Infosec W-2 & W-5

Use of e-mail filters is effective against which of the following? a. Sniffing attacks b. Spamming attacks c. Spoofing attacks d. Snooping attacks

Choice (b) is the correct answer. Spamming is posting identical messages to multiple unrelated newsgroups over the Internet. E-mail filters are effective against spamming attacks. Sniffing and snooping are same, where an attacker is looking for valuable information. Spoofing is using various techniques to subvert IP-based access control by masquerading as another system by using their IP address

Which of the following statements is not true about discretionary access control (DAC)? a. Access is based on the authorization granted to the user b. It uses access control lists c. It uses grant or revoke access to objects d. Users and owners are different

Choice (d) is the correct answer. Discretionary access control permits the granting and revoking of access control privileges to be left to the discretion of individual users. A discretionary access control mechanism allows users to grant or revoke access to any of the objects under the control. As such, users are said to be the owners of the objects under their control. It uses access control lists.

23. Which one of the following is filled with water? a. A wet-pipe sprinkler system b. A dry-pipe sprinkler system c. A halogenated sprinkler system d. A carbon dioxide sprinkler system

a. A wet-pipe sprinkler system Choice (a) is the correct answer. A wet-pipe sprinkler system is made up of sprinkler devices attached to pipes filled with water. A drysprinkler system contains air under pressure. When a sprinkler is activated, the released air opens valves allowing water into the pipes. Choices (c) and (d) are meaningless.

21. Which one of the following water sprinkler system elements consists of fire-activated devices? a. Water supply b. Water heads c. Water control valves d. Alarm system

b. Water heads Choice (b) is the correct answer. A water sprinkler system consists of the following elements: water supply, fire-activated sprinkler devices (heads), water control valves, and a mechanism to activate the audible alarm system.

47. All of the following are proper places for installing smoke detectors except: a. In the ceiling of a building b. Under the raised floor c. In air return ducts of a building d. In water drains on the floor

d. In water drains on the floor Choice (d) is the correct answer. For maximum use and benefit, smoke detectors should be installed in the ceiling, under the raised floor, and in air return ducts. Choices (a), (b), and (c) are proper places. Putting a smoke detector in water drains on the floor is improper.

3. Where do you start when considering physical security protection for new computer facilities? a. Front to back b. Back to front c. Outside in d. Inside out

d. Inside out The best strategy is to start with interior security, proceed to the exterior security, and then to the outer perimeter. This path provides a clear picture of all areas needing protection and ensures completeness of analysis.

18. Water sprinklers operate at what temperatures? a. Between 120 and 130 F b. Between 130 and 165 F c. Between 135 and 145 F d. Between 145 and 160 F

b. Between 130 and 165 F Choice (b) is the correct answer. Most water sprinkler systems operate at temperatures between 130 and 165 degrees Fahrenheit.

44. Which of the following measures provides a first line of defense against potential risks and threats in a computer center? a. Application security b. Data security c. Physical security d. Telecommunications security

c. Physical security Choice (c) is the correct answer. Physical security measures (e.g., locks and keys) are the first line of defense against potential risks and exposures and are mostly hardware-related. The securities listed in the other three choices are mostly software-related.

29. Which one of the following replacements for the Halogenated agents (Halon 1211 and 1301) is the safest to humans? a. FM-200 b. Argon c. Water fog d. Inergen

c. Water fog Choice (c) is the correct answer. The production of Halogenated agents (Halon 1211 and 1301) was stopped in January 1994 due to their depletion of the Ozone layer. Many replacements were found but the water fog is the safest one to humans.

66. Which of the following is not a technical security measure? a. Hardware b. Software c. Firmware d. Physical control

d. Physical control Choice (d) is the correct answer. A major part of the security of an IT system can often be achieved through nontechnical measures, such as organizational, personnel, physical, and administrative controls. However, there is a growing tendency and need to employ technical IT security measures implemented in hardware, software, and firmware.

What is not a database administrator's responsibility? a. Establishing data usage and database usage standards b. Recovering databases c. Reorganizing databases d. Maintaining databases

Choice (a) is the correct answer. The data administrator (DA) is responsible for establishing data usage and database usage standards. The data administration function stays independent of a particular database and has responsibilities for the data of the organization as a whole. The function is, ideally, involved in long-term IS planning that spans across all the organization's automated and manual systems. The other three items are the responsibility of the database administrator (DBA). The database administration function is concerned with short-term development and use of databases and is responsible for the data of one or several specific databases. In other words, the DA's job is more administrative in nature, while the DBA's job is more technical.

Which of the following security features is not supported by the principle of least privilege? a. "All or nothing" approach to privilege b. The granularity of privilege c. The time bounding of privilege d. Privilege inheritance

Choice (a) is the correct answer. The purpose of a privilege mechanism is to provide a means of granting specific users or processes the ability to perform security-relevant actions for a limited time and under a restrictive set of conditions, while still permitting tasks properly authorized by the system administrator. This is the underlying theme behind the security principle of least privilege. It does not imply an "all or nothing" approach to privilege. Choice (b) is incorrect because the granularity of privilege is one of the security features supported by the principle of least privilege. A privilege mechanism that supports granularity of privilege will allow a process to override only those security-relevant functions that are needed to perform the task. For example, a backup program only needs to override read restrictions not the write or execute restriction on files. Choice (c) is incorrect because the time bounding of privilege is one of the security features supported by the principle of least privilege. The time bounding of privilege is related in that privileges required by an application or a process can be enabled and disabled as the application or process needs them. Choice (d) is incorrect because privilege inheritance is one of the security features supported by the principle of least privilege. Privilege inheritance allows a process image to request that all, some, or none of its privileges get passed on to the next process image. For example, application programs that execute other utility programs need not pass on any privileges if the utility program does not require them.

Which one of the following access techniques uses an access control matrix for its implementation? a. DAC b. MAC c. RBAC d. ACLs

Choice (a) is the correct answer. A discretionary access control (DAC) model uses access control matrix where it places the name of users (subjects) in each row and the names of objects (files or programs) in each column of a matrix

An access control matrix is placing the names of: a. Users in each row and the names of objects in each column b. Programs in each row and the names of users in each column c. Users in each column and the names of devices in each row d. Subjects in each column and the names of process in each row

Choice (a) is the correct answer. Discretionary access control is a process of identifying users and objects. An access control matrix can be used to implement a discretionary access control mechanism where it places the names of users (subject) in each row and the names of objects in each column of a matrix. A subject is an active entity, generally in the form of a person, process, or device that causes information to flow among objects or changes the system state. An object is a passive entity that contains or receives information. Access to an object potentially implies access to the information it contains. Examples of objects are: records, programs, pages, files, directories, etc. An access control matrix describes an association of objects and subjects for authentication of access rights.

Intrusion detection systems (IDS) and firewalls do which of the following? a. Interact b. Notify c. Prevent d. Detect

Choice (a) is the correct answer. Intrusion detection systems are designed to detect, notify, and in some cases, prevent unauthorized access to a networked system or resource. Many IDS are also capable of interacting with firewalls in order to bring a reactive element to the provision of network security services. Firewalls that interact with IDS are capable of responding to perceived remote threats automatically, without the delays associated with a human response. For example, if an IDS detects a denial-of-service attack in progress, it can instruct certain firewalls to automatically block the source of the attack. This reactive capability is a very important security measure.

Kerberos is used in all of the following situations except: a. Managing distributed access rights b. Managing encryption keys c. Managing centralized access rights d. Managing access permissions

Choice (a) is the correct answer. Kerberos is a private key authentication system that uses a central database to keep a copy of all users' private keys. The entire system can be compromised due to the central database. Kerberos is used to centrally manage access rights, encryption keys, and access permissions

Which of the following statements is not true about Kerberos protocol? a. Kerberos uses an asymmetric-key cryptography b. Kerberos uses a trusted third-party c. Kerberos is a credential-based authentication system d. Kerberos uses symmetric-key cryptography

Choice (a) is the correct answer. Kerberos uses symmetric-key cryptography and a trusted third-party. Kerberos users authenticate with one another using Kerberos credentials issued by a trusted third party.

112. The more simple and basic login controls include: a. Validating user name and password b. Monitoring unsuccessful logins c. Sending alerts to the system operators d. Disabling accounts when a break-in occurs

Choice (a) is the correct answer. Login controls specify the conditions users must meet for gaining access to a computer system. In most simple and basic cases, access will be permitted only when both a user-name and password are provided. More complex systems grant or deny access based on the type of computer login, i.e., local, dial-up, remote, network, batch, or subprocess. The security system can restrict access based on the type of terminal or remote computer.access will only be granted when the user or program is located at a designated terminal or remote system. Also, access can be defined by the time of day and the day of the week. As a further precaution, the more complex and sophisticated systems monitor unsuccessful logins (choice b), send messages or alerts to the system operator (choice c), and disable accounts when a break-in occurs (choice d).

What does the Bell-LaPadula star.property (*.property) means? a. No write-down is allowed b. No write-up is allowed c. No read-up is allowed d. No read-down is allowed

Choice (a) is the correct answer. One cannot write anything below that subject level.

Impersonation can be achieved by all of the following except: a. Packet replay b. Forgery c. Relay d. Interception

Choice (a) is the correct answer. Packet replay is one of the most common security threats to network systems similar to impersonation and eavesdropping. Packet replay refers to the recording and retransmission of message packets in the network. It is a significant threat for programs that require authentication sequences because an intruder could replay legitimate authentication sequence messages to gain access to a system. Packet replay is frequently undetectable but can be prevented by using packet time-stamping and packet-sequence counting. Choice (b) is incorrect because forgery is one of the ways impersonation is achieved. Forgery is attempting to guess or otherwise fabricate the evidence that the impersonator knows or possesses. Choice (c) is incorrect because relay is one of the ways impersonation is achieved. Relay is where one can eavesdrop upon another's authentication exchange and learn enough to impersonate a user. Choice (d) is incorrect because interception is one of the ways impersonation is achieved. Interception is where one is able to slip in between the communications and "hijack" the communications channel

The objective of separation of duties is that: a. No one person has complete control over a transaction or an activity b. Employees from different departments do not work together c. Controls are available to protect all supplies d. Controls are in place to operate all equipment

Choice (a) is the correct answer. The objective is to limit what people can do, especially in conflict situations or incompatible functions, in such a way that no one person has complete control over a transaction or an activity from start to finish. The goal is to limit the possibility of hiding irregularities. Choice (b) is incorrect because employees from different departments should work together. Choices (c) and (d) are incorrect because separation of duties is a subset of controls.

Which one of the following access control techniques treats users and owners as the same? a. DAC b. MAC c. RBAC d. ACLs

Choice (a) is the correct answer. A discretionary access control (DAC) mechanism allows users to grant or revoke access to any of the objects under their control. As such, users are said to be the owners of the objects under their control

Some security authorities believe that re-authentication of every transaction provides stronger security procedures. Which of the following security mechanisms is least efficient and least effective for reauthentication? a. Recurring passwords b. Non-recurring passwords c. Memory tokens d. Smart tokens

Choice (a) is the correct answer. Recurring passwords are static passwords with reuse and are considered to be a relatively weak security mechanism. Users tend to use easily guessed passwords. Other weaknesses include spoofing users, users stealing passwords through observing key strokes, and users sharing passwords. The unauthorized use of passwords by outsiders (hackers) or insiders is a primary concern and is considered the least efficient and least effective security mechanism for re-authentication. Non-recurring passwords (choice b) is incorrect because they provide a strong form of reauthentication. Examples include a challenge-response protocol or a dynamic password generator where a unique value is generated for each session. These values are not repeated and are good for that session only. Tokens can help in re-authenticating a user or transaction. Memory tokens (choice c) store but do not process information. Smart tokens (choice d) expand the functionality of a memory token by incorporating one or more integrated circuits into the token itself. In other words, smart tokens store and process information. Except for passwords, all the other methods listed in the question are examples of advanced authentication methods that can be applied to re-authentication.

Which of the following lists a pair of compatible functions within the IS organization? a. Systems analysis and application programming b. Telecommunications network and computer operations c. Applications programming and systems programming d. Data entry and production job scheduling

Choice (a) is the correct answer. Separation of duties is the first line of defense against the prevention, detection, and correction of errors, omissions, and irregularities. The objective is to ensure that no one person has complete control over a transaction throughout its initiation, authorization, recording, processing, and reporting. If the total risk is acceptable, then two different jobs can be combined. If the risk is unacceptable, the two jobs should not be combined. Here, it is safe to combine systems analysis and application programming since the knowledge of the former helps the latter. Choices (b), (c), and (d) are incorrect because they are examples of incompatible functions. The rationale is to minimize such functions, which are not conducive to good internal control structure. For example, a systems programmer with knowledge of the operating system could make unauthorized changes to an application system, leading to fraudulent activities. A data entry person could submit unauthorized production jobs

All user identification and authentication methods require some amount of security administration. Which of the following authentication techniques require additional work in administering the security? a. Cryptography b. Smart tokens c. Passwords d. Memory tokens

Choice (a) is the correct answer. Smart tokens (choice b), passwords (choice c), and memory tokens (choice d) all require strong administrative support such as assigning and maintaining users. For tokens that use cryptography, this includes key management. Passwords do not use keys. The proper management of cryptographic keys is essential to the effective use of cryptography for security. Ultimately, the security of information protected by cryptography directly depends upon the protection afforded to keys. This includes the generation, distribution, storage, entry, use, distribution, and archiving of cryptographic keys

Spoofing is a(n): a. active attack b. passive attack c. surveillance attack d. exhaustive attack

Choice (a) is the correct answer. Spoofing is a tampering activity and is an active attack. Sniffing is a surveillance activity and is a passive attack

Confidentiality is covered by which of the following security models? a. Bell-LaPadula model b. Biba model c. Information flow model d. Take-grant model

Choice (a) is the correct answer. The Bell-LaPadula model addresses confidentiality by describing different security levels of security classifications for documents. These classification levels, from least sensitive to most insensitive, include Unclassified, Confidential, Secret, and Top Secret

36. Countermeasures against Man-In-the-Middle (MIM) attacks include which of the following? 1. Implement digital signatures 2. Use split knowledge procedures 3. Use faster hardware 4. Use packet filters a. 1 and 2 b. 2 and 3 c. 3 and 4 d. 1 and 4

Choice (a) is the correct answer. The MIM attack takes advantage of the store-and-forward mechanism used by insecure networks such as the Internet. Digital signatures and split knowledge procedures are effective against such attacks. Items 3. and 4. are effective against denial-of-service attacks

"Each user is granted the lowest clearance needed to perform authorized tasks" is called which of the following? a. The principle of least privilege b. The principle of separation of duties c. The principle of system clearance d. The principle of system accreditation

Choice (a) is the correct answer. The principle of least privilege requires that each subject (user) in a system be granted the most restrictive set of privileges (or lowest clearances) needed to perform authorized tasks. The application of this principle limits the damage that can result from accident, error, and or unauthorized use. The principle of separation of duties (choice b) states that no single person will have complete control over a business transaction or task. Choices (c) and (d) are distracters

129. In terms of IS security, a penetration is defined as which of the following combinations? a. Attack plus breach b. Attack plus threat c. Threat plus breach d. Threat plus countermeasure

Choice (a) is the correct answer. A penetration is the successful act of bypassing the security mechanisms of a computer system. An attack is an attempt to violate data security. A breach is the successful circumvention or disablement of a security control, with or without detection, which if carried to completion could result in penetration of the system. A threat is any circumstance or event with the potential to cause harm to a system in the form of destruction or modification of data, or denial of service. A countermeasure is any action, control, device, procedure, technique, or other measure that reduces the vulnerability of a threat to a system.

145. Denial of service attacks can be prevented by which of the following? a. Redundancy b. Isolation c. Policies d. Procedures

Choice (a) is the correct answer. Redundancy in data and/or equipment can be designed so that service cannot be removed or denied. Isolation is just the opposite of redundancy. Policies and procedures are not effective against the denial of service attacks.

