Questions of the Day

Question 1

What document is important to ensure that an employee can not file a civil privacy suit against their employer?

Answer 1

Reasonable Expectation of Privacy (REP) Waiver

Question 2

What are the things missing from a hot site?

Answer 2

Data and people

Question 3

A _____ proves to be a useful approach to identifying failures that can take place within complex environments and systems. In this method, each situation has the potential to cause a negative effect is added to the structure as a series of logic expressions

Answer 3

Fault tree Model

Question 4

Recovery Time Objective (RTO) usually deals with getting the infrastructure and systems back up and running. What metric is commonly used to deal with restoring data, testing processes, and then making everything live for production?

Answer 4

Work Recovery Time (WTR)

Question 5

What is the difference between best evidence and direct evidence?

Answer 5

Best evidence is most reliable (such as a signed document) – direct evidence can prove a fact by itself without supporting information

Question 6

A fault tree model lays out potential negative effects how?

Answer 6

As a structure with negative effect added as a series of logic expressions

Question 7

What objective usually deals with getting the infrastructure and systems back up and running?

Answer 7

Recovery time Objective (RTO)

Question 8

When you see “Administrative, Operation, Technical” you should think what sector of systems?

Answer 8

Federal information systems

Question 9

When you see “Administrative, Physical, Technical” you should think what sector of systems?

Answer 9

Private sector

Question 10

What java clause is critical for error handling

Answer 10

try…catch

Question 11

TRUE/FALSE - The main purpose of a code repository is to store the source files used in software development in a centralized location that allows for secure storage.

Answer 11

TRUE

Question 12

____ consist of shared code objects that perform related functions

Answer 12

Libraries

Question 13

Developers wishing to sign their code must have a ____

Answer 13

Digital signature

Question 14

What software methodology uses an iterative process?

Answer 14

Spiral

Question 15

The DevOps model prioritizes development efforts over operational tasks

Answer 15

FALSE

Question 16

What character is essential for a SQL injection attack?

Answer 16

Apostrophe ‘

Question 17

What type of attack seeks to write data to areas of memory reserved for other purposes?

Answer 17

Buffer overflow

Question 18

TRUE/FALSE - Sandbox execution is not a significant risk with browser add-ons and extensions

Answer 18

TRUE

Question 19

What is the last stage in code testing?

Answer 19

User Accessibility Testing (UAT)

Question 20

TRUE/FALSE - Security teams should conduct regular testing of acquired software

Answer 20

TRUE

Question 21

What is the mnemonic for the software development life cycle?

Answer 21

Re Do The Damn Test Right

Question 22

What are the stages of the software development lifecycle?

Answer 22

Requirements, Design, Develop, Test, Release

Question 23

What is the mnemonic for the system development life cycle?

Answer 23

Information Assurance Is Out Dated

Question 24

What are the stages of system development life cycle?

Answer 24

Initiate, Acquire, Implement, Operations, Disposal

Question 25

Statistical behavior-based engines are not a component of what type of system?

Answer 25

Expert system

Question 26

Debugging a program without executing or compiled is what kind of analysis?

Answer 26

Static analysis

Question 27

TRUE/FALSE - Object oriented databases are more dynamic than relational databases, and the objects contain the procedures within them.

Answer 27

TRUE

Question 28

In terms of AES, S-Boxes are used how during the encryption process?

Answer 28

Substitution

Question 29

A dumb terminal that broadcasts requests to find its network configurations and operating system when booting up is using what protocol?

Answer 29

Reverse Address Resolution Protocol (RRARP) - Enables devices with MAC to find their IP info

Question 30

Kennedy-Kassembaum act is also known as what?

Answer 30

HIPAA

Question 31

A system with disk shadowing does what?

Answer 31

Writes to two different disks simultaneously

Question 32

What is the difference between disk duplexing and disk shadowing?

Answer 32

Disk duplexing has two controllers, not disk shadowing

Question 33

What is the most important goal of disaster recovery?

Answer 33

Protect human life

Question 34

What type of law punishes individuals with financial restitution instead of with jail penalties?

Answer 34

A tort, or civil law

Question 35

Why was Rijandael chosen over El Gamal for AES in 1997?

Answer 35

Rijandael uses a symmetric block algorithm, while El Gamal uses assymetric

Question 36

What is a beaconing functionality in a token passing ring do?

Answer 36

Excludes a computer from a ring