Multiple choice questions:
1. To be successful, the one thing that any security program must have is _____.
money
technology
skilled people
executive support
office space
2. An excellent document to review for best practices in security management is _____.
ISO/IEC 17799
BS 7799
ISO/IEC 27001
Appendix H of NIST SP 800-53
Any of the above
3. Compliance defines penalties that may be applied by _____ for violation of the security policy.
other users
offices
employee bargaining units
ISP administrators
the issuer of the policy
4. Governance is what kind of process?
Information Security
Records Management
Information Technology
Management
User
5. Out of the kinds of intellectual property, what is the one category that does not benefit from legal protection?
Copyright
Trademark
Patent
Trade secret
6. Which of the following statements is NOT true?
Patent law can be used to protect systems and processes.
Trademark law can be used to protect a company idea.
Copyright law can be used to protect source code and user interfaces.
Trade secret law can be used to protect processes and source code.
Trademarks can be used to protect domain names.
7. Information hiding or data hiding is implemented through _____.
abstraction
encapsulation
layering
isolated storage
encryption
8. Why are the Bell-LaPadula and Biba models called dual?
They are both confidentiality models.
They use exactly the same rules.
They are both state transition models.
They are the same model with reversed rules.
They are both no read up, no write down models.
9. Which of the following have been identified by the CISSP as major categories of computer crimes?
Military and intelligence attacks
Business attacks
Financial attacks
Terrorist attacks
All of the above
10. The _____ can be illustrated using something known as a ring of trust.
TCB
principle of least privilege
secondary storage zone
kernel