization is implementing a preselected baseline of security controls, but finds not all of the controls apply. What should they do?
A. Implement all of the controls anyway.
B. Identify another baseline.
C. Re-create a baseline.
D. Tailor the baseline to their needs.
Answer: D Scoping and tailoring processes allow an organization to tailor security baselines to its needs. There is no need to implement security controls that do not apply, and it is not necessary to identify or re-create a different baseline.
- Scenario: An organization has a datacenter manned 24 hours a day that processes highly sensitive information. The datacenter includes email servers, and administrators purge email older than six months to comply with the organization’s security policy. Access to the datacenter is controlled, and all systems that process sensitive information are marked. Administrators routinely back up data processed in the datacenter. They keep a copy of the backups on site and send an unmarked copy to one of the company warehouses. Warehouse workers organize the media by date, and they have backups from the last 20 years. Employees work at the warehouse during the day and lock it when they leave at night and over the weekends. Recently a theft at the warehouse resulted in the loss of all of the offsite backup tapes. Later, copies of their data, including sensitive emails from years ago, began appearing on Internet sites, exposing the organization’s internal sensitive data.Of the following choices, what would have prevented this loss without sacrificing security?
A. Mark the media kept offsite.
B. Don’t store data offsite.
C. Destroy the backups offsite.
D. Use a secure offsite storage facility.
Answer: D Backup media should be protected with the same level of protection afforded the data it contains, and using a secure offsite storage facility would ensure this. The media should be marked, but that won’t protect it if it is stored in an unmanned warehouse. A copy of backups should be stored offsite to ensure availability if a catastrophe affects the primary location. If copies of data are not stored offsite, or offsite backups are destroyed, security is sacrificed by risking availability.
- Scenario: An organization has a datacenter manned 24 hours a day that processes highly sensitive information. The datacenter includes email servers, and administrators purge email older than six months to comply with the organization’s security policy. Access to the datacenter is controlled, and all systems that process sensitive information are marked. Administrators routinely back up data processed in the datacenter. They keep a copy of the backups on site and send an unmarked copy to one of the company warehouses. Warehouse workers organize the media by date, and they have backups from the last 20 years. Employees work at the warehouse during the day and lock it when they leave at night and over the weekends. Recently a theft at the warehouse resulted in the loss of all of the offsite backup tapes. Later, copies of their data, including sensitive emails from years ago, began appearing on Internet sites, exposing the organization’s internal sensitive data.Which of the following administrator actions might have prevented this incident?
A. Mark the tapes before sending them to the warehouse.
B. Purge the tapes before backing up data to them.
C. Degauss the tapes before backing up data to them.
D. Add the tapes to an asset management database.
Answer: A If the tapes were marked before they left the datacenter, employees would recognize their value and it is more likely someone would challenge their storage in an unmanned warehouse. Purging or degaussing the tapes before using them will erase previously held data but won’t help if sensitive information is backed up to the tapes after they are purged or degaussed. Adding the tapes to an asset management database will help track them but wouldn’t prevent this incident.
- Scenario: An organization has a datacenter manned 24 hours a day that processes highly sensitive information. The datacenter includes email servers, and administrators purge email older than six months to comply with the organization’s security policy. Access to the datacenter is controlled, and all systems that process sensitive information are marked. Administrators routinely back up data processed in the datacenter. They keep a copy of the backups on site and send an unmarked copy to one of the company warehouses. Warehouse workers organize the media by date, and they have backups from the last 20 years. Employees work at the warehouse during the day and lock it when they leave at night and over the weekends. Recently a theft at the warehouse resulted in the loss of all of the offsite backup tapes. Later, copies of their data, including sensitive emails from years ago, began appearing on Internet sites, exposing the organization’s internal sensitive data.Of the following choices, what policy was not followed regarding the backup media?
A. Media destruction
B. Record retention
C. Configuration management
D. Versioning
Answer: B Personnel did not follow the record retention policy. The scenario states that administrators purge onsite email older than six months to comply with the organization’s security policy, but offsite backups included backups for the last 20 years. Personnel should follow media destruction policies when the organization no longer needs the media, but some backups are needed. Configuration management ensures that systems are configured correctly using a baseline, but this does not apply to backup media. Versioning is applied to applications, not backup tapes.
- How many possible keys exist in a 4-bit key space?
A. 4
B. 8
C. 16
D. 128
Answer: C To determine the number of keys in a key space, raise 2 to the power of the number of bits in the key space. In this example, 24 = 16.
