Archives: Quiz
ACT 52745
Creditors’ claims against assets are called liabilities. Using the balance sheet approach, the balance in Allowance for Doubtful Accounts is not taken into consideration when finding the adjustment. Answer: FALSE Bonds discount and bonds premium are expenses to the corporation. […]
ACT 74403
The Manufacturing Overhead-Control account is used to apply overhead costs to production. The Income Summary account can be found on the worksheet. Answer: FALSE Stockholders do not have to pay federal income tax on their stock dividends. Answer: FALSE The […]
SMG AC 14430
Regular earnings include hours of overtime worked during the weekend. Merchandise Inventory is an asset account. Answer: TRUE To find the percent of increase or decrease of an item in a comparative balance sheet you use the formula: % change […]
AC 81428
Department contribution margin equals gross profit on sales minus direct departmental expenses. A deposit ticket usually combines checks deposited with coin and currency deposited. Answer: TRUE On the worksheet, the Beginning Inventory account is found in the debit column of […]
ACT 70606
The check register replaces the voucher journal. Gross pay is the amount that the employee takes home. Answer: FALSE The financial loss that each stockholder in a corporation can incur is unlimited. Answer: FALSE The Uniform Partnership Act defines a […]
ACC 81210
Bonds are short-term interest-bearing notes issued to multiple lenders, usually in increments of $1,000. Form 941 taxes include OASDI, Medicare, and federal unemployment tax. Answer: FALSE Depreciation Expense is reported on the statement of cash flows only when using the […]
ACT 76970
Individual amounts are recorded during the month to the accounts payable ledger. When an employee’s earnings are greater than FICA base limit during the calendar year, no more FICA-OASDI tax is deducted from earnings. Answer: TRUE Purchase discounts are given […]
ACT 55192
Departmental income statements would be a useful to tool for management to determine the viability of a department. The left and right columns on the financial statements are used for debits and credits. Answer: FALSE The Petty Cash account should […]
CMCS 98130
Unlike RSA, DSS cannot be used for encryption or key exchange. An intruder transmitting packets from the outside with a source IP address field containing an address of an internal host is known as IP address _________. Answer: spoofing __________ […]
COP 59371
The advantages of the _________ risk assessment approach are that it provides the most detailed examination of the security risks of an organization’s IT system and produces strong justification for expenditure on the controls proposed. A _________ value is named […]
CS 66717
The process of transforming input data that involves replacing alternate, equivalent encodings by one common value is called _________. ______ virtualization systems are typically seen in servers, with the goal of improving the execution efficiency of the hardware. Answer: Native […]
MPCS 18984
_________ is a specification for cryptographically signing e-mail messages, permitting a signing domain to claim responsibility for a message in the mail stream. Software is an example of real property. Answer: F An important aspect of a distributed firewall configuration […]
CMCS 20536
________ audit trail traces the activity of individual users over time and can be used to hold a user accountable for his or her actions. __________ access control controls access based on the identity of the requestor and on access […]
MPCS 87471
A __________ attack exploits the characteristics of the algorithm to attempt to deduce a specific plaintext or to deduce the key being used. A(n) _________ may be granted to anyone who invents or discovers any new and useful process, machine, […]
CMCS 61279
Depending on the application, user authentication on a biometric system involves either verification or identification. Security implementation involves four complementary courses of action: prevention, detection, response, and _________. Answer: recovery The __________ is a pair of keys that have been […]
COMP 11822
A __________ is when a user views a Web page controlled by the attacker that contains a code that exploits the browser bug and downloads and installs malware on the system without the user’s knowledge or consent. The MAC service […]
CDA 37254
The 802.11i RSN security specification defines the following services: authentication, privacy with message integrity, and ________. The _________ model is aimed at commercial rather than military applications and closely models real commercial operations. Answer: Clark-Wilson (CWM) Update is not required […]
CDA 47705
Incident response is part of the ________ class of security controls. _________ is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management […]
COP 71128
The __________ approach to risk assessment aims to implement a basic general level of security controls on systems using baseline documents, codes of practice, and industry best practice. A(n) _________ is a weakness in an asset or group of assets […]
MPCS 32615
Noise along a power supply line, motors, fans, heavy equipment, microwave relay antennas, and other computers are all sources of _________. The __________ user ID is exempt from the usual file access control constraints and has system wide access. Answer: […]
CDA 23054
To structure the need for assurance the CC defines a scale for rating assurance consisting of _____ evaluation assurance levels ranging from the least rigor and scope for assurance evidence to the most. __________ code refers to programs that can […]
MPCS 92571
Stream ciphers are far more common than block ciphers. A good technique for choosing a password is to use the first letter of each word of a phrase. Answer: T The three most important symmetric block ciphers are: 3DES, AES, […]
CAS CS 43265
_______ is an XML-based language for the exchange of security information between online business partners. The countermeasure to tiny fragment attacks is to discard packets with an inside source address if the packet arrives on an external interface. Answer: F […]
COP 63080
__________ is a standardized language that can be used to define schema, manipulate, and query data in a relational database. Gaps, or __________ , are flagged in the MMU as illegal addresses, and any attempt to access them results in […]
MPCS 99590
A servicemark is the same as a trademark except that it identifies and distinguishes the source of a service rather than a product. Operational controls range from simple to complex measures that work together to secure critical and sensitive data, […]
