Chapter 3
Security Architecture and Engineering (Domain 3)

  1. Matthew is the security administrator for a consulting firm and must enforce access controls that restrict users' access based upon their previous activity. For example, once a consultant accesses data belonging to Acme Cola, a consulting client, they may no longer access data belonging to any of Acme's competitors. What security model best fits Matthew's needs?
    1. Clark-Wilson
    2. Biba
    3. Bell-LaPadula
    4. Brewer-Nash
  2. Referring to the figure shown here, what is the earliest stage of a fire where it is possible to use detection technology to identify it?
    Graph depicts the four stage: Stage 1: Incipient, Stage 2: Smoke, Stage 3: Flame, Stage 4: Heat.
    1. Incipient
    2. Smoke
    3. Flame
    4. Heat
  3. Ralph is designing a physical security infrastructure for a new computing facility that will remain largely unstaffed. He plans to implement motion detectors in the facility but would also like to include a secondary verification control for physical presence. Which one of the following would best meet his needs?
    1. CCTV
    2. IPS
    3. Turnstiles
    4. Faraday cages
  4. Harry would like to retrieve a lost encryption key from a database that uses m of n control, with m = 4 and n = 8. What is the minimum number of escrow agents required to retrieve the key?
    1. 2
    2. 4
    3. 8
    4. 12
  5. Fran's company is considering purchasing a web-based email service from a vendor and eliminating its own email server environment as a cost-saving measure. What type of cloud computing environment is Fran's company considering?
    1. SaaS
    2. IaaS
    3. CaaS
    4. PaaS
  6. Bob is a security administrator with the U.S. federal government and wants to choose a digital signature approach that is an approved part of the federal Digital Signature Standard under FIPS 186-4. Which one of the following encryption algorithms is not an acceptable choice for use in digital signatures?
    1. DSA
    2. HAVAL
    3. RSA
    4. ECDSA
  7. Harry would like to access a document owned by Sally and stored on a file server. Applying the subject/object model to this scenario, who or what is the subject of the resource request?
    1. Harry
    2. Sally
    3. Server
    4. Document
  8. Michael is responsible for forensic investigations and is investigating a medium-severity security incident that involved the defacement of a corporate website. The web server in question ran on a virtualization platform, and the marketing team would like to get the website up and running as quickly as possible. What would be the most reasonable next step for Michael to take?
    1. Keep the website offline until the investigation is complete.
    2. Take the virtualization platform offline as evidence.
    3. Take a snapshot of the compromised system and use that for the investigation.
    4. Ignore the incident and focus on quickly restoring the website.
  9. Helen is a software engineer and is developing code that she would like to restrict to running within an isolated sandbox for security purposes. What software development technique is Helen using?
    1. Bounds
    2. Input validation
    3. Confinement
    4. TCB
  10. What concept describes the degree of confidence that an organization has that its controls satisfy security requirements?
    1. Trust
    2. Credentialing
    3. Verification
    4. Assurance
  11. What type of security vulnerability are developers most likely to introduce into code when they seek to facilitate their own access, for testing purposes, to software they developed?
    1. Maintenance hook
    2. Cross-site scripting
    3. SQL injection
    4. Buffer overflow
  12. In the figure shown here, Sally is blocked from reading the file due to the Biba integrity model. Sally has a Secret security clearance, and the file has a Confidential classification. What principle of the Biba model is being enforced?
    Schematic illustration of Sally's blocked read request for the data file.
    1. Simple Security Property
    2. Simple Integrity Property
    3. *-Security Property
    4. *-Integrity Property
  13. Tom is responsible for maintaining the security of systems used to control industrial processes located within a power plant. What term is used to describe these systems?
    1. POWER
    2. SCADA
    3. HAVAL
    4. COBOL
  14. Sonia recently removed an encrypted hard drive from a laptop and moved it to a new device because of a hardware failure. She is having difficulty accessing encrypted content on the drive despite the fact that she knows the user's password. What hardware security feature is likely causing this problem?
