CDA 23054 | Course Paper

Unlock access to all the studying documents.

View Full Document

To structure the need for assurance the CC defines a scale for rating assurance

consisting of _____ evaluation assurance levels ranging from the least rigor and scope

for assurance evidence to the most.

__________ code refers to programs that can be shipped unchanged to a heterogeneous

collection of platforms and execute with identical semantics.

In most data-link control protocols, the data-link protocol entity is responsible not only

for detecting errors using the CRC, but for

recovering from those errors by retransmitting damaged frames.

In a biometric scheme some physical characteristic of the individual is mapped into a

digital representation.

The three operating system security layers are: physical hardware, operating system

kernel, and _________.

A __________ is a separate file from the user IDs where hashed passwords are kept.

_________ security, also called infrastructure security, protects the information systems

that contain data and the people who use, operate, and maintain the systems.

As part of their contractual obligation, employees should agree and sign the terms and

conditions of their employment contract, which should state their and the organization’s

responsibilities for information security.

The security administrator must define the set of events that are subject to audit.

The technique for developing an effective and efficient proactive password checker

based on rejecting words on a list is based on the use of a __________ filter.

Objects that a user possesses for the purpose of user authentication are called ______

________ is a security enhancement to the MIME Internet e-mail format standard,

based on technology from RSA Data Security.

In the ________ attack the user supplied input is used to construct a SQL request to

retrieve information from a database.

IT security needs to be a key part of an organization’s overall management plan.

Controls may vary in size and complexity in relation to the organization employing

them.

Because the responsibility for IT security is shared across the organization, there is a

risk of inconsistent implementation of security and a loss of central monitoring and

control.