Exam SET C Flashcards

Question

``` Which standard defines the International Standard for the Common Criteria? A. CSC-STD-002-85 B. IS15408 C. BS7799 D. DoD 5200.28-STD ```

Answer 1

Answer: B Explanation: ISO/IEC 15408-1 is the International Standards version of the Common CriteriA. The ISO approved and published the CC text as the new International Standard (IS) 15408 on December 1, 19994. As of this writing the Common Criteria version is 2.1. Answer b is the Code of Practice for Information Security Management (BS7799) developed by the British Standards Institute. The BS7799 standard effectively comes in two parts: ISO/IEC 17799:2000 (Part 1) is the standard code of practice and can be regarded as a comprehensive catalogue of recommended security policy. BS7799-2:1999 (Part 2) is a standard specification for an Information Security Management System (ISMS). An ISMS is the means by which Senior Management monitors and controls their security, minimizing the residual business risk and ensuring that security continues to fulfill corporate, customer, and legal requirements.5 *Answer DoD 5200.28-STD is the Orange Book, the DoD Trusted Computer System Evaluation Criteria. *Answer CSC-STD-002-85 is the Green Book, the DoD Password Management Guidelines. Source: The Common Criteria Project.

Answer 2

Answer: A Explanation: Reviewing audit data should be a function separate from the day-to-day administration of the system.

Answer 3

Answer: D Explanation: Object reuse mechanisms ensure system resources are allocated and reassigned among authorized users in a way that prevents the leak of sensitive information, and ensure that the authorized user of the system does not obtain residual information from system resources. Object reuse is defined as The reassignment to some subject of a storage medium (e.g., page frame, disk sector, magnetic tape) that contained one or more objects. To be securely reassigned, no residual data can be available to the new subject through standard system mechanisms.7 The object reuse requirement of the TCSEC is intended to assure that system resources, in particular storage media, are allocated and reassigned among system users in a manner which prevents the disclosure of sensitive information. Answer a is incorrect. Object reuse does not necessarily protect against physical attacks on the storage medium. Answer c is also incorrect, as object reuse applies to all primary and secondary storage media, such as removable media, fixed media, real and virtual main memory (including registers), and cache memory. Answer d refers to authorization, the granting of access rights to a user, program, or process. Source: NCSC-TG-018, A Guide To Understanding Object Reuse in Trusted Systems [Light Blue Book].

Answer 4

Answer: A Explanation: The other answers are distracters.

Answer 5

Answer: A,B,C Explanation: The disaster/emergency management and business continuity community consists of many different types of entities, such as governmental (federal, state, and local), nongovernmental (business and industry), and individuals. Each entity has its own focus and its own definition of a disaster. The correct answers are examples of these various definitions of disasters. A very common definition of a disaster is a suddenly occurring or unstoppable developing event that: Claims loss of life, suffering, loss of valuables, or damage to the environment. Overwhelms local resources or efforts. Has a long-term impact on social or natural life that is always negative in the beginning. Source: NFPA 1600 Standard on Disaster/Emergency Management and Business Continuity, National Fire Protection Association, 2000 edition.

Answer 6

Answer: C Explanation: The correct answer is Separation of duties. The Federal Sentencing Guidelines state, The officers must exercise due care or reasonable care to carry out their responsibilities to the organization. The other answers are information security principles but are distracters in this instance.

Answer 7

Answer: B Explanation: A financial collapse is considered a technological potential hazard, the other three are human events. Of the three categories of potential hazards (natural, technological, and human), technological events could include: Hazard material release (HazMat) Explosion or fire (non-arson) Fuel shortage Structure collapse Utility failure Severe air pollution Source: NFPA 1600 Standard on Disaster/Emergency Management and Business Continuity, National Fire Protection Association, 2000 edition.

Answer 8

Answer: C Explanation: The correct answer is An agent. * Proxy is similar in nature but might hide the characteristics of the principal it is representing. Answers A slave and A virtual processor are distracters.

Answer 9

Answer: B Explanation: The correct answer is: when all of the elements of the business have returned to normal functioning at the original site. Its important to remember that a threat to continuity exists when processing is being returned to its original site after salvage and cleanup has been done.

Answer 10

Answer: D Explanation: The site might not have the capacity to handle the operations required during a major disruptive event. While mutual aid might be a good system for sharing resources during a small or isolated outage, a major natural or other type of disaster can create serious resource contention between the two organizations.

Answer 11

Answer: A,B,C Explanation: In many instances, evidence is difficult to obtain in computer crime investigations.

Answer 12

Answer: A Explanation: Incorrect answer: * "A weakness in a system that could be exploited" describes a vulnerability * "A company resource that could be lost due to an incident" describes an asset * "The minimization of loss associated with an incident" describes risk management.

Answer 13

Answer: C Explanation: The knowledge engineer usually has a computer-related and expert system background, but does not have the knowledge of the specific discipline or domain being addressed by the expert system. For example, the expert system being developed may be a medical diagnostic system requiring input from diagnostic specialists and other types of physicians. These individuals are the domain experts. It is the job of the knowledge engineer to elicit the critical knowledge from the domain expert and incorporate it into the expert system knowledge base. The term object designer in the answers is a distracter.

Answer 14

Answer: B Explanation: For proper separation of duties, the function of user account establishment and maintenance should be separated from the function of initiating and authorizing the creation of the account. User account management focuses on identification, authentication, and access authorizations. This is augmented by the process of auditing and otherwise periodically verifying the legitimacy of current accounts and access authorizations. Also, there are considerations involved in the timely modification or removal of access and associated issues for employees who are reassigned, promoted, or terminated, or who retire. Source: National Institute of Standards and Technology, An Introduction to Computer Security: The NIST Handbook Special Publication 800-12.

Answer 15

Answer: B Explanation: Configuration management is a discipline applying technical and administrative direction to: Identify and document the functional and physical characteristics of each configuration item for the system Manage all changes to these characteristics Record and report the status of change processing and implementation Configuration management involves process monitoring, version control, information capture, quality control, bookkeeping, and an organizational framework to support these activities. The configuration being managed is the verification system plus all tools and documentation related to the configuration process. Source: NCSC-TG-014-89, Guidelines for Formal Verification Systems [Purple Book].

Answer 16

Answer: A Explanation: A DBMS is called for when the required skilled programming resources are not available, information to be stored and accessed is common to many organizational business units, the processing requirements change frequently and timely responses are required for queries on the data.

Answer 17

Answer: D Explanation: Delegation is the forwarding of a request by one object to another object. Answer Polyresponse is a distracter. Polyinstantiationis the development of a detailed version of an object from another object. The new object uses values that are different from those in the original object.

Answer 18

Answer: D Explanation: Each step can be completed and finalized without any effect from the later stages that might require rework. *Answer "Iteration will be required among the steps in the process" is incorrect because no iteration is allowed for in the model. *Answer "Each phase is identical to a completed milestone" is incorrect because it applies to the modified Waterfall model. *Answer "Software development requires reworking and repeating some of the phase" is incorrect because no iteration or reworking is considered in the model.

Answer 19

Answer: B Explanation: Maintenance accounts are login accounts to systems resources, primarily networked devices. They often have the factory-set passwords that are frequently distributed through the hacker community.

Answer 20

``` Answer: C Explanation: The security term that is concerned with the same primary key existing at different classification levels in the same database is polyinstantiation. Answer Polymorphism is incorrect because polymorphism is defined as objects of many different classes that are related by some common superclass; thus, any object denoted by this name is able to respond to some common set of operations in a different way. Answer Normalization is incorrect because normalization refers to removing redundant or incorrect data from a database. Answer Inheritance is incorrect because inheritance refers to methods from a class inherited by another subclass. ```

Answer 21

Answer: B Explanation: The Trusted Computer System Evaluation Criteria [Orange Book] defines major hierarchical classes of security by the letters D (least secure) through A (most secure): D. Minimal protection C. Discretionary protection (C1&C2) B. Mandatory protection (B1, B2, B3) A. Verified protection; formal methods (A1) Source: DoD 5200.28-STD Department of Defense Trusted Computer System Evaluation Criteria.

Answer 22

Answer: A Explanation: The correct answer is a a spiral that incorporates various phases of software development. The other answers are distracters.

Answer 23

Answer: A Explanation: The Forest Green book is a Rainbow series book that defines the secure handling of sensitive or classified automated information system memory and secondary storage media, such as degaussers, magnetic tapes, hard disks, floppy disks, and cards. The Forest Green book details procedures for clearing, purging, declassifying, or destroying automated information system (AIS) storage media to prevent data remanence. Data remanence is the residual physical representation of data that has been erased in some way. After storage media is erased there may be some physical characteristics that allow data to be reconstructed. * Answer "It is a tool that assists vendors in data gathering for certifiers." is the Blue Book, NCSCTG-019 Trusted Product Evaluation Questionnaire Version-2. The Blue book is a tool to assist system developers and vendors in gathering data to assist evaluators and certifiers assessing trusted computer systems. * Answer "It is a Rainbow series book that defines guidelines for implementing access control lists." is the Grey/Silver Book, NCSC-TG-020A, the Trusted UNIX Working Group (TRUSIX) Rationale for Selecting Access Control. The Grey/Silver book defines guidelines for implementing access control lists (ACLs) in the UNIX system. Source: NCSC-TG- 025 A Guide to Understanding Data Remanence in Automated Information Systems, NCSC-TG-020A Trusted UNIX Working Group (TRUSIX) Rationale for Selecting Access Control, and NCSC-TG-019 Trusted Product Evaluation Questionnaire Version-2.

Answer 24

Answer: B Explanation: Emergency management plans, business continuity plans, and disaster recovery plans should be regularly reviewed, evaluated, modified, and updated. At a minimum, the plan should be reviewed at an annual audit. It should also be re-evaluated: After tests or training exercises, to adjust any discrepancies between the test results and the plan After a disaster response or an emergency recovery, as this is an excellent time to amend the parts of the plan that were not effective When personnel, their responsibilities, their resources, or organizational structures change, to familiarize new or reorganized personnel with procedures When polices, procedures, or infrastructures change Source: Emergency Management Guide for Business and Industry Federal Emergency Management Agency, August, 1998 and NFPA 1600 Standard on Disaster/Emergency Management and Business Continuity National Fire Protection Association, 2000 edition.