    1. TCB
    2. TPM
    3. NIACAP
    4. RSA
  15. Chris wants to verify that a software package that he downloaded matches the original version. What hashing tool should he use if he believes that technically sophisticated attackers may have replaced the software package with a version containing a backdoor?
    1. MD5
    2. 3DES
    3. SHA1
    4. SHA 256

    For questions 16–19, please refer to the following scenario:

    Alice and Bob would like to use an asymmetric cryptosystem to communicate with each other. They are located in different parts of the country but have exchanged encryption keys by using digital certificates signed by a mutually trusted certificate authority.

  16. If Alice wants to send Bob a message that is encrypted for confidentiality, what key does she use to encrypt the message?
    1. Alice's public key
    2. Alice's private key
    3. Bob's public key
    4. Bob's private key
  17. When Bob receives the encrypted message from Alice, what key does he use to decrypt the message's plaintext content?
    1. Alice's public key
    2. Alice's private key
    3. Bob's public key
    4. Bob's private key
  18. Which one of the following keys would Bob not possess in this scenario?
    1. Alice's public key
    2. Alice's private key
    3. Bob's public key
    4. Bob's private key
  19. Alice would also like to digitally sign the message that she sends to Bob. What key should she use to create the digital signature?
    1. Alice's public key
    2. Alice's private key
    3. Bob's public key
    4. Bob's private key
  20. What name is given to the random value added to a password in an attempt to defeat rainbow table attacks?
    1. Hash
    2. Salt
    3. Extender
    4. Rebar
  21. Which one of the following is not an attribute of a hashing algorithm?
    1. They require a cryptographic key.
    2. They are irreversible.
    3. It is very difficult to find two messages with the same hash value.
    4. They take variable-length input.
  22. What type of fire suppression system fills with water after a valve opens when the initial stages of a fire are detected and then requires a sprinkler head heat activation before dispensing water?
    1. Wet pipe
    2. Dry pipe
    3. Deluge
    4. Preaction
  23. Susan would like to configure IPsec in a manner that provides confidentiality for the content of packets. What component of IPsec provides this capability?
    1. AH
    2. ESP
    3. IKE
    4. ISAKMP
  24. Which one of the following cryptographic goals protects against the risks posed when a device is lost or stolen?
    1. Nonrepudiation
    2. Authentication
    3. Integrity
    4. Confidentiality
  25. Joanna wants to review the status of the industrial control systems her organization uses for building control. What type of systems should she inquire about access to?
    1. SCADA
    2. DSS
    3. BAS
    4. ICS-CSS
  26. In the figure shown here, Harry's request to write to the data file is blocked. Harry has a Secret security clearance, and the data file has a Confidential classification. What principle of the Bell-LaPadula model blocked this request?
    Schematic illustration of Harry's blocked write request for the data file.
    1. Simple Security Property
    2. Simple Integrity Property
    3. *-Security Property
    4. Discretionary Security Property
  27. Florian and Tobias would like to begin communicating using a symmetric cryptosystem, but they have no prearranged secret and are not able to meet in person to exchange keys. What algorithm can they use to securely exchange the secret key?
    1. IDEA
    2. Diffie-Hellman
    3. RSA
    4. MD5
  28. Carl's organization recently underwent a user access review. At the conclusion of the review, the auditors noted several cases of privilege creep. What security principle was violated?
    1. Fail securely
    2. Keep it simple
    3. Trust but verify
    4. Least privilege
  29. Matt's organization recently adopted a zero-trust network architecture. Under this approach, which one of the following criteria would be LEAST appropriate to use when granting a subject access to resources?
    1. Password
    2. Two-factor authentication
    3. IP address
    4. Biometric scan
  30. Colin is the chief privacy officer for a nonprofit organization and is assisting with the team's transition to a Privacy by Design approach. Under this approach, which of the following principles should the team embrace?
    1. Proactive, not reactive
    2. Privacy as the default setting
    3. End-to-end security
    4. Defense in depth
  31. What cryptographic principle stands behind the idea that cryptographic algorithms should be open to public inspection?
