Unlock document.
This document is partially blurred.
Unlock all pages and 1 million more documents.
Get Access
Management should conduct a ________ to identify those controls that are most
appropriate and provide the greatest benefit to the organization given the available
resources.
A. cost analysis
B. cost-benefit analysis
C. benefit analysis
D. none of the above
Issued as RFC 2104, __________ has been chosen as the mandatory-to-implement
MAC for IP Security.
A. RSA
B. SHA-3
C. DSS
D. HMAC
The _________ is logic embedded into the software of the system that monitors system
activity and detects security-related events that it has been configured to detect.
A. event discriminator
B. audit analyzer
C. archive
D. alarm processor
The _________ prevents or inhibits the normal use or management of communications
facilities.
A. passive attack
B. denial of service
C. traffic encryption
D. masquerade
_______ is a minimal set of conventions for invoking code using XML over HTTP that
enables applications to request services from one another with XML-based requests and
receive responses as data formatted with XML.
A. SOAP
B. SAML
C. HTML
D. WS-Security
The __________ uses an algorithm that is designed to provide only the digital signature
function and cannot be used for encryption or key exchange.
A. ECC
B. RSA
C. DSS
D. XOR
The _________ level focuses on developing the ability and vision to perform complex,
multidisciplinary activities and the skills needed to further the IT security profession
and to keep pace with threat and technology changes.
A. security basics and literacy
B. roles and responsibilities relative to IT systems
C. education and experience
D. security awareness
An example of a circuit-level gateway implementation is the __________ package.
A. application-level
B. SOCKS
C. SMTP
D. stateful inspection
The rule _______ tells Snort what to do when it finds a packet that matches the rule
criteria.
A. protocol
B. direction
C. action
D. destination port
A multilevel secure system for confidentiality must enforce:
A. no read up
B. ss-property
C. no write down
D. all of the above
The __________ used a buffer overflow exploit in "fingerd" as one of its
attack mechanisms.
A. Code Red Worm
B. Sasser Worm
C. Morris Internet Worm
D. Slammer Worm
A _______ is a generic term used to denote any method for storing certificates and
CRLs so that they can be retrieved by end entities.
A. RA
B. registration
C. repository
D. CA
__________ is based on the roles the users assume in a system rather than the user's
identity.
A. DAC
B. RBAC
C. MAC
D. URAC
The needs and policy relating to backup and archive should be determined ______.
A. as a final step
B. during the system planning stage
C. during security testing
D. after recording average data flow volume
In a generic identity management architecture _______ are entities that obtain and
employ data maintained and provided by identity and attribute providers, often to
support authorization decisions and to collect audit information.
Authentication protocols used with smart tokens can be classified into three categories:
static, dynamic password generator, and ___________.
SHA is perhaps the most widely used family of hash functions.
The three types of attributes in the ABAC model are subject attributes, object attributes,
and _________ attributes.
Human-caused threats can be grouped into the following categories: unauthorized
physical access, theft, _________ and misuse.
Contingency planning is a functional area that primarily requires computer security
technical measures.
Contingency planning falls into the _________ class of security controls.
Tornados, tropical cyclones, earthquakes, blizzards, lightning, and floods are all types
of ________ disasters.
One asset may have multiple threats and a single threat may target multiple assets.
A(n) _________ is anything that has value to the organization.
A full-service Kerberos environment consisting of a Kerberos server that has the user
ID and password of all participating users in its database and shares a secret key with
each server, all users and servers being registered with the Kerberos server, is referred
to as a Kerberos ______.
The firewall follows the classic military doctrine of _________ because it provides an
additional layer of defense.
The invasion of the rights secured by patents, copyrights, and trademarks is ________.
There are three key elements to an ABAC model: attributes which are defined for
entities in a configuration; a policy model, which defines the ABAC policies; and the
__________ model, which applies to policies that enforce access control.
Programmers use backdoors to debug and test programs.
The simplest approach to multiple block encryption is known as __________ mode, in
which plaintext is handled b bits at a time and each block of plaintext is encrypted using
the same key.
NIST has published FIPS PUB 186, which is known as the ___________.
The principles that should be followed for personnel security are: limited reliance on
key employees, separation of duties, and _______.