Answer 25

Answer: A,B,D Explanation: No guarantee of e-mail privacy should be provided or implied by the employer.

Answer 26

Answer: D Explanation: Configuration control is controlling changes to the configuration items and issuing versions of configuration items from the software library. Answer "Identifying and documenting the functional and physical characteristics of each configuration item" is the definition of configuration identification. Answer "Recording the processing of changes" is the definition of configuration status accounting, and answer "Controlling the quality of the configuration management procedures" is the definition of configuration audit.

Answer 27

Answer: C Explanation: Salvage cannot begin until all physical danger has been removed or mitigated and emergency personnel have returned control of the site to the organization.

Answer 28

Answer: A Explanation:

Answer 29

Answer: B Explanation: Isolation of the incident scene should begin as soon as the emergency has been discovered. Authorized personnel should attempt to secure the scene and control access; however, no one should be placed in physical danger to perform these functions. Its important for life safety that access be controlled immediately at the scene, and only by trained personnel directly involved in the disaster response. Additional injury or exposure to recovery personnel after the initial incident must be tightly controlled. Source: Emergency Management Guide for Business and Industry, Federal Emergency Management Agency, August, 1998.

Answer 30

Answer: A Explanation: The correct answer is "Implementing employee casual Friday". The concepts of due care and due diligence require that an organization engage in good security practices relative to industry standards.

Answer 31

Answer: C Explanation: As in the object-oriented paradigm, COM works with encapsulated objects. Communications with a COM object are through an interface contract between an object and its clients that defines the functions that are available in the object and the behavior of the object when the functions are calleD. *Answer a sandbox, is an access control-based protection mechanism. It is commonly applied to restrict the access rights of mobile code that is downloaded from a Web site as an applet. The code is set up to run in a sandbox that blocks its access to the local workstations hard disk, thus preventing the code from malicious activity. The sandbox is usually interpreted by a virtual machine such as the Java Virtual MachinE. *Answer BOM is a distracter. * Spiral Model refers to the software development life cycle.

Answer 32

Answer: A Explanation: The correct answer is "Testing allows processing to continue at the database shadowing facility.". It is a distracter. The other three answers are good reasons to test the disaster recovery plan.

Answer 33

Answer: C Explanation: The correct answer is Hearsay. Answer Conclusive refers to incontrovertible evidence; answer Circumstantial refers to inference from other, intermediate facts; and answer Secondary refers to a copy of evidence or oral description of its content.

Answer 34

Answer: A,B,C Explanation: Malfeasance by computer is an act involving a computer that is technically and ethically improper, but may or may not be illegal. Some of these activities may not be considered illegal by the user and may be unintentional. Examples of such behavior are: Using a password that you have been given by someone else to have access to their computer and using that password to view files that were not intended for your perusal Giving a copy of a software package that you purchased to a member of your family for personal use (In most instances, this is illegal based on software licenses.) Using the computer at your place of employment to store some information related to an outside business activity Answers a, b, and d are valid categories of computer crime. The fourth category is a crime where the computer is incidental to other crimes. Examples in these four categories are: The computer is a target of the crime. Sabotage or theft of intellectual property, disruption of business operations, illegal access to government and personal information, and falsifying or changing records. Crimes using the computer. Theft of money from financial accounts, credit card fraud, fraud involving stock transfers, billing charges illegally to another party, and telecommunications fraud. Crimes associated with the prevalence of computers. Violation of copyright restrictions on commercial software packages, software piracy and software counterfeiting. The computer is incidental to other crimes. (In this category, the crime could be committed without the computer, but the computer permits the crime to be committed more efficiently and in higher volume.) Money laundering, keeping records and books of illegal activity and illegal gambling.

Answer 35

Answer: B Explanation: A business impact analysis (BIA) measures the effect of resource loss and escalating losses over time in order to provide the entity with reliable data upon which to base decisions on hazard mitigation and continuity planning. A BIA is performed as one step during the creation of a Business Continuity Plan (BCP). A common five-step approach to a BCP could consist of: BCP project scope creation Business impact assessment Recovery strategy development Recovery plan development Implementation, testing, and maintenance. Answer a is a definition of a disaster/emergency management program. Answer c describes a mutual aid agreement. Answer d is the definition of a recovery program. Source: NFPA 1600 Standard on Disaster/Emergency Management and Business Continuity, National Fire Protection Association, 2000 edition and Handbook of Information Security Management, by Micki Krause and Harold F. Tipton, Auerback, 1999 edition.

Answer 36

Answer: A Explanation: Trusted Facility Management has two different requirements, one for B2 systems and another for B3 systems. The B2 requirements state: the TCB shall support separate operator and administrator functions. The B3 requirements are as follows: The functions performed in the role of a security administrator shall be identifieD. System administrative personnel shall only be able to perform security administrator functions after taking a distinct auditable action to assume the security administrator role on the system. Non-security functions that can be performed in the security administration role shall be limited strictly to those essential to performing the security role effectively.6 Source: NCSC-TG-O15, Guide To Understanding Trusted Facility Management [Brown Book].

Answer 37

Answer: A Explanation: The correct answer is Fundamental, a distracter. The first level of the Software CMM is the Initiating level. At this level, processes are performed on an ad hoc basis. Answer the Repeatable level is the second maturity level in the model. In the third level, Defined, management practices are institutionalized and technical procedures are integrated into the organizational structure. The Managed level has both product and processes quantitatively controlled. The fifth level of the Software CMM is the Optimized level, where continuous process improvement is institutionalized.

Answer 38

Answer: C Explanation: The organization has an inherent responsibility to its employees and their families during and after a disaster or other disruptive event. The company must be insured to the extent it can properly compensate its employees and families. Alternatively, employees do not have the right to obtain compensatory damages fraudulently if the organization cannot compensate.

Answer 39

Answer: A Explanation: * Answer "All members of the United Nations have agreed to uniformly define and prosecute computer crime" is incorrect because all nations do not agree on the definition of computer crime and corresponding punishments. * Answer "Existing laws against embezzlement, fraud, and wiretapping cannot be applied to computer crime" is incorrect because the existing laws can be applied against computer crime. * Answer "Unauthorized acquisition of computer-based information without the intent to resell is not a crime" is incorrect because in some countries, possession without intent to sell is considered a crime.

Answer 40

Answer: C Explanation: An expert system shell provides the fundamental building blocks of an expert system and supports the entering of domain knowledge. Thus, for an application that is not complex and does not require the custom development of the components of an expert system, an expert system shell is a useful tool that will save development time. *A knowledge base is a component of an expert system. *. A neural network is another type of artificial intelligence system that uses the neurons of the brain as a model and solves problems using nonlinear pattern-matching techniques and learning approaches. *A knowledge acquisition system refers to the means of identifying and acquiring the knowledge to be entered into the knowledge base. In simple terms, it is trying to determine how an expert thinks when developing a solution to a problem.

Answer 41

Answer: C Explanation:

Answer 42

Answer: D Explanation: Amutual aid agreement is used by two or more parties to provide for assistance if one of the parties experiences an emergency. It is expected that the other parties will assist the affected party in various ways, perhaps by making office space available, or computing time or resources, or supplying manpower if needed. While mutual aid agreements may be a very cost-effective solution for disaster recovery, it does not provide for full operations redundancy. An example of a problem with a total reliance on mutual aid would be the event that affects all parties to the agreement, thereby rendering the agreement useless. While they are an effective means to provide some resources to the organization in an emergency, they in themselves are not a replacement for a full disaster recovery plan, including alternate computer processing sites. *Answer "A management-level analysis that identifies the impact of losing an entitys resources" describes a business continuity plan. *Answer "An appraisal or determination of the effects of a disaster on human, physical, economic, and natural resources" describes a damage assessment *answer "Activities taken to eliminate or reduce the degree of risk to life and property" describes risk mitigation. Source: NFPA 1600 Standard on Disaster/Emergency Management and Business Continuity, National Fire Protection Association, 2000 edition, and Emergency Management Guide for Business and Industry, Federal Emergency Management Agency, August 1998.

Answer 43

Answer: C Explanation: A computer facility with electrical power and HVAC, with workstations and servers available to be brought on-site when the event begins and no applications installed, is a cold site. * Answer "A computer facility with electrical power and HVAC, all needed applications installed and configured on the file/print servers, and enough workstations present to begin processing" is a hot site *answer "A computer facility available with electrical power and HVAC and some file/print servers, although the applications are not installed or configured and all of the needed workstations may not be on site or ready to begin processing" is a warm site. *Answer "A computer facility with no electrical power or HVAC" is just an empty room.

Answer 44

Answer: A Explanation: The correct answer is Wasting resources. The other answers are ethical considerations of other organizations.

Answer 45

Answer: A,B,C Explanation: Contingency planners have many roles and responsibilities when planning business continuity, disaster recovery, emergency management, or business resumption processes. In addition to correct answers some of these roles and responsibilities can include: Ensuring executive management compliance with the contingency plan program Providing periodic management reports and status Coordinating and integrating the activation of emergency response organizations Answer "Providing stress reduction programs to employees after an event", providing stress reduction programs to employees after an event, is a responsibility of the human resources area. Source: Contingency Planning and Management, Contingency Planning 101, by Kelley Goggins, March 1999

Answer 46

Answer: D Explanation:

Answer 47

Answer: A Explanation: The Common Criteria (CC) is used in two ways: As a standardized way to describe security requirements for IT products and systems As a sound technical basis for evaluating the security features of these products and systems The CC defines three useful constructs for building IT security requirements: the Protection Profile (PP), the Security Target (ST), and the PackagE. The PP is an implementation-independent statement of security needs for a set of IT security products. The PP contains a set of security requirements and is intended to be a reusable definition of product security requirements that are known to be useful and effectivE. APP gives consumers a means of referring to a specific set of security needs and communicating them to manufacturers and helps future product evaluation against those needs. Answer a defines the Security Target (ST). The ST is a statement of security claims for a particular IT security product or system. The ST parallels the structure of the PP, though it has additional elements that include product-specific detailed information. An ST is the basis for agreement among all parties as to what security the product or system offers, and therefore the basis for its security evaluation. *Answer "An intermediate combination of security requirement components" describes the PackagE. The Package is an intermediate combination of security requirements components. The package permits the expression of a set of either functional or assurance requirements that meet some particular need, expressed as a set of security objectives. *Answer "The IT product or system to be evaluated" describes the Target of Evaluation (TOE). The TOE is an IT product or system to be evaluated, the security characteristics of which are described in specific terms by a corresponding ST, or in more general terms by a PP. This evaluation consists of rigorous analysis and testing performed by an accredited, independent laboratory. The scope of a TOE evaluation is set by the Evaluation Assurance Level (EAL) and other requirements specified in the ST. Part of this process is an evaluation of the ST itself, to ensure that it is correct, complete, and internally consistent and can be used as the baseline for the TOE evaluation. Source: Common Criteria Project.