    1. Security through obscurity
    2. Kerckhoffs' principle
    3. Defense in depth
    4. Heisenburg principle
  32. Ryan is developing a physical access plan for his organization's data center and wants to implement the security control indicated by the arrow in this diagram. What is the name of this control?
    Schematic illustration of a physical access plan for the organization’s data center and wants to implement the security control indicated by the arrow.
    1. Mantrap
    2. Turnstile
    3. Intrusion prevention system
    4. Portal
  33. Which one of the following does not describe a standard physical security requirement for wiring closets?
    1. Place only in areas monitored by security guards.
    2. Do not store flammable items in the closet.
    3. Use sensors on doors to log entries.
    4. Perform regular inspections of the closet.
  34. In the figure shown here, Sally is blocked from writing to the data file by the Biba integrity model. Sally has a Secret security clearance, and the file is classified Top Secret. What principle is preventing her from writing to the file?
    Schematic illustration of Sally's blocked write request for the data file.
    1. Simple Security Property
    2. Simple Integrity Property
    3. *-Security Property
    4. *-Integrity Property
  35. Lana recently implemented a new process in her organization where managers who are responsible for granting users access to a system are not permitted to participate in access reviews. What principle is she enforcing?
    1. Two-person control
    2. Least privilege
    3. Privilege creep
    4. Separation of duties
  36. Which of the following statements about system development are correct? (Select all that apply.)
    1. Systems should be designed to operate in a secure manner if the user performs no other configuration.
    2. Systems should be designed to fall back to a secure state if they experience an error.
    3. Systems should be designed to incorporate security as a design feature.
    4. Systems should be designed in a manner that keeps their functionality as simple as possible.
  37. Alan is reviewing a system that has been assigned the EAL1 evaluation assurance level under the Common Criteria. What is the degree of assurance that he may have about the system?
    1. It has been functionally tested.
    2. It has been structurally tested.
    3. It has been formally verified, designed, and tested.
    4. It has been methodically designed, tested, and reviewed.
  38. Jake works for a research organization that is seeking to deploy a grid computing system that will perform cycle scavenging on user workstations to conduct research tasks that require high-performance computing. What is the most significant risk associated with this operation?
    1. Data confidentiality
    2. Isolation breach
    3. Data integrity
    4. Data availability
  39. Eimear's software development team uses an approach that creates many discrete software objects and then binds them together using APIs. What term best describes this architecture?
    1. Microservices
    2. Function-as-a-service
    3. Containerization
    4. Virtualization
  40. Adam recently configured permissions on an NTFS filesystem to describe the access that different users may have to a file by listing each user individually. What did Adam create?
    1. An access control list
    2. An access control entry
    3. Role-based access control
    4. Mandatory access control
  41. Betty is concerned about the use of buffer overflow attacks against a custom application developed for use in her organization. What security control would provide the strongest defense against these attacks?
    1. Firewall
    2. Intrusion detection system
    3. Parameter checking
    4. Vulnerability scanning
  42. Which one of the following combinations of controls best embodies the defense in depth principle?
    1. Encryption of email and network intrusion detection
    2. Cloud access security brokers (CASB) and security awareness training
    3. Data loss prevention and multifactor authentication
    4. Network firewall and host firewall
  43. James is working with a Department of Defense system that is authorized to simultaneously handle information classified at the Secret and Top Secret levels. What type of system is he using?
    1. Single state
    2. Unclassified
    3. Compartmented
    4. Multistate
  44. Kyle is being granted access to a military computer system that uses System High mode. What is not true about Kyle's security clearance requirements?
    1. Kyle must have a clearance for the highest level of classification processed by the system, regardless of his access.
    2. Kyle must have access approval for all information processed by the system.
    3. Kyle must have a valid need to know for all information processed by the system.
    4. Kyle must have a valid security clearance.
  45. Gary intercepts a communication between two individuals and suspects that they are exchanging secret messages. The content of the communication appears to be the image shown here. What type of technique may the individuals use to hide messages inside this image?
    Photograph of a ship sailing on the sea.
