Grading Summary Grade Details - All Questions: Student Answer

Grading Summary
Grade Details - All Questions

Question 1. Question : Information security is the process of protecting
all of the following except:
Student Answer:
Confidentiality of data

Data integrity

Availability of data

Data configuration
Points Received: 10 of 10
Comments:
-1388448646 MultipleChoice 1 True
0 -1388448646 MultipleChoice 1
Question 2. Question : Information security managers are often motivated

by which of the following?
Student Answer:
Concern for the well-being of

society

Governmental regulation

Fear of unwanted publicity

All of the above are motivating
factors
Comments:
Question 3. Question : Security professionals’ activities include all of the

following except:
Student Answer:
Finding the source of the problem

Naming the virus

Eradicating the problem

Repairing the damage
Comments:
Question 4. Question : Demand for expertly trained security professionals

is the result of:
Student Answer:
Specialized training

Increased terrorist activity

New laws regulating the flow of

information

Retirement of current security

professionals
Comments:
Question 5. Question : One increasingly important step to becoming an

information security specialist is to:
Student Answer:
Get a degree in the psychology of

crime

Create, test, and debug a virus or

worm program

Build a home laboratory

Do all of the above
Comments:
Question 6. Question : Information Security magazine suggests that a

good curriculum includes courses in:
Student Answer:
Quality assurance

Legal issues

Human factors

Bioengineering
Comments:
Question 7. Question : ____________ establish and maintain the user

base permitted to access a system in the normal
course of their job duties.
Student Answer:
Security testers

Security administrators

Access coordinators

Network engineers
Comments:
Question 8. Question : Topics within the umbrella of information security

include all of the following except:
Student Answer:
Incident response

Key management

Security testing

Electronic forensics
Comments:
Question 9. Question : Given enough time, tools,

inclination, and ____________, a
hacker can break through any
security measure.
Student Answer:
talent

skills

intelligence

assets
Comments:
Question 10. Question : IS professionals who create a plan

to protect a computer system
consider all of the following in the
planning process except:
Student Answer:
Defining the structural composition

of data

Protecting the confidentiality of

data

Preserving the integrity of data

Promoting the availability of data

for authorized use
Comments:
Question 11. Question : Which of the following is NOT a

goal of an integrity model security
system?
Student Answer:
Preventing unauthorized users from

modifying data or programs

Verifying data consistency for

internal and external programs

Preventing authorized users form

making unauthorized modifications

Maintaining internal and external

consistency of data and programs
Comments:
Question 12. Question : Overlapping layers provide all of

the following elements necessary to
secure assets except:
Student Answer:
Direction

Response

Detection

Prevention
Comments:
Question 13. Question : Which of the following statements

about Principle 4 is false?
Student Answer:
exchange for worthless goods,

people tend to give up credentials.

The organizers of Infosecurity

Europe 2003 found that 75% of
survey respondents revealed
information immediately.

Today’s virus writers are not very

sophisticated.

It is easy to fool people into

spreading viruses.
Comments:
Question 14. Question : IS principle five states that security

depends on these requirements:
Student Answer:
Functional and assurance

Verification and validation

Availability and integrity

Usability and interface
Comments:
Question 15. Question : Software developers often lack the

____________ and ____________
needed to test and break their
software.
Student Answer:
Wherewithal, motivation

Money, time

Expertise, resources

Qualifications, experience.
Comments:
Question 16. Question : The unique security issues and

considerations of every system
make it crucial to understand all of
the following except:
Student Answer:
Adherence to security standards

The security skills of the

development teams

What hardware and software is

used to deploy the system

The specific nature of data the

system maintains.
Comments:
Question 17. Question : The Common Body of Knowledge with

