Give us your feedback!
Question:
Which access control requires sensitivity labels on all subjects and objects?
Response:
Discretionary access control
Mandatory access control
Access List Control
Role-based access control
Manager set control
Which of the following is immediately above the Transport Layer in the OSI model:
Presentation
Datalink
Network
Session
Clark-Wilson focuses primarily on:
Authentication
Address Integrity
Confidentialty
Availability
Accessibility
Which of the following extinguishing methods is best for a computer or electrical fire?
CO2
Soda Acid
Water
ESD Blanket
Work factor is defined as:
the amount of effort/time required to maintain an established security plan once it has been implemented
the amount of effort/time required by an administrator to establish a reasonable system security plan
the amount of effort/time required by an algorithm to fully encrypt or decrypt a message
the amount of effort/time required by an attacker to overcome a protective measure
Which access control includes training?
Administrative
Physical
Technical
Organizational
"The strength of the cryptosystem is a function of the keys, not the algorithm" is also known as
Kerckhoff's Principle
Rijndael's Challenge
Moore's Law
Diffe-Hillman's Axiom
Motion detectors, video cameras, fences, locked doors, guards and dogs are all examples of
Administrative controls
Both Technical and Administrative controls
Physical controls
Technical controls
Which of the following would be the least useful in attempting to crack a password?
Packet sniffing
brute force/dictionary attack
MAC the Knife
John the Ripper
LophtCrack
Match the following examples to their definitions
Unpatched servers
Vulnerability
A virus that relies on unpatched code or OS levels
Threat
The likelihood a threat will be realized, the frequency of natural disasters
Risk
$1M dollars per day downtime
Exposure
A proxy server
Countermeasure
Match the following terms to definitions
Training, configuration management of documentation, risk management
Firewalls, IDS, encryption
Lighting, Fencing, guard patrols
Physical Controls
Owner-set permissions are an example of:
mandatory access control
Clark-Wilson
role-based access control
Account administration, policies and standards, asset classification and reviews of audit trails are all examples of
Both technical and administrative controls
Which of the following packet switched networks is best suited for fiber optic networks with sporadic traffic?
SONET
ATM
SMDS
Frame Relay
MPLS
Which of the following is NOT a RAW authentication protocol?
LDAP
PAP
CHAP
EAP