    1. Visual cryptography
    2. Steganography
    3. Cryptographic hashing
    4. Transport layer security
  46. Philip is developing a new security tool that will be used by individuals in many different subsidiaries of his organization. He chooses to use Docker to deploy the tool to simplify configuration. What term best describes this approach?
    1. Virtualization
    2. Abstraction
    3. Simplification
    4. Containerization
  47. In the ring protection model shown here, what ring contains the operating system's kernel?
    Schematic illustration of the Ring protection model which contains four rings as Ring 0, Ring 1, Ring 2, and Ring 3.
    1. Ring 0
    2. Ring 1
    3. Ring 2
    4. Ring 3
  48. In an infrastructure as a service (IaaS) environment where a vendor supplies a customer with access to storage services, who is normally responsible for removing sensitive data from drives that are taken out of service?
    1. Customer's security team
    2. Customer's storage team
    3. Customer's vendor management team
    4. Vendor
  49. During a system audit, Casey notices that the private key for her organization's web server has been stored in a public Amazon S3 storage bucket for more than a year. Which one of the following actions should she take first?
    1. Remove the key from the bucket.
    2. Notify all customers that their data may have been exposed.
    3. Request a new certificate using a new key.
    4. Nothing, because the private key should be accessible for validation.
  50. Which one of the following systems assurance processes provides an independent third-party evaluation of a system's controls that may be trusted by many different organizations?
    1. Certification
    2. Definition
    3. Verification
    4. Accreditation
  51. Darcy's organization is deploying serverless computing technology to better meet the needs of developers and users. In a serverless model, who is normally responsible for configuring operating system security controls?
    1. Software developer
    2. Cybersecurity professional
    3. Cloud architect
    4. Vendor
  52. Harold is assessing the susceptibility of his environment to hardware failures and would like to identify the expected lifetime of a piece of hardware. What measure should he use for this?
    1. MTTR
    2. MTTF
    3. RTO
    4. MTO
  53. Chris is designing a cryptographic system for use within his company. The company has 1,000 employees, and they plan to use an asymmetric encryption system. They would like the system to be set up so that any pair of arbitrary users may communicate privately. How many total keys will they need?
    1. 500
    2. 1,000
    3. 2,000
    4. 4,950
  54. Gary is concerned about applying consistent security settings to the many mobile devices used throughout his organization. What technology would best assist with this challenge?
    1. MDM
    2. IPS
    3. IDS
    4. SIEM
  55. Alice sent a message to Bob. Bob would like to demonstrate to Charlie that the message he received definitely came from Alice. What goal of cryptography is Bob attempting to achieve?
    1. Authentication
    2. Confidentiality
    3. Nonrepudiation
    4. Integrity
  56. Rhonda is considering the use of new identification cards for physical access control in her organization. She comes across a military system that uses the card shown here. What type of card is this?
    Photo depicts a new identification cards for physical access control.
    1. Smart card
    2. Proximity card
    3. Magnetic stripe card
    4. Phase three card
  57. Gordon is concerned about the possibility that hackers may be able to use the Van Eck radiation phenomenon to remotely read the contents of computer monitors in a restricted work area within his facility. What technology would protect against this type of attack?
    1. TCSEC
    2. SCSI
    3. GHOST
    4. TEMPEST
  58. Jorge believes that an attacker has obtained the hash of the Kerberos service account from one of his organization's Active Directory servers. What type of attack would this enable?
    1. Golden ticket
    2. Kerberoasting
    3. Pass the ticket
    4. Brute force
  59. Sherry conducted an inventory of the cryptographic technologies in use within her organization and found the following algorithms and protocols in use. Which one of these technologies should she replace because it is no longer considered secure?
    1. MD5
    2. AES
    3. PGP
    4. WPA3
  60. Robert is investigating a security breach and discovers the Mimikatz tool installed on a system in his environment. What type of attack has likely taken place?
