ECE Fund of Cybersecurity and Info Security: Ch 5 and 6

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

Janet is identifying the set of privileges that should be assigned to a new employee in her organization. Which phase of the access control process is she performing? Identification Authorization Accountability Authentication

Authorization

In an accreditation process, who has the authority to approve a system for implementation? Authorizing official (AO) System owner System administrator Certifier

Authorizing official (AO)

Ann is creating a template for the configuration of Windows servers in her organization. It includes the basic security settings that should apply to all systems. What type of document should she create? Guideline Policy Procedure Baseline

Baseline

Passphrases are less secure than passwords. True or False

False

Configuration changes can be made at any time during a system life cycle and no process is required. True or False

False

Procedures do NOT reduce mistakes in a crisis. True or False

False

Which security model does NOT protect the integrity of information? Clark-Wilson Biba Bell-LaPadula Brewer and Nash

Bell-LaPadula

Gary would like to choose an access control model in which the owner of a resource decides who may modify permissions on that resource. Which model fits that scenario? Role-based access control (RBAC) Rule-based access control Mandatory access control (MAC) Discretionary access control (DAC)

Discretionary access control (DAC)

You should use easy-to-remember- personal information to create passwords. True or False

False

Which type of authentication includes smart cards? Knowledge Location Ownership Action

Ownership

Which one of the following is an example of a logical access control? Password Fence Key for a lock Access card

Password

Which one of the following is NOT an advantage of biometric systems? Biometrics are hard to fake Physical characteristics may change Biometrics require physical presence Users do not need to remember anything

Physical characteristics may change

Marguerite is creating a budget for a software development project. What phase of the system lifecycle is she undertaking? Functional requirements and definition Project initiation and planning System design specification Operations and maintenance

Project initiation and planning

Biyu is making arrangements to use a third-party service provider for security services. She wants to document a requirement for timely notification of security breaches. What type of agreement is most likely to contain formal requirements of this type? Memorandum of understanding (MOU) Service level agreement (SLA) Blanket purchase agreement (BPA) Interconnection security agreement (ISA)

Service level agreement (SLA)

Which one of the following principles is NOT a component of the Biba integrity model? Subjects cannot read objects that have a lower level of integrity than the subject. Subjects cannot change objects that have a lower integrity level. A subject may not ask for service from subjects that have a higher integrity level. Subjects at a given integrity level can call up only subjects at the same integrity level or lower.

Subjects cannot change objects that have a lower integrity level.

Aditya is attempting to classify information regarding a new project that his organization will undertake in secret. Which characteristic is NOT normally used to make these type of classification decisions? Threat Criticality Value Sensitivity

Threat

A functional policy declares an organization's management direction for security in such specific functional areas as email, remote access, and Internet surfing. True or False

True

Single sign-on (SSO) can provide for stronger passwords because with only one password to remember, users are generally willing to use stronger passwords. True or False

True

With proactive change management, management initiates the change to achieve a desired goal. True or False

True

Which one of the following is NOT a commonly accepted best practice for password security? Do not include usernames in passwords. Include a mixture of uppercase characters, lowercase characters, and numbers in passwords. Use at least six alphanumeric characters. Include a special character in passwords.

Use at least six alphanumeric characters.


Kaugnay na mga set ng pag-aaral

Randy Settoon SELU MGMT 375 Test 2

View Set

PrepU: Chapter 11: Maternal Adaptation During Pregnancy

View Set

BIO 2006 Chapter 22 Smartbook Questions

View Set

Unit 1 - Individual Securities - Equities

View Set

MKT 3013 Sample Quiz & Test, Ch 17 (Final Exam)

View Set