- John recently received an email message from Bill. What cryptographic goal would need to be met to convince John that Bill was actually the sender of the message?
A. Nonrepudiation
B. Confidentiality
C. Availability
D. Integrity
Answer: A Nonrepudiation prevents the sender of a message from later denying that they sent it.
- What is the length of the cryptographic key used in the Data Encryption Standard (DES) cryptosystem?
A. 56 bits
B. 128 bits
C. 192 bits
D. 256 bits
Answer: A DES uses a 56-bit key. This is considered one of the major weaknesses of this cryptosystem.
- What type of cipher relies on changing the location of characters within a message to achieve confidentiality?
A. Stream cipher
B. Transposition cipher
C. Block cipher
D. Substitution cipher
Answer: B Transposition ciphers use a variety of techniques to reorder the characters within a message.
- Which one of the following is not a possible key length for the Advanced Encryption Standard Rijndael cipher?
A. 56 bits
B. 128 bits
C. 192 bits
D. 256 bits
Answer: A The Rijndael cipher allows users to select a key length of 128, 192, or 256 bits, depending on the specific security requirements of the application
- Which one of the following cannot be achieved by a secret key cryptosystem?
A. Nonrepudiation
B. Confidentiality
C. Availability
D. Key distribution
Answer: A Nonrepudiation requires the use of a public key cryptosystem to prevent users from falsely denying that they originated a message.
- When correctly implemented, what is the only cryptosystem known to be unbreakable?
A. Transposition cipher
B. Substitution cipher
C. Advanced Encryption Standard
D. One-time pad
Answer: D Assuming that it is used properly, the one-time pad is the only known cryptosystem that is not vulnerable to attacks.
- What is the output value of the mathematical function 16 mod 3?
A. 0
B. 1
C. 3
D. 5
Answer: B Option B is correct because 16 divided by 3 equals 5, with a remainder value of 1.
- In the 1940s, a team of cryptanalysts from the United States successfully broke a Soviet code based on a one-time pad in a project known as VENONA. What rule did the Soviets break that caused this failure?
A. Key values must be random.
B. Key values must be the same length as the message.
C. Key values must be used only once.
D. Key values must be protected from physical disclosure.
Answer: A The cryptanalysts from the United States discovered a pattern in the method the Soviets used to generate their one-time pads. After this pattern was discovered, much of the code was eventually broken.
- Which one of the following cipher types operates on large pieces of a message rather than individual characters or bits of a message?
A. Stream cipher
B. Caesar cipher
C. Block cipher
D. ROT3 cipher
Answer: C Block ciphers operate on message “chunks” rather than on individual characters or bits. The other ciphers mentioned are all types of stream ciphers that operate on individual bits or characters of a message.
- What is the minimum number of cryptographic keys required for secure two-way communications in symmetric key cryptography?
A. One
B. Two
C. Three
D. Four
Answer: A Symmetric key cryptography uses a shared secret key. All communicating parties utilize the same key for communication in any direction.
- Dave is developing a key escrow system that requires multiple people to retrieve a key but does not depend on every participant being present. What type of technique is he using?
A. Split knowledge
B. M of N Control
C. Work function
D. Zero-knowledge proof
Answer: B M of N Control requires that a minimum number of agents (M) out of the total number of agents (N) work together to perform high-security tasks.
- Which one of the following Data Encryption Standard (DES) operating modes can be used for large messages with the assurance that an error early in the encryption/decryption process won’t spoil results throughout the communication?
A. Cipher Block Chaining (CBC)
B. Electronic Codebook (ECB)
C. Cipher Feedback (CFB)
D. Output Feedback (OFB)
Answer: D Output Feedback (OFB) mode prevents early errors from interfering with future encryption/decryption. Cipher Block Chaining and Cipher Feedback modes will carry errors throughout the entire encryption/decryption process. Electronic Codebook (ECB) operation is not suitable for large amounts of data.
- Many cryptographic algorithms rely on the difficulty of factoring the product of large prime numbers. What characteristic of this problem are they relying on?
A. It contains diffusion.
B. It contains confusion.
C. It is a one-way function.
D. It complies with Kerchoff’s principle.
Answer: C A one-way function is a mathematical operation that easily produces output values for each possible combination of inputs but makes it impossible to retrieve the input values.
- How many keys are required to fully implement a symmetric algorithm with 10 participants?
