Sample Test for CSC459

Question 1.What are the 3 views of Security?

Defense, Offense, and Detection
Control, Deterrence, and Integrity
Defense, Deterrence, and Detection
Defense, Auditing, and Authorization
Confidentiality, Integrity, Availability

Correct Answer is: c.

Question 1.The process of mutual authentication involves _______________.

A user authenticating to a system and the system authenticating to the user

A user authenticating to two systems at the same time
A user authenticating to a server and then to a process
A user authenticating, receiving a ticket, and then authenticating to a service

Correct Answer is: a.

Question 2.Spoofing can be described as which of the following?

A)Eavesdropping on a communication link

B)Working through a list of words

C)Session hijacking

D)Pretending to be someone or something else

Correct Answer is: d.

Question 3.If a company has a high turnover rate, which access control structure is best

A)Role based

B)Decentralized

C)Rule based

D) Discretionary

Correct Answer is: a

Question 4.Which best describes authentication

A)Registering a user

B)Identifying a user

C)Validating a user

D)Authorizing a user

Correct Answer is: c

Question 5.Which is the most important item when it comes to ensuring that security is successful in an organization

a)Senior management support

b)Biometric based smartcards for building access

c)Internal web access to policies and procedures

d)Centralized management of anti-virus on all desktop machines

Correct Answer is: a

Question 6.Which of the following best describes a value-"role based access control" offers companies in reducing administrative burdens

a)It allows users to change access rights whenever they want.

b)It ensures secure communication between computers.

c)User membership in roles can be easily revoked and new ones established as job assignments dictate.

d)enforces an enterprise-wide security policy, standards, and guidelines.

Correct Answer is: c

Question 7.An access control model should be applied in a _______________ manner

a)Detective

b)Recovery

c)Corrective

d)Preventive

Correct Answer is: d

Question 8.A password is mainly used for what function?

a)Identity

b)Registration

c)Authentication

d)Authorization

Correct Answer is: c.

Question 9.What is the primary purpose of using one-way hashing on user passwords?

a)Minimizes the amount of primary and secondary storage needed to store passwords

b)Prevents anyone from reading passwords in plaintext

c)Avoids excessive processing required by an asymmetric algorithm

d)Prevents replay attacks

Correct Answer is: b.

Question 10.Which three security protocols operate at layer 4 and which transport layer protocols they can be used with?

a)TLS/SSL with UDP, DTLS with TCP, SSH with UDP

b)IPsec with TCP, PGP with UDP, SET with TCP

c)TLS/SSL with TCP, DTLS with UDP, SSH with TCP

d)SET with TCP, PGP with UDP, SSL with TCP

Correct Answer is: c.

Question 11.When should security first be addressed in a project?

A)During requirements development.

b)During integration testing.

c)During design specifications.

d)During implementation.

Correct Answer: A

Question 12.The first phase of risk management is ____.

a.	risk identification	c.	risk control
b.	design	d.	risk evaluation

Question 13.Bit stream methods commonly use algorithm functions like the exclusive OR operation (____).

a.	XOR	c.	NOR
b.	EOR	d.	OR

Question 14____ functions are mathematical algorithms that generate a message summary or digest to confirm the identity of a specific message and to confirm that there have not been any changes to the content.

a.	Hash	c.	Key
b.	Map	d.	Encryption

Question 15.____ is an integrated system of software, encryption methodologies, protocols, legal agreements, and third-party services that enables users to communicate securely.

a.	MAC	c.	DES
b.	PKI	d.	AES

12.ANS:A

13.ANS:A

14.ANS:A

15.ANS:B