    1. Password cracking
    2. Pass the hash
    3. MAC spoofing
    4. ARP poisoning
  61. Tom is a cryptanalyst and is working on breaking a cryptographic algorithm's secret key. He has a copy of an intercepted message that is encrypted, and he also has a copy of the decrypted version of that message. He wants to use both the encrypted message and its decrypted plaintext to retrieve the secret key for use in decrypting other messages. What type of attack is Tom engaging in?
    1. Chosen ciphertext
    2. Chosen plaintext
    3. Known plaintext
    4. Brute force
  62. A hacker recently violated the integrity of data in James's company by modifying a file using a precise timing attack. The attacker waited until James verified the integrity of a file's contents using a hash value and then modified the file between the time that James verified the integrity and read the contents of the file. What type of attack took place?
    1. Social engineering
    2. TOCTOU
    3. Data diddling
    4. Parameter checking
  63. Carl is deploying a set of video sensors that will be placed in remote locations as part of a research project. Due to connectivity limitations, he would like to perform as much image processing and computation as possible on the device itself before sending results back to the cloud for further analysis. What computing model would best meet his needs?
    1. Serverless computing
    2. Edge computing
    3. IaaS computing
    4. SaaS computing
  64. What action can you take to prevent accidental data disclosure due to wear leveling on an SSD device before reusing the drive?
    1. Reformatting
    2. Disk encryption
    3. Degaussing
    4. Physical destruction
  65. Johnson Widgets strictly limits access to total sales volume information, classifying it as a competitive secret. However, shipping clerks have unrestricted access to order records to facilitate transaction completion. A shipping clerk recently pulled all of the individual sales records for a quarter from the database and totaled them up to determine the total sales volume. What type of attack occurred?
    1. Social engineering
    2. Inference
    3. Aggregation
    4. Data diddling
  66. What physical security control broadcasts false emanations constantly to mask the presence of true electromagnetic emanations from computing equipment?
    1. Faraday cage
    2. Copper-infused windows
    3. Shielded cabling
    4. White noise
  67. In a software as a service cloud computing environment, who is normally responsible for ensuring that appropriate firewall controls are in place to protect the application?
    1. Customer's security team
    2. Vendor
    3. Customer's networking team
    4. Customer's infrastructure management team
  68. Alice has read permissions on an object, and she would like Bob to have those same rights. Which one of the rules in the Take-Grant protection model would allow her to complete this operation?
    1. Create rule
    2. Remove rule
    3. Grant rule
    4. Take rule
  69. As part of his incident response process, Charles securely wipes the drive of a compromised machine and reinstalls the operating system (OS) from original media. Once he is done, he patches the machine fully and applies his organization's security templates before reconnecting the system to the network. Almost immediately after the system is returned to service, he discovers that it has reconnected to the same botnet it was part of before. Where should Charles look for the malware that is causing this behavior?
    1. The operating system partition
    2. The system BIOS or firmware
    3. The system memory
    4. The installation media
  70. Lauren implements ASLR to help prevent system compromises. What technique has she used to protect her system?
    1. Encryption
    2. Mandatory access control
    3. Memory address randomization
    4. Discretionary access control
  71. Alan intercepts an encrypted message and wants to determine what type of algorithm was used to create the message. He first performs a frequency analysis and notes that the frequency of letters in the message closely matches the distribution of letters in the English language. What type of cipher was most likely used to create this message?
    1. Substitution cipher
    2. AES
    3. Transposition cipher
    4. 3DES
  72. The Double DES (2DES) encryption algorithm was never used as a viable alternative to the original DES algorithm. What implementation attack is 2DES vulnerable to that does not exist for the DES or 3DES approach?
    1. Chosen ciphertext
    2. Brute force
    3. Man-in-the-middle
    4. Meet-in-the-middle
  73. Grace would like to implement application control technology in her organization. Users often need to install new applications for research and testing purposes, and she does not want to interfere with that process. At the same time, she would like to block the use of known malicious software. What type of application control would be appropriate in this situation?
    1. Blacklisting
    2. Graylisting
    3. Whitelisting
    4. Bluelisting
  74. Warren is designing a physical intrusion detection system for use in a sensitive media storage facility and wants to include technology that issues an alert if the communications lines for the alarm system are unexpectedly cut. What technology would meet this requirement?