A. 10
B. 20
C. 45
D. 100
Answer: C The number of keys required for a symmetric algorithm is dictated by the formula (n*(n–1))/2, which in this case, where n = 10, is 45.
- What block size is used by the Advanced Encryption Standard?
A. 32 bits
B. 64 bits
C. 128 bits
D. Variable
Answer: C The Advanced Encryption Standard uses a 128-bit block size, despite the fact that the Rijndael algorithm it is based on allows a variable block size.
- What kind of attack makes the Caesar cipher virtually unusable?
A. Meet-in-the-middle attack
B. Escrow attack
C. Frequency analysis attack
D. Transposition attack
Answer: C The Caesar cipher (and other simple substitution ciphers) are vulnerable to frequency analysis attacks that analyze the rate at which specific letters appear in the ciphertext.
- What type of cryptosystem commonly makes use of a passage from a well-known book for the encryption key?
A. Vernam cipher
B. Running key cipher
C. Skipjack cipher
D. Twofish cipher
Answer: B Running key (or “book”) ciphers often use a passage from a commonly available book as the encryption key.
- Which AES finalist makes use of prewhitening and postwhitening techniques?
A. Rijndael
B. Twofish
C. Blowfish
D. Skipjack
Answer: B The Twofish algorithm, developed by Bruce Schneier, uses prewhitening and postwhitening.
- How many encryption keys are required to fully implement an asymmetric algorithm with 10 participants?
A. 10
B. 20
C. 45
D. 100
Answer: B In an asymmetric algorithm, each participant requires two keys: a public key and a private key.
- In the RSA public key cryptosystem, which one of the following numbers will always be largest?
A. e
B. n
C. p
D. q
Answer: B The number n is generated as the product of the two large prime numbers, p and q. Therefore, n must always be greater than both p and q. Furthermore, it is an algorithm constraint that e must be chosen such that e is smaller than n. Therefore, in RSA cryptography, n is always the largest of the four variables shown in the options to this question.
- Which cryptographic algorithm forms the basis of the El Gamal cryptosystem?
A. RSA
B. Diffie-Hellman
C. 3DES
D. IDEA
Answer: B The El Gamal cryptosystem extends the functionality of the Diffie-Hellman key exchange protocol to support the encryption and decryption of messages.
- If Richard wants to send an encrypted message to Sue using a public key cryptosystem, which key does he use to encrypt the message?
A. Richard’s public key
B. Richard’s private key
C. Sue’s public key
D. Sue’s private key
Answer: C Richard must encrypt the message using Sue’s public key so that Sue can decrypt it using her private key. If he encrypted the message with his own public key, the recipient would need to know Richard’s private key to decrypt the message. If he encrypted it with his own private key, any user could decrypt the message using Richard’s freely available public key. Richard could not encrypt the message using Sue’s private key because he does not have access to it. If he did, any user could decrypt it using Sue’s freely available public key.
- If a 2,048-bit plaintext message were encrypted with the El Gamal public key cryptosystem, how long would the resulting ciphertext message be?
A. 1,024 bits
B. 2,048 bits
C. 4,096 bits
D. 8,192 bits
Answer: C The major disadvantage of the El Gamal cryptosystem is that it doubles the length of any message it encrypts. Therefore, a 2,048-bit plain-text message would yield a 4,096-bit ciphertext message when El Gamal is used for the encryption process.
- Acme Widgets currently uses a 1,024-bit RSA encryption standard companywide. The company plans to convert from RSA to an elliptic curve cryptosystem. If it wants to maintain the same cryptographic strength, what ECC key length should it use?
A. 160 bits
B. 512 bits
C. 1,024 bits
D. 2,048 bits
Answer: A The elliptic curve cryptosystem requires significantly shorter keys to achieve encryption that would be the same strength as encryption achieved with the RSA encryption algorithm. A 1,024-bit RSA key is cryptographically equivalent to a 160-bit elliptic curve cryptosystem key.
- John wants to produce a message digest of a 2,048-byte message he plans to send to Mary. If he uses the SHA-1 hashing algorithm, what size will the message digest for this particular message be?
A. 160 bits
B. 512 bits
C. 1,024 bits
D. 2,048 bits
Answer: A The SHA-1 hashing algorithm always produces a 160-bit message digest, regardless of the size of the input message. In fact, this fixed-length output is a requirement of any secure hashing algorithm.
