Question Results

Score 0 of 1

Question:

Match the following control types to their purposes

Response:

Match	User answer	Feedback
Reducing Risk	Compensating
Correcting violations and incidents	Recovery	Corrective controls also help improve existing preventative and detective controls
Discouraging violations	Deterrent
Providing alternate ways of accomplishing a task	Compensating
Restoring systems and information	Recovery

Score 1 of 1

Question:

Match the following key terms

Response:

Match	User answer	Feedback
Availability	Reliable and timely access to data and resources
Confidentiality	Necessary level of secrecy, unauthorized disclosure is prevented
Shoulder surfing	Unauthorized viewing of information (screen peeking)
Social Engineering	Tricking someone into giving sensitive information (to gain unauthorized access)

Score 0 of 1

Question:

Which access control protects the entire system?

Response:

	Firewalls/IPS
	Data Access Controls
	Access Control Lists
	System Access Controls
	Operating System Controls/Policies

Score 1 of 1

Question:

Owner-set permissions are an example of:

Response:

	Discretionary access control
	role-based access control
	Clark-Wilson
	mandatory access control

Score 1 of 1

Question:

Determining whether a subject can log into a system is an example of

Response:

	Authentication
	Authorization
	Accountability

Score 1 of 1

Question:

Which of the following extinguishing methods is best for a computer or electrical fire?

Response:

	Soda Acid
	CO2
	ESD Blanket
	Water

Score 1 of 1

Question:

Which of the following is the lowest in the OSI model:

Response:

	Session
	Network
	Transport
	Data Link
	Application

Score 0 of 1

Question:

More key terms from Chapter 2

Response:

Match	User answer	Feedback
Weakness or lack of a countermeasure	Vulnerability
Entity that can exploit a vulnerability	Threat agent
The danger of having a vulnerability exploited	Threat
The probability of a threat being realized	Exposure
Presence of a vulnerability which exposes the organization	Risk

Score 1 of 1

Question:

What is the ideal humidity level for a data center?

Response:

	60-80%
	30-50%
	40-60%
	20-40%

Score 1 of 1

Question:

Which OSI layer includes the LLC and MAC sub-layers?

Response:

	Session
	Network
	Physical
	Transport
	Data Link

Score 1 of 1

Question:

Which of the following is a remote authentication system?

Response:

	TACACS
	KERBEROS
	OpenVPN
	SESAME

Score 0 of 1

Question:

What OSI Layer includes data encryption?

Response:

	Application
	Network
	Transport
	Presentation
	Datalink

Score 1 of 1

Question:

Encryption, access control mechanisms, access control lists and remote access authentication protocols are all examples of

Response:

	Both Technical and Administrative
	Physical Controls
	Administrative Controls
	Technical controls

Score 1 of 1

Question:

Which classification of fuel type is paper given?

Response:

	D
	C
	A
	B

Score 1 of 1

Question:

Which of the following is primarily focused on reducing risk?

Response:

	Recovery
	Deterrent
	Detective
	Preventative
	Corrective