EH CH19 MCQ's
You are a security administrator tasked with determining the expected losses a media firm may incur in the event of a fire. You estimate the firm could expect to lose half of its assets, equal to $10 million dollars. You also determine that the likelihood of a fire occurring is once every 10 years. What is the annual loss expectancy (ALE)? A. Loss of $500,000 B. Loss of $1,000,000 C. Gain of $250,000 D. Loss of $250,000
A. Loss of $500,000
Cipher locks, mantraps, and bollards are considered what? A. Physical controls B. Technical controls C. Crime prevention through environmental design D. Physical barriers
A. Physical controls
In the field of IT security, the concept of defense in depth is the layering of more than one control on another. Why is this? A. To provide better protection B. To build dependency among layers C. To increase logging ability D. To satisfy auditors
A. To provide better protection
An 8-foot-tall fence with razor wire stranded on top is considered what type of measure? A. A deterrent measure B. A preventative measure C. A corrective measure D. An industrial measure
B. A preventative measure
Which of the following is a detective control when not used in real time? A. Fences B. Alarms C. CCTV D. Locks
B. Alarms
Which intrusion prevention system can be used in conjunction with fences? A. Infrared wave patter B. Bollards C. Audio D. PIDAS
B. Bollards
Which of the following is a characteristic of USB flash drives that makes security a problem? A. Encrypted B. Easily hidden C. Portable D. Slow
B. Easily hidden
Which type of biometric system is frequently found on laptops but can be used on entryways as well? A. Retina B. Fingerprint C. Iris D. Voice recognition
B. Fingerprint
What is a type of combination lock? A. Key lock B. Card lock C. Cipher lock D. Trucker lock
C. Cipher lock
What mechanism is intended to deter theft of hard drives? A. Locks B. Backups C. Encryption D. Size
C. Encryption
Which of the following is considered an administrative control? A. Biometric device B. Mantrap C. Security policy D. Access control list
C. Security policy
Physical security can prevent which of the following? A. DDoS B. FTP C. Tailgating D. Cracking
C. Tailgating
Which of the following could be considered required components of an alarm system? A. A visual alerting method B. An audio alerting method C. Automatic dialup D. Both A and B
D. Both A and B
Which of the following is a good defense against tailgating and piggybacking? A. Cameras B. Guards C. Turnstiles D. Mantraps
D. Mantraps
What is the name given for the device component physically located on the motherboard that stores encryption keys for hard drives, preventing an adversary from removing the hard drive and using it on another computer? A. Hard drive encryption B. Crypto-locker C. Hardware Security Module D. Trusted Platform Module
D. Trusted Platform Module