. Below is a list of pairs, which are related to one another. Select the pair of items, which represent the integral reliance on the first item to enforce the second: a. The separation of duties principle, the "least privilege" principle b. The parity check, the limit check c. The single-key system, the Rivest-Shamir-Adelman (RSA) algorithm d. The two-key system, the Data Encryption Standard (DES) algorithm

Choice (a) is the correct answer. The separation of duties principle is related to the "least privilege" principle; that is, users and processes in a system should have the least number of privileges and for the minimal period of time necessary to perform their assigned tasks. The authority and capacity to perform certain functions should be separated and delegated to different individuals. This principle is often applied to split the authority to write and approve monetary transactions between two people. It can also be applied to separate the authority to add users to a system and other system administrator duties from the authority to assign passwords, conduct audits, and perform other security administrator duties. Choice (b) is incorrect. The parity check is a check that tests whether the number of ones or zeros in an array of binary digits is odd or even. Odd parity is standard for synchronous transmission and even parity for asynchronous transmission. In the limit check, a program tests specified data fields against defined high or low value limits for acceptability before further processing. There is no relation between these two checks because a parity check is hardwarebased and the limit check is a software-based application. Choice (c) is incorrect because the RSA algorithm uses two keys: private and public. Choice (d) is incorrect because the DES algorithm uses only one key for both encryption and decryption (secret or private key).

Which of the following is the primary technique used by commercial systems to analyze events to detect attacks? a. Signature-based IDS b. Anomaly-based IDS c. Behavior-based IDS d. Statistical-based IDS

Choice (a) is the correct answer. There are two primary approaches to analyzing events to detect attacks: signature detection and anomaly detection. Signature detection is the primary technique used by most commercial systems; however, anomaly detection is the subject of much research and is used in a limited form by a number of IDS. Choices (c) and (d) are part of choice (b)

What is false rejection in a biometric access control system? a. Type I error b. Type II error c. Type III error d. Type IV error

Choice (a) is the correct answer. Type I error is rejection of correct individuals (i.e., false rejection), and Type II error is false acceptance of impostors. Choices (c) and (d) are distracters.

An access control policy for a bank teller is an example of the implementation of a(n): a. Role-based policy b. Identity-based policy c. User-directed policy d. Rule-based policy

Choice (a) is the correct answer. With role-based access control, access decisions are based on the roles that individual users have as part of an organization. Users take on assigned roles (such as doctor, nurse, bank teller, manager). Access rights are grouped by role name, and the use of resources is restricted to individuals authorized to assume the associated role. The use of roles to control access can be an effective means for developing and enforcing enterprise-specific security policies and for streamlining the security management process. Choices (b) and (c) are incorrect because they are examples of discretionary access control. Identity-based access control is based only on the identity of the subject and object. In user-directed access controls a subject can alter the access rights with certain restrictions. Choice (d) is incorrect because rule-based access control is an example of a mandatory type of access control and is based on specific rules relating to the nature of the subject and object

How is authorization different from authentication? a. Authorization comes after authentication b. Authorization and authentication are the same c. Authorization is verifying the identity of a user d. Authorization comes before authentication

Choice (a) is the correct answer. Authorization comes after authentication because a user is granted access to a program (authorization) after he is fully authenticated. Authorization is permission to do something with information in a computer. Authorization and authentication are not the same, where the latter is verifying the identity of a user

The principle of least privilege refers to the security objective of granting users only those accesses they need to perform their job duties. Which of the following actions is inconsistent with the principle of least privilege? a. Authorization creep b. Re-authorization when employees change positions c. Users have little access to systems d. Users have significant access to systems

Choice (a) is the correct answer. Authorization creep occurs when employees continue to maintain access rights for previously held positions within an organization. This practice is inconsistent with the principle of least privilege. Choices (b), (c), and (d) are incorrect because they are consistent with the principle of least privilege. Reauthorization will eliminate authorization creep, and it does not matter how many users have access to the system as long as their access is based on need to know.

Which of the following controls provide a first line of defense against potential security threats, risks, or losses to the network? a. Passwords and user IDs b. Software testing c. Dial-back modem d. Transaction logs

Choice (a) is the correct answer. Passwords and user identifications are the first line of defense against a breach to a network's security. Several restrictions can be placed on passwords to improve their effectiveness. These restrictions may include minimum length and format and forced periodic password changes. Switched ports are among the most vulnerable security points on a network. These allow dial-in and dial-out access. They are security risks because they allow users with telephone terminals to access systems. Although call-back or dial-back (choice c) is a potential control as a first line of defense, it is not necessarily the most effective because of the callforwarding capability of telephone circuits. Software testing (choice b) is the last line of defense to ensure data integrity and security. Therefore, the software must be tested thoroughly by end users, information systems staff, and computer operations staff. For on-line applications, the logging of all transactions (choice d) processed or reflected by input programs provides a complete audit trail of actual and attempted entries, thus providing a last line of defense. The log can be stored on tape or disk files for subsequent analysis. The logging control should include the date, time, user ID and password used, the location, and number of unsuccessful attempts made.

126. Which of the following would contribute most to the safeguarding of assets? a. Access to computer facilities and records is limited to authorized personnel on an "as needed" basis b. Training programs are conducted to develop competence of newly hired personnel c. Control and subsidiary accounts are reconciled on a regularly scheduled basis d. Blank stock of all purchase orders and sales invoices are prenumbered

Choice (a) is the correct answer. Computer facilities and records are assets of an organization deserving protection. The practice should be to allow people who have a need to be allowed into the facilities. Choice (b) is more of an efficiency issue whereas choices (c) and (d) are of control issues

The greatest control exposure in a microcomputer (PC) environment is a: a. Lack of separation of duties b. Lack of centralized function for PC acquisition c. Lack of centralized function for PC disposition d. Lack of distributed policies and procedures

Choice (a) is the correct answer. Due to the limited number of people working in a PC environment, it is difficult to obtain the clear separation of duties that one would expect from a mainframe environment. Choices (b) through (d) are not control exposures when compared to a lack of separation of duties. They deal with administrative controls such as PC acquisition policies and procedures.

All of the following are examples of denial-of-service attacks except: a. IP address spoofing b. Smurf attack c. SYN flood attack d. Sendmail attack

Choice (a) is the correct answer. IP address spoofing is falsifying the identity of a computer system. It capitalizes on the packet address the Internet Protocol (IP) uses for transmission. It is not an example of denial-of-service attack because it does not flood the host Robbins (Fall 2018) computer. Smurf, SYN flood, and sendmail attacks are examples of denial-of-service attacks. Smurf attacks use a network that accepts broadcast ping packets to flood the target computer with ping reply packets. SYN flood attack is a method of overwhelming a host computer on the Internet by sending the host a high volume of SYN packets requesting a connection, but never responding to the acknowledgment packets returned by the host. Recent attacks against sendmail include remote penetration, local penetration, and remote denial of service

151. Intrusion detection refers to the process of identifying attempts to penetrate a computer system and gain unauthorized access. Which of the following assists in intrusion detection? a. Audit trails b. Access control lists c. Security clearances d. Host-based authentication

Choice (a) is the correct answer. If audit trails have been designed and implemented to record appropriate information, they can assist in intrusion detection. Although normally thought of as a real-time effort, intrusions can be detected in real time, by examining audit records as they are created or after the fact. Access control lists (choice b) refer to a register of users who have been given permission to use a particular system resource and the types of access they have been permitted. Security clearances (choice c) are associated with a subject (e.g., person, program) to access an object (e.g., files, libraries, directories, devices). Host-based authentication (choice d) grants access based upon the identity of the host originating the request, instead of the identity of the user making the request. Choices (b), (c), and (d) have no facilities to record access activity, thus unable to assist in intrusion detection.

152. In order to test the effectiveness of existing security systems, organizations are using the tiger team testing approach. Which of the following statements is true regarding tiger team tests? a. The tiger team test will get the attention of management b. The tiger team test is transparent to system users c. The validity and usefulness of the tiger team test is proven d. The scope of the tiger team test is comprehensive

Choice (a) is the correct answer. In a tiger team testing approach a real surprise attack against a computer system or network is initiated by a team of experts in a specific area with knowledge of the user organization. If nothing else, the test results will get the attention of management, who may not be aware of such threats and risks facing their organization. It provides a second line of defense. Choice (b) is incorrect because a tiger team test is not transparent to system users. Users may not be able to get their work done during the testing period thus affecting their productivity. Also the validity and usefulness of such tests are not proven (choice c) since there is no general agreement about what the test is supposed to accomplish. The scope of the test is not comprehensive due to time and other resource limitations. It may test only a few major vulnerabilities when there may be a large number in reality (choice d).

Which of the following security services can best be provided by Kerberos? a. Authentication b. Confidentiality c. Integrity d. Availability

Choice (a) is the correct answer. Kerberos is a de facto standard for an authentication protocol, providing a robust authentication method. Kerberos was developed to enable network applications to securely identify their peers and can be used for local/remote logins, remote execution, file transfer, transparent file access (i.e., access of remote files on the network as though they were local), and for client/server requests. The Kerberos system includes a Kerberos server, applications which use Kerberos authentication, and libraries for use in developing applications, which use Kerberos authentication. In addition to secure remote procedure call (RPC), Kerberos prevents impersonation in a network environment and only provides authentication services. Other services such as confidentiality, integrity, and availability must be provided by other means. With Kerberos and secure RPC, passwords are not transmitted over the network in plaintext. In Kerberos there are two items needed to prove authentication. The first is the ticket and the second is the authenticator. The ticket consists of the requested server name, the client name, the address of the client, the time the ticket was issued, the lifetime of the ticket, the session key to be used between the client and the server, and some other fields. The ticket is encrypted using the server's secret key and thus cannot be correctly decrypted by the user. If the server can properly decrypt the ticket when the client presents it and if the client presents the authenticator encrypted using the session key contained in the ticket, the server can have confidence in the user's identity. The authenticator contains the client name, the address, current time, and some other fields. The authenticator is encrypted by the client using the session key shared with the server. The authenticator provides a time validation for the credential. If a user possesses both the proper credential and the authenticator encrypted with the correct session key and presents these items within the lifetime of the ticket, then the user's identity can be authenticated. Choice (b) is incorrect because confidentiality ensures that data is disclosed only to authorized subjects. Choice (c) is incorrect because integrity is the property that an object is changed only in a specified and authorized manner. Choice (d) is incorrect because availability is the property that a given resource will be usable during a given time period.

All of the following types of logical access control mechanisms rely on physical access controls except: a. Encryption controls b. Application system access controls c. Operating system access controls d. Utility programs

Choice (a) is the correct answer. Most systems can be compromised if someone can physically access the CPU machine or major components by, for example, restarting the system with different software. Logical access controls are, therefore, dependent on physical access controls (with the exception of encryption, which can depend solely on the strength of the algorithm and the secrecy of the key). Application systems, operating systems, and utility programs are heavily dependent on logical access controls to protect against unauthorized use

Which of the following internal access control methods offers a strong form of access control and is a significant deterrent to its use? a. Security labels b. Passwords c. Access control lists d. Encryption

Choice (a) is the correct answer. Security labels are a very strong form of access control. Unlike access control lists (choice c), labels cannot ordinarily be changed. Since labels are permanently linked to specific information, data cannot be disclosed by a user copying information and changing the access to that file so that the information is more accessible than the original owner intended. Labels are well suited for consistently and uniformly enforcing access restrictions, although their administration and inflexibility can be a significant deterrent to their use. Passwords (choice b) are a weak form of access control although they are easy to use and administer. Although encryption (choice d) is a strong form of access control, it is not a deterrent to its use when compared to labels.

131. Cryptographic authentication systems must specify how the cryptographic algorithms will be used. Which of the following authentication systems would reduce the risk of impersonation in an environment of networked computer systems? a. Kerberos-based authentication system b. Password-based authentication system c. Memory token-based authentication system d. Smart token-based authentication system

Choice (a) is the correct answer. The primary goal of Kerberos is to prevent system users from claiming the identity of other users in a distributed computing environment. The Kerberos authentication system is based on secret key cryptography. The Kerberos protocol provides strong authentication of users and host computer systems. Further, Kerberos uses a trusted third party to manage the cryptographic keying relationships, which are critical to the authentication process. System users have a significant degree of control over the workstations that are used to access network services, and these workstations must therefore be considered untrusted. Kerberos was developed to provide distributed network authentication services involving client/server systems. A primary threat in this type of client/server system is the possibility that one user will be able to claim the identity of another user (impersonation), thereby gaining access to system services without the proper authorization. To protect against this threat, Kerberos provides a trusted third party accessible to network entities, which supports the services required for authentication between these Robbins (Fall 2018) entities. This trusted third party is known as the Kerberos key distribution server, which shares secret cryptographic keys with each client and server within a particular realm. The Kerberos authentication model is based upon the presentation of cryptographic tickets to prove the identity of clients requesting services from a host system or server. Choices (b), (c), and (d) are incorrect since they cannot reduce the risk of impersonation. For example: (1) passwords can be shared, guessed, or captured (choice b) and (2) memory tokens and smart tokens can be lost or stolen (choices c and d). Also, these three choices do not use a trusted third party to strengthen controls as Kerberos does.

Which of the following can co-exist in providing strong access control mechanisms? a. Kerberos authentication and single sign-on system b. Kerberos authentication and digital signature system c. Kerberos authentication and asymmetric key system d. Kerberos authentication and digital certificate system

Choice (a) is the correct answer. When Kerberos authentication is combined with single sign-on systems, it requires establishment of and operating the privilege servers. Kerberos uses symmetric key cryptography and choices (b), (c), and (d) are examples of asymmetric key cryptography

Which of the following access mechanisms creates a potential security problem? a. Location-based access mechanism b. Address-based access mechanism c. Token-based access mechanism d. Web-based access mechanism

Choice (b) is the correct answer. Address-based access mechanisms use Internet Protocol (IP) source addresses, which are not secure and subject to IP address spoofing attacks. The IP address deals with identification only, not authentication. Choice (a) is incorrect because location-based access mechanism deals with a physical address, not IP address. Choice (c) is incorrect because token-based access mechanism uses tokens as a means of identification and authentication. Choice (d) is incorrect because web-based access mechanism uses secure protocols to accomplish authentication. Choices (a), (c), and (d) accomplish both identification and authentication.

Job control analyst should not be given access to which of the following? a. Test job control files b. Production data files c. Job scheduling files d. Job control documentation

Choice (b) is the correct answer. The job control analyst is responsible for the overall quality of production job control language and conformance to standards. The appropriate level of access is access to test job control files, job scheduling files, job control documentation, and the problem/change management system. He should not be given access to production data files because he could perform maintenance to production application programs and production job control files. This is risky.

Which of the following does not complement intrusion detection systems (IDS)? a. Honey pots b. Inference cells c. Padded cells d. Vulnerability analysis

Choice (b) is the correct answer. Honey pot systems, padded cell systems, and vulnerability analysis complement IDS to enhance an organization's ability to detect intrusion. Inference cells (choice b) is a meaningless term here.

Use of Honey Pots and Padded Cells have which of the following? a. Social implications b. Legal implications c. Technical implications d. Psychological implications

Choice (b) is the correct answer. The legal implications of using Honey Pot and Padded Cell systems are not well defined. It is important to seek guidance from legal counsel before deciding to use either of these systems.

Which one of the following access control techniques requires security clearances for subjects? a. DAC b. MAC c. RBAC d. ACLs

Choice (b) is the correct answer. A mandatory access control (MAC) restricts access to objects based on the sensitivity of the information contained in the objects and the formal authorization (i.e., clearance) of subjects to access information of such sensitivity

Kerberos uses which of the following to protect against replay attacks? a. Cards b. Time-stamps c. Tokens d. Keys

Choice (b) is the correct answer. A replay attack refers to the recording and retransmission of message packets in the network. It is frequently undetectable but can be prevented by using packet timestamping similar to what Kerberos uses.

