Chapter 1 Flashcards

1
Q

Which of the following provides an incorrect characteristic of a memory leak?A. Common programming errorB. Common when languages that have no built-in automatic garbage collection are usedC. Common in applications written in JavaD. Common in applications written in C++

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following is the best description pertaining to the “Trusted Computing Base”?A. The term originated from the Orange Book and pertains to firmware.B. The term originated from the Orange Book and addresses the security mechanisms that are only implemented by the operating system.C. The term originated from the Orange Book and contains the protection mechanisms within a system.D. The term originated from the Rainbow Series and addressed the level of significance each mechanism of a system portrays in a secure environment.

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the following is the best description of the security kernel and the reference monitor?A. The reference monitor is a piece of software that runs on top of the security kernel. The reference monitor is accessed by every security call of the security kernel. The security kernel is too large to test and verify.B. The reference monitor concept is a small program that is not related to the security kernel. It will enforce access rules upon subjects who attempt to access specific objects. This program is regularly used with modern operating systems.C. The reference monitor concept is used strictly for database access control and is one of the key components in maintaining referential integrity within the system. It is impossible for the user to circumvent the reference monitor.D. The reference monitor and security kernel are core components of modern operating systems. They work together to mediate all access between subjects and objects. They should not be able to be circumvented and must be called upon for every access attempt.

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following models incorporates the idea of separation of duties and requires that all modifications to data and objects be done through programs?A. State machine modelB. Bell-LaPadula modelC. Clark-Wilson modelD. Biba model

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the following best describes the hierarchical levels of privilege within the architecture of a computer system?A. Computer system ring structureB. Microcode abstraction levels of securityC. Operating system user modeD. Operating system kernel mode

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following is an untrue statement?i. Virtual machines can be used to provide secure, isolated sandboxes for running untrusted applications.ii. Virtual machines can be used to create execution environments with resource limits and, given the right schedulers, resource guarantees.iii. Virtualization can be used to simulate networks of independent computers.iv. Virtual machines can be used to run multiple operating systems simultaneously: different versions, or even entirely different systems, which can be on hot standby.A. All of themB. None of themC. i, iiD. ii, iii

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following is the best means of transferring information when parties do not have a shared secret and large quantities of sensitive information must be transmitted?A. Use of public key encryption to secure a secret key, and message encryption using the secret keyB. Use of the recipient’s public key for encryption, and decryption based on the recipient’s private keyC. Use of software encryption assisted by a hardware encryption acceleratorD. Use of elliptic curve encryption

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which algorithm did NIST choose to become the Advanced Encryption Standard (AES) replacing the Data Encryption Standard (DES)?A. DEAB. RijndaelC. TwofishD. IDEA

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

John is the security administrator for company X. He has been asked to oversee the installation of a fire suppression sprinkler system, as recent unusually dry weather has increased the likelihood of fire. Fire could potentially cause a great amount of damage to the organization’s assets. The sprinkler system is designed to reduce the impact of fire on the company. In this scenario, fire is considered which of the following?A. VulnerabilityB. ThreatC. RiskD. Countermeasure

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

John is the security administrator for company X. He has been asked to oversee the installation of a fire suppression sprinkler system, as recent unusually dry weather has increased the likelihood of fire. Fire could potentially cause a great amount of damage to the organization’s assets. The sprinkler system is designed to reduce the impact of fire on the company. In this scenario, the sprinkler system is considered which of the following?A. VulnerabilityB. ThreatC. RiskD. Countermeasure

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

John is the security administrator for company X. He has been asked to oversee the installation of a fire suppression sprinkler system, as recent unusually dry weather has increased the likelihood of fire. Fire could potentially cause a great amount of damage to the organization’s assets. The sprinkler system is designed to reduce the impact of fire on the company. In this scenario, the likelihood and damage potential of a fire is considered which of the following?A. VulnerabilityB. ThreatC. RiskD. Countermeasure

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A small remote facility for a company is valued at $800,000. It is estimated, based on historical data and other predictors, that a fire is likely to occur once every ten years at a facility in this area. It is estimated that such a fire would destroy 60 percent of the facility under the current circumstances and with the current detective and preventative controls in place.What is the single loss expectancy (SLE) for the facility suffering from a fire?A. $80,000B. $480,000C. $320,000D. 60 percent