____________ domains is the framework of the
information security field.
Student Answer:
5

10

15

20
Comments:
Question 18. Question : Security professional benefits from ISC2 certification

include all of the following except:
Student Answer:
Establishes best practices

Confirms knowledge of
information security

Confirms passing of an
examination

Broadens career expectations.
Comments:
Question 19. Question : An effective security policy contains all of the

following information except:
Student Answer:
Reference to other policies

Measurement expectations

Compliance management and

measurements description

Glossary of terms
Comments:
Question 20. Question : The basic components of an issue-specific policy

might include all of the following except:
Student Answer:
Compliance

Applicability

Issue statement

Standard library structure
Comments:
Question 21. Question : A basic component of an issue-specific policy that

defines a security issue and any relevant terms,
distinctions, and conditions is a(n):
Student Answer:
Issue statement

Statement of the organization’s

position

Point of contact and supplementary

information

Role and responsibility
Comments:
Question 22. Question : Step-by-step directions to execute a specific

security activity is referred to as a:
Student Answer:
Regulation

Standard

Guideline

Procedure
Comments:
Question 23. Question : In the standards taxonomy _____________

suggests that no single person is responsible for
approving his own work.
Student Answer:
Separation of duties

Education, awareness, and training

Asset and data classification

Risk analysis and management
Comments:
Question 24. Question : ____________ provides technical facilities, data

processing, and support services to users of
information systems.
Student Answer:
Chief information security officer

Information resources manager

Owners of information resources

Custodians of information
resources
Comments:
Question 25. Question : What is within a trusted system that people want

to access or use?
Student Answer:
Object

Subject

MAC

TCB
Comments:
Question 26. Question : All of the following general rules are used to

construct rings of trust in networked systems
except:
Student Answer:
Hosts trust more inner ring hosts

than themselves

Hosts do not trust outer ring hosts

more than themselves

Hosts in a ring of a segmented sub

network trust hosts in the same ring
of a different segment

Hosts trust hosts in the same ring

Comments:
Question 27. Question : Which of the following uses a specific OS and

lacks a standard interface to connect to other
systems?
Student Answer:
Finite-state machine

Open system

Closed system

None of the above
Comments:
Question 28. Question : The criteria used to rate the effectiveness of

trusted systems is set forth in:
Student Answer:
TCSEC

ITSEC

CTCPEC

All of the above
Comments:
Question 29. Question : Which of the following is NOT a criterion for

Class A1 design verification?
Student Answer:
Clearly identified and documented

model of a security policy

Top-level specification that

includes definitions of the functions
of TCB

TCB implementation consistent

with top-level specification

None of the above
Comments:
Question 30. Question : Which of the following is NOT an ITSEC

specialized, stand alone class?
Student Answer:
F-AP

F-IN

F-AV

F-DC
Comments:
-1388448617 MultipleChoice 30 False
Question 31. Question : All of the following are classes of security

functional requirements except:
Student Answer:
Privacy

Communications

Audit

Security training
Comments:
-1388448616 MultipleChoice 31 False
Question 32. Question : ____________ is the process of protecting the

confidentiality, integrity, and availability of data
from accidental or intentional misuse.
Student Answer: information security

Instructor Explanation:
Comments:
-1388448615 FillInTheBlank 1 True
0 -1388448615 FillInTheBlank 1
Question 33. Question : Information security consists of best practices and

experiences from several domains but begins with
the non-technical, ____________ aspects of a
security posture.
Student Answer: human-centric

Comments:
Question 34. Question : Information security specialists need to have a(n)

___________ view of the world around them and
avoid a strictly technical orientation.
Student Answer: holistic

Comments:
Question 35. Question : ____________ security is within the umbrella of

information security.
Student Answer: physical
Comments:
Question 36. Question : The first principle of information

security says that a hacker can
break any security system given
enough time, inclination, tools, and
____________.
Student Answer: skills

Comments:
Question 37. Question : One goal of information security is

to promote the ____________ of
data for authorized use.
Student Answer: availability

Comments:
Question 38. Question : Spending more on securing on

asset than the intrinsic value of the
asset is a waste of ____________.
Student Answer: time (A correct answer: resources)
Instructor
Explanation:
Comments: Time, yes, but more generally resources
-1388448609 FillInTheBlank 7 False
Question 39. Question : People, ____________, and

technology must work together to
secure systems.
Student Answer: process

Comments:
Question 40. Question : A technical area of study within the CBK, the

security architecture domain, addresses
____________ issues.
Student Answer: network