Accountability is important to implementing security policies. Which of the following is least effective in exacting accountability from system users? a. Auditing requirements b. Passwords c. Identification controls d. Authentication controls

Choice (b) is the correct answer. Accountability means holding individual users responsible for their actions. Due to several problems with passwords they are considered to be the least effective in exacting accountability. These problems include easy to guess passwords, easy to spoof users for passwords, easy to steal passwords, and easy to share passwords. The most effective controls for exacting accountability include a policy, authorization scheme, identification and authentication controls (choices c and d), access controls, audit trails, and auditing (choice a

Which of the following access control techniques provide a straightforward way of granting or denying access for a specified user? a. RBAC b. ACLs c. MAC d. DAC

Choice (b) is the correct answer. An access control list (ACL) is an object associated with a file and containing entries specifying the access that individual users or groups of users have to the file. ACLs provide a straightforward way of granting or denying access for a specified user or groups of users. Other choices are not that straightforward in that they use labels, tags, and roles.

Use of login IDs and passwords is the most commonly used mechanism for: a. Providing dynamic verification of a user b. Providing static verification of a user c. Providing a strong user authentication d. Batch and on-line computer systems alike

Choice (b) is the correct answer. By definition, a static verification takes place only once at the start of each login session. Passwords may or may not be reusable. Dynamic verification of a user (choice a) takes place when a person types on a keyboard and leaves an electronic signature in the form of key stroke latencies in the elapsed time between keystrokes. For well-known, regular type strings, this signature can be quite consistent. Here is how a dynamic verification mechanism works: When a person wants to access a computer resource, he is required to identify himself by typing his name. The latency vector of the keystrokes of this name is compared with the reference signature that is stored in the computer. If this claimant's latency vector and the reference signature are statistically similar, the user is granted access to the system. The user is asked to type his name a number of times to provide a vector of mean latencies to be used as a reference. This can be viewed as an electronic signature of the user. Choice (c) is incorrect because passwords do not provide a strong user authentication. If it were true, there would not be a 'hacker' problem today. In fact, passwords provide the weakest user authentication due to their sharing and guessable nature. Choice (d) is incorrect because only on-line systems require a user ID and password from a user due to their interactive nature. Only batch jobs and files require a user ID and password when submitting a job or modifying a file. Batch systems are not interactive

Which of the following security models address "separation of duties" concept? a. Biba model b. Clark and Wilson model c. Bell-LaPadula model d. Sutherland model

Choice (b) is the correct answer. Clark and Wilson security model address the separation of duties concept along with well-formed transactions. Separation of duties attempts to ensure the external consistency of data objects. It also addresses the specific integrity goal of preventing authorized users from making improper modifications. The other models do not address the separation of duties concept.

Controlling access to the network is provided by which of the following pair of high-level system services? a. Access control lists and access privileges b. Identification and authentication c. Certification and accreditation d. Accreditation and assurance

Choice (b) is the correct answer. Controlling access to the network is provided by the network's identification and authentication service. This service is pivotal in providing controlled access to the resources and services offered by the network and in verifying that the mechanisms provide proper protection. Identification is the process that enables recognition of an entity by a computer system, generally by the use of unique machinereadable user names. Authentication is the verification of the entity's identification. That is when the host, to whom the entity must prove his identity, trusts (through an authentication process) that the entity is in fact who he claims to be. The threat to the network that the identification and authentication service must protect against is impersonation. Choice (a) is incorrect. Access control list is a list of the subjects that are permitted to access an object and the access rights (privileges) of each subject. This service comes after initial identification and authentication service. Choice (c) is incorrect. Certification is the administrative act of approving a computer system for use in a particular application. Accreditation is the management's formal acceptance of the adequacy of a computer system's security. Certification and accreditation are similar in concept. This service comes after initial identification and authentication service. Choice (d) is incorrect. Accreditation is the management's formal acceptance of the adequacy of a computer system's security. Assurance is confidence that a computer system design meets its requirements. Again, this service comes after initial identification and authentication service

19. Intrusion detection systems (IDS) look at security policy violations: a. Statically b. Dynamically c. Linearly d. Non-linearly

Choice (b) is the correct answer. IDS look for specific symptoms of intrusions and security policy violations dynamically. IDS are Choice (b) is the correct answer. IDS look for specific symptoms of intrusions and security policy violations dynamically. IDS are

Which of the following is not an example of denial of service attacks? a. Flaw exploitation attacks b. Information attacks c. Flooding attacks d. Distributed attacks

Choice (b) is the correct answer. Information attack is a vague term here and a distracter. Flaw exploitation attacks (choice a) take advantage of a flaw in the target system's software in order to cause a processing failure or to cause it to exhaust system resources. Flooding attacks (choice c) simply send a system more information than it can handle. Distributed attack is a subset of denial of service attacks, where the attacker uses multiple computers to launch the attack and flood the system

Locking-based attacks result in which of the following? a. Denial of service b. Degradation of service c. Destruction of service d. Distribution of service

Choice (b) is the correct answer. Locking-based attack is used to hold a critical system lock most of the time, releasing it only briefly and occasionally. The result would be a slow running browser without stopping it. This results in a degradation of service. The degradation of service is a mild form of denial of service. Choices (c) and (d) are distracters

Which of the following security control mechanisms is simplest to administer? a. Discretionary access control b. Mandatory access control c. Access control list d. Logical access control

Choice (b) is the correct answer. Mandatory access controls are the simplest to use because they can be used to grant broad access to large sets of files and to broad categories of information. Discretionary access controls are not simple to use due to their finer level of granularity in the access control process. Both the access control list and logical access control require a significant amount of administrative work because they are based on the details of each individual user.

Which of the following is a major issue with implementation of intrusion detection systems (IDS)? a. False-negative notification b. False-positive notification c. True-negative notification d. True-positive notification

Choice (b) is the correct answer. One of the biggest single issues with IDS implementation is the handling of false-positive notification. Anomaly-based IDS produce a large number of false alarms (false-positives) due to the unpredictable nature of users and networks. Automated systems are prone to mistakes, and human differentiation of possible attacks is very resource-intensive

Which of the following is the most effective method for password creation? a. Using password generators b. Using password "advisors" c. Assigning passwords to users d. Implementing user selected passwords

Choice (b) is the correct answer. Password advisors are computer programs that examine user choices for passwords and inform the users if the passwords are weak. Passwords produced by password generators are difficult to remember (choice a) while user selected passwords are easy to guess (choice d). Users write the password down on a paper when it is assigned to them (choice c).

Password management is an example of a: a. Directive control b. Preventive control c. Detective control d. Corrective control

Choice (b) is the correct answer. Password management is an example of preventive controls in that passwords deter unauthorized users accessing a system unless they know the password through some other means.

Which of the following does not lead to penetration attacks? a. Scanning b. Spamming c. Snooping d. Sniffing

Choice (b) is the correct answer. Scanning, snooping, and sniffing are attacks searching for required information. These attacks are preparatory actions prior to serious penetration attacks. Spamming is posting identical messages to multiple newsgroups on the Internet and is not relevant here

Which of the following lists a pair of compatible functions within the IS organization? a. Systems programming and tape librarian b. Problem/change management and quality assurance c. Job control analysis and application programming d. Job control analysis and systems programming

Choice (b) is the correct answer. Separation of duties is the first line of defense against the prevention, detection, and correction of errors, omissions, and irregularities. The objective is to ensure that no one person has complete control over a transaction throughout its initiation, authorization, recording, processing, and reporting. If the total risk is acceptable, then two different jobs can be combined. If the risk is unacceptable, the two jobs should not be combined. Here, it is safe to combine the problem/change management function with the quality assurance function since both are staff positions. Choices (a), (c), and (d) are incorrect because they are examples of incompatible functions. The rationale is to minimize such functions that are not conducive to good internal control structure. For example, a systems programmer could change the job control parameters to run his own personal jobs

Which one of the following does not help in preventing fraud? a. Separation of duties b. Job enlargement c. Job rotation d. Mandatory vacations

Choice (b) is the correct answer. Separation of duties, job rotation, and mandatory vacations are management controls that can help in preventing fraud. Job enlargement does not prevent fraud because it is not a control and its purpose is to expand the scope of an employee's work.

Sniffing precedes which of the following? a. Spamming b. Spoofing c. Snooping d. Cracking

Choice (b) is the correct answer. Sniffing precedes either spoofing or hijacking. Sniffing and snooping are the same. Sniffing is observing packet's passing by on the network. Cracking is breaking for passwords

Integrity is covered by which of the following security models? a. Bell-LaPadula model b. Biba model c. Information flow model d. Take-Grant model

Choice (b) is the correct answer. The Biba model is an example of integrity model. Bell-LaPadula model is a formal state transition model of computer security policy that describes a set of access control rules. Both the Bell-LaPadula and the Take-Grant models are part of access control models

The Biba security model focuses on which of the following? a. Confidentiality b. Integrity c. Availability d. Accountability

Choice (b) is the correct answer. The Biba security model is an integrity model in which no subject may depend on a less trusted object, including another subject

The Clark-Wilson security model focuses on which of the following? a. Confidentiality b. Integrity c. Availability d. Accountability

Choice (b) is the correct answer. The Clark-Wilson security model is an approach to providing data integrity for common commercial activities

What is the bit size of Kerberos? a. 40 b. 56 c. 64 d. 128

Choice (b) is the correct answer. The bit size of Kerberos is the same as that of DES, which is 56 bits because Kerberos uses a symmetric key algorithm similar to DES

The correct sequence of conducting penetration tests is which of the following? 1. Develop a test plan 2. Conduct the test 3. Inform management about the test 4. Report the test results a. 1, 2, 3, and 4 b. 3, 1, 2, and 4 c. 2, 1, 3, and 4 d. 3, 2, 1, and 4

Choice (b) is the correct answer. The correct sequence of penetration test is informing management about the test, developing a test plan, conducting the test, and reporting the test results. Management should be informed first to obtain their permission and to learn about their concerns and objectives.

The principle of least privilege is most closely linked to which of the following security services? a. Confidentiality b. Integrity c. Availability d. Non-repudiatio

Choice (b) is the correct answer. The principle of least privilege deals with access control mechanisms, and as such they ensure integrity of data and systems by limiting access to computer systems

Which of the following is required to thwart attacks against a Kerberos security server? a. Initial authentication b. Pre-authentication c. Post-authentication d. Re-authentication

Choice (b) is the correct answer. The simplest form of initial authentication uses a user ID and password, which occurs on the client. The server has no knowledge of whether the authentication was successful. The problem with this approach is that anyone can make a request to the server asserting any identity, allowing an attacker to collect replies from the server and successfully launching an official attack on those replies. In pre-authentication, the user sends some proof of his identity to the server as part of the initial authentication process. The client must authenticate prior to the server issuing a credential (ticket) to the client. The proof of identity used in pre-authentication can be a smart card or token, which can be integrated into the Kerberos initial authentication process. Here, post-authentication and re-authentication processes do not apply because it is too late to be of any use

How does a role-based access control mechanism work? a. It is based on job enlargement concept b. It is based on job duties concept c. It is based on job enrichment concept d. It is based on job rotation concept

Choice (b) is the correct answer. Users take on assigned roles such as doctor, nurse, teller, and manager. With role-based access control mechanism, access decisions are based on the roles that individual users have as part of an organization, that is, job duties. Job enlargement means adding width to a job, job enrichment means adding depth to a job, while job rotation makes a person well-rounded.

Intrusion detection systems (IDS) serve as which of the following? a. Barrier mechanism b. Monitoring mechanism c. Accountability mechanism d. Penetration mechanism

Choice (b) is the correct answer. IDS serve as monitoring mechanisms, watching activities, and making decisions about whether the observed events are suspicious. IDS can spot attackers circumventing firewalls and report them to system administrators, who can take steps to prevent damage. Firewalls serve as barrier mechanisms, barring entry to some kinds of network traffic and allowing others, based on a firewall policy (choice a). Choices (c) and (d) are distracters.

Lattice security model is an example of which of the following access control models? a. DAC b. Non-DAC c. MAC d. Non-MAC

Choice (b) is the correct answer. Lattice security model is based on non-discretionary access control model. A lattice model is a partially ordered set for which every pair of elements (subjects and objects) has a greatest lower bound and a least upper bound. The subject has the greatest lower bound, and the object has the least upper bound

Which one of the following access control mechanisms uses security labels? a. DAC b. MAC c. RBAC d. ACLs

Choice (b) is the correct answer. Security labels and interfaces are used to determine access based on the mandatory access control policy.

Which of the following models are used to protect the confidentiality of classified information? a. Biba model and Bell-LaPadula model b. Bell-LaPadula model and information flow model c. Bell-LaPadula model and Clark-Wilson model d. Clark-Wilson model and information flow model.

Choice (b) is the correct answer. The Bell-LaPadula model is used for protecting the confidentiality of classified information, based on multilevel security classifications. The information flow model, a basis for the Bell-LaPadula model, ensures that information at a given security level flows only to an equal or higher level. Each object has an associated security level. An object's level indicates the security level of the data it contains. These two models will ensure the confidentiality of classified information. The Biba model is similar to the Bell-LaPadula model but protects the integrity of information instead of its confidentiality. The Clark-Wilson model is a less formal model aimed at ensuring the integrity of information, not confidentiality. This model implements traditional accounting controls including segregation of duties, auditing, and well-formed transactions such as double-entry bookkeeping. Both the Biba and Clark-Wilson models are examples of integrity models.

143. Denial-of-service attacks compromise which one of the following properties of information systems? a. Integrity b. Availability c. Confidentiality d. Reliability

Choice (b) is the correct answer. A denial of service is an attack in which one user takes up so much of the shared resource that none of the resource is left for other users. It compromises the availability Robbins (Fall 2018) of system resources (e.g., disk space, CPU, print paper, and modems), resulting in degradation or loss of service. Denial-of-service attack does not affect integrity since the latter is a property that an object is changed only in a specified and authorized manner (choice a). Denial-of-service attack does not affect confidentiality since the latter is a property ensuring that data is disclosed only to authorized subjects or users (choice c). Denial-of-service attack does not affect reliability since the latter is a property defined as the probability that a given system is performing its mission adequately for a specified period of time under the expected operating conditions (choice d).

153. Which of the following is the technique used in anomaly detection in intrusion detection systems (IDS) where user and system behaviors are expressed in terms of counts? a. Parametric statistics b. Threshold detection measures c. Rule-based measures d. Non-parametric statistics

Choice (b) is the correct answer. Anomaly detectors identify abnormal, unusual behavior (anomalies) on a host or network. In threshold detection measures, certain attributes of user and system behavior are expressed in terms of counts, with some level established as permissible. Such behavior attributes can include the number of files accessed by a user in a given period of time. Statistical measures include parametric and non-parametric. In parametric measures the distribution of the profiled attributes is assumed to fit a particular pattern. In the non-parametric measures the distribution of the profiled attributes is "learned" from a set of historical data values, observed over time. Rule-based measures are similar to non-parametric statistical measures in that observed data defines acceptable usage patterns, but differs in that those patterns are specified as rules, not numeric quantities.

101. It is vital that access controls protecting a computer system work together. Which of the following types of access controls should be most specific? a. Physical access controls b. Application system access controls c. Operating system access controls d. Communication system access controls

Choice (b) is the correct answer. At a minimum, four basic types of access controls should be considered: physical, operating system, communications, and application. In general, access controls within an application are the most specific. However, for application access controls to be fully effective they need to be supported by operating system and communications system access controls (choices c and d). Otherwise, access can be made to application resources without going through the application. Operating system, communication, and application access controls need to be supported by physical access controls such as physical security and contingency planning (choice a).

Bell-LaPadula Model for computer security policy deals with which of the following? a. $ -property b. @ -property c. * -property d. # -property

Choice (c) is the correct answer. star property (* -property) is a Bell-LaPadula security rule allowing a subject write access to an object only if the security level of the object dominates the security level of the subject

144. Which of the following is the most malicious Internet-based attack? a. Spoofing attack b. Denial-of-service attack c. Spamming attack d. Locking attack

Choice (b) is the correct answer. Denial-of-service attack is the most malicious Internet-based attack because it floods the target computer with hundreds of incomplete Internet connections per second, effectively preventing any other network connections from being made to the victim network server. The result is a denial of service to users, consumption of system resources, or a crash in the target computer. Spoofing attack (choice a) uses various techniques to subvert IP-based access control by masquerading as another system by using its IP address. Spamming attack (choice c) poses identical messages to multiple unrelated newsgroups. It is often used in cheap advertising, to promote pyramid schemes, or simply to annoy people. Locking attack (choice d) prevents users from accessing and running shared programs such as those found in Microsoft Office.

