Documente Academic
Documente Profesional
Documente Cultură
15. Which best describes a type of memory must be refreshed to renew the voltage in
capacitors?
A. NVRAM
B. DRAM
C. Static RAM
D. ROM
16. What is true about EEPROMs and Flash memory
A. EEPROM is volatile, Flash memory is not
B. Flash memory is volatile, EEPROM is not
C. EEPROMS must be erased one byte at a time whereas Flash memory must
be erased one block at a time
D. Flash memory is slower because it must be erased one byte at a time
17. A tape for a tape drive is considered to be which type of storage?
A. Primary
B. Tertiary
C. Sequential
D. Long term
18. Virtual storage is?
A. A remote storage mechanism, such as NFS which allows the applications
to assume that the storage is local
B. A swap file
C. The entire hard drive
D. Real storage and secondary storage
19. A program must use information that was supposed to be stored in RAM but was
stored on a hard drive instead. The name for this process is?
A. Paging
B. Relocating
C. Rearranging
D. Data dumping
20. Which type of memory addressing is being used when a program knows of a
particular memory location, but this location holds a reference to another memory
location?
A. Reflexive
B. Indexed
C. Indirect
D. Absolute
21. Firmware refers to?
A. Software under a strict license so that it cannot be freely modified
B. Software loaded into ROM
C. Software that is compiled
D. Software that is unchangeable
22. Which type of I/O requires the CPU to generate a special signal on the bus to alert
that the instruction is for a I/O device rather than the memory?
A. Isolated
B. Memory-mapped
C. Direct Notification
D. Marked
23. Which of the following memory management operations does an operating
system often not perform?
A. Purge contents of memory
B. Manage swapping between primary and secondary storage
C. Track memory locations that are available for use
D. De-allocate memory
24. Which of the following are true about a compiled program that was compiled for
a Sparc workstation and was attempted to be run natively on an Intel platform?
A. If the software was written in C, which has been ported to multiple
architectures, then it would run natively
B. The machine codes are different for each architecture, so the program
would not run
C. Sparc workstations have more memory and there would be memory size
issues
D. Sparc workstatsions are faster than Intel platforms and the increase in
speed would cause the program to be misinterpreted
25. What is the purpose of a disassembler?
A. Disassemble assembly code into machine code
B. Translate machine code into byte code
C. Translate assembly code into source code
D. Translate machine code into assembly code
26. What is the purpose of a cross assembler?
A. Ease assembly by creating a platform neutral assembly code
B. Create bytecode
C. Convert assembly to machine code, but conduct this process on a
computer with a different type of assembly
D. Convert machine code to assembly, but conduct this process on a
computer with a different type of machine code
27. Which of the following will compile one line of source code at a time each time a
program is run?
A. Cross compiler
B. Interpreter
C. Disassembler
D. Assembler
28. Which of the following is an example of a 3GL language?
A. Fortran
B. SQL
C. Assembly
D. LISP
29. TCB is?
A. The product being evaluated for accreditation
B. The list of security mechanisms enforcing security within a computer
system
C. A term created by the common criteria
D. A laundry list of requirements
30. Which of the following is an abstract concept that mediates all access between
subjects and objects?
