Give us your feedback!
Question:
Which OSI layer includes the LLC and MAC sub-layers?
Response:
Data Link
Transport
Session
Network
Physical
What OSI Layer includes data encryption?
Presentation
Application
Datalink
Which access control includes intrusion detection?
Technical
Owner
Administrative
Techincal
Organizational
Match the following examples to their definitions
Unpatched servers
Vulnerability
A virus that relies on unpatched code or OS levels
Threat
The likelihood a threat will be realized, the frequency of natural disasters
Exposure
$1M dollars per day downtime
A proxy server
Countermeasure
Which classification of fuel type is gasoline given?
A
B
D
C
Bell-La Padula focuses primarily on:
Confidentialty
Authentication
Availability
Accessibility
Data Integrity
How many levels are there in the latest (June 2013) OSI model?
5
6
10
7
8
Match the following control types to their purposes
Reducing Risk
Deterrent
Correcting violations and incidents
Recovery
Corrective controls also help improve existing preventative and detective controls
Discouraging violations
Preventative
Providing alternate ways of accomplishing a task
Compensating
Restoring systems and information
In MAC the access policy is set by:
network ACL
the system
the role
the GPO
the owner
Which of the following is primarily focused on identifying violations and incidents?
Corrective
Detective
Owner-set permissions are an example of:
mandatory access control
Discretionary access control
role-based access control
Clark-Wilson
Which of the following is primarily focused on identifying alternate solutions to achieve a task?
Which access control includes asset classification?
Which of the following are the three components of the fire triangle?
Fire/Fuel/Oxygen
Heat/Combustion/Oxygen
Heat/Fuel/Oxygen
Fire/Combustion/Oxygen
Match the following key terms
Reliable and timely access to data and resources
Confidentiality
Necessary level of secrecy, unauthorized disclosure is prevented
Shoulder surfing
Unauthorized viewing of information (screen peeking)
Social Engineering
Tricking someone into giving sensitive information (to gain unauthorized access)