Kerberos can prevent which one of the following attacks? a. Tunneling attack b. Playback attack c. Destructive attack d. Process attack

Choice (b) is the correct answer. In a playback (replay) attack, messages received from something or from somewhere are replayed back to it. It is also called a reflection attack. Kerberos puts the time of day in the request to prevent an eavesdropper from intercepting the request for service and retransmitting it from the same host at a later time. A tunneling attack (choice a) attempts to exploit a weakness in a system that exists at a level of abstraction lower than that used by the developer to design the system. For example, an attacker might discover a way to modify the microcode of a processor that is used when encrypting some data, rather than attempting to break the system's encryption algorithm. Destructive attacks (choice c) damage information in a fashion that denies service. These attacks can be prevented by restricting access to critical data files and protecting them from unauthorized users. In process attacks (choice d), one user makes a computer unusable for others who happen to be using the computer at the same time. These attacks are applicable to shared computers

139. Kerberos is a(n): a. Access-oriented protection system b. Ticket-oriented protection system c. List-oriented protection system d. Lock-and-key-oriented protection system

Choice (b) is the correct answer. Kerberos was developed to enable network applications to securely identify their peers. It uses a ticket, which identifies the client, and an authenticator that serves to validate the use of that ticket and prevent an intruder from replaying the same ticket to the server in a future session. A ticket is only valid for a given time interval. When the interval ends, the ticket expires, and any later authentication exchanges will require a new ticket. An access-oriented protection system (choice a) can be based on hardware or software or combination of both to prevent and detect unauthorized access and to permit authorized access. In list-oriented protection systems (choice c), each protected object has a list of all subjects authorized to access it. A lock-and-key-oriented protection system involves matching a key or password with a specific access requirement. Choices (a), (c), and (d) do not provide a strong authentication protection as does the Kerberos

105. An inherent risk is associated with logical access which is difficult to prevent or mitigate but can be identified via a review of audit trails. This risk is associated with which of the following types of access? a. Properly used authorized access b. Misused authorized access c. Unsuccessful unauthorized access d. Successful unauthorized access

Choice (b) is the correct answer. Properly authorized access, as well as misused authorized access, can use audit trail analysis. While users cannot be prevented from using resources to which they have legitimate access authorization, audit trail analysis is used to examine their actions. Similarly, unauthorized access attempts whether successful or not can be detected through the analysis of audit trails.

141. Smurf is an example of which of the following? a. IP address spoofing attack b. Denial-of-service attack c. Redirect attack d. TCP sequence number attack

Choice (b) is the correct answer. Smurf attacks use a network that accepts broadcast ping packets to flood the target computer with ping reply packets. The goal of smurf attack is to deny service. Choices (a) and (d) are examples of session hijacking attacks. The IP address spoofing is falsifying the identity of a computer system and the TCP sequence number attack is a prediction of the sequence number needed to carry out an unauthorized handshake. In a redirect attack, a hacker will redirect the TCP stream through the hacker's computer.

Impersonating a user or system is called a: a. Snooping attack b. Spoofing attack c. Sniffing attack d. Spamming attack

Choice (b) is the correct answer. Spoofing is an unauthorized use of legitimate identification and authentication data such as user IDs and passwords. Intercepted user names and passwords can be used to impersonate the user on the login or file transfer server host that the user is accessing. Spamming is posting identical messages to multiple unrelated newsgroups on the Internet. Sniffing and snooping are the same in that sniffing is observing packet's passing by on the network

Which of the following is the heart of intrusion detection systems (IDS)? a. A mutation engine b. A processing engine c. A state machine d. A virtual machine

Choice (b) is the correct answer. The processing engine is the heart of the IDS. It consists of the instructions (language) for sorting information for relevance, identifying key intrusion evidence, mining databases for attack signatures, and decision-making about thresholds for alerts and initiation of response activities. For example, a mutation engine is used to proliferate polymorphic virus. Choices (c) and (d) describe the condition of computers.

135. The major advantage of a single sign-on is that it: a. reduces management work b. goes beyond convenience c. authenticates a user once d. provides access to multiple applications

Choice (b) is the correct answer. Under a single sign-on, a user can authenticate once to gain access to multiple applications that have been previously defined in the security system. The single sign-on system goes beyond convenience in that it provides fewer areas to manage when compared to multiple sign-on systems. Many points of failure exist in multiple sign-on systems

Which of the following is the most important part of intrusion detection and containment? a. Prevent b. Detect c. Respond d. Report

Choice (c) is the correct answer. It is essential to detect insecure situations in order to respond in a timely manner. Also, it is of little use to detect a security breach if no effective response can be initiated. Note that no set of prevention measure is perfect. Reporting is the last step in the intrusion detection and containment process

Authentication is a protection against fraudulent transactions. Which of the following is not assumed by the authentication process? a. The validity of message location being sent b. The validity of the workstations that sent the message c. The integrity of the message that is being transmitted d. The validity of the message originator

Choice (c) is the correct answer. Authentication assures that the data received comes from the supposed origin. It is not extended to include the integrity of the data or messages that are being transmitted. However, authentication is a protection against fraudulent transactions by establishing the validity of messages being sent (choice a), validity of the workstations that sent the message (choice b), and the validity of the message originators (choice d). Invalid messages can come from a valid origin and authentication cannot prevent it.

Passwords are used as a basic mechanism to identify and authenticate a system user. Which of the following password-related factors cannot be tested with automated vulnerability testing tools? a. Password length b. Password lifetime c. Password secrecy d. Password storage

Choice (c) is the correct answer. No automated vulnerability testing tool can ensure that system users have not disclosed their passwords, thus secrecy cannot be guaranteed. Password length (choice a) can be tested to ensure that short passwords are not selected. Password lifetime (choice b) can be tested to ensure that they have a limited lifetime. Passwords should be changed regularly or whenever they may have been compromised. Password storage (choice d) can be tested to ensure that they are protected to prevent disclosure or unauthorized modification.

Robust authentication is not provided by which of the following? a. Kerberos b. Secure RPC c. Reusable passwords d. Digital certificates

Choice (c) is the correct answer. Robust authentication means very strong authentication, which should be required if access is given to internal computer systems. Robust authentication is provided by Kerberos, onetime passwords, challenge-response exchanges, digital certificates, and secure remote procedure calls (RPC). Reusable passwords provide very weak authentication.

Which one of the following is not an authentication mechanism? a. What the user knows b. What the user has c. What the user can do d. What the user is

Choice (c) is the correct answer. "What the user can do" is defined in access rules or user profiles, which comes after a successful authentication. The other three choices are part of an authentication process.

Rank the following authentication mechanisms providing most to least protection against replay attacks? a. Password only, password and PIN, challenge response, and onetime password b. Password and PIN, challenge response, one-time password, and password only c. Challenge response, one-time password, password and PIN, and password only d. Challenge-response, password and PIN, one-time password, and password only

Choice (c) is the correct answer. A challenge-response protocol is based on cryptography and works by having the computer generate a challenge, such as a random string of numbers. The smart token then generates a response based on the challenge. This is sent back to the computer, which authenticates the user based on the response. Smart tokens that use either challenge-response protocols or dynamic password generation can create one-time passwords that change periodically (e.g., every minute). If the correct value is provided, the log-in is permitted, and the user is granted access to the computer system. Electronic monitoring is not a problem with one-time passwords because each time the user is authenticated to the computer, a different "password" is used. A hacker could learn the one-time password through electronic monitoring, but it would be of no value. Passwords and personal identification numbers (PINs) have weaknesses such as disclosing and guessing. Passwords combined with PINs are better than passwords only. Both passwords and PINs are subject to electronic monitoring. Simple encryption of a password that will be used again does not solve the monitoring problem because encrypting the same password will create the same ciphertext; the ciphertext becomes the password

How does a rule-based access control mechanism work? a. It is based on filtering rules b. It is based on identity rules c. It is based on access rules d. It is based on business rules

Choice (c) is the correct answer. A rule-based access control mechanism is based on specific rules relating to the nature of the subject and object. These specific rules are embedded in access rules. Filtering rules are specified in firewalls. Both identity and business rules are inapplicable here

There are trade-offs among controls. A security policy would be most useful in which of the following areas? 1. System-generated passwords versus user-generated passwords 2. Access versus confidentiality 3. Technical controls versus procedural controls 4. Manual controls versus automated controls a. 1 and 2 b. 3 and 4 c. 2 and 3 d. 2 and 4

Choice (c) is the correct answer. A security policy is the framework within which an organization establishes needed levels of information security to achieve the desired confidentiality goals. A policy is a statement of information values, protection responsibilities, and organizational commitment for a computer system. It is a set of laws, rules, and practices that regulate how an organization manages, protects, and distributes sensitive information. There are trade-offs among controls such as technical controls and procedural controls (item 3). If technical controls are not available, procedural controls might be used until a technical solution is found. Nevertheless, technical controls are useless without procedural controls and a robust, security policy. Similarly, there is a tradeoff between access and confidentiality, that is, a system meeting standards for access allows authorized users access to information resources on an ongoing basis (item 2). The emphasis given to confidentiality, integrity, and access depends on the nature of the application. An individual system may sacrifice the level of one requirement to obtain a greater degree of another. For example, to allow for increased levels of availability of information, standards for confidentiality may be lowered. Thus, the specific requirements and controls for information security can vary. Items (1) and (4) also involve trade-offs, but at a lower level. Item (1) requires deciding between system-generated passwords, which can offer more security than user-generated passwords because they are randomly generated pseudo words not found in the dictionary. However, system-generated passwords are harder to remember, forcing users to write them down, thus defeating the purpose. Item 4 requires selecting between a manual and automated control or selecting a combination of manual and automated controls. One can work as a compensating control for the other.

150. Which of the following statements about tiger teams are not true? 1. They can be effective when insider work is suspected 2. They represent another independent attack on the system 3. They prove that a computer system is secure 4. They are a substitute for methodical testing a. 1 and 2 b. 1 and 3 c. 3 and 4 d. 2 and 4

Choice (c) is the correct answer. A tiger team is a team of independent experts hired to attempt to breach the system's security. The tiger team will not prove that a system is secure. Also, the tiger team's approach is not a substitute for methodical security testing. What it can do is be effective when insider work is suspected, as it will show the areas of vulnerability. Also, the tiger team approach should be viewed as another independent attack on the system's integrity and security. If the system has not been thoroughly tested prior to tiger team testing, it is a waste of effort and money because the approach will be ineffective

From a computer security viewpoint, the "Chinese Wall" policy is related to which of the following? a. Aggregation problem b. Data classification problem c. Access control problem d. Inference problem

Choice (c) is the correct answer. As presented by Brewer and Nash, the "Chinese Wall" policy is a mandatory access control policy for stock market analysts. According to the policy, a market analyst may do business with any company. However, every time the analyst receives sensitive "inside" information from a new company, the policy prevents him from doing business with any other company in the same industry because that would involve him in a conflict of interest situation. In other words, collaboration with one company places "Chinese wall" between him and all other companies in the same industry. The Chinese Wall policy does not meet the definition of an aggregation problem; there is no notion of some information being sensitive with the aggregate being more sensitive. The Chinese Wall policy is an access control policy where the access control rule is not based just on the sensitivity of the information, but is based on the information already accessed. It is neither an inference nor a data classification problem

System administrators pose a threat to computer security due to their access rights and privileges. Which of the following statements is true for an organization with one administrator? a. Masquerading by system administrators can be prevented b. System administrator's access to the system can be limited c. Actions by the system administrators can be detected d. System administrators cannot compromise system integrity

Choice (c) is the correct answer. Authentication data needs to be stored securely, and its value lies in the data's confidentiality, integrity, and availability. If confidentiality is compromised, someone may be able to use the information to masquerade as a legitimate user. If system administrators can read the authentication file, they can masquerade as another user. Many systems use encryption to hide the authentication data from the system administrators. Masquerading by system administrators cannot be entirely prevented (choice a). If integrity is compromised, authentication data can be added, or the system can be disrupted. If availability is compromised, the system cannot authenticate users, and the users may not be able to work. Controls can be set up so that improper actions by the system administrator can be detected in audit records. Due to their broader responsibilities, the system administrator's access to the system cannot be limited (choice b). They can compromise a system's integrity (choice d); again their actions can be detected in audit records. It makes a big difference whether an organization has one or more than one system administrator for separation of duties or for least privilege principle to work. With several system administrators, a system administrator account could be set up for one person to have the capability to add accounts. Another administrator could have the authority to delete them. When there is only one system administrator employed, breaking up the duties is not possible

Which of the following is not a classification of intrusion detection systems (IDS)? a. Network-based IDS b. Host-based IDS c. Interval-based IDS d. Application-based IDS

Choice (c) is the correct answer. Choices (a), (b), and (d) are the most common ways to classify IDS based on information sources. The interval-based IDS (choice c) is based on timing, which refers to the elapsed time between the events that are monitored and the analysis of those events

Logical access controls provide a technical means of controlling access to computer systems. Which of the following is not a benefit of logical access controls? a. Integrity b. Availability c. Reliability d. Confidentiality

Choice (c) is the correct answer. Computer-based access controls are called logical access controls. These controls can prescribe not only who or what is to have access to a specific system resource but also the type of access that is permitted, usually in software. Reliability is more of a hardware issue. Logical access controls can help protect: (1) operating systems and other systems software from unauthorized modification or manipulation (and thereby help ensure the system's integrity and availability), (2) the integrity and availability of information by restricting the number of users and processes with access, and (3) confidential information from being disclosed to unauthorized individuals

Which of the following is not a good measure of performance of biometric-based identification and authentication technique? a. False rejection rate b. False acceptance rate c. Cross boundary rate d. Cross over error rate

Choice (c) is the correct answer. Cross over error rate occurs when the false rejection rate and the false acceptance rate are equal. Choices (a), (b), and (d) are example of good measures while choice (c) is a distracter.

Which of the following provides strong authentication for centralized authentication servers when used with firewalls? a. User IDs b. Passwords c. Tokens d. Account numbers

Choice (c) is the correct answer. For basic authentication, user IDs, passwords, and account numbers are used for internal authentication. Centralized authentication servers such as RADIUS, TACACS/TACACS+ can be integrated with token-based authentication to enhance firewall administration security

Which of the following statements is true about intrusion detection systems (IDS) and firewalls? a. Firewalls are a substitution for IDS b. Firewalls are an alternative to IDS c. Firewalls are a complement to IDS . Firewalls are a replacement for IDS

Choice (c) is the correct answer. IDS should be used as a complement to a firewall, not a substitute for it. Together, they provide a synergistic effect

Which of the following is an example of input validation error? a. Access validation error b. Configuration error c. Buffer overflow error d. Race condition error

Choice (c) is the correct answer. In an input validation error, the input received by a system is not properly checked, resulting in a vulnerability that can be exploited by sending a certain input sequence. In a buffer overflow, the input received by a system is longer than the expected input length, but the system does not check for this condition. In an access validation error (choice a), the system is vulnerable because the access control mechanism is faulty. A configuration error (choice b) occurs when user controllable settings in a system are set such that the system is vulnerable. Race condition error (choice d) occurs when there is a delay between the time when a system checks to see if an operation is allowed by the security model and the time when the system actually performs the operation.

