Questions of the Day Flashcards
What document is important to ensure that an employee can not file a civil privacy suit against their employer?
Reasonable Expectation of Privacy (REP) Waiver
What are the things missing from a hot site?
Data and people
A _____ proves to be a useful approach to identifying failures that can take place within complex environments and systems. In this method, each situation has the potential to cause a negative effect is added to the structure as a series of logic expressions
Fault tree Model
Recovery Time Objective (RTO) usually deals with getting the infrastructure and systems back up and running. What metric is commonly used to deal with restoring data, testing processes, and then making everything live for production?
Work Recovery Time (WTR)
What is the difference between best evidence and direct evidence?
Best evidence is most reliable (such as a signed document) – direct evidence can prove a fact by itself without supporting information
A fault tree model lays out potential negative effects how?
As a structure with negative effect added as a series of logic expressions
What objective usually deals with getting the infrastructure and systems back up and running?
Recovery time Objective (RTO)
When you see “Administrative, Operation, Technical” you should think what sector of systems?
Federal information systems
When you see “Administrative, Physical, Technical” you should think what sector of systems?
Private sector
What java clause is critical for error handling
try…catch
TRUE/FALSE - The main purpose of a code repository is to store the source files used in software development in a centralized location that allows for secure storage.
TRUE
____ consist of shared code objects that perform related functions
Libraries
Developers wishing to sign their code must have a ____
Digital signature
What software methodology uses an iterative process?
Spiral
The DevOps model prioritizes development efforts over operational tasks
FALSE
What character is essential for a SQL injection attack?
Apostrophe ‘
What type of attack seeks to write data to areas of memory reserved for other purposes?
Buffer overflow
TRUE/FALSE - Sandbox execution is not a significant risk with browser add-ons and extensions
TRUE
What is the last stage in code testing?
User Accessibility Testing (UAT)
TRUE/FALSE - Security teams should conduct regular testing of acquired software
TRUE
What is the mnemonic for the software development life cycle?
Re Do The Damn Test Right
What are the stages of the software development lifecycle?
Requirements, Design, Develop, Test, Release
What is the mnemonic for the system development life cycle?
Information Assurance Is Out Dated
What are the stages of system development life cycle?
Initiate, Acquire, Implement, Operations, Disposal
Statistical behavior-based engines are not a component of what type of system?
Expert system
Debugging a program without executing or compiled is what kind of analysis?
Static analysis
TRUE/FALSE - Object oriented databases are more dynamic than relational databases, and the objects contain the procedures within them.
TRUE
In terms of AES, S-Boxes are used how during the encryption process?
Substitution
A dumb terminal that broadcasts requests to find its network configurations and operating system when booting up is using what protocol?
Reverse Address Resolution Protocol (RRARP) - Enables devices with MAC to find their IP info
Kennedy-Kassembaum act is also known as what?
HIPAA
A system with disk shadowing does what?
Writes to two different disks simultaneously
What is the difference between disk duplexing and disk shadowing?
Disk duplexing has two controllers, not disk shadowing
What is the most important goal of disaster recovery?
Protect human life
What type of law punishes individuals with financial restitution instead of with jail penalties?
A tort, or civil law
Why was Rijandael chosen over El Gamal for AES in 1997?
Rijandael uses a symmetric block algorithm, while El Gamal uses assymetric
What is a beaconing functionality in a token passing ring do?
Excludes a computer from a ring
