Topic 2: . Asset Security
In a data classification scheme, the data is owned by the
A.
system security managers
B.
business managers
C.
Information Technology (IT) managers
D.
end users
business managers
Which of the following is an effective control in preventing electronic cloning of Radio Frequency Identification (RFID) based access cards?
A.
Personal Identity Verification (PIV)
B.
Cardholder Unique Identifier (CHUID) authentication
C.
Physical Access Control System (PACS) repeated attempt detection
D.
Asymmetric Card Authentication Key (CAK) challenge-response
Personal Identity Verification (PIV)
Which of the following is an initial consideration when developing an information security management system?
A.
Identify the contractual security obligations that apply to the organizations
B.
Understand the value of the information assets
C.
Identify the level of residual risk that is tolerable to management
D.
Identify relevant legislative and regulatory compliance requirements
Identify relevant legislative and regulatory compliance requirements
Which of the following is MOST important when assigning ownership of an asset to a
department?
A.
The department should report to the business owner
B.
Ownership of the asset should be periodically reviewed
C.
Individual accountability should be ensured
D.
All members should be trained on their responsibilities
All members should be trained on their responsibilities
Which one of the following affects the classification of data?
A.
Assigned security label
B.
Multilevel Security (MLS) architecture
C.
Minimum query size
D.
Passage of time
Passage of time
The use of private and public encryption keys is fundamental in the implementation of which of the following?
A.
Diffie-Hellman algorithm
B.
Secure Sockets Layer (SSL)
C.
Advanced Encryption Standard (AES)
D.
Message Digest 5 (MD5)
Secure Sockets Layer (SSL)
What is the second phase of Public Key Infrastructure (PKI) key/certificate life-cycle management?
A.
Implementation Phase
B.
Initialization Phase
C.
Cancellation Phase
D.
Issued Phase
Issued Phase
Which technique can be used to make an encryption scheme more resistant to a known plaintext attack?
A.
Hashing the data before encryption
B.
Hashing the data after encryption
C.
Compressing the data after encryption
D.
Compressing the data before encryption
Compressing the data before encryption
Who in the organization is accountable for classification of data information assets?
A.
Data owner
B.
Data architect
C.
Chief Information Security Officer (CISO)
D.
Chief Information Officer (CIO)
Data owner
Which security service is served by the process of encryption plaintext with the sender’s private key and decrypting cipher text with the sender’s public key?
A.
Confidentiality
B.
Integrity
C.
Identification
D.
Availability
Confidentiality
Which component of the Security Content Automation Protocol (SCAP) specification contains the data required to estimate the severity of vulnerabilities identified automated vulnerability assessments?
A.
Common Vulnerabilities and Exposures (CVE)
B.
Common Vulnerability Scoring System (CVSS)
C.
Asset Reporting Format (ARF)
D.
Open Vulnerability and Assessment Language (OVAL)
Common Vulnerability Scoring System (CVSS)
Which of the following mobile code security models relies only on trust?
A.
Code signing
B.
Class authentication
C.
Sandboxing
D.
Type safety
Code signing
| Page 2 out of 124 Pages |
| Previous |