Answer 48

Answer: B Explanation: The correct answer is "To ensure that system changes are implemented in an orderly manner". Answer "To guarantee that an operator is only given the privileges needed for the task" describes least privilege. Answer "To guarantee that transaction records are retained IAW compliance requirements" describes record retention. Answer "To assign parts of security-sensitive tasks to more than one individual" describes separation on duties.

Answer 49

Answer: B Explanation: The business resumption, or business continuity plan, must have total, highly visible senior management support. Senior management must agree on the scope of the project, delegate resources for the success of the project, and support the timeline and training efforts. Source: Contingency Planning and Management, Contingency Planning 101, by Kelley Goggins, March 1999.

Answer 50

Answer: D Explanation: (Electronic Privacy Information Center, Approvals for Federal Pen Registers and Trap and Trace Devices 1987-1998, www.epic. org). Gathering information as to which numbers are dialed from a specific telephone line is less costly and ime-consuming than installing a wiretap and recording the information. * There is also equipment that can record the information listed in answers "Device that identifies the cell in which a mobile phone is operating" and "Device that records the URLs accessed by an individual". * The device referred to in answer "Device that records the caller-ID of incoming calls" is called a trap-and-trace device. All of the answers in this question are a subset of the category of traffic analysis wherein patterns and frequency associated with communications are studied instead of the content of the communications.

