ITSY 1300 TEST 2 QUESTIONS & ANSWERS
The data security manage function is geared around ____ creation and enforcement -
Answer -Policy
____ policies provide directional guidance in broad terms - Answer -General
____ policies guide data security work - Answer -Computer Security
A(n) ____ guides individual access and employment of data - Answer -Acceptable use
policy
____ authentication is highly secure because physical characteristics such as
fingerprints are unique to the individual and hard to duplicate - Answer -Biometric
The ____ principle ensures that inappropriate accesses are identified and reported -
Answer -Accountability
____ are general statements about intent - Answer -Policies
"Account management" describes the actual management process that assigns the
monitors ____. - Answer -User privileges
Criterion-based access control is typically implemented by means of a pre-programmed
____. - Answer -Access control list
In a ____ system, the subject's access permissions are assigned based on the security
attributes that they possess and the rules that have been established for these
attributes. - Answer -Mandatory access control
In the world of business, the most common model for access control is ____. - Answer
-DAC
____ audit processes use event logs, critical system files, and other evidence-based
means to identify exploits that an automated system cannot recognize. - Answer -
Human-based
____ incidents include such things as pre-attack probes, unauthorized access attempts,
or structural vulnerabilities. - Answer -Potential
In simple terms, cryptography involves a(n) ____ algorithm. - Answer -Encryption
In ____ cryptography, the same key is used for both encryption and decryption. -
Answer -Secret Key
, In ____ cryptography, the encryption and decryption operations are the same, but they
use different keys. - Answer -Public Key
The term ____ describes the collection of technologies, protocols, and policies that
maintain, distribute, create, and validate public keys and their associated information. -
Answer -PKI
The ____ should specify how the asset base lining, access control, status accounting,
and data integrity functions will be carried out. - Answer -Evaluation plan
The ___ function ensures that the data and its associated controls are fully maintained
in the day-one state. - Answer -Status accounting
The day-one status of the data asset base is established through the ____. - Answer -
Baseline status evaluation
The ____ plan has to ensure that the findings contained in the report document any
expert conclusions drawn from the evidence. - Answer -Communications
Because of the legal concept of "____", it is possible that one questionable item of
evidence can also eliminate other forms of evidence that be derived from that item. -
Answer -Fruit of the poisoned tree
The simplest requirement for forensic evidence is that it is ____ in court. - Answer -
Believable
The ____ policy dictates how and in what time-frame spam is removed. - Answer -Data
retention
____ can include all internal storage sources such as static memory as well as disks
and other forms of storage. - Answer -Physical media
____ consists of the protocols for the analysis of data. - Answer -Forensic analysis
The principle feature of a final report is always the recommendation about the ____ of
the incident. - Answer -Root cause
The final element of the forensic process is the ____. - Answer -Dissemination of the
findings
The one single aspect of the conventional data processing operation that is certain to
require definition from a forensic perspective is the ____ policy. - Answer -Data
retention
Ensuring legally correct evidence in digital forensics is a tricky proposition, because it
relies on the proper use of ____. - Answer -Tools
The data security manage function is geared around ____ creation and enforcement -
Answer -Policy
____ policies provide directional guidance in broad terms - Answer -General
____ policies guide data security work - Answer -Computer Security
A(n) ____ guides individual access and employment of data - Answer -Acceptable use
policy
____ authentication is highly secure because physical characteristics such as
fingerprints are unique to the individual and hard to duplicate - Answer -Biometric
The ____ principle ensures that inappropriate accesses are identified and reported -
Answer -Accountability
____ are general statements about intent - Answer -Policies
"Account management" describes the actual management process that assigns the
monitors ____. - Answer -User privileges
Criterion-based access control is typically implemented by means of a pre-programmed
____. - Answer -Access control list
In a ____ system, the subject's access permissions are assigned based on the security
attributes that they possess and the rules that have been established for these
attributes. - Answer -Mandatory access control
In the world of business, the most common model for access control is ____. - Answer
-DAC
____ audit processes use event logs, critical system files, and other evidence-based
means to identify exploits that an automated system cannot recognize. - Answer -
Human-based
____ incidents include such things as pre-attack probes, unauthorized access attempts,
or structural vulnerabilities. - Answer -Potential
In simple terms, cryptography involves a(n) ____ algorithm. - Answer -Encryption
In ____ cryptography, the same key is used for both encryption and decryption. -
Answer -Secret Key
, In ____ cryptography, the encryption and decryption operations are the same, but they
use different keys. - Answer -Public Key
The term ____ describes the collection of technologies, protocols, and policies that
maintain, distribute, create, and validate public keys and their associated information. -
Answer -PKI
The ____ should specify how the asset base lining, access control, status accounting,
and data integrity functions will be carried out. - Answer -Evaluation plan
The ___ function ensures that the data and its associated controls are fully maintained
in the day-one state. - Answer -Status accounting
The day-one status of the data asset base is established through the ____. - Answer -
Baseline status evaluation
The ____ plan has to ensure that the findings contained in the report document any
expert conclusions drawn from the evidence. - Answer -Communications
Because of the legal concept of "____", it is possible that one questionable item of
evidence can also eliminate other forms of evidence that be derived from that item. -
Answer -Fruit of the poisoned tree
The simplest requirement for forensic evidence is that it is ____ in court. - Answer -
Believable
The ____ policy dictates how and in what time-frame spam is removed. - Answer -Data
retention
____ can include all internal storage sources such as static memory as well as disks
and other forms of storage. - Answer -Physical media
____ consists of the protocols for the analysis of data. - Answer -Forensic analysis
The principle feature of a final report is always the recommendation about the ____ of
the incident. - Answer -Root cause
The final element of the forensic process is the ____. - Answer -Dissemination of the
findings
The one single aspect of the conventional data processing operation that is certain to
require definition from a forensic perspective is the ____ policy. - Answer -Data
retention
Ensuring legally correct evidence in digital forensics is a tricky proposition, because it
relies on the proper use of ____. - Answer -Tools
