Beruflich Dokumente
Kultur Dokumente
Best answer: C
A information security policy should:
- Explain laws, regulations, business needs, and
managements expectations (goals & objectives)
- Identify roles and delineate responsibilities
Best answer: B
Functional requirement describes the functionality or behavior
which a system shall perform.
Assurance requirement measures level of confidence that the
security function will perform as intended.
Best answer: A
Threat and vulnerability assessments are a part of risk
management process.
Security audit determines whether the required controls have
been implemented.
Best answer: A
Accreditation is the official management decision of operate the
certified system. It is also a formal acceptance of the
responsibility to the security of the certified system.
Risk management is a process for managing risks to an
acceptable level.
Best answer: D
An architecture framework provides a common standard of
terminology, description, and models to facilitate
communications amongst the project stakeholders such as:
Best answer: A
Graham-Denning is usually expressed using access control
matrices that explain how subjects can perform actions on
objects. It has no rule for state-transitions.
Bell-LaPadula, Biba, and Clark-Wilson are state-machine
models.
10
22. In the Biba security model, what does the integrity * (star)
property mean?
a. Subject cannot read objects of lesser integrity
b. Subject cannot write to objects of higher integrity
c. Subject cannot send messages to object of higher
integrity
d. Subject cannot write to objects of lower sensitivity
11
23. What security model requires the use of access triple of subjectprogram-object to ensure well-formed transactions for preserving
data integrity, preventing arbitrary modification, and separation
of duty?
a. Graham-Denning
b. Bell-LaPadula
c. Biba
d. Clark-Wilson
Ref: Secure Database Development and the Clark-Wilson Security Model, X.Ge, F.Polack, R.Laleau, University of York, UK.
12
13
Best answer: C
In multi-level security (MLS) mode of operation, the system that
has implemented Bell-LaPadula security model can operate and
process information at multiple classification levels.
14
15
Best answer: B
Paging splits memory into equal-sized blocks called page
frames.
Swapping is the act of transferring pages between physical
memory and the swap space on a disk.
16
17
18
ITSEC
E0
F-C1, E1
F-C2, E2
F-B1, E3
F-B2, E4
F-B3, E5
F-B3, E6
TCSEC
D: Minimal Protection
C1: Discretionary Security Protection
C2: Controlled Access Protection
B1: Labeled Security
B2: Structured Protection
B3: Security Domains
A1: Verified Design
Reference: Information Technology Security Evaluation Criteria (ITSEC), version 1.2, June
28, 1991.
E5
E6
19
Required activities
Inadequate assurance
System in development
Informal system tests
Informal system and unit tests
Semi-formal system and unit tests
Semi-formal system and unit tests with
source code review
Formal end-to-end security tests plus
source code reviews
CC EAL
EAL1
EAL2
EAL3
EAL4
EAL5
EAL6
EAL7
20
Required activities
Functionally tested
Structurally tested
Methodically tested and chcked
Methodically designed, tested, and
reviewed
Semi-formally designed and tested
Semi-formally verified, designed, and
tested
Formally verified, designed, and tested
21
22
45. What is the data network topology where the end nodes are
connected to each other?
a. Tree topology
b. Star topology
c. Ring topology
d. Mesh topology
Best answer: A
TIA Category 6 cable standard for twisted wire pairs is designed
with better insulation and increased performance to reduce
crosstalk and signal noise than Category 5 and 3, thus suitable
for Gigabit and 10-Gigabit Ethernet in a LAN environment (up to
100 meters)
Note: Category 5e and 5 may be capable of carrying Gigabit
Ethernet signals, but they are not certified and capable of
carrying 10-Gigabit Ethernet signals.
23
Best answer: D
IEEE 802.11g operates in 2.4GHz and uses orthogonal
frequency-division multiplexing (OFDM).
IEEE 802.11b operates in 2.4GHz, but uses direct-sequence
spread spectrum (DSSS).
IEEE 802.11a operates in 5GHz, and uses OFDM
Bluetooth operates in 2.4GHz and uses frequency-hopping
spread spectrum (FHSS)
48. In the OSI data-link layer for local area network (LAN) protocols,
what is the length of unique address for the media access
control (MAC) that is assigned as the vender code?
a. 48-bit
b. 24-bit
c. 16-bit
d. 8-bit
24
50. What is the wide area network (WAN) protocol that packetizes
digital voice, video, and data information into 53-byte cell units
and requires no clocking mechanism?
a. Frame relay
b. Integrated Services Digital Network (ISDN)
c. Asynchronous Transfer Mode (ATM)
d. Synchronous Data Link Control (SDLC)
Best answer: A
Carrier sensing multiple access with collision avoidance
(CSMA/CA) is usually the best media access method for RF
network protocols. Primarily, this is because RF medium must
have some ways to know if the frequency channels are in-use or
available.
Best answer: C
Asynchronous Transfer Mode (ATM) is a asynchronous (clocking
not required) WAN protocol that packetizes digital voice, video,
and data information into 53-byte cell units.