Answer 51

``` Answer: C Explanation: Objects of many different classes that are related by some common superclass that are able to respond to some common set of operations in a different way. The other answers are incorrect by the definition of polymorphism. ```

Answer 52

Answer: C Explanation: *Answer Malicious mischief is not a law *answer Immigration is not applicable because it applies to obtaining visas and so on *answer Conspiracy and elimination of competition is not correct because the crimes in answer "Embezzlement, fraud, and wiretapping" are more commonly used to prosecute computer crimes.

Answer 53

Answer: B Explanation: It is necessary to regularly review user accounts on a system. Such reviews may examine the levels of access each individual has, conformity with the concept of least privilege, whether all accounts are still active, whether management authorizations are up-to-date, or whether required training has been completed, for example. These reviews can be conducted on at least two levels: on an application-by-application basis or on a systemwide basis. Both kinds of reviews can be conducted by, among others, in-house systems personnel (a selfaudit), the organizations internal audit staff, or external auditors. Source: National Institute of Standards and Technology, An Introduction to Computer Security: The NIST Handbook Special Publication 800-12.

Answer 54

Answer: C Explanation: *Answer "Prohibit altering, damaging, or destroying information in a federal interest computer" is part of the US Computer Fraud and Abuse Act. * Answer "Prohibit eavesdropping or the interception of message contents" is part of the US Electronic Communications Privacy Act. Answer "Established a category of sensitive information called Sensitive But Unclassified (SBU)" is part of the US Computer Security Act.

Answer 55

Answer: A Explanation: In the software life cycle, verification evaluates the product in development against the specification. Answer "Evaluates the product in development against real-world requirements" defines validation.

Answer 56

Answer: C Explanation: The correct answer is "Computer behavior that might be grounds for a job action or dismissal". While all of the activities described are considered in the broad category of inappropriate activities, this description is used to define a narrower category of inappropriate activities. Answer "Loss incurred unintentionally though the lack of operator training." is defined as accidental loss. Answer "Theft of information or trade secrets for profit or unauthorized disclosure." is considered intentionally illegal computer activity. Answer "Data scavenging through the resources available to normal system users."is a keyboard attack, a type of data scavenging attack using common tools or utilities

Answer 57

Answer: D Explanation: The correct answer is removing redundant data.

Answer 58

Answer: C Explanation: The correct answer is "Configuration review", a distracter. *Answer configuration control involves controlling changes to configuration items and issuingversions of configuration items from the software library. *Configuration status accountingis the processing of changes. * Configuration audit is the process of controlling the quality of configuration management procedures.

Answer 59

Answer: D Explanation: The correct answer is OLE. Answer DCOM defines the standard for sharing objects in a networked environment. Answer ORL is a distracter. An ORB is a locator and distributor of objects across networks.

Answer 60

Answer: B Explanation: A neural network is a hardware or software system that emulates the functioning of biological neurons. Answer "A hardware or software system that emulates the reasoning of a human expert" refers to an expert system. The other answers are distracters.

Answer 61

Answer: D Explanation: A plan is not considered functioning and viable until a test has been performed. An untested plan sitting on a shelf is useless and might even have the reverse effect of creating a false sense of security. While the other answers are good reasons to test, they are not the primary reason.

Answer 62

Answer: C Explanation: The other answers plus Common Facilities comprise the ORA. The ORA is a product of the Object Management Group (OMG), which is a nonprofit consortium in Framingham, Massachusetts that was put together in 1989 to promote the use of object technology in distributed computing systems (www.omg.org). *The ORB is the fundamental building block of ORA and manages the communications between the ORAentities. The purpose of the ORB is to support the interaction of objects in heterogeneous, distributed environments. The objects may be on different types of computing platforms. *Object Services, supports the ORB in creating and tracking objects as well as performing access control functions. *Application Objects and Common Facilities support the end user and use the system services to perform their functions.

Answer 63

Answer: B Explanation: The word behavioral is a distracter. The five software process maturity levels are: Initial the software process is ad hoc and most processes are undefined. Repeatable fundamental project management processes are in place. Defined the software process for both management and engineering functions is documented, standardized, and integrated into the organization. Managed the software process and product quality are measured, understood, and controlled. Optimizing continuous process improvement is being performed.

Answer 64

Answer: C Explanation: The correct answer is C

Answer 65

Answer: D Explanation: The correct answer is Checklist. A checklist is a type of disaster recovery plan test. Electronic vaulting is the batch transfer of backup data to an off-site location. Remote journaling is the parallel processing of transactions to an alternate site. A warm site is a backup processing alternative.

Answer 66

Answer: A Explanation: In configuration management, a software library is a controlled area accessible only to approved users who are restricted to the use of approved procedure. Answer "A set of versions of the component configuration items" is incorrect because it defines a build list. Answer "A repository of backup tapes" is incorrect because it defines a backup storage facility. Answer "A collection of software build lists" is a distracter.

Answer 67

Answer: B Explanation: The focus of the CAD is on access to services as opposed to access to works. As of this writing, the EU is discussing a directive focusing on copyrights, but it has not been finalizeD. It is anticipated that this directive will be similar to the US DMCA(Question 7). The other answers are copyright issues that will be addressed by the EU Copyright Directive or by other related directives.

Answer 68

Answer: D Explanation: The tactical assessment of information security is a role of information management or technology management, not senior management. In addition to the elements of answers a, b, and c above, senior management has many very important roles in the process of disaster recovery, including: Remaining visible to employees and stakeholders Directing, managing, and monitoring the recovery Rationally amending business plans and projections Clearly communicating new roles and responsibilities Senior management must resist the temptation to participate handson in the recovery effort, as these efforts should be delegated. Information or technology management has more tactical roles to play, such as: Identifying and prioritizing mission-critical applications Continuously reassessing the recovery sites stability Recovering and constructing all critical data Source: Business Recovery Checklist, KPMG LLP 2001.

Answer 69

Answer: D Explanation: Cyclic redundancy checks, structured walkthroughs, and hash totals are examples of detective accuracy controls. The other answers do not apply by the definition of the types of controls.

Answer 70

Answer: B Explanation: While "Making errors when manually inputting transactions" is most certainly an example of a threat to a systems integrity, it is considered unintentional loss, not an intentional activity.

Answer 71

Answer: A,C,D Explanation: Monitoring employee morale and guarding against employee burnout during a disaster recovery event is the proper role of human resources. Other emergency recovery tasks associated with human resources could include: Providing appropriate retraining Monitoring productivity of personnel Providing employees and family with counseling and support In addition to the correct answers above, during an emergency, the financial area is responsible for: Re-establishing accounting processes, such as payroll, benefits, and accounts payable Re-establishing transaction controls and approval limits Source: Business Recovery Checklist, KPMG LLP 2001, and Contingency Planning and Management, Contingency Planning 101, by Kelley Goggins, March 1999.

Answer 72

Answer: D Explanation: The purpose of the test is to find weaknesses in the plan. Every plan has weaknesses. After the test, all parties should be advised of the results and the plan updated to reflect the new information.

Answer 73

Answer: A Explanation: Why the transaction was processed is not initially a concern of the audit log, but we will investigate it later. The other three elements are all important information that the audit log of the transaction should record.

Answer 74

Answer: A Explanation: The other answers are distracters. The WIPO digital copyright legislation that resulted in the US was the 1998 Digital Millennium Copyright Act (DMCA). In addition to addressing answer d, the DMCAprohibits trading, manufacturing, or selling in any way that is intended to bypass copyright protection mechanisms. It also addresses Internet Service Providers (ISPs) that unknowingly support the posting of copyrighted material by subscribers. If the ISP is notified that the material is copyrighted, the ISP must remove the material. Additionally, if the posting party proves that the removed material was of lawful use, the ISP must restore the material and notify the copyright owner within 14 business days. Two important rulings regarding the DMCA were made in 2001. The rulings involved DeCSS, which is a program that bypasses the Content Scrambling System (CSS) software used to prevent viewing of DVD movie disks on unlicensed platforms. In a trade secrecy case [DVD-CCA v. Banner], the California Appellate Court overturned a lower court ruling that an individual who posted DeCSS on the Internet had revealed the trade secret of CSS. The appeals court has reversed an injunction on the posting of DeCSS, stating that the code is speech-protected by the First Amendment. The second case [Universal City v. Reimerdes] was the first constitutional challenge to DMCA anti-circumvention rules. The case involved Eric Corley, the publisher of the hacker magazine 2600 MagazinE. Corley was covering the DeCSS situation and, as part of that coverage, posted DeCSS on his publications Web site. The trial and appellate courts both ruled that the posting violated the DMCA and was, therefore, illegal. This ruling upheld the DMCA. It appears that there will be more challenges to DMCA in the future.

Answer 75

Answer: D Explanation: When an emergency occurs that could potentially have an impact outside the facility, the public must be informed, regardless of whether there is any immediate threat to public safety. The disaster recovery plan should include determinations of the audiences that may be affected by an emergency, and procedures to communicate with them. Information the public will want to know could include public safety or health concerns, the nature of the incident, the remediation effort, and future prevention steps. Common audiences for information could include: The media Unions and contractors Shareholders Neighbors Employees families and retirees Since the media is such an important link to the public, disaster plans and tests must contain procedures for addressing the media and communicating important information. A trained spokesperson should be designated, and established communications procedures should be prepared. Accurate and approved information should be released in a timely manner, without speculation, blame, or obfuscation. Source: Emergency Management Guide for Business and Industry, Federal Emergency Management Agency, August, 1998

Answer 76

Explanation: The correct answers are all excellent reasons for testing a disaster recovery plan. Until a disaster recovery plan has been tested thoroughly, no plan can be considered complete. Since the functionality of the plan directly determines the ability of an organization to survive a business interrupting event, testing is the only way to have some degree of confidence that the plan will work. *Answer "Testing provides the contingency planner with recent documentation" is a distracter. Source: The International Handbook of Computer Security, by Jae K. Shim, Anique A. Qureshi, and Joel G. Siegel (The Glenlake Publishing Co. Ltd, 2000).

Answer 77

Answer: D Explanation: The correct answer is The evidence life cycle. The evidence life cycle covers the evidence gathering and application process. * Answer "Admissibility of evidence" refers to certain requirements that evidence must meet to be admissible in court. * Answer "The chain of evidence" the chain of evidence, is comprised of steps that must be followed to protect the evidence. * Relevance of evidence is one of the requirements of evidence admissibility.

Answer 78

Answer: A Explanation: Carnivore is a device used by the US FBI to monitor ISP traffiC. (S.P. Smith, et. al., Independent Technical Review of the Carnivore System Draft report, US Department of Justice Contract # 00-C-328 IITRI, CR-022- 216, Nov 17, 2000). Answer b, Echelon, refers to a cooperative, worldwide signal intelligence system that is run by the NSA of the United States, the Government Communications Head Quarters (GCHQ) of England, the Communications Security Establishment (CSE) of Canada, the Australian Defense Security Directorate (DSD), and the General Communications Security Bureau (GCSB) of New Zealand. These organizations are bound together under a secret 1948 agreement, UKUSA, [European Parliament, Development of Surveillance Technology and the Risk of Abuse of Economic Information, Luxembourg (April 1999), PE 166.184/Part 3 /4]. Answer c is a distracter and is discussed in the questions and answers of Chapter 4, Cryptography. Answer d is a distracter.

Answer 79

Answer: D Explanation: An example of mobile code is Java and ActiveX code downloaded into a Web browser from the World Wide WeB. The other answers are incorrect because they are types of code that are not related to mobile code.

Answer 80

Answer: C Explanation: Separation of duties refers to dividing roles and responsibilities so that a single individual cannot subvert a critical process. In financial systems, no single individual should normally be given the authority to issue checks. Checks and balances need to be designed into both the process as well as the specific, individual positions of personnel who will implement the process. *Answer "An activity that checks on the system, its users, or the environment" describes system monitoring. *Answer "Getting users to divulge their passwords" is social engineering, a method of subverting system controls by getting users or administrators to divulge information about systems, including their passwords. *Answer "A data entry clerk may not have access to run database analysis reports" describes least privilege. Least privilege refers to the security objective of granting users only those accesses they need to perform their official duties. Least privilege does not mean that all users will have extremely little functional access; some employees will have significant access if it is required for their position. It is important to make certain that the implementation of least privilege does not interfere with the ability to have personnel substitute for each other without undue delay. Without careful planning, access control can interfere with contingency plans. Source: National Institute of Standards and Technology, An Introduction to Computer Security: The NIST Handbook Special Publication 800-12.

Answer 81

Answer: A Explanation: In some ways, this terminology harkens back to the days of large mainframe computers, but the term AIS is used in the legal community to refer to a computer system. Answer a, CPU, refers to the portion of a computer that performs arithmetic and logical operations on datA. To support these operations, the CPU incorporates a hardware arithmetic logic unit or ALU (answer c). The CPU is synonymous with the word processor. If the CPU is integrated onto a silicon chip, it is called a microprocessor (answer b). If the CPU is connected with memory and Input/Output (I/O) through a set of wires called a bus, the resulting combination is called a computer. This concept is shown in Figure.

Answer 82

Answer: C Explanation: Answer Note is a distracter. A method is the code that defines the actions an object performs in response to a messagE. Behavior is the result exhibited by an object upon receipt of a message.

Answer 83

Answer: C Explanation: Degaussing is recommended as the best method for purging most magnetic mediA. Degaussing is a process whereby the magnetic ISC CISSP Exam "Pass Any Exam. Any Time." - www.actualtests.com 1029 media is erased, i.e., returned to its initial virgin statE. Erasure via degaussing may be accomplished in two ways: In AC erasure, the media is degaussed by applying an alternating field that is reduced in amplitude over time from an initial high value (i.e., AC-powered) In DC erasure, the media is saturated by applying a unidirectional field (i.e., DC-powered or by employing a permanent magnet) Another point about degaussing: Degaussed magnetic hard drives will generally require restoration of factory-installed timing tracks, so data purging is recommendeD. Also, physical destruction of CDROM or WORM media is required. *Answer " Overwriting the media with new application data" is not recommended because the application may not completely overwrite the old data properly, and strict configuration controls must be in place on both the operating system and the software itselF. Also, bad sectors on the media may not permit the software to overwrite old data properly. To satisfy the DoD clearing requirement, it is sufficient to write any character to all data locations in question (purging). To purge the media, the DoD requires overwriting with a pattern, then its complement, and finally with another pattern; e.g., overwrite first with 0011 0101, followed by 1100 1010, then 1001 0111. The number of times an overwrite must be accomplished depends on the storage media, sometimes on its sensitivity, and sometimes on differing DoD component requirements, but seven times is often recommended. *Answer "Applying a concentration of hydriodic acid (55% to 58% solution) to the gamma ferric oxide disk surface" is a rarely used method of media destruction, and acid solutions should be used in a well-ventilated area only by qualified personnel. *Answer "Making sure the disk is re-circulated as quickly as possible to prevent object reuse" is wrong. Source: NCSC-TG-025 A Guide to Understanding Data Remanence in Automated Information Systems.

Answer 84

Answer: A Explanation: In answer Simple file transfer, a workstation or PC uses terminal emulation software and a client application program to receive data from a host machine. For answer API, an API defines how the client and server appear to each other and supports the exchange of information without either entity knowing the details of a particular resource that is accessed using the API. One example is the Generalized Security Application Programming Interface (GSAPI) that applications can use to access security services. Answer GUI, the GUI approach, is similar to the API implementation and employs a user interface such as SQL to access a server database.

Answer 85

Answer: C Explanation: The transmission of data to locations where equivalent personal data protection cannot be assured is NOT permissible. The other answers are EU principles.

Answer 86

Answer: D Explanation: The Trusted Computing Base (TCB) The totality of protection mechanisms within a computer system, including hardware, firmware, and software, the combination of which is responsible for enforcing a security policy. A TCB consists of one or more components that together enforce a unified security policy over a product or system. The ability of a trusted computing base to correctly enforce a security policy depends solely on the mechanisms within the TCB and on the correct input by system administrative personnel of parameters (e.g., a users clearance) related to the security policy. *Answer "A computer that controls all access to objects by subjects" describes the reference monitor concept. The reference monitor is an access control concept that refers to an abstract machine that mediates all accesses to objects by subjects. The Security Kernel consists of the hardware, firmware, and software elements of a Trusted Computing Base (or Network Trusted Computing Base partition) that implement the reference monitor concept. It must mediate all accesses, be protected from modification, and be verifiable as correct. *Answer "A piece of information that represents the security level of an object" refers to a sensitivity label. Asensitivity label is a piece of information that represents the extra security level of an object and describes the sensitivity (e.g., classification) of the data in the object. Sensitivity labels are used by the TCB as the basis for mandatory access control decisions. *Answer "Formal proofs used to demonstrate the consistency between a systems specification and a security model" describes formal verification. This is the process of using formal proofs to demonstrate the consistency (design verification) between a formal specification of a system and a formal security policy model or (implementation verification) between the formal specification and its program implementation. Source: DoD 5200.28-STD Department of Defense Trusted Computer System Evaluation Criteria

Answer 87

Answer: B Explanation: The correct answer is the expense of maintaining the site. A hot site is commonly used for those extremely time-critical functions that the business must have up and running to continue operating, but the expense of duplicating and maintaining all of the hardware, software, and application elements is a serious resource drain to most organizations

Answer 88

Answer: C Explanation: This definition of a data warehouse is that of Bill Inmon, a pioneer in the field. To create a data warehouse, data is taken from an operational database, redundancies are removed, and the data is cleaned up in general. This activity is referred to as normalizing the data. Then the data is placed into a relational database and can be analyzed using On-Line Analytical Processing (OLAP) and statistical modeling tools. The data warehouse can be used as a Decision Support System (DSS), for example, by performing a time series analysis of the data. The data in the data warehouse must be maintained to ensure that it is timely and valid. The term data scrubbing refers to maintenance of the data warehouse by deleting information that is unreliable or no longer relevant. *A data mart, answer a, is a database that is comprised of data or relations that have been extracted from the data warehouse. Information in the data mart is usually of interest to a particular group of people. For example, a data mart may be developed for all health care-related data. *Answers Data model and Data model are distracters, although a data model, in this context, sometimes refers to the result of analyzing relationships among enterprise-wide data items.

Answer 89

Answer: C Explanation: All analytical and design tasks are conducted under the direction of the vendors corporate entity called the Configuration Control Board (CCB). The CCB is headed by a chairperson who is responsible for assuring that changes made do not jeopardize the soundness of the verification system and assures that the changes made are approved, tested, documented, and implemented correctly. The members of the CCB should interact periodically, either through formal meetings or other available means, to discuss configuration management topics such as proposed changes, configuration status accounting reports, and other topics that may be of interest to the different areas of the system development. These interactions should be held to keep the entire system team updated on all advancements or alterations in the verification system. Answer b describes configuration accounting. Configuration accounting documents the status of configuration control activities and, in general, provides the information needed to manage a configuration effectively. The configuration accounting reports are reviewed by the CCB. Source: NCSC-TG-014-89, Guidelines for Formal Verification Systems.

Answer 90

