- All Exams Instant Download
The Computer Security Policy Model the Orange Book is based on is which of the following?
The Computer Security Policy Model the Orange Book is based on is which of the following?A . Bell-LaPadulaB . Data Encryption StandardC . KerberosD . TempestView AnswerAnswer: A Explanation: The Computer Security Policy Model Orange Book is based is the Bell-LaPadula Model. Orange Book Glossary. The Data Encryption Standard (DES) is...
Which best describes a tool (i.e. keyfob, calculator, memory card or smart card) used to supply dynamic passwords?
Which best describes a tool (i.e. keyfob, calculator, memory card or smart card) used to supply dynamic passwords?A . TicketsB . TokensC . Token passing networksD . CouponsView AnswerAnswer: B Explanation: Tokens; Tokens in the form of credit card-size memory cards or smart cards, or those resembling small calculators, are...
The Structures, transmission methods, transport formats, and security measures that are used to provide integrity, availability, and authentication, and confidentiality for transmissions over private and public communications networks and media includes:
The Structures, transmission methods, transport formats, and security measures that are used to provide integrity, availability, and authentication, and confidentiality for transmissions over private and public communications networks and media includes:A . The Telecommunications and Network Security domainB . The Telecommunications and Netware Security domainC . The Technical communications and...
In a data classification scheme, the data is owned by the
In a data classification scheme, the data is owned by theA . system security managersB . business managersC . Information Technology (IT) managersD . end usersView AnswerAnswer: B
What is the second phase of Public Key Infrastructure (PKI) key/certificate life-cycle management?
What is the second phase of Public Key Infrastructure (PKI) key/certificate life-cycle management?A . Implementation PhaseB . Initialization PhaseC . Cancellation PhaseD . Issued PhaseView AnswerAnswer: D
What is called the percentage of valid subjects that are falsely rejected by a Biometric Authentication system?
What is called the percentage of valid subjects that are falsely rejected by a Biometric Authentication system?A . False Rejection Rate (FRR) or Type I ErrorB . False Acceptance Rate (FAR) or Type II ErrorC . Crossover Error Rate (CER)D . True Rejection Rate (TRR) or Type III ErrorView AnswerAnswer:...
What is an advantage of Elliptic Curve Cryptography (ECC)?
What is an advantage of Elliptic Curve Cryptography (ECC)?A . Cryptographic approach that does not require a fixed-length keyB . Military-strength security that does not depend upon secrecy of the algorithmC . Opportunity to use shorter keys for the same level of securityD . Ability to use much longer keys...
Why would an information security policy require that communications test equipment be controlled?
Why would an information security policy require that communications test equipment be controlled?A . The equipment is susceptible to damageB . The equipment can be used to browse information passing on a networkC . The equipment must always be available for replacement if necessaryD . The equipment can be used...
Which of the following is used by the Point-to-Point Protocol (PPP) to determine packet formats?
Which of the following is used by the Point-to-Point Protocol (PPP) to determine packet formats?A . Layer 2 Tunneling Protocol (L2TP)B . Link Control Protocol (LCP)C . Challenge Handshake Authentication Protocol (CHAP)D . Packet Transfer Protocol (PTP)View AnswerAnswer: B
In addition to ensuring that changes to the computer system take place in an identifiable and controlled environment, configuration management provides assurance that future changes:
In addition to ensuring that changes to the computer system take place in an identifiable and controlled environment, configuration management provides assurance that future changes:A . The application software cannot bypass system security features.B . Do not adversely affect implementation of the security policy.C . To do the operating system...