Comments:
Question 41. Question : A compilation of all security information collected

internationally and relevant to information security
professionals is the ____________.
Student Answer: orange book (A correct answer: CBK)

Instructor
Explanation:
Comments:
Question 42. Question : To maintain relevance and currency

____________ and governance of certification
process is needed.
Student Answer: oversight

Comments:
Question 43. Question : The Security Management Practices domain

highlights the importance of a comprehensive
security ____________.
Student Answer: plan

Comments:
Question 44. Question : Operational procedures and tools familiar to IT

specialists are covered in the ____________
Security domain.
Student Answer: operations

Comments:
Question 45. Question : Information security ____________ are often

dictated by the nature of an organization’s
business.
Student Answer: standards

Comments:
Question 46. Question : User education, awareness, and training on

policies and procedures are important because
____________ are the weakest link in a security-
related process.
Student Answer: people

Comments:
Question 47. Question : One or more components that enforce a unified

security policy over a product or system make up a
____________.
Student Answer: operating system (A correct answer: TCB)

Instructor
Explanation:
Comments:
Question 48. Question : Directly addressable by the CPU, ____________

memory stores application or system code as well
as data.
Student Answer: CPU (A correct answer: random)

Instructor
Explanation:
Comments: RAM
Question 49. Question : Describing how functional requirements should be

implemented and tested is defined as
____________ requirements.
Student Answer: assurance

Comments:
Question 50. Question : Security testing ____________ that the

implementation of the function is not flawed.
Student Answer: ensures (A correct answer: validates)

Instructor
Explanation:
Comments:
* Times are displayed in (GMT-07:00) Mountain Time (US & Canada)

Grading Summary Grade Details - All Questions: Student Answer

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Grading Summary Grade Details - All Questions: Student Answer

Uploaded by

Copyright:

Available Formats

Grading Summary

Grade Details - All Questions

Question 2. Question : Information security managers are often motivated

Concern for the well-being of

Fear of unwanted publicity

Question 3. Question : Security professionals’ activities include all of the

Finding the source of the problem

Naming the virus

Eradicating the problem

Repairing the damage

Question 4. Question : Demand for expertly trained security professionals

Increased terrorist activity

New laws regulating the flow of

Retirement of current security

Question 5. Question : One increasingly important step to becoming an

Get a degree in the psychology of

Create, test, and debug a virus or

Build a home laboratory

Do all of the above

Question 6. Question : Information Security magazine suggests that a

Question 7. Question : ____________ establish and maintain the user

Question 8. Question : Topics within the umbrella of information security

Question 9. Question : Given enough time, tools,

Question 10. Question : IS professionals who create a plan

Defining the structural composition

Protecting the confidentiality of

Preserving the integrity of data

Promoting the availability of data

Question 11. Question : Which of the following is NOT a

Preventing unauthorized users from

Verifying data consistency for

Preventing authorized users form

Maintaining internal and external

Question 12. Question : Overlapping layers provide all of

Question 13. Question : Which of the following statements

exchange for worthless goods,

The organizers of Infosecurity

Today’s virus writers are not very

It is easy to fool people into

Question 14. Question : IS principle five states that security

Functional and assurance

Verification and validation

Availability and integrity

Usability and interface

Question 15. Question : Software developers often lack the

Question 16. Question : The unique security issues and

Adherence to security standards

The security skills of the

What hardware and software is

The specific nature of data the

Question 17. Question : The Common Body of Knowledge with

Question 18. Question : Security professional benefits from ISC2 certification

Broadens career expectations.

Question 19. Question : An effective security policy contains all of the

Reference to other policies

Compliance management and

Question 20. Question : The basic components of an issue-specific policy

Standard library structure

Question 21. Question : A basic component of an issue-specific policy that

Statement of the organization’s

Point of contact and supplementary

Role and responsibility