``` Answer: C Explanation: A partitioned security mode is a mode of operation wherein all personnel have the clearance but not necessarily formal access approval and need-to-know for all information contained in the system. *Answer "All personnel have the clearance and formal access approval" is a compartmented security modE. A compartmented security mode is a mode of operation wherein all personnel have a valid personnel clearance, formal access approval and signed nondisclosure agreements, and valid need-to-know for that information to which he/she is to have access. *Answer "The only state in which certain privileged instructions may beexecuted" is executive statE. Executive state is one of several states in which a system may operate and the only one in which certain privileged instructions may be executeD. Such instructions cannot be executed when the system is operating in other (e.g., user) states. Synonymous with supervisor state. *Answer "A system containing information accessed by personnel with different security clearances" is multilevel securE. Multilevel secure is a class of system containing information with different sensitivities that simultaneously permits access by users with different security clearances and needs-to-know, but prevents users from obtaining access to information for which they lack authorization. Source: DoD 5200.28-STD Department of Defense Trusted Computer System Evaluation Criteria. ```

Answer 91

Answer: A Explanation: The quality of a software product is a direct function of the quality of its associated software development and maintenance processes. *Answer "Good software development is a function of the number of expert programmers in the organization" is false because the SEI Software CMM relates the production of good software to having the proper processes in place in an organization and not to expert programs or heroes. *Answer "The maturity of an organizations software processes cannot be measured" is false because the Software CMM provides means to measure the maturity of an organizations software processes. *Answer " Software development is an art that cannot be measured by conventional means" is false because the Software CMM provides means to measure the maturity of an organizations software processes.

Answer 92

Answer: D Explanation: The other answers are distracters. If, in answer "Software process assessments are used..." the terms software process assessments and software capability evaluations were interchanged, that result would also be correct. It would then read, Software capability evaluations are used to develop a risk profile for source selection; software process assessments are used to develop an action plan for continuous process improvement.

