Description
Devry SEC 360 All Quiz Latest
Devry SEC 360 Week 1 Quiz Latest
(TCO 1) Defense-in-depth is a _____.
security requirement
security model
security strategy
security policy
security control
Question 2. Question :
(TCO 1) What are the common effects of controls?
Prevention, detection, and response
Administration, technology, and physical
Detection, accounting, and access control
Identification, audit, and access control
Confidentiality, integrity, and availability
Question 3. Question :
(TCO 1) Information security managers should not be motivated by _____.
IN concern for the well-being of society
governmental regulation
fear, uncertainty, and doubt
promotion potential
readiness
:
Question 4. Question :
(TCO 1) The unique security issues and considerations of every system make it crucial to understand all of the following, except _____.
security standards
security skills of developers
hardware and software security configurations
data sensitivity
IN the business of the organization
Question 5. Question :
(TCO 2) Which of the following domains is not part of the IISSCC CBK?
Architecture
Project Management
Ethics
Law
Operations Security
Question 6. Question :
(TCO 2) A security event that causes damage is called _____.
IN a compromise
a violation
an incident
a mishap
a transgression
Question 7. Question :
(TCO 2) What is the enemy of security?
Industry
Foreign nations
Competitors
Complexity
People
Question 8. Question :
(TCO 2) What are the effects of security controls?
Confidentiality, integrity, and availability
Administrative, physical, and operational
Detection, prevention, and response
Management, operational, and technical
None of the above
Question 9. Question :
(TCO 1) Policies and procedures are often referred to as _____.
models
a necessary evil
guidelines
documentation
Question 10. Question :
(TCO 2) There are _____ domains of the Common Body of Knowledge.
12
nine
11
10
Devry SEC 360 Week 3 Quiz Latest
(TCO 3) _____ conduct periodic risk-based reviews of information assets, policies, and procedures.
Security testers
Vendor managers
Internal auditors
Access coordinators
Technical managers
Text, page 81
Points Received: 5 of 5
Comments:
Question 2. Question :
(TCO 3) An excellent document to review for best practices in security management is _____.
IN ISO/IEC 17799
BS 7799
ISO/IEC 27001
Appendix H of NIST SP 800-53
Any of the above
Points Received: Comments:
Question 3. Question :
(TCO 3) An organization’s security posture is defined and documented in _____ that must exist before any computers are used.
standards
guidelines
procedures
policies
All of the above
Text, pages 68-73
Points Received: 5 of 5
Comments:
Question 4. Question :
(TCO 3) What does SDLC stands for?
Software development license cycle
Software development life cycle
System development life cycle
System definition life cycle
None of the above
Lecture
Points Received: 5 of 5
Comments:
Question 5. Question :
(TCO 4) Various countries have different views of individual privacy. The European Union (EU) has very different privacy laws than the United States has. To allow U.S. companies better ease of operation in the European Union, the Department of Commerce negotiated the _____ with the EU.
privacy treaty
Memorandum of Agreement regarding privacy
Privacy Reciprocity Act of 1993
international safe harbor principles
Privacy Act of 1983
Text, page 150
Points Received: 5 of 5
Comments:
Question 6. Question :
(TCO 4) Which of the following “commandments” should be part of the information security professional’s code of ethics?
I will abide by the Constitution of the United States.
I will dress appropriately for the company environment.
I will protect the equities of senior management.
I will act honorably, honestly, justly, responsibly, and legally.
Text, page 154
Points Received: 5 of 5
Comments:
Question 7. Question :
(TCO 5) Information hiding or data hiding is implemented through _____.
abstraction
encapsulation
layering
isolated storage
encryption
Text, page 94
Points Received: 5 of 5
Comments:
Question 8. Question :
(TCO 5) A reference monitor is _____.
a security model
a security control
a network security model
only appropriate in ringed architecture
Text, page 90 and lecture
Points Received: 5 of 5
Comments:
Question 9. Question :
(TCO 4) Denial of service attacks, rogue code, and software piracy are some of the ways that _____ commit crimes.
aggressive programmers
computer enthusiasts
cyber criminals
foreign operatives
Text, page 144
Points Received: 5 of 5
Comments:
Question 10. Question :
(TCO 5) The _____ can be illustrated using something known as a ring of trust.
TCB
principle of least privilege
secondary storage zone
kernel
Text, page 91
Points Received: 5 of 5
Comments:
* Times are displayed in (GMT-07:00) Mountain Time (US & Canada)
Devry SEC 360 Week 5 Quiz Latest
TCO 6) The layers of physical security defense in depth do not include _____.
monitoring (video or human)
intrusion detection/prevention
mechanical and electronic
environmental
security clearances
(Week 4 Lecture) Security clearances are personnel security controls. Authenticating clearances may well be part of the physical security process.
Points Received: 5 of 5
Comments:
Question 2. Question :
(TCO 6) Which of the following are categories of intrusion detection devices?
Door sensors
Biometric detectors
Perimeter detectors
Security detectors
All of the above
Text, pages 175-176
Points Received: 5 of 5
Comments:
Question 3. Question :
(TCO 6) Physical security deals with all of the following except _____.
buildings
logical systems
computer rooms
computer devices
fences
Text, Chapter 8, p. 165
Points Received: 5 of 5
Comments:
Question 4. Question :
(TCO 7) Security operations generally does not provide controls for _____.
