Computer Science > EXAM > C725 INFO SEC & ASSURANCE QUESTIONS WITH COMPLETE SOLUTIONS (All)

C725 INFO SEC & ASSURANCE QUESTIONS WITH COMPLETE SOLUTIONS

Document Content and Description Below

Four common classes of safe ratings are Correct Answer: B-Rate: B-Rate is a catchall rating for any box with a lock on it. This rating describes the thickness of the steel used to make the lockbox. No actual testing is performed to gain this rating. C-Rate: This is defined as a variably thick steel box with a 1-inch-thick door and a lock. No tests are conducted to provide this rating, either. UL TL-15: Safes with an Underwriters Laboratory (UL) TL-15 rating have passed standardized tests as defined in UL Standard 687 using tools and an expert group of safe-testing engineers. The UL TL-15 label requires that the safe be constructed of 1-inch solid steel or equivalent. The label means that the safe has been tested for a net working time of 15 minutes using "common hand tools, drills, punches hammers, and pressure applying devices." Net working time means that when the tool comes off the safe, the clock stops. Engineers exercise more than 50 different types of attacks that have proven effective for safecracking. UL TL-30: UL TL-30 testing is essentially the same as the TL-15 testing, except for the net working time. Testers get 30 minutes and a few more tools to help them gain access. Testing engineers usually have a safe's manufacturing blueprints and can disassemble the safe before the test begins to see how it works. Confidentiality is sometimes referred to as Correct Answer: the principle of least privilege, meaning that users should be given only enough privilege to perform their duties, and no more. Some other synonyms for confidentiality you might encounter include privacy, secrecy, and discretion. Confidentiality models are Correct Answer: primarily intended to ensure that no unauthorized access to information is permitted and that accidental disclosure of sensitive information is not possible. Common confidentiality controls are user IDs and passwords. Question: Related to information security, confidentiality is the opposite of which of the following? Correct Answer: Disclosure Question :Which of the following represents the three goals of information security? Correct Answer: Confidentiality, integrity, and availability Defense in depth is needed to ensure that which three mandatory activities are present in a security system? Correct Answer: Prevention, detection, and response What is defense in dept Correct Answer: It requires layering security devices in a series that protects, detects, and responds to attacks on systems.

[Show More]

Last updated: 3 years ago

Preview 1 out of 12 pages

Get Access

Instant download after payment

Card Payments

₿ Crypto Accepted

Instant download