Location-based authentication technique can be effectively used to provide which of the following? a. Static authentication b. Intermittent authentication c. Continuous authentication d. Robust authentication

Choice (c) is the correct answer. Location-based authentication techniques can be used continuously, as there are no time and resource limits. It does not require any secret information to protect at either the host or user end. Continuous authentication is better than robust authentication, where the latter can be intermittent

114. Ensuring data and program integrity is important. Which of the following controls best applies the "separation of duties" principle in an automated computer operations environment? a. File placement controls b. Data file naming conventions c. Program library controls d. Program and job naming conventions

Choice (c) is the correct answer. Program library controls allow only assigned programs to run in production and eliminate the problem of test programs accidentally entering the production environment. They also separate production and testing data to ensure that no test data are used in normal production. This practice is based on the "separation of duties" principle. File placement controls (choice a) ensure that files reside on the proper direct access storage device so that data sets do not go to a wrong device by accident. Data file, program, and job naming conventions (choices b and d) implement the separation of duties principle by uniquely identifying each production and test data file names, program names, and job names, and terminal usage.

Which of the following lists a pair of compatible functions within the IS organization? a. Computer operations and applications programming b. Systems programming and data security administration c. Quality assurance and data security administration d. Production job scheduling and computer operations

Choice (c) is the correct answer. Separation of duties is the first line of defense against the prevention, detection, and correction of errors, omissions, and irregularities. The objective is to ensure that no one person has complete control over a transaction throughout its initiation, authorization, recording, processing, and reporting. If the total risk is acceptable, then two different jobs can be combined. If the risk is unacceptable, the two jobs should not be combined. Both quality assurance and data security are staff functions and would not handle the day-to-day operations tasks. Choices (a), (b), and (d) are incorrect because they are examples of incompatible functions. The rationale is to minimize such functions that are not conducive to good internal control structure. For example, if a computer operator is also responsible for production job scheduling, he could submit unauthorized production jobs.

An example of a drawback of smart cards includes: a. A means of access control b. A means of storing user data c. A means of gaining unauthorized access d. A means of access control and data storage

Choice (c) is the correct answer. Since valuable data is stored on a smart card, the card is useless if lost, damaged, or forgotten. An unauthorized person can gain access to a computer system in the absence of other strong controls. A smart card is a credit card-sized device containing one or more integrated circuit chips, which performs the functions of a microprocessor, memory, and an input\output interface. Smart cards can be used: (1) as a means of access control (choice a), (2) as a medium for storing and carrying the appropriate data (choice b), and (3) a combination of 1 and 2 (choice d)

Which of the following is not synonymous with spoofing? a. Mimicking b. Impersonating c. Sniffing d. Masquerading

Choice (c) is the correct answer. Spoofing is an attempt to gain access to a system by posing as an authorized user. It is synonymous with impersonating, masquerading, or mimicking. Sniffing is monitoring network traffic

12. Which of the following is not an example of attacks on data and information? a. Hidden code b. Inference c. Spoofing d. Traffic analysis

Choice (c) is the correct answer. Spoofing is using various techniques to subvert IP-based access control by masquerading as another system by using its IP address. Attacks such as hidden code, inference, and traffic analysis are based on data and information

An access triple used in the implementation of Clark and Wilson security model includes which of the following? a. Policy, procedure, and object b. Class, domain, and subject c. Subject, program, and data d. Level, label, and tag

Choice (c) is the correct answer. The Clark and Wilson model partitions objects into programs and data for each subject forming a subject/program/data access triple

Which of the following is an incompatible function for a database administrator (DBA)? a. Data administration b. Information systems administration c. Systems security d. Information systems planning

Choice (c) is the correct answer. The DBA function is concerned with short-term development and use of databases and is responsible for the data of one or several specific databases. It should be separate from systems security due to possible conflict of interest. The conflict is possible manipulation of access privileges and rules for personal gain. The DBA function can be mixed with data administration, IS administration, or IS planning since there is no harm to the organization

Which of the following uses a ticket and a password to authenticate a system user? a. Secure RPC b. SPX c. Kerberos d. SecurID

Choice (c) is the correct answer. The Kerberos identification and authentication technique involves a ticket that is linked to a user's password. Both the ticket and the password must be protected against loss or theft. Secure RPC and SPX provide a robust authentication mechanism over distributed computing environments. SecurID is a token from RSA, Inc

Computer operators should not be given access to which of the following? a. Computer console terminal b. Operations documentation c. Programming documentation d. Disk drives

Choice (c) is the correct answer. The appropriate level of access for the computer operator is access to the computer console terminal, tape/disk drives, printers, operations documentation, and the problem/change management system. He should not be given access to programming documentation and production data files since he could perform maintenance to them for unauthorized purposes. This is risky

Shoulder surfing can be prevented by all of the following except: a. Promoting education and awareness b. Preventing password guessing c. Installing encryption techniques d. Asking people not to watch while password is being typed

Choice (c) is the correct answer. The key thing in shoulder surfing is to make sure that no one watches the user while his password is being typed. Encryption does not help here since it is applied after a password is entered, not before. Proper education and awareness and using difficult-to-guess passwords can eliminate this problem

4. The "principle of least privilege" supports which of the following? a. All or nothing privileges b. Super-user privileges c. Appropriate privileges d. Creeping privileges

Choice (c) is the correct answer. The principle of least privilege refers to granting users only those accesses required to perform their duties. Only the concept of "appropriate privilege" is supported by the principle of least privilege.

Which of the following protective measures is ineffective against multiple threats? a. Access logs b. Encryption c. Passwords d. Audit trails

Choice (c) is the correct answer. Most measures are effective against multiple threats. For example, maintaining facility access logs is a method of controlling who goes into a facility, of knowing who is in a facility at a given time, and of preventing unauthorized removal of material from a facility. Encryption protects data both during transmission and while in storage. Audit trails furnish information for backup and recovery and also provide a basis for variance detection. A password is effective against a single threat, that is, authentication and identification of a person or subject.

Which of the following is inconsistent with the principle of least privilege? a. Requirements creep b. Design creep c. Authorization creep d. Analysis creep

Choice (c) is the correct answer. Permanent changes are necessary when employees change positions within an organization. In this case, the process of granting account authorizations will occur again. At this time, however, it is also important that access authorizations of the prior position be removed. Many instances of "authorization creep" have occurred with employees continuing to maintain access rights for previously held positions within an organization. This practice is inconsistent with the principle of least privilege, and it is a security vulnerability.

Honey Pot systems do not contain which of the following? a. Event triggers b. Sensitive monitors c. Sensitive data d. Event loggers

Choice (c) is the correct answer. The Honey Pot system is instrumented with sensitive monitors, event triggers, and event loggers that detect unauthorized accesses and collect information about the attacker's activities. These systems are filled with fabricated data designed to appear valuable.

Access control mechanisms include which of the following? a. Directive, preventive, and detective controls b. Corrective, recovery, and preventive controls c. Logical, physical, and administrative controls d. Management, operational, and technical controls

Choice (c) is the correct answer. Access control mechanisms include logical (passwords and encryption), physical (keys and tokens), and administrative (forms and procedures) controls. Directive, preventive, detective, corrective, and recovery controls are controls by action. Management, operational, and technical controls are controls by nature

148. Intrusion detection systems (IDS) cannot do which of the following? a. Report alterations to data files b. Trace user activity c. Compensate for weak authentication d. Interpret system logs

Choice (c) is the correct answer. An IDS cannot act as a "silver bullet," compensating for weak identification and authentication mechanisms, weaknesses in network protocols, or lack of a security policy. IDS can do the other three choices such as recognizing and reporting alterations to data files (choice a), tracing user activity from the point of entry to the point of exit or impact (choice b), interpreting the mass of information contained in operating system logs and audit trail logs (choice d).

An organization is experiencing excessive turnover of employees. Which of the following is the best access control technique under these situations? a. Rule-based access control b. Mandatory access c. Role-based access control d. Discretionary access control

Choice (c) is the correct answer. Employees can come and go but their roles will not change such as a doctor or nurse in a hospital. With role-based access control, access decisions are based on the roles that individual users have as part of an organization. Employee names may change but the roles will not. This access control is the best for organizations experiencing excessive employee turnover. Rule-based access control and mandatory access control are the same since they are based on specific rules relating to the nature of the subject and object. Discretionary access control is a means of restricting access to objects based on the identity of subjects and/or groups to which they belong.

130. Which of the following security solutions for access control is simple to use and easy to administer? a. Passwords b. Cryptographic tokens c. Hardware keys d. Encrypted data files

Choice (c) is the correct answer. Hardware keys are devices that do not require a complicated process of administering user rights and access privileges. They are simple keys, similar to door keys that can be plugged into the personal computer before a person can successfully log on to access controlled data files and programs. Each user gets a set of keys for his personal use. Hardware keys are simple to use and easy to administer. Choice (a) is incorrect because passwords do require some amount of security administrative work such as setting up the account and helping users when they forget passwords. Passwords are simple to use but hard to administer. Choice (b) is incorrect because cryptographic tokens do require some amount of security administrative work. Tokens need to be assigned, programmed, tracked, and disposed of. Choice (d) is incorrect because encrypted data files do require some amount of security administrative work. Encryption keys need to be assigned to the owners for encryption and decryption purposes.

149. Intrusion detection systems (IDS) can do which of the following? a. Analyze all the traffic on a busy network b. Deal with problems involving packet-level attacks c. Recognize a known type of attack d. Deal with high-speed asynchronous transfer mode networks

Choice (c) is the correct answer. IDS can recognize when a known type of attack is perpetrated on a system. It cannot do the following: (1) analyze all the traffic on a busy network or compensate for receiving faulty information from system sources (choice a), (2) always deal with problems involving packet-level attacks (e.g., an intruder using fabricated packets that elude detection to launch and attack or multiple packets to jam the IDS itself), and (3) deal with high-speed asynchronous transfer mode networks that use packet fragmentation to optimize bandwidth (choice d).

Which of the following is the correct sequence of actions in access control mechanisms? a. Access profiles, authentication, authorization, and identification b. Security rules, identification, authorization, and authentication c. Identification, authentication, authorization, and accountability d. Audit trails, authorization, accountability, and identification

Choice (c) is the correct answer. Identification comes before authentication, and authorization comes after authentication. Accountability is last where user actions are recorded

133. Less common ways to initiate impersonation attacks on the network include the use of which of the following? a. Firewalls and account names b. Passwords and account names c. Biometric checks and physical keys d. Passwords and digital certificates

Choice (c) is the correct answer. Impersonation attacks involving the use of physical keys, and biometric checks are less likely due to the need for the network attacker to be physically near the biometric equipment. Choice (b) is incorrect because it is the most common way to initiate impersonation attacks on the network. A firewall is a mechanism to protect IT computing sites against Internet-borne attacks. A digital certificate is a password protected and encrypted file that contains identification information about its holder.

Security clearances and sensitivity classifications are promoted by which of the following security models? a. Biba model b. Clark and Wilson model c. Bell-LaPadula model d. Sutherland model

Choice (c) is the correct answer. In Bell-LaPadula model, the clearance/classification scheme is expressed in terms of a lattice. In order to determine whether or not a specific access model is allowed, the clearance of a subject is compared to the classification of the object and a determination is made as to whether the subject is authorized for the specific access mode. The other models do not deal with security clearances and sensitivity classifications.

146. Which one of the following denial-of-service attacks in networks is less common in occurrence? a. Service overloading b. Message flooding c. Connection clogging d. Signal grounding

Choice (c) is the correct answer. In denial-of-service attacks, some users prevent legitimate users from using the network. Connection clogging occurs when users make connection requests with forged source addresses that specify nonexistent or unreachable hosts that cannot be contacted. Thus, there is also no way to trace the connection back. They remain until they time out or reset. The goal is to use up the limit of partially open connections. Service overloading (choice a) occurs when floods of network requests are made to a server daemon on a single computer. It cannot process regular tasks in a timely manner. Message flooding (choice b) occurs when a user slows down the processing of a system on the network to prevent the system from processing its normal workload, by "flooding" the machine with network messages addressed to it. The system spends most of its time responding to these messages. Signal grounding (choice d) can be used to disable a network. This will prevent users from transmitting or receiving messages until the problem is fixed.

132. Weaknesses of Kerberos include: 1. Subject to dictionary attacks 2. Works with an existing security systems software 3. Intercepting and analyzing network traffic is difficult 4. Every network application must be modified a. 1 and 2 b. 2 and 3 c. 1 and 4 d. 3 and 4

Choice (c) is the correct answer. Kerberos is an authentication system with encryption mechanisms that makes network traffic secure. Weaknesses of Kerberos include: (1) it is subject to dictionary attacks where passwords can be stolen by an attacker (item 1) and (2) it requires modification of all network application source code, which is a problem with vendor-developed applications with no source code provided to users (item 4). Kerberos strengths include that it can be added to an existing security system (item 2) and that it makes intercepting and analyzing network traffic difficult (item 3). This is due to use of encryption in Kerberos.

Passwords and personal identification numbers (PINs) are examples of which of the following? a. Procedural access controls b. Physical access controls c. Logical access controls d. Administrative access controls

Choice (c) is the correct answer. Logical, physical, and administrative controls are examples of access control mechanisms. Choices (a) and (d) are the same. Passwords, PINs, and encryption are examples of logical access control

125. Passwords can be stored safely in which of the following places? a. Initialization file b. Script file c. Password file d. Batch file

Choice (c) is the correct answer. Passwords should not be included in initialization files, script files, or batch files due to possible compromise. Instead, they should be stored in a password file, preferably encrypted.

147. Which of the following sends identical messages to multiple unrelated newsgroups over the Internet? a. Spoofing b. Mailbombing c. Spamming d. Shoulder surfing

Choice (c) is the correct answer. Spamming is posting identical messages to multiple unrelated USENET newsgroups. Often it is used as cheap advertising, to promote pyramid schemes, or simply to annoy other people. Spoofing is using various techniques to subvert IP-based access control by masquerading as another system by using their IP address. Mailbombing is flooding a site with enough mail to overwhelm its e-mail system. It is used to hide or prevent receipt of e-mail during an attack or as a retaliation against a site. Shoulder surfing is stealing passwords or personal identification numbers by looking over someone's shoulder.

138. Which of the following is most commonly used in the implementation of an access control matrix? a. Discretionary access control b. Mandatory access control c. Access control list d. Logical access control

Choice (c) is the correct answer. The access control list (ACL) is the most useful and flexible type of implementation of an access control matrix. The ACL permits any given user to be allowed or disallowed access to any object. The columns of an ACL show a list of users attached to protected objects. One can associate access rights for individuals and resources directly with each object. The other three choices require extensive administrative work and are useful but not that flexible

Individual accountability does not include which of the following? a. Unique identifiers b. Access rules c. Audit trails d. Policies and procedures

Choice (d) is the correct answer. A basic tenet of IT security is that individuals must be accountable for their actions. If this is not followed and enforced, it is not possible to successfully prosecute those who intentionally damage or disrupt systems or to train those whose actions have unintended adverse effects. The concept of individual accountability drives the need for many security safeguards, such as unique (user) identifiers, audit trails, and access authorization rules. Policies and procedures indicate what to accomplish and how to accomplish objectives. By themselves, they do not exact individual accountability

What is the basis for a two-factor authentication mechanism? a. Something you know and a password b. Something you are and a fingerprint c. Something you have and a key d. Something you have and something you know

Choice (d) is the correct answer. A two-factor authentication uses two different kinds of evidence. For example, a challenge-response token card typically requires both physical possession of the card (something you have, one factor) and a PIN (something you know, another factor). The other choices have only one factor to authenticate

Which of the following is not commonly detected and reported by intrusion detection systems (IDS)? a. System scanning b. Denial of service attacks c. System penetration attacks d. IP address spoofing attacks

Choice (d) is the correct answer. An attacker can send attack packets using a fake source IP address but arrange to wiretap the victims reply to the fake address. The attacker can do this without having access to the computer at the fake address. This manipulation of IP addressing is called IP address spoofing. A scanning attack occurs when an attacker probes a target network or system by sending different kinds of packets (choice a). Denial of service attacks attempt to slow or shut down targeted network systems or services (choice b). System penetration attacks involve the unauthorized acquisition and/or alteration of system privileges, resources, or data (choice c).