CDA 25036
The ciphertext-only attack is the easiest to defend against. “Smashing the Stack for Fun and Profit” was a step by step introduction to exploiting stack-based buffer overflow vulnerabilities that was published in Phrack magazine by _________ . Answer: Aleph One […]
CDA 91281
The education and experience learning level provides the foundation for subsequent training by providing a universal baseline of key security terms and concepts. A __________ firewall controls the traffic between a personal computer or workstation on one side and the […]
CICS 92690
An ABAC model can define authorizations that express conditions on properties of both the resource and the subject. Threats are attacks carried out. Answer: F Public-key algorithms are based on simple operations on bit patterns. Answer: F The SSL record […]
CAS CS 54664
Security flaws occur as a consequence of sufficient checking and validation of data and error codes in programs. A message authentication code is a small block of data generated by a secret key and appended to a message. Answer: T […]
CDA 42348
______ is UNIX’s general-purpose logging mechanism found on all UNIX variants and Linux. __________ defenses aim to detect and abort attacks in existing programs. Answer: Run-time If an organization is dependent on network services it should consider mirroring and ________ […]
CAPP 86329
__________ programming is a form of design intended to ensure the continuing function of a piece of software in spite of unforeseeable usage of the software. A __________ authentication system attempts to authenticate an individual based on his or her […]
CMCS 11343
Management should conduct a ________ to identify those controls that are most appropriate and provide the greatest benefit to the organization given the available resources. A. cost analysis B. cost-benefit analysis C. benefit analysis D. none of the above Issued […]
COSC 25904
__________ controls access based on comparing security labels with security clearances. A. MAC B. DAC C. RBAC D. MBAC The wireless environment lends itself to a ______ attack because it is so easy for the attacker to direct multiple wireless […]
CS 18914
________ can include computer viruses, Trojan horse programs, worms, exploit scripts, and toolkits. A. Artifacts B. Vulnerabilities C. CSIRT D. Constituencies A __________ is directed at the user file at the host where passwords, token passcodes, or biometric templates are […]
COMP 90508
A __________ is any action that compromises the security of information owned by an organization. A. security mechanism B. security policy C. security attack D. security service _______ is a form of crime that targets a computer system to acquire […]
COMP 60668
_________ is the original message or data that is fed into the algorithm as input. A. Plaintext B. Encryption algorithm C. Decryption algorithm D. Ciphertext _________ is a program flaw that occurs when program input data can accidentally or deliberately […]
CAS CS 68727
A ______ is a word, name, symbol, or device that is used in trade with goods to indicate the source of the goods and to distinguish them from the goods of others. A. copyright B. patent C. trademark D. all […]
CS 71077
A ______ triggers a bug in the system’s network handling software causing it to crash and the system can no longer communicate over the network until this software is reloaded. A. echo B. reflection C. poison packet D. flash flood […]
CS 70070
For general-purpose block-oriented transmission you would typically use _______ mode. A. CBC B. CTR C. CFB D. OFB A(n) _________ is an attempt to learn or make use of information from the system that does not affect system resources. A. […]
CAS CS 27076
___________ was the first published public-key algorithm. A. NIST B. Diffie-Hellman C. RC4 D. RSA The Common Criteria for Information Technology and Security Evaluation are ISO standards for specifying security requirements and defining evaluation criteria. Answer: T _________ attacks have […]
CS 92601
Many security administrators view strong security as an impediment to efficient and user-friendly operation of an information system. The source of the attack is explicitly identified in the classic ping flood attack. Answer: T Many forms of infection can be […]
COP 30872
It is not possible to spread a virus via an USB stick. Depending on the details of the overall authentication system, the registration authority issues some sort of electronic credential to the subscriber. Answer: F A DoS attack targeting application […]
COMPSCI 61619
Most large software systems do not have security weaknesses. A very common configuration fault seen with Web and file transfer servers is for all the files supplied by the service to be owned by the same “user” account that the […]
SESP 43908
An offender who has served a portion of a prison sentence may be freed on ________. a. probation b. bail c. correction d. parole Law enforcement agencies do NOT submit regular reports to the FBI on which crime? a. rape […]
CRIM 39405
Semipermanent assignment of officers to particular neighborhoods is called ________. a. intensive policing b. partner policing c. block policing d. team policing The juvenile system is more likely to maximize the use of discretion and ________ than the adult system. […]
CCJ 99699
Which of the following is NOT a right under the Crime Victims’ Rights Act to the victims of federal crimes? a. The right to be reasonably protected from the accused. b. The right to proceedings free from unreasonable delay. c. […]
CRIM 97977
What is the primary purpose of any criminal trial? a. cooperation and communication with the police b. recognition of informal rules of civility c. determination of the defendant’s guilt or innocence d. instruction to meet the needs of trial judges […]
MET UA 78627
Which of the following refers to improper or illegal inducement to crime by enforcement agents? a. police fraud b. entrapment c. collateral estoppel d. prosecutorial misconduct Criminal justice refers to the aspects of ________ ________ that concern violations of criminal […]
SED LR 67124
The legal principle that ensures that previous judicial decisions are authoritatively considered and incorporated into future cases is called ________. a. ex post facto b. jurisprudence c. precedent d. justification Which of the following refers to the act of taking […]
CCJ 24635
Which federal agency is responsible for managing the database of DNA profiles of offenders? a. Drug Enforcement Administration b. U.S. Secret Service c. U.S. Customs d. Federal Bureau of Investigation Which of the following is a civil suit brought against […]