Final
The use of key cards to control physical access to a work facility is a form of:
Both preventive and administrative control
Detective control
Both preventive and detective control
Preventive control
A security manager is concerned that lost key cards can be used by an intruder to gain entrance to a facility. What measure can be used to prevent this?
Implement PIN pads at card reader stations
Implement video surveillance at card reader stations
Implement man traps at card reader stations
Implement RFID sensors at card reader stations
Common biometric solutions that are suitable for building entrance control include:
Voice print and gait
Retina scan and hand print
. Voice print and DNA
Fingerprint and hand print
A building access mechanism where only one person at a time may pass is called a:
Entrance trap
Step trap
Mantrap
Passtrap
An organization needs to build a wall or fence to keep out the most determined intruders. What should the organization build?
An eight-foot high fence or wall
An eight-foot high fence or wall with three stands of barbed wire
A twelve-foot high fence or wall
A six-foot high fence or wall with one strand of barbed wire
What controls can be used in combination with fences and walls to detect intruders?
Video surveillance
Motion detectors
Video surveillance and motion detectors
Visible notices
An organization that wishes to conduct covert video surveillance should consider using:
Hidden video cameras
Pan/tilt/zoom cameras
Night vision cameras
Weather-proof cameras
Which of the following is NOT a deterrent control:
Monitors showing video surveillance
Guard dogs
Surveillance notices
Mantrap
What is the minimum amount of lighting required to illuminate critical areas?
6-foot-candles at a height of 12 feet
2-foot-candles at a height of 12 feet
4-foot-candles at a height of 8 feet
2-foot-candles at a height of 8 feet
A security manager wants to implement barriers that will block the passage of vehicles but freely allow foot traffic. The control that should be implemented is:
Turnstiles
Bollards
Crash gates
Low walls
A secure facility needs to control incoming vehicle traffic and be able to stop determined attacks. What control should be implemented:
Crash gate
Guard post
Turnstile
Bollards
A security-minded organization is relocating its business office into a shared-tenant building. How should the entrance of personnel be controlled?
One key card system that is jointly operated by all of the tenants
Separate key card systems that are operated by each tenant
Security guards to control who can enter the building
Video surveillance to monitor who enters the building
Which type of fire extinguisher is effective against flammable liquids:
Class C
Class K
Class A
Class B
The type of smoke detector that is designed to detect smoke before it is visible is:
Ionization
Optical
Ultraviolet
Radioactive
Provided it is permitted by local fire codes, which type of fire sprinkler system is most preferred for computer rooms?
Pre-action system
Deluge system
Wet pipe system
Foam water system
The advantage of a gaseous fire suppression system is:
It works by displacing oxygen in the room
It is hazardous to humans
It will not damage computing equipment
It is less expensive than sprinklers
The risks of excessive humidity in a computing facility include all of the following EXCEPT:
Static electricity
Corrosion
Condensation
Short circuits
Blackouts, brownouts, surges, and noise can all be remedied with:
Line conditioner
Power Distribution Unit (PDU)
Dual power supplies
UPS and electric generator
A computing facility experiences frequent brownouts but few, if any, blackouts. What should be implemented to mitigate this condition:
Line conditioner
Power Conditioning Unit (PDU)
Uninterruptible Power Supply (UPS)
Electric generator
The term “N+1” means:
The available electric power supply is at least double the current demand
Multiple components (N) have at least one (+1) independent backup component available
There is at least one (+1) backup HVAC unit in the event of failure or planned maintenance on another unit
Every server and network device utilizes a dual power supply
An organization is located in an area that experiences frequent power blackouts. What will the effect of an electric generator be in this circumstance?
The organization will have a continuous supply of electric power.
The organization will have to establish fuel supply contracts with at least two fuel suppliers.
Electric utility blackouts will result in short electric power outages for the organization.
An electric generator will be of no help in this situation.
Which of the following statements is TRUE about electric generators?