- Which one of the following technologies is considered flawed and should no longer be used?
A. SHA-2
B. PGP
C. WEP
D. TLS
Answer: C The WEP algorithm has documented flaws that make it trivial to break. It should never be used to protect wireless networks.
- What encryption technique does WPA use to protect wireless communications?
A. TKIP
B. DES
C. 3DES
D. AES
Answer: A WiFi Protected Access (WPA) uses the Temporal Key Integrity Protocol (TKIP) to protect wireless communications. WPA2 uses AES encryption.
- Richard received an encrypted message sent to him from Sue. Which key should he use to decrypt the message?
A. Richard’s public key
B. Richard’s private key
C. Sue’s public key
D. Sue’s private key
Answer: B Sue would have encrypted the message using Richard’s public key. Therefore, Richard needs to use the complementary key in the key pair, his private key, to decrypt the message.
- Richard wants to digitally sign a message he’s sending to Sue so that Sue can be sure the message came from him without modification while in transit. Which key should he use to encrypt the message digest?
A. Richard’s public key
B. Richard’s private key
C. Sue’s public key
D. Sue’s private key
Answer: B Richard should encrypt the message digest with his own private key. When Sue receives the message, she will decrypt the digest with Richard’s public key and then compute the digest herself. If the two digests match, she can be assured that the message truly originated from Richard.
11. Which one of the following algorithms is not supported by the Digital Signature Standard? A. Digital Signature Algorithm B. RSA C. El Gamal DSA D. Elliptic Curve DSA
Answer: C The Digital Signature Standard allows federal government use of the Digital Signature Algorithm, RSA, or the Elliptic Curve DSA in conjunction with the SHA-1 hashing function to produce secure digital signatures.
- Which International Telecommunications Union (ITU) standard governs the creation and endorsement of digital certificates for secure electronic communication?
A. X.500
B. X.509
C. X.900
D. X.905
Answer: B X.509 governs digital certificates and the public key infrastructure (PKI). It defines the appropriate content for a digital certificate and the processes used by certificate authorities to generate and revoke certificates.
- What cryptosystem provides the encryption/decryption technology for the commercial version of Phil Zimmerman’s Pretty Good Privacy secure email system?
A. ROT13
B. IDEA
C. ECC
D. El Gamal
Answer: B Pretty Good Privacy uses a “web of trust” system of digital signature verification. The encryption technology is based on the IDEA private key cryptosystem.
- What TCP/IP communications port is used by Transport Layer Security traffic?
A. 80
B. 220
C. 443
D. 559
Answer: C Transport Layer Security uses TCP port 443 for encrypted client-server communications.
- What type of cryptographic attack rendered Double DES (2DES) no more effective than standard DES encryption?
A. Birthday attack
B. Chosen ciphertext attack
C. Meet-in-the-middle attack
D. Man-in-the-middle attack
Answer: C The meet-in-the-middle attack demonstrated that it took relatively the same amount of computation power to defeat 2DES as it does to defeat standard DES. This led to the adoption of Triple DES (3DES) as a standard for government communication.
- Which of the following tools can be used to improve the effectiveness of a brute-force password cracking attack?
A. Rainbow tables
B. Hierarchical screening
C. TKIP
D. Random enhancement
Answer: A Rainbow tables contain precomputed hash values for commonly used passwords and may be used to increase the efficiency of password cracking attacks.
- Which of the following links would be protected by WPA encryption?
A. Firewall to firewall
B. Router to firewall
C. Client to wireless access point
D. Wireless access point to router
Answer: C The WiFi Protected Access protocol encrypts traffic passing between a mobile client and the wireless access point. It does not provide end-to-end encryption.
- What is the major disadvantage of using certificate revocation lists?
A. Key management
B. Latency
C. Record keeping
D. Vulnerability to brute-force attacks
Answer: B Certificate revocation lists (CRLs) introduce an inherent latency to the certificate expiration process due to the time lag between CRL distributions.
- Which one of the following encryption algorithms is now considered insecure?
A. El Gamal
B. RSA
C. Skipjack
D. Merkle-Hellman Knapsack
Answer: D The Merkle-Hellman Knapsack algorithm, which relies on the difficulty of factoring super-increasing sets, has been broken by cryptanalysts.
- What does IPsec define?
A. All possible security classifications for a specific configuration
B. A framework for setting up a secure communication channel
C. The valid transition states in the Biba model
D. TCSEC security categories
Answer: B IPsec is a security protocol that defines a framework for setting up a secure channel to exchange information between two entities.
