computed results of your exam. Grades for essay questions, and comments from your instructor, are in the "Details" section below. Date Taken: 7/31/2014 Time Spent: 2 h , 00 secs Points Received: 440 / 495 (88.9%) Question Type: # Of Questions: # Correct: Multiple Choice 31 29 Fill in the Blank 19 14
Grade Details - All Questions Question 1. Question : Information security is the process of protecting all of the following except: Student Answer:
Confidentiality of data
Data integrity
Availability of data
Data configuration
Points Received: 10 of 10 Comments:
-1388448646 MultipleChoice 1 True
0 -1388448646 MultipleChoice 1
Question 2. Question : Information security managers are often motivated by which of the following? Student Answer:
Concern for the well-being of society
Governmental regulation
Fear of unwanted publicity
All of the above are motivating factors
Points Received: 5 of 5 Comments:
-1388448645 MultipleChoice 2 True
0 -1388448645 MultipleChoice 2
Question 3. Question : Security professionals activities include all of the following except: Student Answer:
Finding the source of the problem
Naming the virus
Eradicating the problem
Repairing the damage
Points Received: 10 of 10 Comments:
-1388448644 MultipleChoice 3 True
0 -1388448644 MultipleChoice 3
Question 4. Question : Demand for expertly trained security professionals is the result of: Student Answer:
Specialized training
Increased terrorist activity
New laws regulating the flow of information
Retirement of current security professionals
Points Received: 10 of 10 Comments:
-1388448643 MultipleChoice 4 True
0 -1388448643 MultipleChoice 4
Question 5. Question : One increasingly important step to becoming an information security specialist is to: Student Answer:
Get a degree in the psychology of crime
Create, test, and debug a virus or worm program
Build a home laboratory
Do all of the above
Points Received: 10 of 10 Comments:
-1388448642 MultipleChoice 5 True
0 -1388448642 MultipleChoice 5
Question 6. Question : Information Security magazine suggests that a good curriculum includes courses in: Student Answer:
Quality assurance
Legal issues
Human factors
Bioengineering
Points Received: 10 of 10 Comments:
-1388448641 MultipleChoice 6 True
0 -1388448641 MultipleChoice 6
Question 7. Question : ____________ establish and maintain the user base permitted to access a system in the normal course of their job duties. Student Answer:
Security testers
Security administrators
Access coordinators
Network engineers
Points Received: 10 of 10 Comments:
-1388448640 MultipleChoice 7 True
0 -1388448640 MultipleChoice 7
Question 8. Question : Topics within the umbrella of information security include all of the following except: Student Answer:
Incident response
Key management
Security testing
Electronic forensics
Points Received: 10 of 10 Comments:
-1388448639 MultipleChoice 8 True
0 -1388448639 MultipleChoice 8
Question 9. Question : Given enough time, tools, inclination, and ____________, a hacker can break through any security measure. Student Answer:
talent
skills
intelligence
assets
Points Received: 10 of 10 Comments:
-1388448638 MultipleChoice 9 True
0 -1388448638 MultipleChoice 9
Question 10. Question : IS professionals who create a plan to protect a computer system consider all of the following in the planning process except: Student Answer:
Defining the structural composition of data
Protecting the confidentiality of data
Preserving the integrity of data
Promoting the availability of data for authorized use
Points Received: 10 of 10 Comments:
-1388448637 MultipleChoice 10 True
0 -1388448637 MultipleChoice 10
Question 11. Question : Which of the following is NOT a goal of an integrity model security system? Student Answer:
Preventing unauthorized users from modifying data or programs
Verifying data consistency for internal and external programs
Preventing authorized users form making unauthorized modifications
Maintaining internal and external consistency of data and programs
Points Received: 10 of 10 Comments:
-1388448636 MultipleChoice 11 True
0 -1388448636 MultipleChoice 11
Question 12. Question : Overlapping layers provide all of the following elements necessary to secure assets except: Student Answer:
Direction
Response
Detection
Prevention
Points Received: 10 of 10 Comments:
-1388448635 MultipleChoice 12 True
0 -1388448635 MultipleChoice 12
Question 13. Question : Which of the following statements about Principle 4 is false? Student Answer:
exchange for worthless goods, people tend to give up credentials.
