final written.docx

Question 1 In this security model, a subject can read all documents at or below their security level but cannot read up. a. Bell-LaPadula c. Access Matrix b. Biba d. Clark-Wilson Question 2 Policies, procedures, and controls that determine how information is accessed and by whom. d. Records Retention a. Records Management c. Access Management b. Data Classification Question 3 Video surveillance is considered a physical deterrent. True False Question 4 Ensuring that a new building site is reasonably free from hazards falls under this principle. c. Fencing b. Environmental Controls a. Asset Protection d. Secure Siting

Question 5 Audits are necessary because of ______ d. All of the Above a. Potential liability c. Negligence b. Mandatory regulatory compliance Question 6 The principle of least privilege means that users should have the fewest or lowest number of privileges required to accomplish their duties. True False Question 7 There is no potential downside to implementing an IPS. True False Question 8 A scan of many or all TCP / IP “ports” on one or more target systems d. Vulnerability Scanning a. Source Code Reviews c. Vulnerability Management b. Business Continuity Management

Question 9 There are no NIST documents that deal with Forensics. True False Question 10 The Federal Trade Commission, the Department of Agriculture, and the Federal Communications Commission deal with this category of U.S. Laws. a. Criminal Law b. Administrative Law d. Tort Law c. Civil Law Question 11 A NAC is used to help control which devices may connect to a network. True False Question 12 A group of servers that operate functionally as a single logical server. d. Fault Tolerance b. Clustering c. Virtualization

a. Replication Question 13 Enjoy your free point by picking the answer that says, "This one". No No No This one Question 14 A company can discontinue or decide not to enter a line of business if the risk level is too high. This is categorized as ____________. a. Risk acceptance d. Risk avoidance c. Risk mitigation b. Risk assignment Question 15 The Bell LaPadula model addresses the weaknesses of the Biba model. True False Question 16 This is the first stage of a Security Incident Response.

b. Investigation c. Triage d. Recovery a. Incident declaration Question 17 This authentication protocol uses some encryption with PPP. c. EAP a. CHAP d. PEAP b. PAP Question 18 In this security model a subject can write documents at or above their level of security but cannot write documents below their level. This is known as NWD. d. Non-interference a. Biba c. Clark-Wilson b. Bell-LaPadula Question 19

One of the best ways to avoid wasting your organization’s resources is to ensure that you follow the ________ review cycle. c. Benchmark a. Security b. Audit d. Monitoring Question 20 This is a code of professional ethics that security experts are expected to adhere to. b. CCAI a. RFC-1149 d. Security+ c. ISC² Question 21 This wireless technology was created as a competitor to DSL and cable modems and is a 'last mile' technology. WiMAX PAP LTE CDPD

Your preview ends here

Eager to read complete document? Join bartleby learn and gain access to the full version

Access to all documents
Unlimited textbook solutions
24/7 expert homework help