A more reliable authentication device is a: a. Fixed callback system b. Variable callback system c. Fixed and variable callback system d. Smart card system

Choice (d) is the correct answer. Authentication is providing assurance regarding the identity of a subject or object, for example, ensuring that a particular user is who he claims to be. A smart card system uses cryptographic-based smart tokens that offer great flexibility and can be used to solve many authentication problems such as forgery and masquerading. A smart token typically requires a user to provide something the user knows (i.e., a PIN or password), which provides a stronger control than the smart token alone. Smart cards do not require a call-back since the codes used in the smart card change frequently, which cannot be repeated. Call-back systems are used to authenticate a person. A fixed call-back system (choice a) calls back to a known telephone associated with a known place. However, the called person may not be known, which is a problem with masquerading. It is not only insecure but also inflexible since it is tied to a specific place. It is not applicable if the caller moves around. A variable call-back system (choice b) is more flexible than the fixed one but requires greater maintenance of the variable telephone numbers and locations. These phone numbers can be recorded or decoded by a hacker.

A security label, or access control mechanism, is supported by which of the following access control policies? a. Role-based policy b. Identity-based policy c. User-directed policy d. Mandatory access control policy

Choice (d) is the correct answer. Mandatory access control is a type of access control that cannot be made more permissive by subjects. They are based on information sensitivity such as security labels for clearance and data classification. Rule-based and administratively directed policies are examples of mandatory access control policy. Role-based policy (choice a) is an example of non-discretionary access controls. Access control decisions are based on the roles individual users are taking in an organization. This includes the specification of duties, responsibilities, obligations, and qualifications (e.g., a teller or loan officer associated with a banking system). Both identity-based and user-directed policies (choices b and c) are examples of discretionary access control. It is a type of access control that permits subjects to specify the access controls with certain limitations. Identity-based access control is based only on the identity of the subject and object. User-directed control is a type of access control in which subjects can alter the access rights with certain restrictions

106. Many computer systems provide "maintenance accounts" for diagnostic and support services. Which of the following security techniques is least preferred to ensure reduced vulnerability when using these accounts? a. Call-back confirmation b. Encryption of communications c. Smart tokens d. Password and user ID

Choice (d) is the correct answer. Many computer systems provide maintenance accounts. These special login accounts are normally preconfigured at the factory with preset, widely known weak passwords. It is critical to change these passwords or otherwise disable the accounts until they are needed. If the account is to be used remotely, authentication of the maintenance provider can be performed using call-back confirmation (choice a). This helps ensure that remote diagnostic activities actually originate from an established phone number at the vendor's site. Other techniques can also help, including encryption and decryption of diagnostic communications (choice b), strong identification and authentication techniques, such as smart tokens (choice c), and remote disconnect verification

Which of the following is the most sophisticated tool or technique that attackers use against computer systems? a. Password guessing b. Packet sniffing c. Password cracking d. Packet spoofing

Choice (d) is the correct answer. Packet spoofing is subverting access controls by masquerading as another user or system. Password guessing or password cracking is a technique in which attackers try to guess or steal passwords to obtain access to computer systems. If packet spoofing is the highest in sophistication level, then password guessing and cracking are at the lowest level. Packet sniffing is a technique in which attackers surreptitiously insert a software program at remote network switches or host computers. The program monitors information packets as they are sent through networks and sends a copy of the information retrieved to the hacker

Which of the following password selection procedures would be the most difficult to remember? a. Reverse or rearrange the characters in user birthday b. Reverse or rearrange the characters in user annual salary c. Reverse or rearrange the characters in the user's spouse's name d. Use randomly generated characters

Choice (d) is the correct answer. Password selection is a difficult task to balance between password effectiveness and its remembrance by the user. The selected password should be simple to remember for oneself and difficult for others to know. It is no advantage in having a scientifically generated password if the user cannot remember it. Using randomly generated characters as a password is not only difficult to remember but also easy to publicize. Users will be tempted to write them down in a conspicuous place if the password is difficult to remember. The approaches in the other three choices would be relatively easy to remember due to the user familiarity with the password origin. A simple procedure is to use well-known personal information that is rearranged

Which of the following authentication techniques is impossible to forge? a. What the user knows b. What the user has c. What the user is d. Where the user is

Choice (d) is the correct answer. Passwords and PINs are often vulnerable to guessing, interception, or brute force attack (choice a). Devices such as access tokens and crypto-cards can be stolen (choice b). Biometrics can be vulnerable to interception and replay attacks (choice c). A location cannot be different than what it is (choice d). The techniques used in choices (a, b, and c) are not foolproof. However, choice (d) is foolproof because it cannot be spoofed or hijacked

Which of the following authentication types is most effective? a. Static authentication b. Robust authentication c. Intermittent authentication d. Continuous authentication

Choice (d) is the correct answer. Static authentication uses reusable passwords, which can be compromised by replay attacks. Robust authentication includes one-time passwords and digital signatures, which can be compromised by session hijacking. Intermittent authentication is not useful because of gaps in user verification. Continuous authentication protects against impostors (active attacks) by applying a digital signature algorithm to every bit of data that is sent from the claimant to the verifier. Also, continuous authentication prevents session hijacking.

The Take-Grant security model focuses on which of the following? a. Confidentiality b. Accountability c. Availability d. Access rights

Choice (d) is the correct answer. The Take-Grant security model uses a directed graph to specify the rights that a subject can transfer to an object or that a subject can take from another subject

A data/tape librarian should not be responsible for: a. Record-keeping of tape and cartridge activity b. Taking periodic inventory of tapes and cartridges c. Logging movement of magnetic media d. Operating the computer

Choice (d) is the correct answer. There would be a conflict of interest if a tape librarian operates the computer since he is close to the data. Choices (a), (b), and (c) are typical job duties of a tape librarian. Each IS organization may have a different focus on these items. The combination of tasks in the other three choices is compatible with no harm done to the organization.

Which of the following is a major vulnerability with Kerberos model? a. The user b. The server c. The client d. The key-distribution-server

Choice (d) is the correct answer. A major vulnerability with the Kerberos model is that if the key distribution server is attacked, every secret key used on the network is compromised. The principals involved in the Kerberos model include the user, the client, the keydistribution-center, the ticket-granting-service, and the server providing the requested services

Which of the following user identification and authentication techniques depend on reference profiles or templates? a. Memory tokens b. Smart tokens c. Cryptography d. Biometric systems

Choice (d) is the correct answer. Biometric systems require the creation and storage of profiles or templates of individuals wanting system access. This includes physiological attributes such as fingerprints, hand geometry, or retina patterns, or behavioral attributes such as voice patterns and hand-written signatures. Memory tokens and smart tokens (choices a and b) involve the creation and distribution of token/PINs and data that tell the computer how to recognize valid tokens/PINs. Cryptography (choice (c)) requires the generation, distribution, storage, entry, use, distribution, and archiving of cryptographic keys

Which of the following detective controls is more effective in discovering masquerading attacks? a. Analyzing audit logs and journals b. Observing c. Reporting of password violations d. Reporting of the last time user accessed the system

Choice (d) is the correct answer. A masquerading attack is an attempt to gain access to a computer system by posing as an authorized user. The system informs the user about his last time login information (date and time accessed). This will alert the user if his account has been compromised. Analysis of audit logs and journals (choice a) is a passive detection method; logs are not reviewed unless there is a suspicion. Observation (choice b) can be direct or indirect but not conclusive. Password violation (choice c) can be normal when a genuine user forgets his password and the log shows repeated failed attempts to use an invalid or incorrect password.

From an access control viewpoint, which of the following is computed from a passphrase? a. Access password b. Personal password c. Valid password d. Virtual password

Choice (d) is the correct answer. A virtual password is a password computed from a passphrase that meets the requirements of password storage (e.g., 56 bits for DES). A passphrase is a sequence of characters, longer than the acceptable length of a regular password, which is transformed by a password system into a virtual password of acceptable length. An access password (choice a) is a password used to authorize access to data and is distributed to all those who are authorized similar access to that data. A personal password (choice b) is a password that is known by only one person and is used to authenticate that person's identity. A valid password (choice c) is a personal password that will authenticate the identity of an individual when presented to a password system. It is also an access password that will allow the requested access when presented to a password system.

A system mechanism and audit trails assist business managers to hold individual users accountable for their actions. In order to utilize these audit trails, which of the following controls is a prerequisite for the mechanism to be effective? a. Physical access controls b. Environmental controls c. Management controls d. Logical access controls

Choice (d) is the correct answer. By advising users that they are personally accountable for their actions, which are tracked by an audit trail that logs user activities, managers can help promote proper user behavior. Users are less likely to attempt to circumvent security policy if they know that their actions will be recorded in an audit log. Audit trails work in concert with logical access controls, which restrict use of system resources. Since logical access controls are enforced through software, audit trails are used to maintain an individual's accountability. Although choices (a) through (c) collect some data in the form of an audit trail, their use is limited due to limitation of useful data collected

Which of the following identification techniques provide strong user authentication? a. What the user is b. What the user has c. What the user knows d. a, b, and c

Choice (d) is the correct answer. From a cost and convenience viewpoint, it is good to combine identification techniques such as mixing (1) what the user is, (2) what the user has, and (3) what the user knows. An example is a bank's automated teller machine card (what the user has) with a secret personal identification number (what the user knows) combined with a fingerprint (what the user is) for high dollar transactions.

127. Which of the following is not a common method used to gain unauthorized access to computer systems? a. Password sharing b. Password guessing c. Password capturing d. Password spoofing

Choice (d) is the correct answer. Password spoofing is where intruders trick system security into permitting normally disallowed network connections. The gained passwords will allow them to crack security or to steal valuable information. For example, the vast majority of Internet traffic is unencrypted and therefore easily readable. Consequently, e-mail, passwords, and file transfers can be monitored and captured using readily available software. Password spoofing is not that common. Choices (a) through (c) are incorrect because they are the most commonly used methods to gain unauthorized access to computer systems. Password sharing (choice a) allows an unauthorized user to have the system access and privileges of a legitimate user, Robbins (Fall 2018) with the legitimate user's knowledge and acceptance. Password guessing (choice b) occurs when easy-to-use or easy-to-remember codes are used and when other users know about them (e.g., hobbies, sports, favorite stars, social events). Password capturing (choice c) is a process in which a legitimate user unknowingly reveals the user's login ID and password. This may be done through the use of a Trojan horse program that appears to the user as a legitimate login program; however, the Trojan horse program is designed to capture passwords.

104. The best place to put the Kerberos protocol is in which of the following? a. At the application layer b. At the transport layer c. At the network layer d. At all layers of the network

Choice (d) is the correct answer. Placing the Kerberos protocol below the application layer and at all layers of the network provides greatest security protection without the need to modify applications.

142. "Ping of death" is an example of which of the following? a. Teardrop attack b. Nmap attack c. Piggyback attack d. Buffer overflow attack

Choice (d) is the correct answer. The "ping of death" is an example of buffer overflow attack, a part of denialof-service attack, where large packets are sent to overfill the system buffers, causing the system to reboot or crash. In a piggy-backing attack, an intruder gains unauthorized access to a system by using a valid user's connection. The teardrop attack freezes vulnerable Windows 95 and Linux hosts by exploiting a bug in the fragmented packet re-assembly routines. Nmap is a sophisticated network-scanning tool.

26. In a fire-extinguishing environment, a dry pipe is: a. A sprinkler system in which the water does not enter the pipes until the automatic sensor indicates that there is a fire in the area b. A sprinkler system in which the water is in the pipe, but the outside of the pipe is dry c. A Halon gas system that contains a dry pipe d. A carbon dioxide (CO2) gas system that has a dry chemical to extinguish a fire

a. A sprinkler system in which the water does not enter the pipes until the automatic sensor indicates that there is a fire in the area b Choice (a) is the correct answer. The sequence of dry-pipe actions is (1) a heat or smoke sensor is activated first, (2) water fills the previously empty pipes leading to the sprinklers, (3) the alarm is sounded, and (4) the electrical power supply is disconnected automatically. Choice (b) is incorrect because water is not in the pipe until the heat or smoke sensor is activated. Choices (c) and (d) are incorrect because the descriptions are meaningless.

54. Which of the following statements is true? a. Both mantraps and turnstiles are physical security controls b. A mantrap is a physical security control while a turnstile is a logical access security control c. A mantrap is an environmental security control while a turnstile is a network security control d. Both mantraps and turnstiles are cryptographic security controls

a. Both mantraps and turnstiles are physical security controls Choice (a) is the correct answer. Both stationary and revolving doors are used in mantraps and turnstiles. Unauthorized individuals entering a data center cannot get out of a mantrap since it is so restrictive in terms of movement. Turnstiles also restrict the movement of an unauthorized individual. Both of these controls are part of the physical security controls within a data center requiring high-level security.

32. An under-voltage in electric power is called: a. Brownout b. Blackout c. Burnout d. Dropout

a. Brownout Choice (a) is the correct answer. A brownout is a condition in which electrical power dips below normal for more than a few seconds and is caused by under-voltage. Brownouts are a result of load near to or equaling generating capacity. A blackout is a complete loss of electrical power (that is, actual failure). Blackouts can result from windstorms, floods, from failures of electronic system equipment, or from human error. A dropout is an area on a disk or tape that cannot effectively record data. Persistent brownouts can cause data corruption and loss and can also cause computer power supplies to overheat and burn out.

39. Which of the following is a safe practice to ensure physical security? a. Deter b. Detect c. Delay d. Deny

a. Deter Choice (a) is the correct answer. It is preferred to deter attacks against property, whether criminal or not. If not deterred, access to selected areas or properties should be denied. If not denied, attacks that occur should be detected. If not detected in time, attacks should be delayed to allow time for response by authorities.

60. Which of the following combination controls is not appropriate to ensure continuity of electric power supply? a. Disk mirroring b. Power line conditioners c. Uninterruptible power supply equipment d. Backup generators

a. Disk mirroring Choice (a) is the correct answer. Disk mirroring is not appropriate to ensure the continuity of electric power supply because it prevents data loss. It is a fault tolerant mechanism because it copies and stores data in two places (disks). Choices (b), (c), and (d) are incorrect because they are needed to provide continuity of electric power supply. Power line conditioners smooth out power fluctuations. Uninterruptible power supply (UPS) equipment provides relief from short power outages. Backup generators support relief from long power outages. Rarely, a single control will suffice to meet control objectives. Rather, a combination of controls is needed to make up a whole and to provide a synergistic effect.

45. The least important factor to be considered when selecting an uninterruptible power system is: a. Fuel options b. Electrical load c. Battery duration d. Physical space

a. Fuel options Choice (a) is the correct answer. The selection of an uninterruptible power system is governed by three factors, electrical load, battery duration, and physical space. The electrical load represents the capacity for the UPS to supply power to the equipment properly. The battery duration is simply how long the UPS is supposed to support the equipment. Physical space is required for any UPS. Fuel options, whether to use diesel or natural gasoline, can be considered at a later point in the decision making process.

72. What would you be most concerned with after learning the following about a data center? a. Gun powder is stored in the basement of the building where the data center is also located b. The data center is located near oil storage tanks c. The data center is in close proximity (i.e., between one and two miles) to one engaged in the refinement of highly explosive chemicals or combustible and volatile products d. The data center is five to ten miles away from a nuclear power plant

a. Gun powder is stored in the basement of the building where the data center is also located Choice (a) is the correct answer. Here, critical factors are the distance and the frequency of a certain outcome. Storing gunpowder in the basement of the building where the data center is located is riskier due to close proximity and the frequency with which fire or explosion can occur. The other three locations, although risky, are far away from the basement of a building.

57. An instrument that measures atmospheric humidity in a computer room is called a: a. Hygrometer b. Hydrometer c. Barometer d. Voltmeter

a. Hygrometer Choice (a) is the correct answer. A hygrometer is an instrument that measures atmospheric humidity. A hydrometer (choice b) is an instrument used to determine specific gravity that sinks in a fluid to a depth used as a measure of the fluid's specific gravity. A barometer (choice c) is an instrument for measuring atmospheric pressure, used in weather forecasting and in determining elevation. A voltmeter (choice d) is an instrument for measuring electrical voltage.

