CMCS 11343 | Course Paper

Unlock access to all the studying documents.

View Full Document

Management should conduct a ________ to identify those controls that are most

appropriate and provide the greatest benefit to the organization given the available

resources.

A. cost analysis

B. cost-benefit analysis

C. benefit analysis

D. none of the above

Issued as RFC 2104, __________ has been chosen as the mandatory-to-implement

MAC for IP Security.

A. RSA

B. SHA-3

C. DSS

D. HMAC

The _________ is logic embedded into the software of the system that monitors system

activity and detects security-related events that it has been configured to detect.

A. event discriminator

B. audit analyzer

C. archive

D. alarm processor

The _________ prevents or inhibits the normal use or management of communications

facilities.

A. passive attack

B. denial of service

C. traffic encryption

D. masquerade

_______ is a minimal set of conventions for invoking code using XML over HTTP that

enables applications to request services from one another with XML-based requests and

receive responses as data formatted with XML.

A. SOAP

B. SAML

C. HTML

D. WS-Security

The __________ uses an algorithm that is designed to provide only the digital signature

function and cannot be used for encryption or key exchange.

A. ECC

B. RSA

C. DSS

D. XOR

The _________ level focuses on developing the ability and vision to perform complex,

multidisciplinary activities and the skills needed to further the IT security profession

and to keep pace with threat and technology changes.

A. security basics and literacy

B. roles and responsibilities relative to IT systems

C. education and experience

D. security awareness

An example of a circuit-level gateway implementation is the __________ package.

A. application-level

B. SOCKS

C. SMTP

D. stateful inspection

The rule _______ tells Snort what to do when it finds a packet that matches the rule

criteria.

A. protocol

B. direction

C. action

D. destination port

A multilevel secure system for confidentiality must enforce:

A. no read up

B. ss-property

C. no write down

D. all of the above

The __________ used a buffer overflow exploit in “fingerd” as one of its

attack mechanisms.

A. Code Red Worm

B. Sasser Worm

C. Morris Internet Worm

D. Slammer Worm

A _______ is a generic term used to denote any method for storing certificates and

CRLs so that they can be retrieved by end entities.

A. RA

B. registration

C. repository

D. CA

__________ is based on the roles the users assume in a system rather than the user’s

identity.

A. DAC

B. RBAC

C. MAC

D. URAC

The needs and policy relating to backup and archive should be determined ______.

A. as a final step

B. during the system planning stage

C. during security testing

D. after recording average data flow volume

In a generic identity management architecture _______ are entities that obtain and

employ data maintained and provided by identity and attribute providers, often to

support authorization decisions and to collect audit information.

Authentication protocols used with smart tokens can be classified into three categories:

static, dynamic password generator, and ___________.

SHA is perhaps the most widely used family of hash functions.

The three types of attributes in the ABAC model are subject attributes, object attributes,

and _________ attributes.

Human-caused threats can be grouped into the following categories: unauthorized

physical access, theft, _________ and misuse.

Contingency planning is a functional area that primarily requires computer security

technical measures.

Contingency planning falls into the _________ class of security controls.

Tornados, tropical cyclones, earthquakes, blizzards, lightning, and floods are all types

of ________ disasters.

One asset may have multiple threats and a single threat may target multiple assets.

A(n) _________ is anything that has value to the organization.

A full-service Kerberos environment consisting of a Kerberos server that has the user

ID and password of all participating users in its database and shares a secret key with

each server, all users and servers being registered with the Kerberos server, is referred

to as a Kerberos ______.

The firewall follows the classic military doctrine of _________ because it provides an

additional layer of defense.

The invasion of the rights secured by patents, copyrights, and trademarks is ________.

There are three key elements to an ABAC model: attributes which are defined for

entities in a configuration; a policy model, which defines the ABAC policies; and the

__________ model, which applies to policies that enforce access control.

Programmers use backdoors to debug and test programs.

The simplest approach to multiple block encryption is known as __________ mode, in

which plaintext is handled b bits at a time and each block of plaintext is encrypted using

the same key.

NIST has published FIPS PUB 186, which is known as the ___________.

The principles that should be followed for personnel security are: limited reliance on

key employees, separation of duties, and _______.