- What is system certification?
A. Formal acceptance of a stated system configuration
B. A technical evaluation of each part of a computer system to assess its compliance with security standards
C. A functional evaluation of the manufacturer’s goals for each hardware and software component to meet integration standards
D. A manufacturer’s certificate stating that all components were installed and configured correctly
Answer: B A system certification is a technical evaluation. Option A describes system accreditation. Options C and D refer to manufacturer standards, not implementation standards.
- What is system accreditation?
A. Formal acceptance of a stated system configuration
B. A functional evaluation of the manufacturer’s goals for each hardware and software component to meet integration standards
C. Acceptance of test results that prove the computer system enforces the security policy
D. The process to specify secure communication between machines
Answer: A Accreditation is the formal acceptance process. Option B is not an appropriate answer because it addresses manufacturer standards. Options C and D are incorrect because there is no way to prove that a configuration enforces a security policy and accreditation does not entail secure communication specification.
- What is a closed system?
A. A system designed around final, or closed, standards
B. A system that includes industry standards
C. A proprietary system that uses unpublished protocols
D. Any machine that does not run Windows
Answer: C A closed system is one that uses largely proprietary or unpublished protocols and standards. Options A and D do not describe any particular systems, and Option B describes an open system.
- Which best describes a confined or constrained process?
A. A process that can run only for a limited time
B. A process that can run only during certain times of the day
C. A process that can access only certain memory locations
D. A process that controls access to an object
Answer: C A constrained process is one that can access only certain memory locations. Options A, B, and D do not describe a constrained process.
- What is an access object?
A. A resource a user or process wants to access
B. A user or process that wants to access a resource
C. A list of valid access rules
D. The sequence of valid access types
Answer: A An object is a resource a user or process wants to access. Option A describes an access object.
- What is a security control?
A. A security component that stores attributes that describe an object
B. A document that lists all data classification types
C. A list of valid access rules
D. A mechanism that limits access to an object
Answer: D A control limits access to an object to protect it from misuse by unauthorized users.
- For what type of information system security accreditation are the applications and systems at a specific, self-contained location evaluated?
A. System accreditation
B. Site accreditation
C. Application accreditation
D. Type accreditation
Answer: B The applications and systems at a specific, self-contained location are evaluated for DITSCAP and NIACAP site accreditation.
- How many major categories do the TCSEC criteria define?
A. Two
B. Three
C. Four
D. Five
Answer: C TCSEC defines four major categories: Category A is verified protection, Category B is mandatory protection, Category C is discretionary protection, and Category D is minimal protection.
- What is a trusted computing base (TCB)?
A. Hosts on your network that support secure transmissions
B. The operating system kernel and device drivers
C. The combination of hardware, software, and controls that work together to enforce a security policy
D. The software and controls that certify a security policy
Answer: C The TCB is the combination of hardware, software, and controls that work together to enforce a security policy.
- What is a security perimeter? (Choose all that apply.)
A. The boundary of the physically secure area surrounding your system
B. The imaginary boundary that separates the TCB from the rest of the system
C. The network where your firewall resides
D. Any connections to your computer system
Answer: A;B Although the most correct answer in the context of this chapter is Option B, Option A is also a correct answer in the context of physical security.
- What part of the TCB concept validates access to every resource prior to granting the requested access?
A. TCB partition
B. Trusted library
C. Reference monitor
D. Security kernel
Answer: C The reference monitor validates access to every resource prior to granting the requested access. Option D, the security kernel, is the collection of TCB components that work together to implement the reference monitor functions. In other words, the security kernel is the implementation of the reference monitor concept. Options A and B are not valid TCB concept components.
- What is the best definition of a security model?
A. A security model states policies an organization must follow.
B. A security model provides a framework to implement a security policy.
C. A security model is a technical evaluation of each part of a computer system to assess its concordance with security standards.
D. A security model is the process of formal acceptance of a certified configuration.
Answer: B Option B is the only option that correctly defines a security model. Options A, C, and D define part of a security policy and the certification and accreditation process.
- Which security models are built on a state machine model?
A. Bell-LaPadula and Take-Grant
B. Biba and Clark-Wilson
C. Clark-Wilson and Bell-LaPadula
D. Bell-LaPadula and Biba
Answer: D The Bell-LaPadula and Biba models are built on the state machine model.
