EH CH19 MCQ's

You are a security administrator tasked with determining the expected losses a media firm may incur in the event of a fire. You estimate the firm could expect to lose half of its assets, equal to $10 million dollars. You also determine that the likelihood of a fire occurring is once every 10 years. What is the annual loss expectancy (ALE)? A. Loss of $500,000 B. Loss of $1,000,000 C. Gain of $250,000 D. Loss of $250,000

A. Loss of $500,000

Cipher locks, mantraps, and bollards are considered what? A. Physical controls B. Technical controls C. Crime prevention through environmental design D. Physical barriers

A. Physical controls

In the field of IT security, the concept of defense in depth is the layering of more than one control on another. Why is this? A. To provide better protection B. To build dependency among layers C. To increase logging ability D. To satisfy auditors

A. To provide better protection

An 8-foot-tall fence with razor wire stranded on top is considered what type of measure? A. A deterrent measure B. A preventative measure C. A corrective measure D. An industrial measure

B. A preventative measure

Which of the following is a detective control when not used in real time? A. Fences B. Alarms C. CCTV D. Locks

B. Alarms

Which intrusion prevention system can be used in conjunction with fences? A. Infrared wave patter B. Bollards C. Audio D. PIDAS

B. Bollards

Which of the following is a characteristic of USB flash drives that makes security a problem? A. Encrypted B. Easily hidden C. Portable D. Slow

B. Easily hidden

Which type of biometric system is frequently found on laptops but can be used on entryways as well? A. Retina B. Fingerprint C. Iris D. Voice recognition

B. Fingerprint

What is a type of combination lock? A. Key lock B. Card lock C. Cipher lock D. Trucker lock

C. Cipher lock

What mechanism is intended to deter theft of hard drives? A. Locks B. Backups C. Encryption D. Size

C. Encryption

Which of the following is considered an administrative control? A. Biometric device B. Mantrap C. Security policy D. Access control list

C. Security policy

Physical security can prevent which of the following? A. DDoS B. FTP C. Tailgating D. Cracking

C. Tailgating

Which of the following could be considered required components of an alarm system? A. A visual alerting method B. An audio alerting method C. Automatic dialup D. Both A and B

D. Both A and B

Which of the following is a good defense against tailgating and piggybacking? A. Cameras B. Guards C. Turnstiles D. Mantraps

D. Mantraps

What is the name given for the device component physically located on the motherboard that stores encryption keys for hard drives, preventing an adversary from removing the hard drive and using it on another computer? A. Hard drive encryption B. Crypto-locker C. Hardware Security Module D. Trusted Platform Module

D. Trusted Platform Module