Generators require one-to-three minutes of startup time before they deliver electric power
Generators require an Uninterruptible Power Supply (UPS)
Generators require no startup time but deliver emergency electric power immediately on demand
Generators must be shut down to be refueled
The purpose of a fire extinguisher is:
The primary device used to fight accidental fires
The primary device to fight all fires until the fire department arrives
The primary device used to fight all fires
The primary device used to fight small fires
Controls to detect threats to equipment include:
Temperature sensors, humidity sensors, and water detectors
Temperature sensors, humidity sensors, and smoke detectors
Temperature sensors, humidity sensors, water detectors, gas detectors, and smoke detectors
Temperature sensors, humidity sensors, water detectors, and smoke detectors
The purpose of “secure siting” is:
To ensure that a site is reasonably free from natural hazards that could threaten ongoing business operations
To ensure that a site is reasonably free from hazards that could threaten ongoing business operations
To ensure that a site is free from all hazards that could threaten ongoing business operations
To ensure that a site is free from all man-made hazards that could threaten ongoing business operations
The owners of files and directories on a file server are able to control which personnel may access those files and directories. The access control model that most closely resembles this is:
Role-based access control (RBAC)
Mandatory access control (MAC)
Discretionary access control (DAC)
Multilevel access
A resource server contains an access control system. When a user requests access to an object, the system examines the permission settings for the object and the permission settings for the user, and then makes a decision whether the user may access the object. The access control model that most closely resembles this is:
Mandatory access control (MAC)
Discretionary access control (DAC)
Non-interference
Role based access control (RBAC)
A security manager is setting up resource permissions in an application. The security manager has discovered that he can establish objects that contain access permissions, and then assign individual users to those objects. The access control model that most closely resembles this is:
Access matrix
Mandatory access control (MAC)
Discretionary access control (DAC)
Role based access control (RBAC)
An information system has multiple levels of security implemented, for both resources as well as users. In this system, a user cannot access resources below his level, and a user cannot create resources above his level. The access control model that most closely resembles this is:
Access matrix
Clark-Wilson
Biba
Bell-LaPadula
A security analyst has a system evaluation criteria manual called the “Orange Book”. This is a part of:
Common Criteria
Trusted Computer Security Evaluation Criteria (TCSEC)
Information Technology Security Evaluation Criteria (ITSEC)
ISO 15408
The Common Criteria supersedes which evaluation frameworks:
Neither TCSEC nor ITSEC
ITSEC
TCSEC and ITSEC
TCSEC
The TCSEC system evaluation criteria is used to address:
Confidentiality of information
Preventive and detective controls
Penetration testing
Intrusion prevention systems
The TCSEC system evaluation criteria is used to evaluate systems of what type:
E-Commerce
Public utilities
Banking
Military
A security manager wishes to objectively measure the maturity of security processes in his organization. Which model should be used for this evaluation?
SSE-CMM
SEI-CMM
Common Criteria
TCSEC
What is the purpose of the Software Engineering Institute Capability Maturity Model Integration (SEI CMMI)?
Objective assessment of the integrity of an organization’s application programs
Objective assessment of an organization’s systems engineering processes
Objective assessment of an organization’s business processes
Subjective assessment of an organization’s systems engineering processes
A security officer has declared that a new information system must be certified before it can be used. This means:
The system must be evaluated according to established evaluation criteria
A formal management decision is required before the system can be used
Penetration tests must be performed against the system
A code review must be performed against the system
An application has been certified against established evaluation criteria. This means:
A code review has been performed
The application can now be used
Formal management approval is required before it can be used
The application is already being used
DoD Information Assurance Certification and Accreditation Process (DIACAP):
Has been superseded by the Common Criteria
Is the process by which all U.S. Federal information systems are certified and accredited
Has been superseded by DITSCAP (Department of Defense Information Technology Security Certification and Accreditation Process)
Is the process used to certify and accredit U.S. Military information systems
The component in a computer where program instructions are executed is called the:
CPU
Bus
Front-side bus
Firmware
The purpose of the CPU’s Program Counter is:
To keep track of which instruction in memory is currently being worked on
To keep track of the number of instruction cycles the CPU has consumed on an individual program
To keep track of the starting address of a program
To track the version of the CPU’s microcode
The purpose of a CPU fetch operation is:
To retrieve data from memory
To retrieve an instruction from memory
To retrieve data from the hard disk drive
To retrieve data from the program counter
The component in a computer used for long-term storage is called:
Secondary storage
Main storage
Virtual memory
File system
A source code review uncovered the existence of instructions that permit the user to bypass security controls. What was discovered in the code review?
Feature
Bot
Logic bomb
Back door
A security manager needs to be able to regularly determine when operating system files change. What kind of tool is needed for this task?
Event logging
Intrusion detection tool
File system integrity monitoring tool
Log analysis tool
A hidden means of communication between two systems has been discovered. This is known as:
Side channel
Covert channel
Steganography
Bot
Process management, resource management, access management, and event management are examples of:
Security processes
Functions of a database management system
Functions of an operating system
Types of operating systems
The innermost portion of an operating system is known as:
Kernel
Core
Ring 0
Process 0
A security manager wishes all new laptops purchased by his organization to include a security cryptoprocessor. What hardware should be required?
Floating point co-processor
Smart card reader
Fingerprint reader
Trusted Platform Module (TPM)
Where is firmware primarily stored on a computer system?
Trusted Platform Module
Read-only memory
Master boot record
File system
A computer running the Windows operating system has nearly exhausted available physical memory for active processes. In order to avoid exhausting all available memory, what should the operating system begin doing?
Swapping
Paging
Killing old processes
Running the garbage collector
A network engineer who is examining telecommunications circuits has found one that is labeled as a DS-1. What is the maximum throughput that may be expected from this circuit?
Approximately 7,000k chars/sec
Approximately 56k bits/sec
Approximately 170k chars/sec
Approximately 1,544M bits/sec
The size of packets in an ATM networks is:
53 bytes
1500 bytes
1544 bytes
Variable, from 64 to 1500 bytes
Digital subscriber line (DSL) service:
Utilizes existing cable service and communicates on a different frequency
Has been superseded by ISDN
Has been superseded by satellite communications
Utilizes existing telephone services and communicates on a different frequency
An IT manager wishes to connect several branch offices to the headquarters office for voice and data communications. What packet switched service should the IT manager consider?