Answer 93

``` Answer: D Explanation: Trusted distribution is defined by the Orange Book as a requirement of A1 TCB assurancE. Trusted distribution includes procedures to ensure that all of the TCB configuration items, such as the TCB software, firmware, hardware, and updates, distributed to a customer site arrive exactly as intended by the vendor without any alterations. Any alteration to the TCB at any time during the system life cycle could result in a violation of the system security policy. Assurance that the system security policy is correctly implemented and operational throughout the system life cycle is provided by different TCSEC requirements. At TCSEC class Al, trusted distribution, in conjunction with configuration management, provides assurance that the TCB software, firmware, and hardware, both original and updates, are received by a customer site exactly as specified by the vendors master copy. Trusted distribution also ensures that TCB copies sent from other than legitimate parties are detecteD. Source: NCSC-TG-008 A Guide to Understanding Trusted Distribution in Trusted Systems [Lavender Book]. ```

Answer 94

Answer: D Explanation: This defines a trade secret. *Answer "Provides the owner with a legally enforceable right to exclude others from practicing the art covered for a specified time period" refers to a patent. *Answer "Protects original works of authorship" refers to a copyright. *Answer "Is a word, name, symbol, color, sound, product shape, or device used to identify goods and to distinguish them from those made or sold by others" refers to a trademark.

Answer 95

Answer: A Explanation: The audit mechanism of a computer system has five important security goals: 1. The audit mechanism must allow the review of patterns of access to individual objects, access histories of specific processes and individuals, and the use of the various protection mechanisms supported by the system and their effectiveness.2 2. Allow discovery of both users and outsiders repeated attempts to bypass the protection mechanisms. 3. Allow discovery of any use of privileges that may occur when a user assumes a functionality with privileges greater than his or her own, i.e., programmer to administrator. In this case, there may be no bypass of security controls, but nevertheless, a violation is made possible. 4. Act as a deterrent against perpetrators habitual attempts to bypass the system protection mechanisms. However, to act as a deterrent, the perpetrator must be aware of the audit mechanisms existence and its active use to detect any attempts to bypass system protection mechanisms. 5. Supply an additional form of user assurance that attempts to bypass the protection mechanisms that are recorded and discovered.3 Even if the attempt to bypass the protection mechanism is successful, the audit trail will still provide assurance by its ability to aid in assessing the damage done by the violation, thus improving the systems ability to control the damage. Source: NCSC-TG-001 AGuide to Understanding Audit in Trusted Systems [Tan Book], and Gligor, Virgil D., Guidelines for Trusted Facility Management and Audit, University of Maryland, 1985.

Answer 96

Answer: B Explanation: The correct answer is "Evidence is mostly intangible". * Answer "Backups may be difficult to find" is incorrect because if backups are done, they usually can be located. * Answer "Evidence cannot be preserved" is incorrect because evidence can be preserved using the proper procedures. * Answer "Evidence is hearsay and can never be introduced into a court of law" is incorrect because there are exceptions to the hearsay rule

Answer 97

Answer: A Explanation: This is demonstrated in Configuration management of computer-based systems, British Standards Institution, 1984. The other answers are components of the maintenance activity of software life cycle models. In general, one can look at the maintenance phase as the progression from request control, to change control, to release control. *Answer request control is involved with the users requests for changes to the softwarE. *Change controlinvolves the analysis and understanding of the existing code, and the design of changes, and corresponding test procedures. *Answer release control involves deciding which requests are to be implemented in the new release, performing the changes and conducting testing

Answer 98

Answer: D Explanation: The correct answer is Criminal law. It is the only one of the choices where imprisonment is possible.

Answer 99

Answer: C Explanation: FEMA recommends that water treatment products sold in camping or surplus stores should not be used, unless the only active ingredient is 5.25 percent hypochloritE. When adding liquid bleach, it should contain 5.25 percent hypochlorite and no other added cleaners or scents. Distilling the water is the most highly recommended method, as it also removes other chemicals and heavy metals, as well as most microbes. Source: Emergency Water and Food Procedures, Federal Emergency Management Agency, April, 1997.

Answer 100

Answer: A Explanation: Configuration management entails decomposing the verification system into identifiable, understandable, manageable, trackable units known as Configuration Items (CIs). A CI is a uniquely identifiable subset of the system that represents the smallest portion to be subject to independent configuration control procedures. The decomposition process of a verification system into CIs is called configuration identification. CIs can vary widely in size, type, and complexity. Although there are no hard-and-fast rules for decomposition, the granularity of CIs can have great practical importancE. A favorable strategy is to designate relatively large CIs for elements that are not expected to change over the life of the system, and small CIs for elements likely to change more frequently. *Answer "Configuration Accounting", configuration accounting, documents the status of configuration control activities and in general provides the information needed to manage a configuration effectively. It allows managers to trace system changes and establish the history of any developmental problems and associated fixes. Answer "Configuration Audit", configuration audit, is the quality assurance component of configuration management. It involves periodic checks to determine the consistency and completeness of accounting information and to verify that all configuration management policies are being followed. Answer "Configuration Control", configuration control, is a means of assuring that system changes are approved before being implemented, only the proposed and approved changes are implemented, and the implementation is complete and accurate. Source: NCSC-TG-014-89, Guidelines for Formal Verification Systems.

Answer 101

Answer: B Explanation: In the client/server model, the server is the data storage resource and is responsible for data backups and protection/maintenance of the database. Answer "May be diskless" refers to a diskless workstation or PC at the client side. By not providing local data storage capabilities at the client side, security is increased since the data is less vulnerable at a protected server location. Also, because the client is the users path into the network, the client must have extensive, user friendly interfaces such as described in answers Extensive user interface and Data entry screens.

Answer 102

Answer: A Explanation: The correct answer is mobile. The other three are proper examples of elements of the five disaster recovery plan testing types.

Answer 103

Answer: A Explanation: The recovery team performs different functions from the salvage team. The recovery teams primary mandate is to get critical processing re-established at an alternate site. The salvage teams primary mandate is to return the original processing site to normal processing environmental conditions.

Answer 104

Answer: C Explanation: * Answer "Developing weapons systems based on artificial intelligence technology" is a distracter and has to do with weapon systems development. * Answer "Generating and disseminating propaganda material" is not applicable. Answer "Signal intelligence" is the conventional acquisition of information from radio signal

Answer 105

Answer: B Explanation: The correct answer is A neural network learns by using various algorithms to adjust the weights applied to the data. The other answers are terminology referenced in expert systems

Answer 106

Answer: A Explanation: A software process is a set of activities, methods, and practices that are used to develop and maintain software and associated products. Software process capability is a means of predicting the outcome of the next software project conducted by an organization. * Answer software process performance, is the result achieved by following a software process. Thus, software capability is aimed at expected results while software performance is focused on results that have been achieved. *Software process maturity is the extent to which a software process is: Defined Managed Measured Controlled Effective Software process maturity, then, provides for the potential for growth in capability of an organization. An immature organization develops software in a crisis mode, usually exceeds budgets and time schedules, and software processes are developed in an ad hoc fashion during the project. In a mature organization, the software process is effectively communicated to staff, the required processes are documented and consistent, software quality is evaluated, and roles and responsibilities are understood for the project. Answer SA/SD is a distracter.

Answer 107

Answer: D Explanation: The correct answer is Personnel safety. The number one function of all disaster response and recovery is the protection of the safety of people; all other concerns are vital to business continuity but are secondary to personnel safety.

Answer 108

Answer: C Explanation: Although many processes in making business continuity plans are similar to processes in creating disaster recovery plans, several differences exist. Business continuity planning processes that are unique to BCP could include: Project scoping and assigning roles Creating business impact and vulnerability assessments Choosing alternate processing sites whereas unique disaster recovery/emergency management processes could include: Implementing relocation procedures to the alternate site Plan testing and training Recovering data Salvaging damaged equipment Source: CISSP Examination Textbooks, Volume One: Theory, by S. Rao Vallabhaneni, SRV Professional Publications first edition 2000 and Handbook of Information Security Management, by Micki Krause and Harold F. Tipton, Auerback, 1999 edition.

Answer 109

Answer: A Explanation: Acomponent whose state is to be recorded and against which changes are to be progressed The other answers are incorrect by the definition of a configuration item.

Answer 110

Answer: C Explanation: * Answer "Employees must be unaware of the monitoring activity" is incorrect because employees must be made aware of the monitoring if it is to be legal * answer "All employees must agree with the monitoring policy" is incorrect because employees do not have to agree with the policy * answer "Results of the monitoring cannot be used against the employee" is incorrect because the results of monitoring might be used against the employee if the corporate policy is violated.

Answer 111

Answer: A Explanation: The Red Book is one book of the Rainbow Series, a six-foot-tall stack of books on evaluating Trusted Computer Systems according to the National Security Agency. The term Rainbow Series comes from the fact that each book is a different color. The Trusted Network Interpretation (TNI) extends the evaluation classes of the Trusted Systems Evaluation Criteria (DOD 5200.28-STD) to trusted network systems and components. * the Orange Book, is the main book of the Rainbow Series and most of the other books elaborate on the information contained in this book. The Orange Book is the DoD Trusted Computer System Evaluation Criteria [DOD 5200.28]1. * the Green Book, is CSC-STD-002-85, the DoD Password Management Guidelines. * the Purple Book, is NCSC-TG-014, Guidelines for Formal Verification Systems. Source: NCSC-TG-005 Trusted Network Interpretation [Red Book] and DoD Trusted Computer System Evaluation Criteria [DOD 5200.28-Orange Book.]

Answer 112

Answer: A Explanation: The concept of need-to-know means that, in addition to whatever specific object or role rights a user may have on the system, the user has also the minimum amount of information necessary to perform his job function. * Answer "Need-to-know ensures that no single individual (acting alone) can compromise security controls." is separation of duties, assigning parts of tasks to different personnel. *Answer "Need-to-know grants each user the lowest clearance required for their tasks." is least privilege, the user has the minimum security level required to perform his job function. *Answer "Need-to-know limits the time an operator performs a task." is rotation of duties, wherein the amount of time an operator is assigned a security-sensitive task is limited before being moved to a different task with a different security classification.

Answer 113

Answer: A Explanation: The correct answer is Emanation Eavesdropping. The Tempest program required shielding and other emanation reducing safeguards to be employed on computers processing classified data. The other answers are types of attacks against computers, but are not the focus of the Tempest program.

Answer 114

Answer: A Explanation: * Answer "All risks to an information system are eliminated" is incorrect because all risks to information systems cannot be eliminated * answer "Other management personnel are delegated the responsibility for information system security" is incorrect because senior management cannot delegate its responsibility for information system security under due care * answer "The cost of implementing safeguards is greater than the potential resultant losses resulting from information security breaches" is incorrect because the cost of implementing safeguards should be less than or equal to the potential resulting losses relative to the exercise of due care.

Answer 115

Answer: C Explanation: The correct answer is: to create a document to be used to help understand what impact a disruptive event would have on the business. Answer "To define a strategy to minimize the effect of disturbances and to allow for the resumption of business processes" is the definition of business continuity planning.

Answer 116

Answer: D Explanation: In the Waterfall model (W.W. Royce, Managing the Development of Large Software Systems: Concepts and Techniques, Proceedings, WESCON, August 1970). * answer "A complete, validated specification of the required functions, interfaces, and performance for the software product" defines the term requirements. *Similarly, answer "To establish the fitness or worth of a software product for its operational mission", defines the term validation, and answer d is the definition of product design. In summary, the steps of the Waterfall model are: System feasibility Software plans and requirements Product design Detailed design Code Integration Implementation Operations and maintenance In this model, each phase finishes with a verification and validation (V&V) task that is designed to eliminate as many problems as possible in the results of that phase.

Answer 117

Answer: B Explanation: The four major aspects of configuration management are: Configuration identification Configuration control Configuration status accounting Configuration auditing These aspects are described earlier in this chapter. Answer " Configuration product evaluation" is a distracter. Source: NCSC-TG-014-89, Guidelines for Formal Verification Systems [Purple Book].

Answer 118

Answer: C Explanation: The correct answer is Personnel safety. Personnel safety is the primary priority of BCP and DRP, not BIA.

Answer 119

Answer: D Explanation: A business continuity program is an ongoing process supported by senior management and funded to ensure that the necessary steps are taken to identify the impact of potential losses, maintain viable recovery strategies and recovery plans, and ensure continuity of services through personnel training, plan testing, and maintenance. Answer "A program that implements the mission, vision, and strategic goals of the organization" describes a disaster/emergency management program. A disaster/ emergency management program, like a disaster recovery program, is a program that implements the mission, vision, and strategic goals and objectives as well as the management framework of the program and organization. *Answer "A determination of the effects of a disaster on human, physical, economic, and natural resources" describes a damage assessment. A damage assessment is an appraisal or determination of the effects of a disaster on human, physical, economic, and natural resources. *Answer "A standard that allows for rapid recovery during system interruption and data loss" is a distracter. Source: NFPA1600 Standard on Disaster/Emergency Management and Business Continuity, National Fire Protection Association, 2000 edition.

Answer 120

Answer: B Explanation: A data dictionary is a database for system developers. The other answers are distracters

Answer 121

Answer: C Explanation: According to the NFPA, arson is an example of a potential hazard caused by a human event. Fires, in themselves, are considered natural events, like forest fires, range fires, urban or city fires, unless arson is thought to be the source of the blazE. Of the three categories of potential hazards (natural, technological, and human), human events could include: General strikes Terrorism Sabotage Mass hysteria Civil unrest Source: NFPA 1600 Standard on Disaster/Emergency Management and Business Continuity, National Fire Protection Association, 2000 edition.

Answer 122

Answer: C Explanation: The correct answer is "Controlling diagnostic ports on networked equipment". This is an example of a hardware control. The other three are examples of software controls.

Answer 123

Answer: A,B,D Explanation: The correct answers are all examples of emergency management procedures which must be established by the financial department to ensure that fiscal decisions are executed in accordance with authority levels and accounting practices. *Answer "Establishing critical incident stress procedures" is an example of a procedure that should be developed by the human resources department. The quality of employee morale and well-being can include psychological needs as well as physical needs, and the role of the human resources department is critical in monitoring and managing immediate, short-term, and long-term employee stress. Source: NFPA 1600 Standard on Disaster/Emergency Management and Business Continuity, National Fire Protection Association, 2000 edition.

Answer 124

Answer: D Explanation: An Evaluation Assurance Level (EAL) is one of seven increasingly rigorous packages of assurance requirements from CC Part 3. Each numbered package represents a point on the CCs predefined assurance scalE. An EAL can be considered a level of confidence in the security functions of an IT product or system. The EALs have been developed with the goal of preserving the concepts of assurance drawn from the source criteria, such as the Trusted Computer System Evaluation Criteria (TCSEC), Information Technology Security Evaluation Criteria (ITSEC), or Canadian Trusted Computer Evaluation Criteria (CTCPEC), so that results of previous evaluations remain relevant. EAL levels 2Ö7 are generally equivalent to the assurance portions of the TCSEC C2-A1 scale, although exact TCSEC mappings do not exist. *Answer "A security level equal to the security level of the objects to which the subject has both read and write access" is the definition of Subject Security Level. Asubjects security level is equal to the security level of the objects to which it has both read and write access. A subjects security level must always be dominated by the clearance of the user with which the subject is associated. * Answer "A statement of intent to counter specified threats" describes a Security Objective, which is a statement of intent to counter specified threats and/or satisfy specified organizational security policies and assumptions. *Answer "Requirements that specify the security behavior of an IT product or system" describes Security Functional Requirements. These are requirements, preferably from CC Part 2, that when taken together specify the security behavior of an IT product or system. Source: CC Project and DoD 5200.28-STD.

Answer 125

