ITC 595 Quiz Solutions

·         Question 1

0.333 out of 0.333 points

	A concept that evolved out of requirements for military information security is called ___________.
	Answers: Reliable input Mandatory access control Open and closed policies Discretionary input

·         Question 2

0.333 out of 0.333 points

	A flaw or weakness in a system’s design, implementation, or operation and management that could be exploited to violate the system’s security policy is called____________.
	Answers: Countermeasure Vulnerability Adversary Risk

·         Question 3

0.333 out of 0.333 points

	A malicious attacker must have the following to ensure success:
	Answers: method, opportunity, and motive skills opportunity opportunity and motive

·         Question 4

0.333 out of 0.333 points

	Authentication is based on something
	Answers: one knows one is one has All the given options ?

·         Question 5

0.333 out of 0.333 points

	In biometrics the key issue is:
	Answers: whether false positives can be completely eliminated whether false negatives can be completely eliminated whether the rate of false positives and false negatives is acceptable whether both false positives and false negatives can be completely eliminated

·         Question 6

0.333 out of 0.333 points

	Interruption affects which one of the following?
	Answers: Availability Integrity Authenticity None of the above

·         Question 7

0.333 out of 0.333 points

	Modification of the information means:
	Answers: Unauthorized party fabricate counterfeit objects on a computing system An asset of the system becomes lost, unavailable or unusable An unauthorized party not only accesses but tampers with an asset Some unauthorized party has gained access to an asset

·         Question 8

0.333 out of 0.333 points

	Presenting or generating authentication information that corroborates the binding between the entity and the identifier is the ___________.
	Answers: identification step verification step authentication step corroboration step

·         Question 9

0.333 out of 0.333 points

	Recognition by fingerprint, retina, and face are examples of __________.
	Answers: face recognition? dynamic biometrics static biometrics token authentication

·         Question 10

0.333 out of 0.333 points

	Spoofing represents an attack against data.....................
	Answers: Confidentiality Availability Accuracy Integration ?

·         Question 11

0.333 out of 0.333 points

	The security triad is built around the following properties:
	Answers: Authentication, repudiation and integrity Confidentiality, availability and integrity Authentication, non-repudiation and integrity None of the above

·         Question 12

0.333 out of 0.333 points

	Which of the following strategy is one in which the system periodically runs its own password cracker to find guessable passwords?
	Answers: user education proactive password checking reactive password checking computer-generated password

·         Question 13

0.333 out of 0.333 points

	Which of these is the process to determine if the credentials given by a user or another system are authorized to access the network resource in question?
	Answers: Confidentiality Integrity Availability Authentication

·         Question 14

0.333 out of 0.333 points

	Which one of the following implements a security policy that specifies who or what may have access to each specific system resource and the type of access that is permitted in each instance.
	Answers: Audit control Resource control System control Access control

·         Question 15

0.333 out of 0.333 points

	__________ is based on the roles the users assume in a system rather than the user’s identity.
	Answers: DAC RBAC MAC URAC