36. Which of the following can increase emanation attacks?

a. Greater separation between the system and the receiver

b. Higher signal-to-noise ratio

c. Wireless local-area network connections

d. More workstations of the same type in the same location

36. c. The trend toward wireless local-area network (WLAN) connections can increase the likelihood of successful interception leading to emanation attack. The other three choices decrease the emanation attacks.

37. In the trust hierarchy of a computer system, which of the following is least trusted?

a. Operating system

b. System user

c. Hardware/firmware

d. Application system

37. c. In a computer system, trust is built from the bottom layer up, with each layer trusting all its underlying layers to perform the expected services in a reliable and trustworthy manner. The hardware/firmware layer is at the bottom of the trust hierarchy and is the least trusted. The system user layer is at the top of the trust hierarchy and is the most trusted. For example, the users trust the application system to behave in the manner they expect of it. The layers from the top to the bottom include system user, application system, operating system, and hardware/firmware.

38. In organizations, isolating the information system security functions from nonsecurity functions is achieved through:

1. Hardware separation

2. Independent modules

3. Layered structure

4. Minimal interactions

a. 1 and 2

b. 2 and 3

c. 3 and 4

d. 1, 2, 3, and 4

38. d. An information system isolates security functions from nonsecurity functions by means of partitions and domains, including control of access to and integrity of the hardware, software, and firmware that perform those security functions. The system maintains a separate execution domain (e.g., address space) for each executing process. It employs hardware separation techniques, divides the access control and information flow functions, maintains security functions in largely independent modules that avoid unnecessary interactions between modules, and maintains security functions in a layered structure minimizing interactions between layers of the design.

39. In the trusted computing base (TCB) environment, the compromise resulting from the execution of a Trojan horse can be examined from which of the following perspectives?

a. Compromise from above

b. Compromise from within

c. Compromise from below

d. Compromise from cross domains

39. a. The compromise resulting from the execution of a Trojan horse that misuses the discretionary access control (DAC) mechanism is an example of compromise from above.

The other three choices do not allow such an examination. Compromise from within occurs when a privileged user or process misuses the allocated privileges. Compromise from below occurs as a result of accidental failure of an underlying trusted component. Compromise from cross domains is not relevant here.

40. All of the following are the most simplest and practical approaches to controlling active content documents and mobile code except:

a. Isolation at the system level

b. Isolation at the physical level

c. Isolation at the program level

d. Isolation at the logical level

40. b. Isolation can be applied at various levels to minimize harm or damage resulting from inserting malicious hidden code. The simplest one is complete isolation at the system level (high level) and the hardest one is at the physical level (low level) when controlling the active content documents and mobile code. Physical level means being close to the PC/workstation’s hardware, circuits, and motherboards, which is not practical with remote computing. This means physical isolation is not always possible due to location variables.

Regarding system level isolation, a production computer system that is unable to receive active content documents cannot be affected by malicious hidden code insertions. Logical level isolation consists of using router settings or firewall rulesets. Program level isolation means isolating tightly bounded, proprietary program components. By integrating products from different manufacturers, you can effectively isolate program components from not using the standard documented interfaces.

41. Which of the following assumes that control over all or most resources is possible?

a. Security and quality

b. Reliability and availability

c. Security and survivability

d. Integrity and durability

41. c. Security and survivability requirements are based on the bounded system concept, which assumes that control over all resources is possible. Security and survivability must be part of the initial design to achieve the greatest level of effectiveness. Security should not be something added on later to improve quality, reliability, availability, integrity, or durability or when budget permits or after an attack has already occurred.

42. Which of the following eliminates single point-of-failure?

a. SCSI

b. PATA

c. RAID

d. SATA

42. c. Redundant arrays of independent disks (RAID) protect from single points-of-failure. RAID technology provides greater data reliability through redundancy—data can be stored on multiple hard drives across an array, thus eliminating single points-of-failure and decreasing the risk of data loss significantly. RAID systems often dramatically increase throughput of both reading and writing as well as overall capacity by distributing information across multiple drives. Initially, RAID controllers were based on using small computer systems interface (SCSI), but currently all common forms of drives are supported, including parallel-ATA (PATA), serial-ATA (SATA), and SCSI.

43. In an end user computing environment, what is the least important concern for the information security analyst?

a. Data mining

b. Data integrity

c. Data availability

d. Data usefulness

43. a. Data mining is a concept where the data is warehoused for future retrieval and use. Data mining takes on an important role in the mainframe environment as opposed to the personal computer (end user) environment. Management at all levels relies on the information generated by end user computer systems. Therefore, data security, integrity, availability, and usefulness should be considered within the overall business plans, requirements, and objectives. Data security protects confidentiality to ensure that data is disclosed to authorized individuals only.

Data integrity addresses properties such as accuracy, authorization, consistency, timeliness, and completeness. Data availability ensures that data is available anywhere and anytime to authorized parties. Data usefulness ensures that data is used in making decisions or running business operations.