Chapter 9 Quiz
What type of filtering software divides email messages that have been received into two piles, spam and non-spam and then analyzes every word in each email and determines how frequently a word occurs in the spam pile compared to the not-spam pile?
Bayesian filtering
What type of video surveillance is typically used by banks, casinos, airports, and military installations, and commonly employs guards who actively monitor the surveillance?
CCTV
What U.S. government classified standard is intended to prevent attackers from picking up electromagnetic fields from government buildings?
TEMPEST
An access log is a record or list of individuals who have permission to enter a secure area, along with the time they entered and the time they left the area. T/F
True
An automated patch update service is used to manage patches within the enterprise instead of relying on the vendor's online updates. T/F
True
In the production stage the application is released to be used in its actual setting. T/F
True
How can an area be made secure from a non-secured area via two interlocking doors to a small room?
Using a mantrap
Which OS hardening technique removes all unnecessary features that may compromise an operating system?
kernel pruning
What security concept states a user should only be given the minimum set of permissions required to perform necessary tasks?
least functionality
What monitors emails for spam and other unwanted content to prevent these messages from being delivered?
mail gateway
What publicly released software security update is intended to repair a vulnerability?
patch
What type of tools are involved in effective patch management? (Choose all that apply.) patch verification patch distribution patch monitoring patch reception
patch distribution patch reception
In Microsoft Windows, what type of templates are a collection of security configuration settings?
security
What is the name for a cumulative package of all patches and hot-fixes as well as additional features up to a given point?
service pack
Which of the following are application development stages? (Choose all that apply.) analysis proofing testing staging
testing staging
Which application development life-cycle model uses a sequential design process?
waterfall
What type of OS manages hardware and software on a client computer?
workstation OS
A spiked collar that extends horizontally for up to 3 feet from the pole is an example of what kind of technology?
Anti-climb
Which of the following are considered to be part of a typical OS security configuration? (Choose all that apply.) Disabling unnecessary ports and services Employing least functionality Password auditing Disabling default accounts/passwords
Disabling unnecessary ports and services Employing least functionality Password auditing
A compiled code test is used to ensure that the projected application meets all specifications at that point T/F
False
The BIOS was software that was integrated into the computer's motherboard. T/F
False
The testing stage is a "quality assurance" test to verify that the code functions as intended. T/F
False
Tightening security during the design and coding of an OS is called "locking." T/F
False
When securing a laptop, it can be placed in an office or a desk drawer. T/F
False
Which of the following is a popular type of removable data storage used on mobile devices?
SD
A Wi-Fi enabled microSD card is an example of what type of device?
SDIO
What security standard was introduced in conjunction with UEFI?
Secure Boot
What software methodology includes security automation?
Secure DevOps
Anti-virus products typically utilize what type of virus scanning analysis?
Static analysis
One tool for change management is version control software that allows changes to be automatically recorded and if necessary "rolled back" to a previous version of the software. T/F
True
Static program analyzers are tools that examine the software without actually executing the program; instead, the source code is reviewed and analyzed. T/F
True
What specific software can examine a computer for any infections as well as monitor computer activity and scan new documents that might contain a virus?
antivirus
What type of OS in firmware is designed to manage a specific device like a video game console?
appliance OS
Most portable devices, and some computer monitors have a special steel bracket security slot built into the case, which can be used in conjunction with a:
cable lock
Which of the following is an AV heuristic monitoring technique?
code emulation
What specific process in application development removes a resource that is no longer needed?
deprovisioning
What type of storage is used on mobile devices?
flash memory
What type of update does not allow a user to refuse or delay security updates?
forced
Which AV approach uses a variety of techniques to spot the characteristics of a virus instead of attempting to make matches?
heuristic monitoring
An independently rotating large cup affixed to the top of a fence prevents the hands of intruders from gripping the top of a fence to climb over it. What is the name for this technology?
roller barrier