Answer: B Explanation: In a table-top exercise, members of the emergency management group meet in a conference room setting to discuss their responsibilities and how they would react to emergency scenarios. Disaster recovery/emergency management plan testing scenarios have several levels, and can be called different things. The primary hierarchy of disaster/emergency testing plan types is shown below. Checklist review. Plan is distributed and reviewed by business units for its thoroughness and effectiveness. Table-top exercise or structured walk-through test. Members of the emergency management group meet in a conference room setting to discuss their responsibilities and how they would react to emergency scenarios by stepping through the plan. Walk-through drill or simulation test. The emergency management group and response teams actually perform their emergency response functions by walking through the test, without actually initiating recovery procedures. More thorough than the table-top exercise. Functional drills. Test specific functions such as medical response, emergency notifications, warning and communications procedures, and equipment, although not necessarily all at once. Also includes evacuation drills, where personnel walk the evacuation route to a designated area where procedures for accounting for the personnel are tested. Parallel test or full-scale exercise. A real-life emergency situation is simulated as closely as possible. Involves all of the participants that would be responding to the real emergency, including community and external organizations. The test may involve ceasing some real production processing. Source: Emergency Management Guide for Business and Industry, Federal Emergency Management Agency, August 1998 and Computer Security Basics, by Deborah Russell and G.T. Gangemi, Sr. (OReilly, 1992).

Answer 126

Answer: C Explanation: In the system life cycle, information security controls should be part of the feasibility phase. The other answers are incorrect because the basic premise of information system security is that controls should be included in the earliest phases of the software life cycle and not added later in the cycle or as an afterthought.

Answer 127

Answer: D Explanation: Live or actual field data are NOT recommended for use in testing because they do not thoroughly test all normal and abnormal situations and the test results are not known beforehand. The other answers are true of testing.

Answer 128

Answer: C Explanation: Wire and cash transfers of $10,000 or more in a single transaction must be reported to government officials. Actions in answers "Subpoena of electronic records", "Monitoring of Internet communications", and c are permitted under the Patriot Act. In answers "Subpoena of electronic records" and "Monitoring of Internet communications", the government has new powers to subpoena electronic records and to monitor Internet traffic. In monitoring information, the government can require the assistance of ISPs and network operators. This monitoring can even extend into individual organizations. In the Patriot Act, Congress permits investigators to gather information about electronic mail without having to show probable cause that the person to be monitored had committed a crime or was intending to commit a crime. In answer c, the items cited now fall under existing search and seizure laws. A new twist is delayed notification of a search warrant. Under the Patriot Act, if it suspected that notification of a search warrant would cause a suspect to flee, a search can be conducted before notification of a search warrant is given. In a related matter, the US and numerous other nations have signed the Council of Europes Cybercrime Convention. In the US, participation in the Convention has to be ratified by the Senate. In essence, the Convention requires the signatory nations to spy on their own residents, even if the action being monitored is illegal in the country in which the monitoring is taking place.

Answer 129

Answer: A Explanation: The equation defines a single layer ANN as shown in Figure. Each input, in, is multiplied by a weight, wn , and these products are fed into a summation transfer function, , that generates an output, Z. Most neural networks have multiple layers of summation and weighting functions, whose interconnections can also be changed. There are a number of different learning paradigms for neural networks, including reinforcement learning and back propagation. In reinforcement learning a training set of inputs is provided to the ANN along with a measure of how close the network is coming to a solution. Then, the weights and connections are readjusted. In back propagation, information is fed back inside the neural network from the output and is used by the ANN to make weight and connection adjustments. *Answers An expert system and A knowledge-based system are distracters that describe systems that use knowledge-based rules of experts to solve problems using an inferencing mechanism. *A knowledge acquisition system refers to the means of identifying and acquiring the knowledge to be entered into the knowledge base of an expert system.

Answer 130

Answer: B Explanation: The answer is a personnel control. Most support and operations staff have special access to the system. Some organizations conduct background checks on individuals filling these positions to screen out possibly untrustworthy individuals. *Answer "Sanitizing the media before disposition": The process of removing information from media before disposition is called sanitization. Three techniques are commonly used for media sanitization: overwriting, degaussing, and destruction. *Answer "Printing to a printer in a secured room": It may be necessary to actually output data to the media in a secure location, such as printing to a printer in a locked room instead of to a general-purpose printer in a common area. *Answer "Physically protecting copies of backup media": Physical protection of copies of backup media stored offsite should be accorded a level of protection equivalent to media containing the same information stored onsite. Source: National Institute of Standards and Technology, An Introduction to Computer Security: The NIST Handbook Special Publication 800-12.

Answer 131

Answer: A Explanation: * Answer "Securing laptops to desks during an investigation" relates to physical security *answer "DNA testing" is a type of biological testing * answer "Signal intelligence" is part of the act of gathering evidence.

Answer 132

Answer: D Explanation: The correct answer is Derived law. It is a distracter, and all of the other answers are categories under common law.

Answer 133

Answer: C Explanation: The correct answer is Access Change. The three common levels of operator privileges, based on the concept of least privilege, are: Read Only Lowest level, view data only Read/Write View and modify data Access Change Highest level, right to change data/operator permissions Answer d is a distracter.

Answer 134

Answer: C Explanation: The modified Waterfall model was reinterpreted to have phases end at project milestones. Answer "Unlimited backward iteration is permitted" is false because unlimited backward iteration is not permitted in the modified Waterfall model. Answer "The model was reinterpreted to have phases begin at project milestones" is a distracter. Answer "Product verification and validation are not included" is false because verification and validation are included.

Answer 135

Answer: D Explanation: The three most common types of remote off-site backup processing facilities are hot sites, warm sites, and cold sites. They are primarily differentiated by how much preparation is devoted to the site, and therefore how quickly the site can be used as an alternate processing site

Answer 136

Answer: B Explanation: Answer "Object-oriented requirements analysis" defines classes of objects and their interactions. Answer "Object-oriented analysis", object-oriented analysis, is the process of understanding and modeling of a specific problem within a problem domain. Object-oriented design is design in which the object is the basic unit of modularity and objects are instantiations of a class.

Answer 137

Answer: A Explanation: The correct answer is "The Federal Bureau of Investigation (FBI) and the Secret Service", making the other answers incorrect.

Answer 138

Answer: C Explanation: parallel test tests the processing functionality of the alternate site, whereas the full-interruption test actually replicates a disaster by halting production. *Answer "Functional business unit representatives meet to review the plan to ensure it accurately reflects the organizations recovery strategy" is the definition of a checklist test type.

Answer 139

Answer: B Explanation: A covert storage channel typically involves a finite resource (e.g., sectors on a disk) that is shared by two subjects at different security levels. One way to think of the difference between covert timing channels and covert storage channels is that covert timing channels are essentially memoryless, whereas covert storage channels are not. With a timing channel, the information transmitted from the sender must be sensed by the receiver immediately, or it will be lost. However, an error code indicating a full disk which is exploited to create a storage channel may stay constant for an indefinite amount of time, so a receiving process is not as constrained by time. *Answer "A process that manipulates observable system resources in a way that affects response time" is a partial description of a covert timing channel. A covert timing channel is a covert channel in which one process signals information to another by modulating its own use of system resources (e.g., CPU time) in such a way that this manipulation affects the real response time observed by the second process. *Answer "An information transfer path within a system" is a generic definition of a channel. A channel may also refer to the mechanism by which the path is effected. *Answer "A communication channel that allows a process to transfer information in a manner that violates the systems security policy" is a higher-level definition of a covert channel. While a covert storage channel fits this definition generically. Source: DoD 5200.28-STD Department of Defense Trusted Computer System Evaluation Criteria and NCSC-TG-030, A Guide To Understanding Covert Channel Analysis of Trusted Systems [Light Pink Book].

Answer 140

Answer: B Explanation: The radial dimension represents cumulative cost and the angular dimension represents progress made in completing each cycle of the spiral. The spiral model is actually a meta-model for software development processes. Asummary of the stages in the spiral is as follows: The spiral begins in the top, left-hand quadrant by determining the objectives of the portion of the product being developed, the alternative means of implementing this portion of the product, and the constraints imposed on the application of the alternatives. Next, the risks of the alternatives are evaluated based on the objectives and constraints. Following this step, the relative balances of the perceived risks are determined. The spiral then proceeds to the lower right-hand quadrant where the development phases of the projects begin. A major review completes each cycle and then the process begins anew for succeeding phases of the project. Typical succeeding phases are software product design, integration and test plan development, additional risk analyses, operational prototype, detailed design, code, unit test, acceptance test, and implementation. The other answers are distracters

Answer 141

Answer: C Explanation: Evolutionary computing uses the Darwinian principles of survival of the fittest, mutation, and the adaptation of successive generations of populations to their environment. The genetic algorithm implements this process through iteration of generations of a constant-size population of items or individuals. Each individual is characterized by a finite string of symbols called genomes. The genomes are used to represent possible solutions to a problem in a fixed search space. For example, if the fixed population of the first generation of individuals consists of random binary numbers, and the problem is to find the minimum binary number that can be represented by an individual, each binary number is assigned a fitness value based on the individuals binary number value. The smaller the binary number represented by a parent individual, the higher level of fitness that is assigned to it. Through cross breeding among the numbers (known as crossover), mutations of the numbers, and pairing of numbers with high fitness ratings, the smallest value that can be represented by the number of bits in the binary number will emerge in later generations. *Answer neural networks, is incorrect and has been discussed extensively in previous questions in this chapter. *Answer Suboptimal computing is a distracter and answer biological computing, refers to computation performed by using certain characteristics of living organisms.

Answer 142

Answer: A Explanation: The primary benefits of employing an incident-handling capability are containing and repairing damage from incidents and preventing future damagE. Additional benefits related to establishing an incidenthandling capability are: Enhancement of the risk assessment process. An incidenthandling capability will allow organizations to collect threat data that may be useful in their risk assessment and safeguard selection processes (e.g., in designing new systems). Statistics on the numbers and types of incidents in the organization can be used in the risk-assessment process as an indication of vulnerabilities and threats. Enhancement of internal communications and the readiness of the organization to respond to any type of incident, not just computer security incidents. Internal communications will be improved, management will be better organized to receive communications, and contacts within public affairs, legal staff, law enforcement, and other groups will have been preestablished. Security training personnel will have a better understanding of users knowledge of security issues. Trainers can use actual incidents to vividly illustrate the importance of computer security. Training that is based on current threats and controls recommended by incident-handling staff provides users with information more specifically directed to their current needs, thereby reducing the risks to the organization from incidents. *Answer "An individual acting alone would not be able to subvert a security process or control" is a benefit of employing separation of duties controls. Source: National Institute of Standards and Technology, An Introduction to Computer Security: The NIST Handbook Special Publication 800-12.

Answer 143

Answer: D Explanation: Searching for data correlations in the data warehouse is called data mining. Answer Data warehousing is incorrect because data warehousing is creating a repository of information from heterogeneous databases that is available to users for making queries. Answer A data dictionary is incorrect because a data dictionary is a database for system developers. Answer Configuration management is incorrect because configuration management is the discipline of identifying the components of a continually evolving system for the purposes of controlling changes to those components and maintaining integrity and traceability throughout the life cycle.

Answer 144

Answer: B Explanation: Remote sensing is the acquisition of information via aerial or satellite sensors. The most critical category of information to capture immediately following a disaster is accurate and timely intelligence about the scope, extent, and impact of the event. Intelligent and effective decisions hinge on the credible characterization of the situation. If the disaster is extensive enough, it may cause serious damage to the telephone or wireless infrastructure and ground communications may be unusable to accurately assess the situation. Remote sensing systems can provide a highly effective alternative means of gathering intelligence about the event. *Answer "Photographic, radar, infrared, or multi-spectral imagery from manned or unmanned aircraft" describes remote sensing using aerial-derived information. *Answer "Photographic, radar, infrared, or multi-spectral imagery from geostationary or orbiting satellites" describes satellite-derived remote sensing. *Answer "RS intelligence may be integrated into geographic information systems (GIS) to produce map-based products" describes a common use of the remote sensing data. Source: Remote Sensing in Federal Disaster Areas, Standard Operating Procedures, FEMA 9321.1-PR, June 1999

Answer 145

Answer: B Explanation: These laws reflected different views concerning wiretapping as technology progresseD. The Federal Intelligence Surveillance Act (FISA) of 1978 limited wiretapping for national security purposes as a result of the record of the Nixon Administration in using illegal wiretaps. The Electronic Communications Privacy Act (ECPA) of 1986 prohibited eavesdropping or the interception of message contents without distinguishing between private or public systems. The Communications Assistance for Law Enforcement Act (CALEA) of 1994 required all communications carriers to make wiretaps possible in ways approved by the FBI.

Answer 146

Answer: C Explanation: *Answer behavior, is a characteristic of an object. The object is defined as a collection of operations that, when selected, reveal or manipulate the state of the object. Thus, consecutive invocations of an object may result in different behaviors, based on the last operations selected. *Answer message, is a request sent to an object to carry out a particular operation. *A method is the codethat describes what the object will do when sent a message.

Answer 147

Answer: A,B,C Explanation:

Answer 148

Answer: B Explanation: Procedural code in a procedural language implies sequential execution of instructions based on the von Neumann architecture of a CPU, Memory, and Input/Output device. Variables are part of the sets of instructions used to solve a particular problem and, thus, the data are not separate from the statements. Such languages have control statements such as goto, ifthenelse and so on. The program execution is iterative and corresponds to a sequence of state changes in a state machine. *Answer knowledge base, refers to the rules and facts of the particular problem domain. *The inference engine takes the inputs to the KBS and uses the knowledge base to infer new facts and to solve the problem. *Answer "Interface between the user and the system" refers to the interface between the user and the system through which the data are entered, displayed, and output.

Answer 149

Answer: C Explanation: Computer Aided Software Engineering (CASE) tools and an Integrated Project Support Environment (IPSE) are terms used to describe similar software engineering support environments. *Answer data model, is a basic system of constructs used in describing reality, (Kent, W., Data and Reality, North Holland, 1978). *A DBMS is a system that supports the creation, use, and administration of a database system. * Answer a data type dictionary, refers to a collection of items on which certain operations, such as insert, delete, and search, are to be performed. This arrangement of items is in contrast to a priority queue, in which the collection of items is arranged in order of priority and the relevant operations to be performed are insert, find-max, and delete-max.

Answer 150

Answer: B,C,D Explanation: In addition to the capabilities in the correct answers, P3P does provide the site privacy practices to users in machine-readable format.

Answer 151

Answer: B Explanation: "Assuring the accuracy of the backup data" is an example of a software integrity control, although the other three elements of media control listed apply to the backup tapes themselves.

Answer 152

Answer: A Explanation: The correct answer is a repository of information from heterogeneous databases. Answers "A remote facility used for storing backup tapes" and "A hot backup building" describe physical facilities for backup and recovery of information systems, and answer "A table in a relational database system" describes a relation in a relational database.

Answer 153

Answer: B Explanation: The least privilege principle requires that each subject in a system be granted the most restrictive set of privileges (or lowest clearance) needed for the performance of authorized tasks. The application of this principle limits the damage that can result from accident, error, or unauthorized use. Applying this principle may limit the damage resulting from accidents, errors, or unauthorized use of system resources. *Answer "A formal separation of command, program, and interface functions." describes separation of privilege, which is the separation of functions, namely between the commands, programs, and interfaces implementing those functions, such that malicious or erroneous code in one function is prevented from affecting the code or data of another function. *Answer "A combination of classification and categories that represents the sensitivity of information." is a security level. A security level is the combination of hierarchical classification and a set of non-hierarchical categories that represents the sensitivity of information. *Answer "Active monitoring of facility entry access points." is a distracter. Source: DoD 5200.28STD Department of Defense Trusted Computer System Evaluation Criteria.

Answer 154