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A small remote facility for a company is valued at $800,000. It is estimated, based on historical data and other predictors, that a fire is likely to occur once every ten years at a facility in this area. It is estimated that such a fire would destroy 60 percent of the facility under the current circumstances and with the current detective and preventative controls in place.What is the annualized rate of occurrence (ARO)?A. 1B. 10C. .1D. .01

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A small remote facility for a company is valued at $800,000. It is estimated, based on historical data and other predictors, that a fire is likely to occur once every ten years at a facility in this area. It is estimated that such a fire would destroy 60 percent of the facility under the current circumstances and with the current detective and preventative controls in place.What is the annualized loss expectancy (ALE)?A. $480,000B. $32,000C. $48,000D. .6

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which of the following is not a characteristic of Protected Extensible Authentication Protocol?A. Authentication protocol used in wireless networks and point-to-point connectionsB. Designed to provide improved secure authentication for 802.11 WLANsC. Designed to support 802.1x port access control and Transport Layer SecurityD. Designed to support password-protected connections

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which of the following best describes the Temporal Key Integrity Protocol’s (TKIP) role in the 802.11i standard?A. It provides 802.1x and EAP to increase the authentication strength.B. It requires the access point and the wireless device to authenticate to each other.C. It sends the SSID and MAC value in ciphertext.D. It adds more keying material for the RC4 algorithm.

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Vendors have implemented various solutions to overcome the vulnerabilities of the wired equivalent protocol (WEP). Which of the following provides an incorrect mapping between these solutions and their characteristics?A. LEAP requires a PKI.B. PEAP only requires the server to authenticate using a digital certificate.C. EAP-TLS requires both the wireless device and server to authenticate using digital certificates.D. PEAP allows the user to provide a password

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Encapsulating Security Payload (ESP), which is one protocol within the IPSec protocol suite, is primarily designed to provide which of the following?A. ConfidentialityB. CryptographyC. Digital signaturesD. Access control

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Which of the following redundant array of independent disks implementations uses interleave parity?A. Level 1B. Level 2C. Level 4D. Level 5

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Which of the following is not one of the stages of the dynamic host configuration protocol (DHCP) lease process?i. Discoverii. Offeriii. Requestiv. AcknowledgmentA. All of themB. None of themC. iD. ii

A

B

21
Q

Which of the following has been deemed by the Internet Architecture Board as unethical behavior for Internet users?A. Creating computer virusesB. Monitoring data trafficC. Wasting computer resourcesD. Concealing unauthorized accesses

A

C

22
Q

Most computer-related documents are categorized as which of the following types of evidence?A. Hearsay evidenceB. Direct evidenceC. Corroborative evidenceD. Circumstantial evidence

A

A

23
Q

During the examination and analysis process of a forensics investigation, it is critical that the investigator works from an image that contains all of the data from the original disk. The image must have all but which of the following characteristics?A. Byte-level copyB. Captured slack spacesC. Captured deleted filesD. Captured unallocated clusters

A

A

24
Q

__________ is a process of interactively producing more detailed versions of objects by populating variables with different values. It is often used to prevent inference attacks.A. PolyinstantiationB. PolymorphismC. PolyabsorbtionD. Polyobject

A

A

25
Q

Tim is a software developer for a financial institution. He develops middleware software code that carries out his company’s business logic functions. One of the applications he works with is written in the C programming language and seems to be taking up too much memory as it runs over a period of time. Which of the following best describes what Tim needs to look at implementing to rid this software of this type of problem?A. Bounds checkingB. Garbage collectionC. Parameter checkingD. Compiling

A

B

26
Q

__________ is a software testing technique that provides invalid, unexpected, or random data to the inputs of a program.A. Agile testingB. Structured testingC. FuzzingD. EICAR

A

C

27
Q

Which type of malware can change its own code, making it harder to detect with antivirus software?A. Stealth virusB. Polymorphic virusC. Trojan horseD. Logic bomb