- Which security model addresses data confidentiality?
A. Bell-LaPadula
B. Biba
C. Clark-Wilson
D. Brewer and Nash
Answer: A Only the Bell-LaPadula model addresses data confidentiality. The Biba and Clark-Wilson models address data integrity. The Brewer and Nash model prevents conflicts of interest.
- Which Bell-LaPadula property keeps lower-level subjects from accessing objects with a higher security level?
A. * (star) Security Property
B. No write up property
C. No read up property
D. No read down property
Answer: C The no read up property, also called the Simple Security Policy, prohibits subjects from reading a higher security level object.
- What is the implied meaning of the simple property of Biba?
A. Write down
B. Read up
C. No write up
D. No read down
Answer: B The simple property of Biba is no read down, but it implies that it is acceptable to read up.
- When a trusted subject violates the star property of Bell-LaPadula in order to write an object into a lower level, what valid operation could be taking place?
A. Perturbation
B. Polyinstantiation
C. Aggregation
D. Declassification
Answer: D Declassification is the process of moving an object into a lower level of classification once it is determined that it no longer justifies being placed at a higher level. Only a trusted subject can perform declassification because this action is a violation of the verbiage of the star property of Bell-LaPadula, but not the spirit or intent, which is to prevent unauthorized disclosure.
- What security method, mechanism, or model reveals a capabilities list of a subject across multiple objects?
A. Separation of duties
B. Access control matrix
C. Biba
D. Clark-Wilson
Answer: B An access control matrix assembles ACLs from multiple objects into a single table. The rows of that table are the ACEs of a subject across those objects, thus a capabilities list.
- What security model has a feature that in theory has one name or label, but when implemented into a solution, takes on the name or label of the security kernel?
A. Graham-Denning model
B. Deployment modes
C. Trusted computing base
D. Chinese Wall
Answer: C The trusted computing base (TCB) has a component known as the reference monitor in theory, which becomes the security kernel in implementation.
- Which of the following is not part of the access control relationship of the Clark-Wilson model?
A. Object
B. Interface
C. Programming language
D. Subject
Answer: C The three parts of the Clark-Wilson model’s access control relationship (a.k.a. access triple) are subject, object, and program (or interface).
- Many PC operating systems provide functionality that enables them to support the simultaneous execution of multiple applications on single-processor systems. What term is used to describe this capability?
A. Multiprogramming
B. Multithreading
C. Multitasking
D. Multiprocessing
Answer: C Multitasking is processing more than one task at the same time. In most cases, multitasking is simulated by the operating system even when not supported by the processor.
- What technology provides an organization with the best control over BYOD equipment?
A. Application whitelisting
B. Mobile device management
C. Encrypted removable storage
D. Geotagging
Answer: B Mobile device management (MDM) is a software solution to the challenging task of managing the myriad mobile devices that employees use to access company resources. The goals of MDM are to improve security, provide monitoring, enable remote management, and support troubleshooting. Not all mobile devices support removable storage, and even fewer support encrypted removable storage. Geotagging is used to mark photos and social network posts, not for BYOD management. Application whitelisting may be an element of BYOD management, but is only part of a full MDM solution.
- You have three applications running on a single-core single-processor system that supports multitasking. One of those applications is a word processing program that is managing two threads simultaneously. The other two applications are using only one thread of execution. How many application threads are running on the processor at any given time?
A. One
B. Two
C. Three
D. Four
Answer: A A single-processor system can operate on only one thread at a time. There would be a total of four application threads (ignoring any threads created by the operating system), but the operating system would be responsible for deciding which single thread is running on the processor at any given time.
- What type of federal government computing system requires that all individuals accessing the system have a need to know all of the information processed by that system?
A. Dedicated
B. System high
C. Compartmented
D. Multilevel
Answer: A In a dedicated system, all users must have a valid security clearance for the highest level of information processed by the system, they must have access approval for all information processed by the system, and they must have a valid need to know of all information processed by the system.
- What is a security risk of an embedded system that is not commonly found in a standard PC?
A. Software flaws
B. Access to the Internet
C. Control of a mechanism in the physical world
D. Power loss
Answer: C Because an embedded system is in control of a mechanism in the physical world, a security breach could cause harm to people and property. This typically is not true of a standard PC. Power loss, Internet access, and software flaws are security risks of both embedded systems and standard PCs.