The organizers of Infosecurity Europe 2003 found that 75% of survey respondents revealed information immediately.
Todays virus writers are not very sophisticated.
It is easy to fool people into spreading viruses.
Points Received: 10 of 10 Comments:
-1388448634 MultipleChoice 13 True
0 -1388448634 MultipleChoice 13
Question 14. Question : IS principle five states that security depends on these requirements: Student Answer:
Functional and assurance
Verification and validation
Availability and integrity
Usability and interface
Points Received: 10 of 10 Comments:
-1388448633 MultipleChoice 14 True
0 -1388448633 MultipleChoice 14
Question 15. Question : Software developers often lack the ____________ and ____________ needed to test and break their software. Student Answer:
Wherewithal, motivation
Money, time
Expertise, resources
Qualifications, experience.
Points Received: 10 of 10 Comments:
-1388448632 MultipleChoice 15 True
0 -1388448632 MultipleChoice 15
Question 16. Question : The unique security issues and considerations of every system make it crucial to understand all of the following except: Student Answer:
Adherence to security standards
The security skills of the development teams
What hardware and software is used to deploy the system
The specific nature of data the system maintains.
Points Received: 10 of 10 Comments:
-1388448631 MultipleChoice 16 True
0 -1388448631 MultipleChoice 16
Question 17. Question : The Common Body of Knowledge with ____________ domains is the framework of the information security field. Student Answer:
5
10
15
20
Points Received: 10 of 10 Comments:
-1388448630 MultipleChoice 17 True
0 -1388448630 MultipleChoice 17
Question 18. Question : Security professional benefits from ISC 2 certification include all of the following except:
Student Answer:
Establishes best practices
Confirms knowledge of information security
Confirms passing of an examination
Broadens career expectations.
Points Received: 10 of 10 Comments:
-1388448629 MultipleChoice 18 True
0 -1388448629 MultipleChoice 18
Question 19. Question : An effective security policy contains all of the following information except: Student Answer:
Reference to other policies
Measurement expectations
Compliance management and measurements description
Glossary of terms
Points Received: 10 of 10 Comments:
-1388448628 MultipleChoice 19 True
0 -1388448628 MultipleChoice 19
Question 20. Question : The basic components of an issue-specific policy might include all of the following except: Student Answer:
Compliance
Applicability
Issue statement
Standard library structure
Points Received: 10 of 10 Comments:
-1388448627 MultipleChoice 20 True
0 -1388448627 MultipleChoice 20
Question 21. Question : A basic component of an issue-specific policy that defines a security issue and any relevant terms, distinctions, and conditions is a(n): Student Answer:
Issue statement
Statement of the organizations position
Point of contact and supplementary information
Role and responsibility
Points Received: 10 of 10 Comments:
-1388448626 MultipleChoice 21 True
0 -1388448626 MultipleChoice 21
Question 22. Question : Step-by-step directions to execute a specific security activity is referred to as a: Student Answer:
Regulation
Standard
Guideline
Procedure
Points Received: 10 of 10 Comments:
-1388448625 MultipleChoice 22 True
0 -1388448625 MultipleChoice 22
Question 23. Question : In the standards taxonomy _____________ suggests that no single person is responsible for approving his own work. Student Answer:
Separation of duties
Education, awareness, and training
Asset and data classification
Risk analysis and management
Points Received: 10 of 10 Comments:
-1388448624 MultipleChoice 23 True
0 -1388448624 MultipleChoice 23
Question 24. Question : ____________ provides technical facilities, data processing, and support services to users of information systems. Student Answer:
Chief information security officer
Information resources manager
Owners of information resources
Custodians of information resources