IN personnel security
resource protection
backup and recovery of locally stored workstation data
privileged entity controls
virus scanning
Text, page 193
Points Received: 0 of 5
Comments:
Question 5. Question :
(TCO 7) Security operations does NOT use controls for _____.
threats
vulnerabilities
intrusions
communications devices
management decision making
(Lecture) Security operations provides information to management, but does not decide for management.
Points Received: 5 of 5
Comments:
Question 6. Question :
(TCO 8) Disaster recovery planning includes all of the following except _____.
IT systems and applications
application data
data entry users
networks
IN communication lines
Text, pages 129-133
Points Received: 0 of 5
Comments:
Question 7. Question :
(TCO 8) A business impact analysis identifies _____.
risks to the business
quantifies risks
risks to the business if critical services are discontinued
IN priorities of restoring critical services
All of the above
Text, Chapter 6, p. 128
Points Received: 0 of 5
Comments:
Question 8. Question :
(TCO 9) The minimum set of access rights or privileges needed to perform a specific job description is called _____.
separation of duties
least privilege
privileged controls
separation of privilege
Text, pages 188 & 206
Points Received: 5 of 5
Comments:
Question 9. Question :
(TCO 9) Which of the following is NOT true for RADIUS?
Uses remote access Dial-In User Service
Used by AOL to authenticate users
Creates a private tunnel between end points
Policies can be centrally administered
Can use multifactor authentication
(Text, p. 220) Radius is not a tunneling technology.
Points Received: 5 of 5
Comments:
Question 10. Question :
(TCO 9) The predominant strategy that is used to assure confidentiality is _____.
biometric authentication
discretionary access control
role-based access control
symmetric encryption
the principle of least privilege
Text, page 206
Points Received: 5 of 5
Comments:
* Times are displayed in (GMT-07:00) Mountain Time (US & Canada)
Devry SEC 360 Week 7 Quiz Latest
(TCO 10) Secure hashing is also known as _____.
public-key cryptography
a message digest
Transport Layer Security
Secure Sockets Layer
IPSec
Instructor Explanation: Week 6 Lecture and page 239 of course text
Points Received: 5 of 5
Comments:
Question 2. Question :
(TCO 10) Which of the following uses symmetric-key or shared-secret cryptography?
AES
RSA
Diffie Hellman
IN MD5
PSA
Instructor Explanation: Week 6 Lecture and pages 244-245 of course text
Points Received: 0 of 5
Comments:
Question 3. Question :
(TCO 11) Firewalls do not _____.
block unauthorized traffic
detect tampering
use simple software
filter words or phrases in traffic
enforce a security policy
Instructor Explanation: Week 6 Lecture and pages 275-279 of course text
Points Received: 0 of 5
Comments:
Question 4. Question :
(TCO 11) Which of the following is not a characteristic of a proxy server?
Configured to allow access only to specific systems
Maintains detailed audit information
Dependent on all other proxies on the bastion host
Runs as a nonprivileged user
Any service that is not supported by the proxy server is blocked.
Instructor Explanation: Page 273 of course text and Week 6 Lecture
Points Received: 5 of 5
Comments:
Question 5. Question :
(TCO 12) Modern intrusion detection systems act as sensors for hosts and network devices and work in a centrally controlled distributed fashion using _____.
software
remote procedure calls
agent technology
common interfaces
access to local audit records
Instructor Explanation: (Week 7 Lecture) Distributed agent technology with a central management module is most common.
Points Received: 0 of 5
Comments:
Question 6. Question :
(TCO 12) A decoy used to lure intruders into staying around is called a(n) _____.
pharm
phish
entrapment
honeypot
mug of ale
Instructor Explanation: (Week 7 Lecture) A honeypot is a decoy to capture the attention of intruders. A mug of ale might work, but that is not software!
Points Received: 5 of 5
Comments:
Question 7. Question :
(TCO 12) An event where seemingly harmless data is forwarded by the router to a host on an internal network is known as a _____.
drive-by attack
proxy-server attack
data-driven attack
penetration testing
steganography
Instructor Explanation: Page 271 of course text
Points Received: 5 of 5
Comments:
Question 8. Question :
(TCO 13) Which form of malware is dependent on operating systems and replicating?
Trap door
Virus
Worm
Trojan
Logic bomb
Instructor Explanation: Week 7 Lecture and page 304 of course text
Points Received: 5 of 5
Comments:
Question 9. Question :
(TCO 13) Which phase of the SDLC should have security representation?
Concept definition
Requirements definition
Design
Test and Evaluation
All phases
Instructor Explanation: Week 7 Lecture and page 307 of course text
Points Received: 5 of 5
Comments:
Question 10. Question :
(TCO 13) Which form of malware contains hidden and malicious functions disguised as a utility program that performs useful work?
Trap door
Virus
Worm
Trojan horse
Logic bomb
Instructor Explanation: Page 304 of course text
Points Received: 5 of 5
Comments:
* Times are displayed in (GMT-07:00) Mountain Time (US & Canada)
DeVry Courses helps in providing the best essay writing service. If you need 100% original papers for Devry SEC 360 All Quiz Latest, then contact us through call or live chat.
Devry SEC 360 All Quiz Latest
Reviews
There are no reviews yet.