Quiz1_Answers Flashcards
- A subject can identify itself by providing (check all that apply) …
a. A username
b. A process id
c. A password
d. A biometric factor
a. A username
b. A process id
d. A biometric factor
- In mandatory access control, access is granted or denied based on
a. The discretion of the object’s owner
b. The subject’s clearance
c. The subject’s identity
b. The subject’s clearance
- At which layer of the OSI protocol stack does the Internet Protocol (IP) operate?
a. Transport Layer
b. Network Layer
c. Data Link Layer
d. Session Layer
e. Application Layer
b. Network Layer
- Which one of the following statements about a network-based IDS is false?
a. Is installed on dedicated hardware
b. Monitors a single network host
c. Can operate in stealth mode
d. May not work well on switched networks
e. Has little negative impact on overall network performance
b. Monitors a single network host
- The accounting branch of a large organization requires an application to process expense vouchers. Each voucher must be input by one a of the many accounting clerks, verified by the clerk’s applicable supervisor, then reconciled by an auditor before the reimbursement check is produced. What access control techniques should be built into the application to meet the information protection needs?
a. Mandatory Access Control
b. Password Security
c. Role Based Access Control
d. Terminated Access Controller Access System
c. Role Based Access Control
- To which form of access control is a rule-based control access mechanism usually related?
a. Discretionary Access Control
b. Non-Discretionary Access Control
c. Token Based Access Control
d. Subject Dependent Access Control
b. Non-Discretionary Access Control
- A major disadvantage of SSO is:
a. Consistent time out enforcement across platforms
b. A compromised password exposes all authorized applications
c. Use of multiple passwords is hard to remember
d. Password change control
b. A compromised password exposes all authorized applications
You are troubleshooting some anomalies with network communication on your network. You notice that some communication isn’t taking the expected or most efficient route to the destination. Which layer of the OSI model you should troubleshoot?2
a. Layer 1
b. Layer 2
c. Layer 3
d. Layer 4
e. Layer 5
c. Layer 3
You are performing a security audit for a customer. During the audit, you find several instances of users gaining access to data without going through a formal access approval process. As part of the remediation, you recommend establishing a formal access approval process. Which role should you list to approve policies that dictate which users can gain access to data?
a. Data Creator
b. Data Processor
c. Data Owner
d. Data Custodian
e. System Owner
c. Data Owner
- You are a security consultant. A large enterprise customer hires you to ensure that their security operations are following industry standard control frameworks. For this project, the customer wants you to focus on technology solutions that will discourage malicious activities. Which type of control framework should you focus on?
a. Preventive
b. Deterrent
c. Detective
d. Assessment
e. Corrective
b. Deterrent
- You are implementing a multi-factor authentication solution. As part of the design, you are capturing the three authentication factors. What are they?3
a. Something you make
b. Something you know
c. Something you have
d. Something you need
e. Something you are
f. Something you do
b. Something you know
c. Something you have
e. Something you are
- Segments are packaged into frames at which layer of the OSI model?2
a. Layer 1
b. Layer 2
c. Layer 3
d. Layer 4
e. Layer 5
c. Layer 3 (Network)
Responsible for adding routing and addressing information to the data
Accepts segments from the Transport layer and adds information to it to create a packet
The packet includes the source and destination IP addresses
13. Which of the following operate at the application layer?2 A . MIDI B . IMAP C . SMTP D . TFTP E . JPEG
B . IMAP
C . SMTP
D . TFTP
- Which of the following are transport layer protocols?2 a. TCP and UDP
b. IP
c. FTAM
d. IP and TFTP
e. TFTP
a. TCP and UDP
- Flow control takes place at which layer?2
a. Physical
b. Transport
c. Network
d. MAC sublayer of the data link layer
e. Session
b. Transport Layer 4
Establishes a logical connection between two devices and provides end-to-end transport services to ensure data delivery
Accepts PDUs from the Session layer and converts them into segments
Includes mechanisms for segmentation, sequencing, error checking, controlling the flow of data, error correction