    1. Heartbeat sensor
    2. Emanation security
    3. Motion detector
    4. Faraday cage
  75. John and Gary are negotiating a business transaction, and John must demonstrate to Gary that he has access to a system. He engages in an electronic version of the “magic door” scenario shown here. What technique is John using?
    Schematic illustration of an electronic version of the “magic door” scenario.
    1. Split-knowledge proof
    2. Zero-knowledge proof
    3. Logical proof
    4. Mathematical proof
  76. After scanning all of the systems on his wireless network, Mike notices that one system is identified as an iOS device running a massively out-of-date version of Apple's mobile operating system. When he investigates further, he discovers that the device is an original iPad and that it cannot be updated to a current secure version of the operating system. What would be the best option for handling this device?
    1. Retire or replace the device.
    2. Isolate the device on a dedicated wireless network.
    3. Install a firewall on the tablet.
    4. Reinstall the OS.
  77. Tonya believes that an attacker was able to eavesdrop on legitimate HTTPS communications between her users and remote web servers by engaging in a DNS poisoning attack. After conducting DNS poisoning, what technique would an attacker likely use to conduct this eavesdropping?
    1. Man-in-the-middle
    2. Brute-force
    3. Timing
    4. Meet-in-the-middle
  78. Howard is choosing a cryptographic algorithm for his organization, and he would like to choose an algorithm that supports the creation of digital signatures. Which one of the following algorithms would meet his requirement?
    1. RSA
    2. 3DES
    3. AES
    4. Blowfish
  79. Laura is responsible for securing her company's web-based applications and wants to conduct an educational program for developers on common web application security vulnerabilities. Where can she turn for a concise listing of the most common web application issues?
    1. CVE
    2. NSA
    3. OWASP
    4. CSA
  80. The Bell-LaPadula and Biba models implement state machines in a fashion that uses what specific state machine model?
    1. Information flow
    2. Noninterference
    3. Cascading
    4. Feedback
  81. During a third-party vulnerability scan and security test, Danielle's employer recently discovered that the embedded systems that were installed to manage her company's new buildings have a severe remote access vulnerability. The manufacturer has gone out of business, and there is no patch or update for the devices. What should Danielle recommend that her employer do about the hundreds of devices that are vulnerable?
    1. Identify a replacement device model and replace every device.
    2. Turn off all of the devices.
    3. Move the devices to a secure and isolated network segment.
    4. Reverse engineer the devices and build an in-house patch.
  82. What type of motion detector senses changes in the electromagnetic fields in monitored areas?
    1. Infrared
    2. Wave pattern
    3. Capacitance
    4. Photoelectric
  83. Mike has been tasked with preventing an outbreak of malware like Mirai, a botnet that targeted IP-based cameras and routers. What type of systems should be protected in his organization?
    1. Servers
    2. SCADA
    3. Mobile devices
    4. Internet of Things (IoT) devices
  84. Which one of the following statements is correct about the Biba model of access control?
    1. It addresses confidentiality and integrity.
    2. It addresses integrity and availability.
    3. It prevents covert channel attacks.
    4. It focuses on protecting objects from integrity threats.
  85. In Transport Layer Security, what type of key is used to encrypt the actual content of communications between a web server and a client?
    1. Ephemeral session key
    2. Client's public key
    3. Server's public key
    4. Server's private key
  86. Beth would like to include technology in a secure area of her data center to protect against unwanted electromagnetic emanations. What technology would assist her with this goal?
    1. Heartbeat sensor
    2. Faraday cage
    3. Piggybacking
    4. WPA2
  87. In a virtualized computing environment, what component is responsible for enforcing separation between guest machines?
    1. Guest operating system
    2. Hypervisor
    3. Kernel
    4. Protection manager
  88. Rick is an application developer who works primarily in Python. He recently decided to evaluate a new service where he provides his Python code to a vendor who then executes it on their server environment. What type of cloud computing environment is this service?
