SEC360 Quiz Week 3


SEC360 Quiz Week 3
(TCO 5) What does a product or system have enforced over it by one or more…

SKU: SEC360 Quiz Week 3 Categories: , Tags: , , ,


SEC360 Quiz Week 3

SEC360 Quiz Week 3


(TCO 3) According to your text, what are the four types of corporate policies?

Physical, personnel, technical, and administrative

Programme-level, programme-framework, issue specific, and system specific

Corporate, system, technology, and device

Technical, operational, procedural, and management

Laws, orders, directives, and regulations

(TCO 3) A user cannot access a file/folder to perform his/her required work activities. Who should the user contact?

Security testers

Security administrators

Access coordinators

Network engineers

Chief information security officers

(TCO 3) _____ authorize access to information.

Security administrators

Information owners

Access coordinators

Network engineers


(TCO 3) What does SDLC stands for?

Software development license cycle

Software development life cycle

System development life cycle

System definition life cycle

None of the above

(TCO 4) Various countries have different views of individual privacy. The European Union (EU) has very different privacy laws than the United States has. To allow U.S. companies better ease of operation in the European Union, the Department of Commerce negotiated the _____ with the EU.

Privacy treaty

Memorandum of Agreement regarding privacy

Privacy Reciprocity Act of 1993

International safe harbor principles

Privacy Act of 1983

(TCO 4) Which of the following statements is NOT true?

Patent law can be used to protect systems and processes

Trademark law can be used to protect a company idea

Copyright law can be used to protect source code and user interfaces

Trade secret law can be used to protect processes and source code.

Trademarks can be used to protect domain names

(TCO 5) A reference monitor should have all of the following except which attribute?

Complete in that it mediates all access between subjects and objects

Changeable by other system entities

Simple enough to be completely verified

Highly tamper resistant

Impossible to bypass

(TCO 5) Why are the Bell-LaPadula and Biba models called dual?

They are both confidentiality models

They use exactly the same rules

They are both state transition models

They are the same model with reversed rules

They are both no read up, no write down models

(TCO 4) The _____ program has created the need for companies that create protective equipment to help prevent spies from detecting stray computer signals

Information warfare

Qualitative risk analysis

Information assurance


None of the above

(TCO 5) What does a product or system have enforced over it by one or more components of the trusted computing base (TCB)?

Tools and methodologies

Unified security policy

Kernel monitoring

Driver signing