ATM
DSL
MPLS
Frame Relay
A building facilities manager is overseeing the construction of a new office building for the organization. What type of cabling should be used for voice and data communication:
10BASE2 thinnet
Category 6 twisted pair
Category 5e twisted pair
10BASE5 thicknet
Which of the following statements about Ethernet MAC addresses is TRUE:
The MAC address is assigned using the DHCP protocol
The first 3 bits designates the manufacturer of the device
The first 3 bytes designates the manufacturer of the device
The last 3 bytes designates the manufacturer of the device
A systems engineer is designing a system that consists of a central computer and attached peripherals. For fastest throughput, which of the following technologies should be used for communication with peripheral devices:
USB 2.0
Firewire 400
USB 1.1
IDE
An Ethernet network that consists of a central Ethernet switch with cabling running to each station is best described as a:
Logical and physical star
Logical ring and physical star
Logical star and physical bus
Logical bus and physical star
The practical range for Bluetooth is:
100m
300m
30m
10m
Please do not touch Steve’s pet alligator” is:
A memory aid for the names of the service types in a TCP/IP network
A memory aid for the names of the layers in the OSI network model
A memory aid for the names of the layers in the TCP/IP network model
A memory aid for the names of the address types in an Ethernet network
An organization is about to occupy an existing office building. The network manager has examined all of the network cabling and has observed that most of it has been labeled “Category 3”. What is the fastest network technology that can be used on this cabling?
10Mbit/s Ethernet
100Mbit/s Ethernet
1000Mbit/s Ethernet
10Gbit/s Ethernet
All of the following statements about the OSI network model are true EXCEPT:
No commercial network product that contains all of the components of the OSI model have ever been built
The OSI network model uses encapsulation to build communication packets
TCP/IP is an implementation of the OSI network model
The OSI network model is a model of a network protocol stack
Examples of TCP/IP link layer technologies include:
FTP, TELNET, DNS, HTTP, SMTP
IP, IPsec
TCP, UDP, ICMP
Ethernet, ATM, Frame Relay, Wi-Fi
. On a TCP/IP network, a station’s IP address is 10.0.25.200, the subnet mask is 255.255.252.0, and the default gateway is 10.0.25.1. How will the station send a packet to another station whose IP address is 10.0.24.10?
It will send the packet directly to the station
It will send the packet to the default gateway at 10.0.25.1
It will send a Proxy ARP packet to find the IP address of another default gateway
It cannot send a packet to the station
How many Class C networks can be created in a Class B network:
254
1,024
16,535
16,534
The layers in the OSI model are:
Link, internet transport, session, application
Link, internet, transport, application
Physical, data link, network, transport, session, presentation, application
Physical, network transport, session, application
A computer has just been rebooted. An application program has started, and the application program needs to send an FTP packet to a server at IP address 10.14.250.200. What is the first packet that the computer will send on the network to accomplish this:
ARP
Whois
FTP
Rlogin
Two computers are communicating on a wide area network over a UDP port. One computer is sending the contents of a large file to the other computer. Network congestion has caused some packets to be delayed. What will the TCP/IP network drivers do about the packet delay?
The receiving computer will request that the file transfer be restarted
The network drivers will assemble the packets into the proper order
The receiving computer will request the sending computer to retransmit the delayed packets
Nothing
A station on a network is sending hundreds of SYN packets to a destination computer. What is the sending computer doing?
Sending the contents of a large file to the destination computer
Attempting to establish a TCP connection with the destination computer
Attacking the destination computer with a SYN flood
Transmitting streaming audio or video to the destination computer
The purpose of the NTP protocol is:
Transfer the contents of a file
Synchronization of computer clocks to a reference clock
A signaling protocol used for Voice over IP
Share file systems over a network
. A systems engineer has discovered that a web server supports only 56- bit SSL connections. What can the systems engineer deduce from this?
Web communications with this server are highly secure
The server does not support remote administration
Web communications with this server are not secure
The server is running the Windows operating system
A network manager wishes to simplify management of all of the network devices in the organization through centralized authentication. Which of the following available authentication protocols should the network manager choose:
RADIUS
TACACS
OSPF
IPsec
A stateful packet filtering firewall protects a web server. Which of the following is true:
The firewall will authenticate all users to the web server
The firewall will detect but not block application level attacks
The firewall will block application level attacks
The firewall will not block application level attacks
Someone is sending ICMP echo requests to a network’s broadcast address. What is this person doing?
Pinging the default gateway
Pinging the router
Conducting a Ping of Death attack
Conducting a Smurf attack
All of the following statements about the TCP protocol are true EXCEPT:
Correct order of delivery is guaranteed
Connectionless
Connection oriented
Missing packets will be retransmitted
{"name":"Final", "url":"https://www.quiz-maker.com/QPREVIEW","txt":"The use of key cards to control physical access to a work facility is a form of:, A security manager is concerned that lost key cards can be used by an intruder to gain entrance to a facility. What measure can be used to prevent this?","img":"https://www.quiz-maker.com/3012/images/ogquiz.png"}