51. The most important criteria to apply when hiring an outside consultant to advise in selecting eavesdropping and wiretapping countermeasures includes: a. Insurance and bonding b. Education and training c. Previous work references d. Experience and certification

a. Insurance and bonding Choice (a) is the correct answer. In addition to education and training, previous work references, experience and certification, it is important to find out about insurance and bonding coverages. The work of a security consultant is confidential and sensitive, which requires bonding.

19. Which one of the following fire sensors is useful in giving early warning? a. Ionization detector b. Photoelectric smoke detector c. Infrared flame detector d. Thermal detector

a. Ionization detector Choice (a) is the correct answer. The ionization detector is useful in giving early warning so that human lives can be saved. The photoelectric smoke detector alarms when the source of light is interrupted. The infrared flame detector reacts to emissions from flame. The thermal detector operates on a significant change in temperature.

76. Which of the following is best to replace the use of personal identification numbers (PINs) in the world of electronic banking? a. Iris-detection technology b. Voice technology c. Hand technology d. Fingerprint technology

a. Iris-detection technology Choice (a) is the correct answer. An automated teller machine customer can stand within three feet of a camera that automatically locates and scans the iris in the eye. The scanned bar code is then compared against previously stored code in the bank's file. Iris-detection technology is far superior in terms of accuracy compared to the accuracy of voice, face, hand, and fingerprint identification systems. Iris technology does not require a PIN.

16. A voltage spike is which of the following? a. It is sharp but brief increase in voltage b. It is slow but brief increase in voltage c. It is sharp but brief decrease in voltage d. It is slow but brief decrease in voltage

a. It is sharp but brief increase in voltage Choice (a) is the correct answer. A voltage spike is a sharp but brief increase in voltage, commonly caused by the turning off of heavy electrical loads such as air conditioners or photocopiers. The other three choices are meaningless.

50. Which of the following has a bearing on opportunities for electronic surveillance? a. Physical characteristics of a building b. Electrical characteristics of a building c. Mechanical characteristics of a building d. Environmental characteristics of a building

a. Physical characteristics of a building Choice (a) is the correct answer. The physical characteristics of a building have a bearing on opportunities for audio and electronic surveillance. Some of these factors are poor access control designs, inadequate soundproofing, common or shared ducts, and space above false ceilings that enable access for the placement of devices. Physical inspection of these weak areas will hinder penetration.

22. What is the first step to do in case of a fire? a. Report the fire b. Extinguish the fire c. Avoid panic d. Do not use elevators

a. Report the fire Choice (a) is the correct answer. As part of fire prevention tips, fire should be reported first, and then attempts should be made to extinguish it. Other actions include: never open a "hot" door, pull alarm system, and try to escape.

75. Which of the following statements about sprinkler systems is not true? a. Sprinkler systems cause water damage b. Sprinkler systems reduce fire damage locally c. Sprinkler systems protect human lives of building occupants d. Sprinkler systems limit fire damage to the building itself

a. Sprinkler systems cause water damage Choice (a) is the correct answer. When properly installed, maintained, and provided with an adequate supply of water, automatic sprinkler systems are highly effective in protecting buildings and their contents. Nonetheless, one often hears uninformed persons speak of the water damage done by sprinkler systems as a disadvantage. Fires that trigger sprinkler systems cause the water damage. In short, sprinkler systems reduce the fire damage, protect the lives of building occupants, and limit the fire damage to the building itself.

61. All of the following are benefits of automated environmental controls over manual monitoring except: a. System probes to perform diagnosis and analysis b. Orderly shutdown of the host system c. Slow recovery d. Problem recording and notification

a. System probes to perform diagnosis and analysis Choice (a) is the correct answer. Disk mirroring is not appropriate to ensure the continuity of electric power supply because it prevents data loss. It is a fault tolerant mechanism because it copies and stores data in two places (disks). Choices (b), (c), and (d) are incorrect because they are needed to provide continuity of electric power supply. Power line conditioners smooth out power fluctuations. Uninterruptible power supply (UPS) equipment provides relief from short power outages. Backup generators support relief from long power outages. Rarely, a single control will suffice to meet control objectives. Rather, a combination of controls is needed to make up a whole and to provide a synergistic effect.

20. Which one of the following fire stages does not produce smoke? a. The incipient stage b. Smoldering stage c. Flame stage d. Heat stage

a. The incipient stage Choice (a) is the correct answer. A normal fire proceeds through four stages: the incipient, smoldering, flame, and heat stages. In the incipient stage, no smoke is given out. Smoke begins to appear in the smoldering stage. In the flame stage, actual flame can be seen. The heat is intense and building up in the final, heat stage.

55. Any security measure must be cost-beneficial. UPS systems address electric power failures. Which one of the following cost factors is of least concern to the installation of UPS system? a. The size of the gas fuel supply b. The size of the electric load it can support c. The number of minutes it can support the load d. The speed with which it assumes the load when the primary source fails

a. The size of the gas fuel supply Choice (a) is the correct answer. A number of security measures are available to address electric power failures differing in both cost and performance. For example, the cost of a UPS depends on the size of the electric load it can support (choice b), the number of minutes it can support the load (choice c), and the speed with which it assumes the load when the primary power source fails (choice d). An on-site power generator can also be installed either in place of a UPS or in order to provide long-term backup to a UPS system. The size of the gas fuel supply (choice a) is a design decision along with the magnitude of the load the generator will support and the facilities to switch the load from the primary source or the UPS to the on-site generator.

27. What can take the heat off the fire safely? a. Water b. Carbon dioxide c. Soda ash d. Halon gas

a. Water Choice (a) is the correct answer. Water takes the heat off the fire, and it is safe compared to other choices. Carbon dioxide, soda ash, and Halon can be injurious

74. Which of the following is the most commonly used sprinkler system? a. Wet-pipe systems b. Dry-pipe system c. Carbon dioxide system d. Halon system

a. Wet-pipe systems Choice (a) is the correct answer. Wet-pipe systems are the most commonly used and are applicable when freezing is no threat to its operation. The next most popular one is the dry-pipe. The carbon dioxide system is dangerous to people's health and the Halon system cannot be used anymore due to a halt in Halon production.

30. Mantraps in a computer center are controlled by which of the following? a. A person's body weight and a smart card b. A person's body weight and a biometric feature c. A person's body weight and a magnetic card d. A person's body weight and a personal identification number (PIN)

b. A person's body weight and a biometric feature Choice (b) is the correct answer. Mantraps are used in high sensitive areas and have a built-in weighing scale. The mantrap controlling software looks at a combination of a person's body weight and a biometric feature such as fingerprint scan, hand geometry, facial recognition, iris scan, and voice recognition, and compares to a stored information about that person. Smart cards, magnetic cars, and PINs can be stolen or lost, which are weak form of authentication even when combined with the body weight. Choice (b) authenticates "what the user is," which is stronger than the other three choices.

8. Protective lighting does which of the following for computer facilities? a. Detection and correction b. Deterrent and detection c. Correction and action d. Protection and correction

b. Deterrent and detection Choice (b) is the correct answer. Protective lighting should act as deterrent and make detection likely. The lighting should enable the security staff to observe others without being seen.

71. When freezing temperatures and broken pipes are a problem, which of the following should be used? a. Wet-pipe systems b. Dry-pipe system c. Carbon-dioxide system d. Halon system

b. Dry-pipe system Choice (b) is the correct answer. When freezing temperatures and broken pipes are a problem, the dry-pipe system is useful. Air pressure is maintained in the pipes until a sprinkler head ruptures. Then, the air escapes, and water enters the pipes and exits through the opened sprinklers. With the wet-pipe system, water is in the pipes at all times and is released when heat ruptures the seal in the sprinkler head.

12. Which of the following is used to call for assistance? a. Contact sensor b. Duress sensor c. Vibration sensor d. Infrared sensor

b. Duress sensor Choice (b) is the correct answer. The duress sensor is used to call for assistance and it consists of a hand or foot operated switch usually found in bank teller areas. Contact sensor is activated when an electrical circuit is broken. Vibration sensor detects forced entry through metal barriers placed over windows, for example. Infrared sensors detect body heat.

33. Which of the following fire types is most common? a. Furniture fires b. Electrical fires c. Paper fires d. Gasoline fires

b. Electrical fires Choice (b) is the correct answer. Statistics indicate that most fires are electrical in origin. Choices (a) and (c) are Class A fires, while choice (d) is Class B fire.

64. Controls such as locked doors, intrusion detection devices, and security guards address which of the following risks? a. Heat failure b. Fraud or theft c. Power failure d. Equipment failure

b. Fraud or theft Choice (b) is the correct answer. Locked doors, intrusion detection devices, and security guards that restrict physical access are important preventive measures to control sabotage, riots, fraud, or theft. Sabotage can be caused by a disgruntled employee as well as by outsiders. Personnel policies should require the immediate termination and removal from the premise of any employee considered a threat. Fraud or theft exposures are reduced by restricting access to information that may be altered. Power failure (choice c) can be controlled by uninterruptible power supply. Heat failure (choice a) may cause inconvenience to employees. Equipment failure (choice d) may result in extended processing delays. Performance of preventive maintenance enhances system reliability and should be extended to all supporting equipment, such as temperature and humidity control systems and alarm or detecting devices.

15. A power brownout condition is which of the following? a. It is a long-term lag b. It is a long-term sag c. It is a short-term lag d. It is a short-term sag

b. It is a long-term sag Choice (b) is the correct answer. A brownout condition is a long-term sag. It is a deliberate reduction of voltage output at a power generating station to respond to high demand and thus avoids an outage. Choice (d) is the description of a voltage sag. Choices (a) and (c) are distracters.

31. "Tailgating" or "Piggy-backing" in a computer center can be prevented by which of the following? a. Cameras b. Mantraps c. Sensors d. Alarms

b. Mantraps Choice (b) is the correct answer. Tailgating (piggy-backing) means an unauthorized person is following an authorized person into a facility. It can be prevented by the use of mantraps where they take a measurement of the body weight of a person entering the computer center doors and combine it with a biometric feature such as fingerprint scan. If the person is not authorized to enter this highly sensitive area, he will not be allowed to proceed further and security authorities will be notified. Surveillance cameras are passive and do not take any action. Sensors and alarms do not have the intelligence built in similar to that of mantraps, and can give rise to false alarms

1. A secure and safe room should have which of the following? a. No more than one door b. No more than two doors c. No more than three doors d. No more than four doors

b. No more than two doors A secure and safe room should have no more than two doors. These doors should be solid, fireproof, lockable, and observable by physical security staff. One door is for entrance and the other one is for exit according to building fire code. Too many doors will provide too many escape routes for an intruder and not observable by the security staff.

58. Which of the following is not appropriate to provide adequate complementary physical access controls? a. ID badge card b. Password c. Magnetic stripe card d. Visitor log

b. Password Choice (b) is the correct answer. Passwords provide logical access controls, not physical access controls. The other three are examples of complementary controls. Each control enhances the other. A function or an area need not be weak to use complementary controls. Complementary controls can magnify the effectiveness of two or more controls when applied to a function, program, or operation. Identification (ID) badge cards, magnetic stripe cards, and visitor logs have a synergistic effect in providing a strong physical access control.

5. Biometrics-based access controls are implemented using which of the following? a. Administrative and directive controls b. Physical and logical controls c. Management and preventive controls d. Corrective and recovery controls

b. Physical and logical controls Physical controls (token, key, and card) are used to identify a user, and logical controls (fingerprint and voice) are used to authenticate the same user.

34. Which of the following should be the first step to be performed prior to installing cable wires in a computer center facility? a. Implement physical security controls b. Test the cables c. Check with local building codes d. Label the cables

c. Check with local building codes Choice (c) is the correct answer. Prior to any wiring installation, it is good to contact the official local building code standard sources and people to ensure that the planned cable plant is consistent with electrical and fire codes. This is to protect the safety and security of the facility. Physical security controls can include acquiring dedicated space with a locked door to serve as a wiring closet. After checking with the local building codes, the next step is to test the cable for bad spots. By labeling both ends of a cable, a built-in map is available that identifies each cable, its termination point and length, and electrical characteristics.

69. Which of the following security safeguards is ineffective in an on-line application system serving multiple users at multiple locations? a. Procedural controls b. Physical controls c. Hardware controls d. Software controls

b. Physical controls Choice (b) is the correct answer. An on-line application system serving multiple users at multiple locations assumes that a network is in place. With a network there is often no centralized computer room with physical security controls that can be implemented. Therefore, physical controls are ineffective. Examples of physical controls include locked doors, intrusion detection devices, security guards, and magnetic badge readers that restrict physical access. Choice (a) is incorrect because procedural controls include instructions to request a user profile, adding and deleting users, and instructions to request database views, etc. Choice (c) is incorrect because hardware controls include fault tolerance devices such as disk mirroring and/or disk duplexing, smart card processing, encryption, parity checks, and switched ports. Choice (d) is incorrect because software controls include user IDs and passwords, smart card processing, encryption, check digits, and message authentication.

56. The most common concern regarding a physical security area is: a. Fire suppression system b. Piggybacking c. Locks and keys d. Natural disasters

b. Piggybacking Choice (b) is the correct answer. Piggybacking occurs when unauthorized access is gained to a computer system or facility via a user's legitimate connection. Then both the authorized and the unauthorized person enter the sensitive area. This kind of entry cannot be predicted or anticipated and its frequency of occurrence can be high. Fire suppression systems (choice a) should not be a concern if tested periodically. Locks and keys (choice c) are the first line of defense against intruders entering into a computer center building or computer room. Natural disasters (choice d) are not a concern because of their low frequency.

67. Which of the following delays water release? a. Wet pipe b. Preaction pipe c. Water pipe d. Gas pipe

b. Preaction pipe Choice (b) is the correct answer. A wet pipe releases water at a set temperature. The preaction pipe sounds an alarm and delays water release. A water pipe does not delay water release. Gas pipe is a distractor here.

41. A device or devices that sense(s) vibration or motion is (are) called: a. Vibration detector only b. Seismic detector and vibration detector c. Proximity detector and seismic detector d. Intrusion detector and vibration detector

b. Seismic detector and vibration detector Choice (b) is the correct answer. A seismic detector is a device that senses vibration or motion and thereby senses a physical attack upon an object or structure. A vibration detector is the same as a seismic detector. A proximity detector is a device that initiates a signal (alarm) when a person or object comes near the protected object. An intrusion detector is a device designed to detect an individual crossing a line or entering an area

46. Which of the following is a proper control in a computer room? a. Smoke detection equipment shuts down the wet pipe equipment b. Smoke detection equipment shuts down the air-conditioning equipment c. Smoke detection equipment shuts down the preaction pipe equipment d. Smoke detection equipment shuts down the water pipe equipment

b. Smoke detection equipment shuts down the air-conditioning equipment Choice (b) is the correct answer. The smoke detection system should shut down the air-conditioning equipment. Similarly, an emergency power shutdown should include shutting down the air-conditioning system. The reason is that when there is smoke or a power loss, the air-conditioning equipment should be turned off so people do not inhale smoke.

43. Which of the following pairs of items create a conflicting situation in a computer center? a. Fire-resistant file cabinets, vital records b. Sprinkler systems, water damage c. Fire detection system, alarms d. Furniture and equipment, noncombustible materials

b. Sprinkler systems, water damage Choice (b) is the correct answer. Sprinkler systems are desirable if the computer room construction contains combustible materials. While sprinklers extinguish fire, extensive water can damage some areas and materials in the room due to use of the sprinkler system. Choice (d) has no conflict because furniture and equipment in a computer room should be constructed of metal or other noncombustible material. Choice (c) has no conflict because fire detection and extinguishing systems should have alarms to signal trouble and to communicate problems to a specific location that is always manned. Choice (a) has no conflict because vital records should be stored in a fire-resistant cabinet file

28. More fire fatalities are caused by which of the following? a. Smoke b. Toxic gases c. Heat d. Flames

b. Toxic gases Choice (b) is the correct answer. More fire fatalities are caused by toxic gases than by the flames, smoke, or heat.v

9. The effectiveness of physical security controls is most determined by which of the following? a. Control device used b. Vulnerabilities in the device c. Implementation of the device d. Operation of the device

b. Vulnerabilities in the device Choice (b) is the correct answer. Organizations should determine whether intruders could easily defeat the controls (i.e., vulnerabilities) in the access control devices. Until the vulnerabilities are eliminated, implementation and operation of the control device do not matter much.