A

B

28
Q

What is derived from a passphrase?A. A personal passwordB. A virtual passwordC. A user IDD. A valid password

A

B

29
Q

Which access control model is user-directed?A. NondiscretionaryB. MandatoryC. Identity-basedD. Discretionary

A

D

30
Q

Which item is not part of a Kerberos authentication implementation?A. A message authentication codeB. A ticket-granting ticketC. Authentication serviceD. Users, programs, and services

A

A

31
Q

If a company has a high turnover rate, which access control structure is best?A. Role-basedB. DecentralizedC. Rule-basedD. Discretionary

A

A

32
Q

In discretionary access control, who/what has delegation authority to grant access to data?A. A userB. A security officerC. A security policyD. An owner

A

D

33
Q

Remote access security using a token one-time password generation is an example of which of the following?A. Something you haveB. Something you knowC. Something you areD. Two-factor authentication

A

A

34
Q

What is a crossover error rate (CER)?A. A rating used as a performance metric for a biometric systemB. The number of Type I errorsC. The number of Type II errorsD. The number reached when Type I errors exceed the number of Type II errors

A

A

35
Q

What does a retina scan biometric system do?A. Examines the pattern, color, and shading of the area around the corneaB. Examines the patterns and records the similarities between anindividual’s eyesC. Examines the pattern of blood vessels at the back of the eyeD. Examines the geometry of the eyeball

A

C

36
Q

If you are using a synchronous token device, what does this mean?A. The device synchronizes with the authentication service by using internal time or events.B. The device synchronizes with the user’s workstation to ensure the credentials it sends to the authentication service are correct.C. The device synchronizes with the token to ensure the timestamp is valid and correct.D. The device synchronizes by using a challenge-response method with the authentication service.

A

A

37
Q

What is a clipping level?A. The threshold for an activityB. The size of a control zoneC. Explicit rules of authorizationD. A physical security mechanism

A

A

38
Q

Which intrusion detection system would monitor user and network behavior?A. Statistical/anomaly-basedB. Signature-basedC. StaticD. Host-based

A

A

39
Q

When should a Class C fire extinguisher be used instead of a Class A?A. When electrical equipment is on fireB. When wood and paper are on fireC. When a combustible liquid is on fireD. When the fire is in an open area

A

A

40
Q

How does halon suppress fires?A. It reduces the fire’s fuel intake.B. It reduces the temperature of the area.C. It disrupts the chemical reactions of a fire.D. It reduces the oxygen in the area.

A

C

41
Q

What is the problem with high humidity in a data processing environment?A. CorrosionB. Fault toleranceC. Static electricityD. Contaminants

A

A

42
Q

What is the definition of a power fault?A. Prolonged loss of powerB. Momentary low voltageC. Prolonged high voltageD. Momentary power outage

A

D

43
Q

Who has the primary responsibility of determining the classification level for information?A. The functional managerB. Middle managementC. The ownerD. The user

A

C

44
Q

Which best describes the purpose of the ALE calculation?A. It quantifies the security level of the environment.B. It estimates the loss potential from a threat.C. It quantifies the cost/benefit result.D. It estimates the loss potential from a threat in a one-year time span.

A

D

45
Q

How do you calculate residual risk?A. Threats × risks × asset valueB. (Threats × asset value × vulnerability) × risksC. SLE × frequencyD. (Threats × vulnerability × asset value) × control gap

A

D

46
Q

What is the Delphi method?A. A way of calculating the cost/benefit ratio for safeguardsB. A way of allowing individuals to express their opinions anonymouslyC. A way of allowing groups to discuss and collaborate on the best security approachesD. A way of performing a quantitative risk analysis

A

B

47
Q

What are the necessary components of a smurf attack?A. Web server, attacker, and fragment offsetB. Fragment offset, amplifying network, and victimC. Victim, amplifying network, and attackerD. DNS server, attacker, and web server

A

C

48
Q

What do the reference monitor and security kernel do in an operating system?A. Intercept and mediate a subject attempting to access objectsB. Point virtual memory addresses to real memory addressesC. House and protect the security kernelD. Monitor privileged memory usage by applications

A

A