A. Access controller
B. Security kernel
C. Access control matrix
D. Reference Monitor
31. Which of the following is correct?
A. Elements in protection ring 3 can access all objects in ring 3,2,1, and 0
B. Elements in protection ring 2 can access all objects in ring 2 and 3
C. IO drivers are usually in protection ring 3
D. The kernel is in protection ring 3
32. The orange book is a common name for?
A. TCSEC
B. ITSEC
C. Common Criteria
D. The rainbow series
33. The orange book defines?
A. Four levels of trust to be placed in a computer system
B. Four levels of security that a computer system can have
C. Standards for specific technologies to use to achieve a given rating
D. Baselines for vendor products that should be adhered to in order to achieve
a given rating
34. Of the following, which is the lowest Orange book rating?
A. A1
B. B3
C. C2
D. C1
35. Who is the intended audience for a trusted facility manual?
A. System administrators
B. Data owners
C. Senior management
D. Facility maintenance crew
36. Which is the lowest level rating where a computer system must implement labels?
A. D
B. C2
C. B1
D. B3
37. The difference between the highest B rating and the highest A rating is?
A. Computer systems must have multiple labels
B. Computer systems must implement database views
C. Computer systems must create more granular and encompassing audit
trails
D. Computer systems must be built and tested with greater amounts of
verification, which includes testing against formal models
38. The red book is the common name for?
A. TCSEC
B. TDI
C. TNI
D. Common Criteria
39. The red book unlike the orange book does discuss?
A. Integrity
B. Confidentiality
C. Accountability
D. Documentation
40. A major difference between TCSEC and ITSEC is?
A. One relates to trust the other to security
B. ITSEC has two grades for any evaluated system, while TCSEC has one
C. ITSEC was developed by a different group within the united states
D. TCSEC is better than ITSEC
41. Which is not true about the implementation of a reference monitor?
A. The implementation is referred to as the security kernel
B. The implementation should enforce the policy for every possible access
C. The implementation should not be isolated so that application can notify
the implementation of policy changes
D. The implementation should be as small as possible
42. If a rating of F5 + E5 = B3 what would A1 be equal to?
A. F4 + E4
B. F6 + E6
C. F6 + E5
D. F5 + E6
43. Which is true of certification and accreditation?
A. The same people conduct the process
B. The process is the same, just with different people
C. Certification is more technically oriented and thus is performed by more
technical people
D. Accreditation is performed prior to certification
44. Which is a standard for accreditation and certification?
A. DITSCAP
B. NICAP
C. TCSEC
D. CAPGEM
45. For the Bell-Lapadula model, what is the * property?
A. A subject at a lower level of clearance cannot access information at a
higher level of classification
B. A subject at a higher level of clearance cannot write information at a lower
level of classification
C. A subject at a lower level of integrity cannot write information at a higher
level of integrity
D. A subject at a higher level of integrity cannot read information at a lower
level of integrity
46. For which security mode do all users have clearance at or above all information
inside a system but may not have the authorization or need to know for all
information inside the system?
A. System High
B. Multilevel Security
C. Dedicated
D. Compartmented
47. What does positive flow for water and gas lines refer to?
A. Water and gas should have particles of positive polarization added to them
to minimize fire risks
B. Water and gas should flow outside unless desired to flow inside
C. Water and gas should flow inside unless desired to flow outside
D. Water and gas should have particles of negative polarization added to
minimize fire risks
48. Which of the following is the most important resource to protect?
A. Mainframes
B. Databases and tape backups
C. Power Circuits
D. People
49. Which is not an administrative control that can improve physical security?
A. Access Log for facility entry/exit
B. Fencing around perimeter
C. Emergency procedures
D. Pre-employment screening
50. What is the difference between EMI and RFI with regards to cabling?
A. RFI will interfere with availability while EMI will not
B. EMI is always at the frequency that the desired signal operates at while
RFI is not
C. Opposite of option B
D. EMI is produced internal to cabling, RFI is produced by sources outside of
cabling
51. Which is associated with a power loss?
A. Fault
B. Brownout
C. Sag
D. Surge
52. Which is the type of UPS system which always supplies power to equipment
regardless of the state of the primary power source?
A. Concurrent
B. Online
C. Steady State
D. Constant
53. At what temperature will paper products become damaged?
A. 50F
B. 175F
C. 400F
D. 350F
54. Which is true about humidity?
A. The lower the humidity the more problems with static electricity
B. A hydrometer is used to measure humidity
C. The optimal humidity range for computer systems is between 10 and 20%
D. None of the above
55. Statistically, most fires are caused by?
A. Nature
B. Smoking
C. Arsonists
D. Electrical failures
56. Which fire detection method detects changes in light?
A. Smoke Actuated
B. Flame Actuated
C. Heat Actuated
D. All of the above
57. For which class of fire would soda acid be appropriate?
A. A
B. B
C. C
D. All of the above
58. For which of the following suppression methods it be most necessary to have a
delay mechanism?
A. Water
B. Halon
C. CO2
D. Soda Acid
59. Since Halon was found to have a negative effect on ozone, what is the most
common replacement?
A. NAF-S-III
B. FM-200
C. Water
D. Hydrogen
60. Which of the following water sprinklers should you use in a cold environment?
A. Deluge
B. Dry
C. Wet
D. None. Use another type of fire suppression.
61. For building emergency exit doors, what type of locks would be appropriate?
A. Fail Safe
B. Fail Soft
C. No locks
D. None of the above
62. When people must go through an area with two sets of doors (one behind and one
in front) so that a guard can check credentials, we refer to this as?