Points Received: 10 of 10 Comments:
-1388448623 MultipleChoice 24 True
0 -1388448623 MultipleChoice 24
Question 25. Question : What is within a trusted system that people want to access or use? Student Answer:
Object
Subject
MAC
TCB
Points Received: 10 of 10 Comments:
-1388448622 MultipleChoice 25 True
0 -1388448622 MultipleChoice 25
Question 26. Question : All of the following general rules are used to construct rings of trust in networked systems except: Student Answer:
Hosts trust more inner ring hosts than themselves
Hosts do not trust outer ring hosts more than themselves
Hosts in a ring of a segmented sub network trust hosts in the same ring of a different segment
Hosts trust hosts in the same ring
Points Received: 10 of 10 Comments:
-1388448621 MultipleChoice 26 True
0 -1388448621 MultipleChoice 26
Question 27. Question : Which of the following uses a specific OS and lacks a standard interface to connect to other systems? Student Answer:
Finite-state machine
Open system
Closed system
None of the above
Points Received: 10 of 10 Comments:
-1388448620 MultipleChoice 27 True
0 -1388448620 MultipleChoice 27
Question 28. Question : The criteria used to rate the effectiveness of trusted systems is set forth in: Student Answer:
TCSEC
ITSEC
CTCPEC
All of the above
Points Received: 10 of 10 Comments:
-1388448619 MultipleChoice 28 True
0 -1388448619 MultipleChoice 28
Question 29. Question : Which of the following is NOT a criterion for Class A1 design verification? Student Answer:
Clearly identified and documented model of a security policy
Top-level specification that includes definitions of the functions of TCB
TCB implementation consistent with top-level specification
None of the above
Points Received: 10 of 10 Comments:
-1388448618 MultipleChoice 29 True
0 -1388448618 MultipleChoice 29
Question 30. Question : Which of the following is NOT an ITSEC specialized, stand alone class? Student Answer:
F-AP
F-IN
F-AV
F-DC
Points Received: 0 of 10 Comments:
-1388448617 MultipleChoice 30 False
0 -1388448617 MultipleChoice 30
Question 31. Question : All of the following are classes of security functional requirements except: Student Answer:
Privacy
Communications
Audit
Security training
Points Received: 0 of 10 Comments:
-1388448616 MultipleChoice 31 False
0 -1388448616 MultipleChoice 31
Question 32. Question : ____________ is the process of protecting the confidentiality, integrity, and availability of data from accidental or intentional misuse. Student Answer: information security Instructor Explanation:
Points Received: 10 of 10 Comments:
-1388448615 FillInTheBlank 1 True
0 -1388448615 FillInTheBlank 1
Question 33. Question : Information security consists of best practices and experiences from several domains but begins with the non-technical, ____________ aspects of a security posture. Student Answer: human-centric Instructor Explanation:
Points Received: 10 of 10 Comments:
-1388448614 FillInTheBlank 2 True
0 -1388448614 FillInTheBlank 2
Question 34. Question : Information security specialists need to have a(n) ___________ view of the world around them and avoid a strictly technical orientation. Student Answer: holistic Instructor Explanation:
Points Received: 10 of 10 Comments:
-1388448613 FillInTheBlank 3 True
0 -1388448613 FillInTheBlank 3
Question 35. Question : ____________ security is within the umbrella of information security. Student Answer: physical Instructor Explanation:
Points Received: 10 of 10 Comments:
-1388448612 FillInTheBlank 4 True
0 -1388448612 FillInTheBlank 4
Question 36. Question : The first principle of information security says that a hacker can break any security system given enough time, inclination, tools, and ____________. Student Answer: skills Instructor Explanation:
Points Received: 10 of 10 Comments:
-1388448611 FillInTheBlank 5 True
0 -1388448611 FillInTheBlank 5
Question 37. Question : One goal of information security is to promote the ____________ of data for authorized use. Student Answer: availability Instructor Explanation:
Points Received: 10 of 10 Comments:
-1388448610 FillInTheBlank 6 True
0 -1388448610 FillInTheBlank 6
Question 38. Question : Spending more on securing on asset than the intrinsic value of the asset is a waste of ____________. Student Answer: time (A correct answer: resources) Instructor Explanation:
Points Received: 5 of 10 Comments: Time, yes, but more generally resources
-1388448609 FillInTheBlank 7 False
0 -1388448609 FillInTheBlank 7
Question 39. Question : People, ____________, and technology must work together to secure systems. Student Answer: process Instructor Explanation:
Points Received: 10 of 10 Comments:
-1388448608 FillInTheBlank 8 True
0 -1388448608 FillInTheBlank 8
Question 40. Question : A technical area of study within the CBK, the security architecture domain, addresses ____________ issues. Student Answer: network Instructor Explanation:
Points Received: 10 of 10 Comments:
-1388448607 FillInTheBlank 9 True
0 -1388448607 FillInTheBlank 9
Question 41. Question : A compilation of all security information collected internationally and relevant to information security professionals is the ____________. Student Answer: orange book (A correct answer: CBK) Instructor Explanation:
Points Received: 0 of 10 Comments:
-1388448606 FillInTheBlank 10 False
0 -1388448606 FillInTheBlank 10
Question 42. Question : To maintain relevance and currency ____________ and governance of certification process is needed. Student Answer: oversight Instructor Explanation:
Points Received: 10 of 10 Comments:
-1388448605 FillInTheBlank 11 True
0 -1388448605 FillInTheBlank 11
Question 43. Question : The Security Management Practices domain highlights the importance of a comprehensive security ____________. Student Answer: plan Instructor Explanation:
Points Received: 10 of 10 Comments:
-1388448604 FillInTheBlank 12 True
0 -1388448604 FillInTheBlank 12
Question 44. Question : Operational procedures and tools familiar to IT specialists are covered in the ____________ Security domain. Student Answer: operations Instructor Explanation:
Points Received: 10 of 10 Comments:
-1388448603 FillInTheBlank 13 True
0 -1388448603 FillInTheBlank 13
Question 45. Question : Information security ____________ are often dictated by the nature of an organizations business. Student Answer: standards Instructor Explanation:
Points Received: 10 of 10 Comments:
-1388448602 FillInTheBlank 14 True
0 -1388448602 FillInTheBlank 14
Question 46. Question : User education, awareness, and training on policies and procedures are important because ____________ are the weakest link in a security- related process. Student Answer: people Instructor Explanation:
Points Received: 10 of 10 Comments:
-1388448601 FillInTheBlank 15 True
0 -1388448601 FillInTheBlank 15
Question 47. Question : One or more components that enforce a unified security policy over a product or system make up a ____________. Student Answer: operating system (A correct answer: TCB) Instructor Explanation:
Points Received: 0 of 10 Comments:
-1388448600 FillInTheBlank 16 False
0 -1388448600 FillInTheBlank 16
Question 48. Question : Directly addressable by the CPU, ____________ memory stores application or system code as well as data. Student Answer: CPU (A correct answer: random) Instructor Explanation:
Points Received: 0 of 10 Comments: RAM
-1388448599 FillInTheBlank 17 False
0 -1388448599 FillInTheBlank 17
Question 49. Question : Describing how functional requirements should be implemented and tested is defined as ____________ requirements. Student Answer: assurance Instructor Explanation:
Points Received: 10 of 10 Comments:
-1388448598 FillInTheBlank 18 True
0 -1388448598 FillInTheBlank 18
Question 50. Question : Security testing ____________ that the implementation of the function is not flawed. Student Answer: ensures (A correct answer: validates) Instructor Explanation:
Points Received: 10 of 10 Comments:
-1388448597 FillInTheBlank 19 False
0 -1388448597 FillInTheBlank 19
* Times are displayed in (GMT-07:00) Mountain Time (US & Canada)