- What type of memory chip allows the end user to write information to the memory only one time and then preserves that information indefinitely without the possibility of erasure?
A. ROM
B. PROM
C. EPROM
D. EEPROM
Answer: B Programmable read-only memory (PROM) chips may be written to once by the end user but may never be erased. The contents of ROM chips are burned in at the factory, and the end user is not allowed to write data. EPROM and EEPROM chips both make provisions for the end user to somehow erase the contents of the memory device and rewrite new data to the chip.
- Which type of memory chip can be erased only when it is removed from the computer and exposed to a special type of ultraviolet light?
A. ROM
B. PROM
C. EPROM
D. EEPROM
Answer: C EPROMs may be erased through exposure to high-intensity ultraviolet light. ROM and PROM chips do not provide erasure functionality. EEPROM chips may be erased through the application of electrical currents to the chip pins and do not require removal from the computer prior to erasure.
- Which one of the following types of memory might retain information after being removed from a computer and, therefore, represent a security risk?
A. Static RAM
B. Dynamic RAM
C. Secondary memory
D. Real memory
Answer: C Secondary memory is a term used to describe magnetic, optical, or flash media. These devices will retain their contents after being removed from the computer and may later be read by another user.
- What is the most effective means of reducing the risk of losing the data on a mobile device, such as a notebook computer?
A. Defining a strong logon password
B. Minimizing sensitive data stored on the mobile device
C. Using a cable lock
D. Encrypting the hard drive
Answer: B The risk of a lost or stolen notebook is the data loss, not the loss of the system itself. Thus, keeping minimal sensitive data on the system is the only way to reduce the risk. Hard drive encryption, cable locks, and strong passwords, although good ideas, are preventive tools, not means of reducing risk. They don’t keep intentional and malicious data compromise from occurring; instead, they encourage honest people to stay honest.
- What type of electrical component serves as the primary building block for dynamic RAM chips?
A. Capacitor
B. Resistor
C. Flip-flop
D. Transistor
Answer: A Dynamic RAM chips are built from a large number of capacitors, each of which holds a single electrical charge. These capacitors must be continually refreshed by the CPU in order to retain their contents. The data stored in the chip is lost when power is removed.
- Which one of the following storage devices is most likely to require encryption technology in order to maintain data security in a networked environment?
A. Hard disk
B. Backup tape
C. Removable drives
D. RAM
Answer: C Removable drives are easily taken out of their authorized physical location, and it is often not possible to apply operating system access controls to them. Therefore, encryption is often the only security measure short of physical security that can be afforded to them. Backup tapes are most often well controlled through physical security measures. Hard disks and RAM chips are often secured through operating system access controls.
- In which of the following security modes can you be assured that all users have access permissions for all information processed by the system but will not necessarily need to know of all that information?
A. Dedicated
B. System high
C. Compartmented
D. Multilevel
Answer: B In system high mode, all users have appropriate clearances and access permissions for all information processed by the system but need to know only some of the information processed by that system.
- The most commonly overlooked aspect of mobile phone eavesdropping is related to which of the following?
A. Storage device encryption
B. Screen locks
C. Overhearing conversations
D. Wireless networking
Answer: C The most commonly overlooked aspect of mobile phone eavesdropping is related to people in the vicinity overhearing conversations (at least one side of them). Organizations frequently consider and address issues of wireless networking, storage device encryption, and screen locks.
- What type of memory device is usually used to contain a computer’s motherboard BIOS?
A. PROM
B. EEPROM
C. ROM
D. EPROM
Answer: B BIOS and device firmware are often stored on EEPROM chips to facilitate future firmware updates.
- What type of memory is directly available to the CPU and is often part of the CPU?
A. RAM
B. ROM
C. Register Memory
D. Virtual memory
Answer: C Registers are small memory locations that are located directly on the CPU chip itself. The data stored within them is directly available to the CPU and can be accessed extremely quickly.
- In what type of addressing scheme is the data actually supplied to the CPU as an argument to the instruction?
A. Direct addressing
B. Immediate addressing
C. Base+offset addressing
D. Indirect addressing
Answer: B In immediate addressing, the CPU does not need to actually retrieve any data from memory. The data is contained in the instruction itself and can be immediately processed.
- What type of addressing scheme supplies the CPU with a location that contains the memory address of the actual operand?