    1. SaaS
    2. PaaS
    3. IaaS
    4. CaaS
  89. A component failure in the primary HVAC system leads to a high temperature alarm in the data center that Kim manages. After resolving the issue, what should Kim consider to prevent future issues like this?
    1. A closed loop chiller
    2. Redundant cooling systems
    3. Swamp coolers
    4. Relocating the data center to a colder climate
  90. Tommy is planning to implement a power conditioning UPS for a rack of servers in his data center. Which one of the following conditions will the UPS be unable to protect against if it persists for an extended period of time?
    1. Fault
    2. Blackout
    3. Sag
    4. Noise
  91. Which one of the following humidity values is within the acceptable range for a data center operation?
    1. 0 percent
    2. 10 percent
    3. 25 percent
    4. 40 percent
  92. Kristen's organization suffered a ransomware infection and has lost access to critical business data. She is considering paying the ransom to regain access to her data. Which of the following statements about this payment are correct? (Select all that apply.)
    1. Payment of the ransom may be illegal.
    2. Payment of the ransom may result in further demands for payments.
    3. Payment of the ransom guarantees access to the decryption key.
    4. Payment of the ransom may cause a data breach.
  93. Alex's employer creates most of their work output as PDF files. Alex is concerned about limiting the audience for the PDF files to those individuals who have paid for them. What technology can he use to most effectively control the access to and distribution of these files?
    1. EDM
    2. Encryption
    3. Digital signatures
    4. DRM
  94. As part of his team's forensic investigation process, Matt signs out drives and other evidence from an evidence storage facility before working with them. What type of documentation is he creating?
    1. Criminal
    2. Chain of custody
    3. Civil
    4. CYA
  95. Todd believes that a digital certificate used by his organization has been compromised and he wants to add it to the certificate revocation list (CRL). What element of the certificate goes on the CRL?
    1. Serial number
    2. Public key
    3. Digital signature
    4. Private key
  96. Alison is examining a digital certificate presented to her by her bank's website. Which one of the following requirements is not necessary for her to trust the digital certificate?
    1. She knows that the server belongs to the bank.
    2. She trusts the certificate authority.
    3. She verifies that the certificate is not listed on a CRL.
    4. She verifies the digital signature on the certificate.
  97. Which one of the following is an example of a covert timing channel when used to exfiltrate information from an organization?
    1. Sending an electronic mail message
    2. Posting a file on a peer-to-peer file sharing service
    3. Typing with the rhythm of Morse code
    4. Writing data to a shared memory space
  98. Which one of the following would be a reasonable application for the use of self-signed digital certificates?
    1. Digital commerce website
    2. Banking application
    3. Internal scheduling application
    4. Customer portal
  99. Ron is investigating a security incident that took place at a highly secure government facility. He believes that encryption keys were stolen during the attack and finds evidence that the attackers used dry ice to freeze an encryption component. What type of attack was likely attempted?
    1. Side channel attack
    2. Brute-force attack
    3. Timing attack
    4. Fault injection attack
  100. Match the following numbered security models with the appropriate lettered security descriptions:

    Security models

    1. Clark-Wilson
    2. Graham-Denning
    3. Bell-LaPadula
    4. Biba


    1. This model blocks lower-classified objects from accessing higher-classified objects, thus ensuring confidentiality.
    2. The * property of this model can be summarized as “no write-up.”
    3. This model uses security labels to grant access to objects via transformation procedures and a restricted interface model.
    4. This model focuses on the secure creation and deletion of subjects and objects using eight primary protection rules or actions.
  101. Match each of these following numbered architecture security concepts with the appropriate lettered description:

    Architectural security concepts

    1. Time of check
    2. Covert channel
    3. Time of use
    4. Maintenance hooks
    5. Parameter checking
    6. Race condition


    1. A method used to pass information over a path not normally used for communication
    2. The exploitation of the reliance of a system's behavior on the sequence of events that occur externally
    3. The time at which the subject checks whether an object is available
    4. The time at which a subject can access an object
    5. An access method known only to the developer of the system
    6. A method that can help prevent buffer overflow attacks
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.