A. Trap door
B. Containment unit
C. Man trap
D. Visitors Desk
63. When using lights for perimeter protection, the candle is recommended to be ____
by the NIST?
A. 10 ft high, 2 ft wide
B. 8 ft high, 2 ft wide
C. 10 ft high, 3 ft wide
D. 8 ft high, 3 ft wide
64. Which of the following types of wireless proximity readers does not have a
internal power supply?
A. Directed
B. Passive
C. Field-powered
D. Transponders
65. Which of the following is not a detection mechanism?
A. CCTV (Closed Circuit TV)
B. Photoelectric (beam of light)
C. Wave pattern (send wave and expect known reflection)
D. Accoustical-seismic (monitor sounds and vibrations)
66. Which is the term used to describe the process of evaluating an encryption
algorithm for weaknesses?
A. Cryptology
B. Crypto Forensics
C. Cryptanalysis
D. Hacking
67. The initial communication between a web browser and web server is encrypted
with which category of encryption?
A. Asymmetric cryptography
B. Symmetric cryptography
C. RSA
D. Stream Cipher
68. What can be said about FBI being cleartext and ELI being ciphertext?
A. Transposition did not happen
B. Substitution happened
C. Substitution and transposition must have happened
D. The cipher must have been a block cipher
69. The Ceasar cipher and the ROT13 cipher are similar in which respects?
A. Both rely on transposition
B. Both rely on substitution
C. Both rely on substitution and the substitution is always based on the
position/order of letters in an alphabet
D. Both relay on transposition and the transposition is always based on the
position/order of letters in the alphabet
70. Bob will verify alices digital signature by?
A. Using his private key to decrypt the signed hash value
78. A hacker has fabricated a few messages to send across an encrypted link and has
sniffed the wire to determine the corresponding ciphertext. The hacker will now
attempt to determine the cleartext version of some ciphertext he/she did not
create. This type of attack is called?
A. Wireline Snooping
B. Eavesdropping
C. Chosen Plaintext
D. Birthday attack
79. Which of the following is true?
A. With confusion the key will be scrambled, with diffusion, it will not
B. Diffusion relates to stream ciphers while confusion related to block
ciphers
C. Confusion corresponds to a single change in a key creating a significant
change in ciphertext
D. Diffusion relates to a single change in a key creating a significant change
in ciphertext.
80. An attack where the attacker finds two messages that generate the same hash
value in order to replace the one that is eventually signed with the one that he/she
would actually like to send is called?
A. Collision attack
B. Birthday Attack
C. Salami Attack
D. Avalanche Attack
81. What can be done to minimize the probability of a hash function creating the
same hash value for two different messages?
A. Change the size of the hash value
B. Increase the hash functions upper level
C. Decrease the hash functions lower level
D. All of the above
82. Which of the following is true about key management?
A. Keys may not be in plaintext form
B. Keys may be in plaintext form while inside a cryptographic module
C. Split knowledge procedures increase the risk of misuse
D. Usually full keys are stored at an escrow agency
83. For which of the following is the actual session key sent with an encrypted
message?
A. Key escrow at a single agency
B. Key escrow at multiple agencies
C. Key recovery
D. All of the above
84. Which best describes a special class of block ciphers where the ciphertext is
calculated from the plaintext by repeated application of the same function with
each iteration using a separate sub-key?
A. DES ciphers
B. Feistel ciphers
C. IDEA
D. Lucifer
85. How many rounds does DES use?
A. 18
B. 6
C. 16
D. 8
86. What is the most common block size for block ciphers?
A. 64 bytes
B. 32 bits
C. 4 bytes
D. 64 bits
87. 6 bits are presented as input to DESs S-boxes, how many bits are in the output?
A. 6 bits
B. 16 bits
C. 4 bits
D. 1 bit
88. What is the physical number of bits in a DES key?
A. 56
B. 64
C. 128
D. 48
89. How many bits long are DES subkeys?
A. 40
B. 128
C. 64
D. 48
90. Which block cipher modes will produce the same ciphertext given the same
plaintext?