A. Direct addressing
B. Immediate addressing
C. Base+offset addressing
D. Indirect addressing
Answer: D In indirect addressing, the location provided to the CPU contains a memory address. The CPU retrieves the operand by reading it from the memory address provided (which is why it’s called indirect).
- What security principle helps prevent users from accessing memory spaces assigned to applications being run by other users?
A. Separation of privilege
B. Layering
C. Process isolation
D. Least privilege
Answer: C Process isolation provides separate memory spaces to each process running on a system. This prevents processes from overwriting each other’s data and ensures that a process can’t read data from another process.
- Which security principle mandates that only a minimum number of operating system processes should run in supervisory mode?
A. Abstraction
B. Layering
C. Data hiding
D. Least Privilege
Answer: D The principle of least privilege states that only processes that absolutely need kernel-level access should run in supervisory mode. The remaining processes should run in user mode to reduce the number of potential security vulnerabilities.
- Which security principle takes the concept of process isolation and implements it using physical controls?
A. Hardware segmentation
B. Data hiding
C. Layering
D. Abstraction
Answer: A Hardware segmentation achieves the same objectives as process isolation but takes them to a higher level by implementing them with physical controls in hardware.
- Which of the following is the most important aspect of security?
A. Physical security
B. Intrusion detection
C. Logical security
D. Awareness training
Answer: A Physical security is the most important aspect of overall security. Without physical security, none of the other aspects of security are sufficient.
- What method can be used to map out the needs of an organization for a new facility?
A. Log file audit
B. Critical path analysis
C. Risk analysis
D. Inventory
Answer: B Critical path analysis can be used to map out the needs of an organization for a new facility. A critical path analysis is the process of identifying relationships between mission-critical applications, processes, and operations and all of the supporting elements.
- What infrastructure component is often located in the same position across multiple floors in order to provide a convenient means of linking floor-based networks together?
A. Server room
B. Wiring closet
C. Datacenter
D. Media cabinets
Answer: B A wiring closet is the infrastructure component is often located in the same position across multiple floors in order to provide a convenient means of linking floor-based networks together.
- Which of the following is not a security-focused design element of a facility or site?
A. Separation of work and visitor areas
B. Restricted access to areas with higher value or importance
C. Confidential assets located in the heart or center of a facility
D. Equal access to all locations within a facility
Answer: D Equal access to all locations within a facility is not a security-focused design element. Each area containing assets or resources of different importance, value, and confidentiality should have a corresponding level of security restriction placed on it.
- Which of the following does not need to be true in order to maintain the most efficient and secure server room?
A. It must be human compatible.
B. It must include the use of nonwater fire suppressants.
C. The humidity must be kept between 40 and 60 percent.
D. The temperature must be kept between 60 and 75 degrees Fahrenheit.
Answer: A A computer room does not need to be human compatible to be efficient and secure. Having a human-incompatible server room provides a greater level of protection against attacks.
- Which of the following is not a typical security measure implemented in relation to a media storage facility containing reusable removable media?
A. Employing a librarian or custodian
B. Using a check-in/check-out process
C. Hashing
D. Using sanitization tools on returned media
Answer: C Hashing is not a typical security measure implemented in relation to a media storage facility containing reusable removable media. Hashing is used when it is necessary to verify the integrity of a dataset, while data on reusable removable media should be removed and not retained. Usually the security features for a media storage facility include using a librarian or custodian, using a check-in/check-out process, and using sanitization tools on returned media.
- Which of the following is a double set of doors that is often protected by a guard and is used to contain a subject until their identity and authentication is verified?
A. Gate
B. Turnstile
C. Mantrap
D. Proximity detector
Answer: C A mantrap is a double set of doors that is often protected by a guard and used to contain a subject until their identity and authentication is verified.
- What is the most common form of perimeter security devices or mechanisms?
A. Security guards
B. Fences
C. CCTV
D. Lighting
Answer: D Lighting is the most common form of perimeter security devices or mechanisms. Your entire site should be clearly lit. This provides for easy identification of personnel and makes it easier to notice intrusions.
- Which of the following is not a disadvantage of using security guards?
A. Security guards are usually unaware of the scope of the operations within a facility.
B. Not all environments and facilities support security guards.
C. Not all security guards are themselves reliable.
D. Prescreening, bonding, and training does not guarantee effective and reliable security guards.
Answer: A Security guards are usually unaware of the scope of the operations within a facility, which supports confidentiality of those operations and thus helps reduce the possibility that a security guard will be involved in the disclosure of confidential information.