``` Answer: A Explanation: method in an object-oriented system is the code that defines the actions that the object performs in response to a message. Answer "The means of communication among objects" is incorrect because it defines a message. Answer "A guide to the programming of objects" is a distracter. Answer "The situation where a class inherits the behavioral characteristics of more that one parent class" refers to multiple inheritance. ```

Answer 155

Answer: B Explanation: Answer CLIPPER refers to the US government Escrowed Encryption Standard. Answer ECHELON refers to the large-scale monitoring of RF transmissions. Answer ECHO is a distracter.

Answer 156

Answer: D Explanation: Life safety, or protecting the health and safety of everyone in the facility is the first priority in an emergency or disaster. Evacuation routes, assembly areas, and accounting for personnel (head counts and last-known locations) are the most important function of emergency procedures, before anything else. Once all personnel have been accounted for and emergency teams have arrived to prevent further damage or hazard, family members should be notified of the status of the event. Providing restoration and recovery, and implementing alternative production methods also comes later. Source: Emergency Management Guide for Business and Industry, Federal Emergency Management Agency, August, 1998.

Answer 157

Answer: B Explanation: A firewall is primarily intended to prevent unauthorized access.

Answer 158

Answer: D Explanation: Security is more of a concern in distributed systems since there are vulnerabilities associated with the network and the many locations from which unauthorized access to the computing resources can occur. The other answers are characteristics of a DDP architecture.

Answer 159

Answer: B Explanation: The advantages of incremental development include the ease of testing increments of functional capability and the opportunity to incorporate user experience into a successively refined product. The other answers are distracters.

Answer 160

Answer: B Explanation:

Answer 161

Answer: A Explanation: A fuzzy expert system is an expert system that uses fuzzy membership functions and rules, instead of Boolean logic, to reason about data. Thus, fuzzy variables can have an approximate range of values instead of the binary True or False used in conventional expert systems. When it is desired to convert the fuzzy output to a single value, defuzzification is used. One approach to defuzzification is the CENTROID method. With this method, a value of the output variable is computed by finding the variable value of the center of gravity of the membership function for the fuzzy output value. Answers Neural network and Realistic expert system are distracters, and answer Boolean expert system is incorrect since it refers to Boolean values of one or zero.

Answer 162

Answer: A Explanation: The correct answer is Judicial branch. The judicial decisions made in the courts generate common law. Answer a, administrative agencies, create administrative laws and the legislative branch, answer b, generates statutory laws. The executive branch, answer c, does not make laws

Answer 163

Answer: D Explanation: Operational assurance is the process of reviewing an operational system to see that security controls, both automated and manual, are functioning correctly and effectively. Operational assurance addresses whether the systems technical features are being bypassed or have vulnerabilities and whether required procedures are being followed. To maintain operational assurance, organizations use two basic methods: system audits and monitoring. Asystem audit is a one-time or periodic event to evaluate security. Monitoring refers to an ongoing activity that examines either the system or the users. *Answer "Operational assurance is the process of examining audit logs to reveal usage that identifies misuse" is a description of an audit trail review. Answer "Operational assurance has the benefit of containing and repairing damage from incidents" is a description of a benefit of incident handling. The main benefits of proper incident handling are containing and repairing damage from incidents, and preventing future damagE. *Answer "Operational assurance is the process of performing pre-employment background screening" describes a personnel control. Source: National Institute of Standards and Technology, An Introduction to Computer Security: The NIST Handbook Special Publication 800-12.

Answer 164

Answer: D Explanation: The Basic COCOMO Model (B.W. Boehm, Software Engineering Economics, Prentice-Hall, Englewood Cliffs, New Jersey, 1981) proposes the following equations: The number of man-months (MM) required to develop the most common type of software product, in terms of the number of thousands of delivered source instructions (KDSI) in the software product MM = 2.4 (KDSI)1.05 The development schedule (TDEV) in months TDEV = 2.5(MM)0.38 In addition, Boehm has developed an intermediate COCOMO Model that also takes into account hardware constraints, personnel quality, use of modern tools, and other attributes and their aggregate impact on overall project costs. A detailed COCOMO Model, by Boehm, accounts for the effects of the additional factors used in the intermediate model on the costs of individual project phases.

Answer 165

Answer: B Explanation: The organizations strategic plan is considered a long-term goal. In developing plans, consideration should be given to both shortterm and long-term goals and objectives. Short-term goals can include: Vital personnel, systems, operations, and equipment Priorities for restoration and mitigation Acceptable downtime before restoration to a minimum level of operations Minimum resources needed to accomplish the restoration Long-term goals and objectives can include: The organizations strategic plan Management and coordination of activities Funding and fiscal management Management of volunteer, contractual, and entity resources Source: NFPA 1600 Standard on Disaster/Emergency Management and Business Continuity, National Fire Protection Association, 2000 edition.

Answer 166

Answer: B Explanation: The correct answer is "Luring the perpetrator to an attractive area or presenting the perpetrator with a lucrative target after the crime has already been initiated", the definition of enticement. *Answer "Encouraging the commission of a crime when there was initially no intent to commit a crime" is the definition of entrapment. The other answers are distracters.

Answer 167

Answer: B Explanation:

Answer 168

Answer: C Explanation: The software maintenance phase controls consist of request control, change control, and release control by definition. The other answers are, therefore, incorrect.