Quiz 9 Flashcards
A compiled code test is used to ensure that the projected application meets all specifications at that point T/F
False
The testing stage is a “quality assurance” test to verify that the code functions as intended. T/F
False
The BIOS was software that was integrated into the computer’s motherboard. T/F
False
When securing a laptop, it can be placed in an office or a desk drawer. T/F
False
An automated patch update service is used to manage patches within the enterprise instead of relying on the vendor’s online updates. T/F
True
An access log is a record or list of individuals who have permission to enter a secure area, along with the time they entered and the time they left the area. T/F
True
Tightening security during the design and coding of an OS is called “locking.” T/F
False
Static program analyzers are tools that examine the software without actually executing the program; instead, the source code is reviewed and analyzed. T/F
True
One tool for change management is version control software that allows changes to be automatically recorded and if necessary “rolled back” to a previous version of the software. T/F
True
In the production stage the application is released to be used in its actual setting. T/F
True
Which application development life-cycle model uses a sequential design process?
A) agile
B) linear
C) waterfall
D) serial
C) waterfall
An independently rotating large cup affixed to the top of a fence prevents the hands of intruders from gripping the top of a fence to climb over it. What is the name for this technology?
A) bollard
B) fence
C) roller barrier
D) top hat
C) roller barrier
What specific software can examine a computer for any infections as well as monitor computer activity and scan new documents that might contain a virus?
A) anti-malware
B) antivirus
C) security applications
D) firewall
B) antivirus
Which AV approach uses a variety of techniques to spot the characteristics of a virus instead of attempting to make matches?
A) heuristic monitoring
B) pattern detection
C) hybrid monitoring
D) combination detection
A) heuristic monitoring
Anti-virus products typically utilize what type of virus scanning analysis?
A) Static analysis
B) Wildcard scanning analysis
C) Heuristic detection analysis
D) String scanning analysis
A) Static analysis
Most portable devices, and some computer monitors have a special steel bracket security slot built into the case, which can be used in conjunction with a:
A) U-lock
B) safe lock
C) shield lock
D) cable lock
D) cable lock
A spiked collar that extends horizontally for up to 3 feet from the pole is an example of what kind of technology?
Anti-climb
A Wi-Fi enabled microSD card is an example of what type of device?
SDIO
How can an area be made secure from a non-secured area via two interlocking doors to a small room?
Using a lockout
Using a mantrap
Using a closet
Using a pit
Using a mantrap
In Microsoft Windows, what type of templates are a collection of security configuration settings?
security
What type of storage is used on mobile devices?
volatile memory
ROM
RAM
flash memory
flash memory
What security concept states a user should only be given the minimum set of permissions required to perform necessary tasks?
least functionality
whitelisting
blacklisting
function limiting
least functionality
What monitors emails for spam and other unwanted content to prevent these messages from being delivered?
mail gateway
firewall
router gateway
code emulation
mail gateway
What type of OS manages hardware and software on a client computer?
network OS
client OS
workstation OS
appliance OS
workstation OS
What type of video surveillance is typically used by banks, casinos, airports, and military installations, and commonly employs guards who actively monitor the surveillance?
A) CCTV
B) ICTV
C) IPTV
D) ITV
A) CCTV
What is the name for a cumulative package of all patches and hot-fixes as well as additional features up to a given point?
A) feature pack
B) roll-up
C) service pack
D) patch
C) service pack
What software methodology includes security automation?
A) DevOps
B) Secure DevOps
C) Agile
D) Secure Agile
B) Secure DevOps
Which of the following are considered to be part of a typical OS security configuration?
(Choose all that apply.)
Disabling unnecessary ports and services
Employing least functionality
Password auditing
Disabling default accounts/passwords
Disabling unnecessary ports and services
Employing least functionality
What U.S. government classified standard is intended to prevent attackers from picking up electromagnetic fields from government buildings?
TEMPEST
Which of the following are application development stages? (Choose all that apply.)
staging
testing
What type of tools are involved in effective patch management? (Choose all that apply.)
patch reception
patch redistribution