25
51. What is the wireless protocol suite that enables your smart
phone to access Internet application services?
a. Enhanced Data rates for GSM Evolution (EDGE)
b. Evolution-Data Optimized (EV-DO)
c. IEEE 802.16, Worldwide Interoperability for Microwave
Access (WiMAX)
d. Wireless Application Protocol (WAP)
52. What is the wide area network (WAN) device that interprets
analog signals into digital signals and vice versa so the data
packets can be transmitted over circuit switched plain old
telephone service (POTS) network?
a. Modem
b. Channel Service Unit/Digital Service Unit (CSU/DSU)
c. Wide area network (WAN) switch
d. Gateway
Modem is the wide area network (WAN) device that interprets analog
signals into digital signals and vice versa over the circuit switched
POTS line.
Channel Service Unit (CSU) is a line bridging device that enables the
Digital Service Unit (DSU) to use channelized digital circuits such as
T-carriers.
WAN switch provides packet switching at Layer 2
Gateway does not interpret analog and digital signals. Gateway
enables interoperability of digital packets between two or multiple types
of physical medium. (e.g., Satcom and TCP/IP)
26
Best answer: D
All of the above. Virtual local area network (VLAN) improves
network performance and security by limiting network
broadcasts; hence reduce collision. VLAN simplifies network
administration; hence, reduce costs.
27
28
Best answer: D
Per RFC 1918, the following IP addresses are reserved as
private IP addresses:
Class A: 10.0.0.0 10.255.255.255
Class B: 172.16.0.0 172.31.255.255
Class C: 192.168.0.0 192.168.255.255
29
Best answer: C
Multicast: Datagram is copied, then sent to a group of
destinations on a network
Broadcast: Datagram is copied, then sent to all the nodes
on the network
Unicast: Datagram is sent from a single source to a single
destination
Anycast: Datagram sent is routed to one of several available
locations
30
Best answer: B
OSPF and IS-IS are link-state routing protocols.
RIP and IGRP are distance-vector routing protocols.
BGP is a path-vector routing protocol.
Best answer: A
DNS uses UDP at the Transport Layer.
FTP, HTTP, and SMTP are protocols that use stateful
Transmission Control Protocol (TCP) at the Transport Layer.
31
Best answer: C
OSI Session Layer provides services to establish a sessionconnection between two presentation entities, support orderly
data exchange interactions, and to release the connection in an
orderly manner.
32
33
Best answer: C
L2TP extends the PPP by allowing endpoints to reside on
different devices, such as workstation in a home wireless
network linked to an ISP to a corporate access gateway.
EAP is an authentication protocol, not a data-link lay protocol.
34
69.
70.
35
71.
72.
36
73.
74.
37
75.
76.
38
77.
78.
39
79.
80.
40
81.
82.
41
83.
84.
42
85.
86.
43
87.
88.
44
89.
90.
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
Domain: Cryptography
126.
63
Domain: Cryptography
127.
Domain: Cryptography
128.
64
Domain: Cryptography
129.
Domain: Cryptography
130.
65
Domain: Cryptography
131.
Domain: Cryptography
132.
66
Domain: Cryptography
133.
Domain: Cryptography
134.
67
Domain: Cryptography
135.
Domain: Cryptography
136.
68
Domain: Cryptography
137.
Domain: Cryptography
138.
69
Domain: Cryptography
139.
Domain: Cryptography
140.
70
Domain: Cryptography
141.
Domain: Cryptography
142.
71
Domain: Cryptography
143.
Domain: Cryptography
144.
72
Domain: Cryptography
145.
Domain: Cryptography
146.
73
Domain: Cryptography
147.
Domain: Cryptography
148.
74
Domain: Cryptography
149.
Domain: Cryptography
150.
75
Domain: Cryptography
151.
Domain: Cryptography
152.
76
Domain: Cryptography
153.
Domain: Cryptography
154.
77
Domain: Cryptography
155.
Domain: Cryptography
156.
78
Domain: Cryptography
157.
Domain: Cryptography
158.
79
Domain: Cryptography
159.
Domain: Cryptography
160.
80
Domain: Cryptography
161.
Domain: Cryptography
162.
81
Domain: Cryptography
163.
Domain: Cryptography
164.
82
Domain: Cryptography
165.
Domain: Cryptography
166.
83
Domain: Cryptography
167.
Domain: Cryptography
168.
84
Domain: Cryptography
169.
Domain: Cryptography
170.
85
Domain: Cryptography
171.
Domain: Cryptography
172.
86
Domain: Cryptography
173.
Domain: Cryptography
174.
87
Domain: Cryptography
175.
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
Reference:
EAR, Part 774, Category 5 (Part 2) Information
Security: Mass market & retail cryptography can be
exported without a license.
European Union Council (EC) Regulation No. 1334/2000:
Setting up a Community Regime for the Control of
Exports of Dual-use Items and Technology.
119
Best Answer: D
To ensure the reliability and durability of digital evidence, a
security professional shall generate a hash value of the original
source, make a bit-for-bit copy of the original media, and
document all subjects that have accessed the digital evidence
throughout its life cycle.
120
Best Answer: B
Per Computer Fraud and Abuse Act of 1984, there are three
categories of computer crime:
Computer assisted crime (i.e., computer as a tool.)
Computer targeted crime (i.e., crime directed at
computer.)
Computer is incidental (i.e., computer data from criminal
activities.)
121
122
123
Best Answer: D
Rules of evidence. The evidence must be:
Relevant. To proof a crime occurred.
Reliable. To ensure the legally obtained evidence is
trustworthy.
Durable. To preserve integrity of the evidence.
124
126