55. Which of the following refers to logical system isolation solutions to prevent security breaches?
1. Demilitarized zones
2. Screened subnet firewalls
3. Electronic mail gateways
4. Proxy servers
a. 1 and 2
b. 1 and 3
c. 3 and 4
d. 1, 2, 3, and 4
55. a. System isolation means separating system modules or components from each other so that damage is eliminated or reduced. Layers of security services and mechanisms include demilitarized zones (DMZs) and screened subnet firewalls. E-mail gateways and proxy servers are examples of logical access perimeter security controls.
56. In which of the following security operating models is the minimum user clearance not cleared and the maximum data sensitivity not classified?
a. Dedicated security mode
b. Limited access mode
c. System high-security mode
d. Partitioned mode
56. b. Security policies define security modes. A security mode is a mode of operation in which management accredits a computer system to operate. One such mode is the limited access mode, in which the minimum user clearance is not cleared and the maximum data sensitivity is not classified but sensitive.
Dedicated security mode is incorrect. It is the mode of operation in which the system is specifically and exclusively dedicated to and controlled for the processing of one particular type or classification of information, either for full-time operation or for a specified period of time.
System high-security mode is incorrect. It is the mode of operation in which system hardware or software is trusted to provide only need-to-know protection between users. In this mode, the entire system, to include all components electrically and/or physically connected, must operate with security measures commensurate with the highest classification and sensitivity of the information being processed and/or stored. All system users in this environment must possess clearances and authorizations for all information contained in the system, and all system output must be clearly marked with the highest classification and all system caveats, until the information has been reviewed manually by an authorized individual to ensure appropriate classifications and caveats have been affixed.
Partitioned mode is incorrect. It is a mode of operation in which all persons have the clearance, but not necessarily the need-to-know and formal access approval, for all data handled by a computer system.
57. Which of the following is not like active content?
a. Character documents
b. Trigger actions automatically
c. Portable instructions
d. Interpretable content
57. a. Broadly speaking, active content refers to electronic documents that, unlike past character documents based on ASCII, can carry out or trigger actions automatically without an individual directly or knowingly invoking the actions.
Active content technologies allow code, in the form of a script, macro, or other kind of portable instruction representation, to execute when the document is rendered. Examples of active content include PostScript documents, Web pages containing Java applets and JavaScript instructions, proprietary desktop-application formatted files containing macros, spreadsheet formulas, or other interpretable content, and interpreted electronic mail formats having embedded code or bearing executable attachments. Electronic mail and Web pages accessed through the Internet provide efficient means for conveying active content, but they are not the only ones. Active content technologies span a broad range of products and services, and involve various computational environments including those of the desktop, workstations, servers, and gateway devices.
58. Which of the following creates a covert channel?
a. Use of fixed labels
b. Use of variable labels
c. Use of floating labels
d. Use of nonfloating labels
58. c. The covert channel problem resulting from the use of floating labels can lead to erroneous information labels but cannot be used to violate the access control policy enforced by the fixed labels. A fixed label contains a “sensitivity” level and is the only label used for access control. The floating label contains an “information” level that consists of a second sensitivity level and additional security markings.
59. Attackers installing spyware and connecting the computing platform to a botnet are examples of which of the following?
a. Browser-oriented attacks
b. Server-oriented attacks
c. Network-oriented attacks
d. User-oriented attacks
59. a. Attackers may take advantage of browser vulnerabilities in mobile code execution environments. Attackers may install spyware, connect the computing platform to a botnet, or modify the platform’s configuration, which are examples of browser-oriented attacks.
60. Which of the following is applied to all aspects of a system design or security solution?
a. Policy
b. Procedure
c. Standard
d. Control
60. a. A security policy is applied to all aspects of the system design or security solution. The policy identifies security goals (i.e., confidentiality, integrity, and availability) the system should support and theses goals guide the procedures, standards, and controls used in the IT security architecture design.
61. A system employs sufficient hardware and software integrity measures to allow its use for processing simultaneously a range of sensitive or classified information. Which of the following fits this description?
a. Boundary system
b. Trusted system
c. Open system
d. Closed system
61. b. A trusted system employs sufficient hardware and software integrity measures to allow its use for processing simultaneously a range of sensitive or classified information.
A boundary system can establish external boundaries and internal boundaries to monitor and control communications between systems. A boundary system employs boundary protection devices (e.g., proxies, gateways, routers, firewalls, hardware/software guards, and encrypted tunnels) at managed interfaces. An open system is a vendor-independent system designed to readily connect with other vendors’ products. A closed system is the opposite of an open system in that it uses a vendor-dependent system.
62. A flaw in a computer system is exploitable. Which of the following provides the best remedy?
a. Hire more IT security analysts.
b. Hire more IT system auditors.
c. Install more IT layered protections.
d. Hire more IT security contractors.