53. Which of the following parties poses a greater risk to an organization when guarding against electronic surveillance and wiretapping activities? a. A spy stationed in another building b. A janitor in the same building c. An employee in the same building d. A window washer in the same building

c. An employee in the same building Choice (c) is the correct answer. A spy stationed on the same floor in another building a few blocks away can use a telescope to obtain secret data; a window washer can take pictures of documents on desks or walls; a janitor is positioned to take documents discarded in the trash. However, these occurrences are rare. The greatest risk is an employee working in the same building because of proximity and the trust placed in the employee.

17. Which one of the following power problems is unlike the others? a. Sags b. Spikes c. Blackouts d. Surges

c. Blackouts Choice (c) is the correct answer. A blackout is a total loss of power, lasting several minutes to several hours, caused by damage to power lines and equipment, commonly due to weather conditions. Sags create undervoltage conditions. Spikes and surges create over-voltage conditions.

40. Fires involving energized electrical equipment are rated as: a. Class A fires b. Class B fires c. Class C fires d. Class D fires

c. Class C fires Choice (c) is the correct answer. A classification of fires is based on the nature of the combustibles, relating directly to the efficacy of extinguishing agents. Four classes are described as follows: Class A: Fires involving ordinary combustible solids (e.g., wood, cloth, paper, rubber, and many plastics) Class B: Fires involving flammable or combustible liquids and flammable gases Class C: Fires involving energized electrical equipment Class D: Fires involving certain combustible materials such as magnesium and sodium

14. Which of the following is ineffective in extinguishing Class A and B fires in a building? a. Carbon dioxide b. Water fog c. Dry powder d. Dry chemical

c. Dry powder Choice (c) is the correct answer. Dry powder is effective against Class D fires and ineffective against Class A and B fires. The other three choices are effective against Class A and B fires. Water fog is created by a special nozzle on the water hose.

52. The justification process in selecting electronic surveillance and wiretapping detection equipment includes which of the following? a. Low cost of detection equipment, high value of assets to be protected, and a high rate of equipment usage b. Medium cost of detection equipment, high value of assets to be protected, and a low rate of equipment usage c. High cost of detection equipment, high value of assets to be protected, and a high rate of equipment usage d. Low cost of detection equipment, low value of assets to be protected, and a high rate of equipment usage

c. High cost of detection equipment, high value of assets to be protected, and a high rate of equipment usage Choice (c) is the correct answer. The high cost of detection equipment is justified when the assets to be protected are highly valued and when a high rate of use can be made of the equipment. This is based on the cost-benefit principle.

73. The most effective control in handling potential terrorist attacks, especially bombing, is to: a. Use simulation software b. Examine all letters and parcels coming into a building c. Hire security guards d. Keep motor vehicles away from the building

c. Hire security guards Choice (c) is the correct answer. There is no substitute for vigilant and resourceful security guards protecting the buildings. Simulation software is available that will assess the vulnerability of a structure to explosive blasts by simulating the detonation of devices at various design points. Security can be improved by simply keeping vehicles away from near proximity to the structure. It also makes sense to examine all letters and parcels coming into a building for explosives.

70. The failure of a sprinkler system most often is due to which of the following reasons? a. Equipment error b. Computer error c. Human error d. Design error

c. Human error Choice (c) is the correct answer. The failure of a sprinkler system most often is due to human error. The water supply was turned off at the time of the fire.

36. Which of the following should be considered as delaying devices in physical security? a. Lights b. Safes c. Locks d. Vaults

c. Locks Choice (c) is the correct answer. Locks are considered as delaying devices only and not bars to entry. The longer it takes to open or break a lock the shorter the patience for an intruder. The idea is that officials will soon be arriving at the place if it takes longer to open a lock. Lights serve as a deterrent to violators. Safes provide protection against fire, burglary, and robbery. Vaults are enlarged safes and can be supported by alarm systems.

49. Electronic surveillance and wiretapping has increased due to which of the following? a. Telephone lines b. Bugging techniques c. Microchip technology d. Surveillance equipment

c. Microchip technology Choice (c) is the correct answer. Miniaturization has greatly aided spying. With advances in microchip technology, transmitters can be so small as to be enmeshed in wallpaper, inserted under a stamp, or placed on the head of a nail.

6. Which of the following physical intrusion detection system components report on the condition of the system? a. Motion sensors b. Control unit c. Monitor unit d. Transmission lines

c. Monitor unit Choice (c) is the correct answer. The physical intrusion detection system contains four components: motion sensors, control unit, monitor unit, and transmission lines. These components are integrated to operate in a specified manner. A monitor unit is a device that senses and reports on the condition of a system. Motion sensors (choice a) detect movement inside the area to be protected. A control unit (choice b) is the terminal box for all sensors. Transmission lines (choice d) communicate events, signals, and sensors.

77. Which of the following is true about biometrics? a. Least expensive and least secure b. Most expensive and least secure c. Most expensive and most secure d. Least expensive and most secure

c. Most expensive and most secure Choice (c) is the correct answer. Biometrics tends to be the most expensive and most secure. Choice (a) refers to passwords, while choice (d) refers to memory/smart tokens. In general, passwords are the least expensive authentication technique and generally the least secure. Memory tokens are less expensive than smart tokens but have less functionality. Smart tokens with a human interface do not require reading equipment but are more convenient to use.

65. Which of the following security controls is simple to implement with the least amount of delay? a. Operating system security controls b. Network security controls c. Physical security controls d. Application system security controls

c. Physical security controls Choice (c) is the correct answer. Physical security is achieved through the use of locks, guards, and administratively controlled procedures such as visitor badges. It also protects the structures housing the computer and related equipment against damage from accident, fire, and environmental hazards, thus ensuring the protection of their contents. Physical security measures are the first line of defense against the risks that stem from the uncertainties in the environment as well as from the unpredictability of human behavior. Frequently, they are the simplest safeguards to implement and can be put into practice with the least delay. The controls listed in the other three choices take a long time to implement and are not simple to install.

11. Which of the following intruder detection systems cannot be used as a primary system? a. Photoelectric detection systems b. Motion detection systems c. Proximity detection systems d. Audio detection systems

c. Proximity detection systems Choice (c) is the correct answer. Proximity detection systems identify the approach or presence of an object or an individual. It is designed to be supplemental and cannot be used effectively as a primary system because of the system's vulnerability to nuisance alarms caused by electric supply fluctuations and by the presence of mops, pails, etc., placed near the system. Animals and birds can trigger a system into alarm if it is too sensitive. Therefore, proximity systems should be backed up by other security systems. Photoelectric systems operate Robbins (Spring 2019) based on light, motion systems operate based on signal, and audio systems operate based on sound.

62. Which of the following combination of controls is not appropriate to prevent unauthorized people from entering a computer center? a. Double-locked doors b. Television monitors c. Terminal IDs d. Picture ID badges

c. Terminal IDs Choice (c) is the correct answer. Logical access controls verify the terminal identification (ID) number and not a part of physical security. Logical access controls provide a technical means of controlling what information users can utilize, the programs they can run, and the modifications they can make. Choices (a), (b), and (d) deal with physical security, which is the right kind of control to prevent unauthorized people from entering a computer center. This combination of physical security controls provides good protection.

7. Which of the following sensors detect the sounds of forced entry into a computer facility? a. Penetration sensor b. Microwave sensor c. Ultrasonic sensor d. Photoelectric sensor

c. Ultrasonic sensor Choice (c) is the correct answer. Ultrasonic sensors operate by sounds. Penetration sensors detect normal entry through doors, windows, walls, or any other opening into the protected area. Microwave sensors operate by radio or radar frequency transceiver. Photoelectric sensor operates by an interruption of light beam transmitted to the receiver.

24. Which of the following combination controls would not be appropriate in extinguishing fires? a. Smoke/fire detectors b. Water sprinklers c. Uninterruptible power supply equipment d. Fire or evacuation drills

c. Uninterruptible power supply equipment Choice (c) is the correct answer. Uninterruptible power supply (UPS) equipment does not by itself help in extinguishing a fire. UPS will prolong an electrical power supply when there is a power failure. Smoke/fire detectors (choice a) combined with water sprinklers (choice b) will help detect or put out an actual fire. Fire or evacuation drills (choice d) will help in getting ready for an actual fire. A single control would rarely suffice to meet control objectives. Rather, a combination of controls is needed to make up a whole and to provide a synergistic effect. In the example, all three controls are needed to be effective.

63. Which one of the following statements is not true regarding a water-based fire extinguishing system? a. Water cools the equipment relatively quickly b. The release of water can be localized to where it is needed c. Water and Halon gas systems are mutually exclusive d. Jet sprayers can be an alternative to water sprinklers

c. Water and Halon gas systems are mutually exclusive Choice (c) is the correct answer. Water and Halon gas should be used in conjunction with heat and smoke detectors and mechanisms for automatically shutting off electrical power and air-conditioning devices. Choice (a) is incorrect because water cools the equipment relatively quickly. Choice (b) is incorrect because the release of water can be localized to where it is needed. Choice (d) is incorrect because jet sprayers can be an alternative to water sprinklers. Jet sprayers located on the ceiling spray a fine water mist that turns to steam on contact with the fire, smothering it. Choices (a), (b), and (d) are true.

68. The best location for a data center is: a. Near stairways b. Near elevators c. Near restrooms d. Any location other than the above

d. Any location other than the above Choice (d) is the correct answer. The objective is to reduce the risk of bombings. The data center should be remote from publicly used areas due to their easy access for both insiders (disgruntled employees) and outsiders (intruders).

25. Modern "dry pipe" systems: a. Are less sophisticated than water-based sprinkler systems b. Maximize chances of accidental discharge of water c. Are a substitute for carbon dioxide fire-suppression systems d. Are a substitute for water-based sprinkler systems

d. Are a substitute for water-based sprinkler systems Choice (d) is the correct answer. Dry pipe systems are more sophisticated than water-based sprinkler systems (choice a). They minimize the chances of accidental discharge of water (choice b) because they discharge water only as needed. Therefore, they are a substitute for water-based sprinkler systems, which are used to extinguish fire. Carbon dioxide (choice c) is a clean gas and does not leave a residue on computer equipment or magnetic media. However, Robbins (Spring 2019) its use is diminishing due to potential health problems. Carbon dioxide and water sprinklers, respectively, are ranked from most to least harmful to people when activated.

48. Which of the following is the best place for sounding an alarm coming from a computer room? a. At a local station b. At a security guard station c. At a central station d. At a fire or police station

d. At a fire or police station Choice (d) is the correct answer. The best place for sounding an alarm coming from a computer room is at a fire or police station because immediate action can be taken. There can be a delay at the other choices.

4. Dry powder is used to extinguish which of the following fires? a. Class A fires b. Class B fires c. Class C fires d. Class D fires

d. Class D fires Class D fire is extinguished by dry powder. Class A fire is extinguished by water, Class B by carbon dioxide, and Class C is by a non-conducting extinguishing agent.

10. Which of the following statements is true about physical security and life safety? a. Physical security strives to control entry b. Life safety focuses on providing easy exit from a facility c. Life safety measures are expensive d. It is possible to achieve an effective balance between physical security and life safety

d. It is possible to achieve an effective balance between physical security and life safety Choice (d) is the correct answer. It is important to understand that the objectives of physical access controls may be in conflict with those of life safety. Simply stated, life safety focuses on providing easy exit from a facility, particularly in an emergency, while physical security strives to control entry. In general, life safety must be given first consideration, but it is usually possible to achieve an effective balance between the two goals. Life safety measures need not be expensive; sometimes least expensive measures work best.

38. Which of the following is the last line of defense in a physical security? a. Perimeter barriers b. Exterior protection c. Interior barriers d. People

d. People Choice (d) is the correct answer. The perimeter barriers (e.g., fences) are located at the outer edge of property and usually are the first line of defense. The exterior protection such as walls, ceilings, roofs, and floors of buildings themselves are considered the second line of defense. Interior barriers within the building such as doors and locks are considered the third line of defense. After all the above defenses are failed, the last line of defense is people, employees working in the building. They should question strangers and others unfamiliar to them.

35. Which of the following is the most costly countermeasure to reduce physical security risks? a. Procedural controls b. Hardware devices c. Electronic systems d. Personnel

d. Personnel Choice (d) is the correct answer. Personnel such as security guards are the greatest expense due to direct salaries plus fringe benefits paid to them. It is good to use people only in those areas where procedural controls, hardware devices, or electronic systems cannot be utilized at all or cannot be utilized more effectively. Procedural controls are generally the least expensive such as logging visitors and recording temperatures. They can be manual or automated; the latter can be expensive. Hardware devices can include locks, keys, fences, gates, document shredders, vaults, barricades, etc. Electronic systems can include access controls, alarms, CCTV, detectors, etc.

59. Advanced microelectronic techniques make PCs vulnerable to bugging. The best detective control procedure is to: a. Check all employee's personal bags or briefcases when they leave work b. Issue a policy statement restricting such unauthorized acts c. Make sure that technicians performing maintenance work are both authorized and qualified d. Require that a pass-out ticket be obtained after a technical review of PC working conditions

d. Require that a pass-out ticket be obtained after a technical review of PC working conditions Choice (d) is the correct answer. A transmitter chip or circuit board could be installed, removed, or substituted by a person for unauthorized purposes. Choices (b) and (c) are preventive controls, which may not be effective in this situation. Choices (a) and (d) are detective controls where choice (d) is very effective because a review and/or testing of the working condition of the PC provides a reasonable assurance of being bug free.

37. The vulnerability of a facility to damage or attack may be assessed by all of the following except: a. Inspection b. History of losses c. Security controls d. Security budget

d. Security budget Choice (d) is the correct answer. Examining a security budget cannot reveal much because there is no direct correlation between the budget and the vulnerability. An inspection of the facility by an experienced inspector can reveal the status of the facility and its associated controls. Examination of the facility's record of losses can reveal how bad the situation is. The degree of security controls installed Robbins (Spring 2019) can reveal whether high-value property is properly safeguarded from theft by insiders or attack by outsiders.

2. Which of the following is not one of the four legs of a fire? a. Heat b. Fuel c. Oxygen d. Smoke

d. Smoke Smoke is a by-product of a fire while heat, fuel, oxygen, and chemical reaction are the four legs of a fire.

42. Which of the following represents the upper end of the protection scale against electrical problems (e.g.,sags) in a computer center? a. Battery backup b. Power filters c. Power conditioners d. Uninterruptible power supply

d. Uninterruptible power supply Choice (d) is the correct answer. The order of protection scale from lower end to upper end is as follows: battery backup, power filters, power conditioners, and uninterruptible power supply (UPS). Battery backup has a short life (that is, low-end protection) compared to the UPS (which is high-end protection). Power filters filter the sags, spikes, and impulse noises. Power conditioners regulate the voltage into the system. UPS can clean up most of the power problems such as spikes, surges, sags, brownouts, blackouts, frequency variations, transient noises, and impulse hits.

13. An effective physical security control when accessing sensitive facilities and systems include which of the following? a. Smart card b. A biometric measure c. A digital certificate d. a, b, and c

d. a, b, and c Choice (d) is the correct answer. Smart card technology, in combination with biometrics, offers great levels of security when accessing buildings, computers, and large dollar accounts. The smart card can be used in a number of ways to identity the cardholder to the physical access control system. These include (1) carrying a number that can be used to retrieve the cardholder's access privileges from the physical access control system's files, (2) carrying access control privileges on-board the card, (3) carrying a digital certificate to verify the cardholder's identity, and (4) carrying a biometric template against which the cardholder's live scan is compared to verify the cardholder's identity.