A. CBC
B. ECB
C. CFB
D. OFB
91. Which of the following block cipher modes simulates a stream cipher?
A. CBC
B. OFB
C. ECB
D. All of the above
92. 2DES was not considered significantly more secure than DES because?
A. Salami attack
B. Man in the middle attacks
C. Birthday attacks
D. Meet in the middle attacks
93. Which of the following is true about 3DES?
A. The algorithm has 16 rounds
B. Two or three keys can be used to implement the algorithm
C. It is now the AES
C. DRP
D. DRI
111.
Once the business is operating as usual after a disaster, the are in ____
mode?
A. Recovery
B. Resumption
C. Restoration
D. Reliance
112.
Which is the component that will describe how the business would be
affected after a particular disaster?
A. BCP
B. DRP
C. BIA
D. DRI
113.
Reciprocal Agreements for disaster recovery are?
A. Excellent means to guarantee redundancy
B. Mostly used by companies without adequate budgets to use other
strategies
C. Are enforceable
D. All of the above
114.
Warm sites for disaster recovery ?
A. Usually do not have WAN links provisioned
B. Usually have all of the hardware installed, but not turned on
C. Usually have special delivery contracts/agreements with vendors
D. None of the above
115.
Software backups should?
A. Be tested for backup and restore functionality on a periodic basis
B. not be stored in a fire resistant safe
C. A single backup should be made for each backup required and the backup
should be stored offsite
116.
Which is not true about DRP testing?
A. Management will often need to be convinced of its need
B. Should be conducted at least once a year
C. Will demonstrate the ability of the DRP plan to actually recover from a
significant loss
D. Should not cause any downtime, as meticulous documentation is required
prior to executing the tests
117.
The IAB is largely concerned with ethical issues surrounding?
A. International exportation
B. The Internet
C. Intelligence leakage
D. Reciprocal Agreements
118.
With regards to MOM, motivation refers to?
A. Where and when of a crime
B. Capabilities of a criminal to commit crime
C. Who and why of a crime
135.
is?
C. When different objects have the same method and the method returns the
same results
D. None of the above
The most common software development cycle found in the government
A.
B.
C.
D.
Spiral
Prototype
Waterfall
Incremental
What is searching for correlations in data within a data warehouse referred
136.
to as?
A. Building a data dictionary
B. Data mining
C. Configuration management
D. Data indexing
137.
Which of the following implements a centralized authorization service?
A. Corba
B. ActiveX
C. COM
D. DCE
138.
Which is the term used to describe when a database has the multiple
copies of the same primary key each stored with respect to a classification level?
A. Database views
B. Polyinstantiation
C. Inheritance
D. Normalization
139.
Malware that relies on other code in order to propagate and infect is
called?
A. Trojan
B. Virus
C. Worm
D. All of the above
140.
A buffer overflow vulnerability is caused by?
A. Backdoors
B. Trapdoors
C. Trojans
D. Improper bounds checking
141.
Which type of virus infects more than one location in a computer?
A. Diverse
B. Stealth
C. Multipartite
D. Duplicative
142.
The OMG is responsible for which object oriented technology?
A. Corba
B. DOM
C. DCOM
D. DCE
143.
An instance of a class is referred to as?
A. A subclass
B. An object
C. An inheritance
D. A for loop
144.
At which stage of the application development lifecycle should the
security department become involved?
A. Prior to implementation
B. Planning and Requirments
C. System testing
D. Unit testing
145.
What security concern is related to applications created by a third party?
A. Maintenance hooks
B. They operate in privileged mode
C. Their source code is verifiable
D. They bypass the security kernel
146.
Which is commonly used to retrofit security into a database system?
A. Trusted back-end
B. Audit trail
C. Trusted front-end
D. Controller
147.
When a database error has been detected which requires a backout
process, a mechanism that allows the database to backout to a particular moment
in time is?
A. Restarter
B. Reboot
C. Journal
D. Checkpoint
148.
A shareware file download and sharing utility is downloaded from a
website. It is later discovered that this application was sending all keystrokes to a
remote computer. This type of malware is referred to as?
A. Virus
B. Worm
C. Trojan Horse
D. Logic Bomb
149.
Why are shared user IDs detrimental in the review of audit trails?
A. They show which files were altered
B. They dont hinder the review
C. They prevent the attacker from being narrowed down to a single user
D. They minimize the chance of determining the actual identify of a hacker