security policies II

Question 1

___ is documentation that details the security requirements that are specific to certain customer needs

Answer 1

Protection Profile (PP)

Question 2

the four mode used in protection profile are

Answer 2

dedicated security
system high
compartmentalized
multilevel secure

Question 3

_____ mode requires all users to have formal, need-to-know clearance to access information which exists within a system

Answer 3

dedicated security

Question 4

____ mode requires that the system and peripheral are classified and protected to the level of classification assigned to the most highly classified object which resides on the system

Answer 4

system high

Question 5

____ mode requires users to meet certain security criteria and have a predetermined access level and a valid need to know some portion of the information on the system.

Answer 5

compartmentalized

Question 6

__________ is the only mode that allows for multiple levels of classified data to reside within the same system.

Answer 6

Multilevel Secure

Question 7

________ are descriptions of the measures taken during development and evaluation of the product to assure compliance with the claimed security functionality.

Answer 7

security assurance requirements (SAR)

Question 8

_________ is the organization that accredits testing laboratories.

Answer 8

designated approval authority (DAA)

Question 9

________ is the numerical rating describing the depth and rigor of an evaluation.

Answer 9

•Evaluation Assurance Level (EAL) is

Question 10

____ is a product that was not tested or did not meet the evaluation criteria for any other level

Answer 10

EAL 0

Question 11

_______ focuses on security during the design and development of the product, and requires examination of the low-level design of specific modules

Answer 11

EAL 4

Question 12

__________ requires independently-verified white box testing and careful design that minimizes complexity.

Answer 12

EAL 7

Question 13

________ deploys rigorous engineering practices with some specialized security practices during the development

Answer 13

EAL 5

Question 14

________ requires an independent examination of the development process and product to ensure that it was designed and produced using sound development practices

Answer 14

EAL 3

Question 15

______ evaluates the product against its own documentation and typically does not require cooperation from the product developer.

Answer 15

EAL 1

Question 16

_______ requires some cooperation from the developer for assurance testing

Answer 16

EAL 2

Question 17

_______ ensures that the system meets all the security and performance requirements specified for the system

Answer 17

acceptance

Question 18

________ is the technical evaluation of security mechanisms in a system and their conformance to the desired security standard.

Answer 18

certification

Question 19

_______ is management’s acceptance of the product’s overall security certification as tested by the third party testing entity.

Answer 19

accreditation

Question 20

________ describes the use of evidence in several stages, including collection, use in court, and eventual return to the owner

Answer 20

evidence life cycle

Question 21

To ensure that evidence is admissible in court, you must be able to provide

Answer 21

chain of custody

Question 22

_____ evidence includes original, authentic objects.

Answer 22

best

Question 23

_______ evidence is information that supports another fact or detail.

Answer 23

corroborative

Question 24

_________ evidence is obtained from a source other than personal, firsthand knowledge

Answer 24

hearsay

Question 25

in this stage, the evidence is properly marked as evidence at the time it is found

Answer 25

collection and identification

Question 26

in this stage, evidence should be only analyzed by trained specialists

Answer 26

preservation and analysis

Question 27

in this stage, the utmost care must be taken to store and preserve evidence

Answer 27

storage

Question 28

in this stage, evidence needs to be protected during all stages of transportation.

Answer 28

transportation and processing

Question 29

in this stage, all evidence needs to have been submitted to the court and deemed admissible before it is presented during trial.

Answer 29

presentation in court

Question 30

in this stage, all evidence should be returned to the original owner after the case is completely settled, with exclusion of some types of evidence, such as drugs or drug paraphernalia

Answer 30

return to owner