Question Results

Score 1 of 1

Question:

Which of the following is primarily focused on reducing risk?

Response:

	Corrective
	Recovery
	Detective
	Deterrent
	Preventative

Score 1 of 1

Question:

Which of the following is primarily focused on identifying violations and incidents?

Response:

	Recovery
	Corrective
	Preventative
	Compensating
	Detective

Score 1 of 1

Question:

Bell-La Padula focuses primarily on:

Response:

	Data Integrity
	Authentication
	Accessibility
	Availability
	Confidentialty

Score 1 of 1

Question:

Which of the following is NOT a RAW authentication protocol?

Response:

	LDAP
	CHAP
	EAP
	PAP

Score 1 of 1

Question:

Which of the following packet switched networks uses HDLC?

Response:

	SONET
	MPLS
	ATM
	SMDS
	Frame Relay

Score 1 of 1

Question:

Which of the following have the best CER?

Response:

	Hand scanning
	Iris Scanning
	Finger scanning
	Badge Scanning

Score 1 of 1

Question:

Determining whether a subject can log into a system is an example of

Response:

	Accountability
	Authentication
	Authorization

Score 1 of 1

Question:

Which of the following is immediately above the Data Link Layer in the OSI model:

Response:

	Transport
	Network
	Datalink
	Presentation
	Session

Score 1 of 1

Question:

Which access control includes locked doors?

Response:

	Administrative
	Owner
	Technical
	Organizational
	Physical

Score 1 of 1

Question:

John's computer access changed with his reassignment to a new department. This is an example of:

Response:

	Mandatory access control
	Access List Control
	Role-based access control
	Need-to-Know control
	Owner set access control

Score 1 of 1

Question:

Which of the following is the highest in the OSI model:

Response:

	Presentation
	Physical
	Data Link
	Transport
	Network

Score 1 of 1

Question:

Clark-Wilson focuses primarily on:

Response:

	Authentication
	Accessibility
	Confidentialty
	Address Integrity
	Availability

Score 0 of 1

Question:

Match the following terms and definitions

Response:

Match	User answer	Feedback
Intended to discourage a potential attacker	Deterrent
Intended to avoid an incident from happening	Deterrent
Fixes component or systems after an incident has occurred	Recovery
Intended to bring the environment back to production levels	Corrective
Identify an incidents activities	Detective
Alternate measures of control	Compensating

Score 1 of 1

Question:

Match the following examples to their definitions

Response:

Match	User answer	Feedback
Unpatched servers	Vulnerability
A virus that relies on unpatched code or OS levels	Threat
The likelihood a threat will be realized, the frequency of natural disasters	Risk
$1M dollars per day downtime	Risk
A proxy server	Countermeasure

Score 1 of 1

Question:

Work factor is defined as:

Response:

	the amount of effort/time required by an algorithm to fully encrypt or decrypt a message
	the amount of effort/time required by an administrator to establish a reasonable system security plan
	the amount of effort/time required by an attacker to overcome a protective measure
	the amount of effort/time required to maintain an established security plan once it has been implemented