A __ is to try every possible key on a piece of ciphertext until an intelligible translation into plaintext is obtained.
Select one:
a. mode of operation
b. hash function
c. cryptanalysis
d. brute-force attack
__ is a function that removes specific identifying information from query results, such as last name and telephone number, but creates some sort of unique identifier so that analysts can detect connections between queries.
Select one:
a. Anonymization
b. Data transformation
c. Immutable audit
d. Selective revelation
The most vulnerable part of an IoT is the __ .
Select one:
a. smart objects/embedded systems
b. fog/edge network
c. core network
d. data center/cloud
An area of a facility that has no security interest is classified as _.
Select one:
a. unrestricted
b. controlled
c. limited
d. exclusion
The _ module performs end-to-end encryption and obtains session keys on behalf of users.
Select one:
a. PKM
b. RCM
c. SSM
d. CCM
_ is an organization that produces data to be made available for controlled release, either within the organization or to external users.
Select one:
a. Client
b. Data owner
c. User
d. Server
__ is intended to permit others to perform, show, quote, copy, and otherwise distribute portions of the work for certain purposes.
Select one:
a. Reverse engineering
b. Personal privacy
c. Fair use
d. Encryption research
The ideal solution to the threat of malware is __.
Select one:
a. identification
b. removal
c. detection
d. prevention
_ is a document that describes the application level protocol for exchanging data between intrusion detection entities.
Select one:
a. RFC 4767
b. RFC 4766
c. RFC 4765
d. RFC 4764
_ scan critical system files, directories, and services to ensure they have not been changed without proper authorization.
Select one:
a. Intrusion prevention systems
b. System integrity verification tools
c. Log analysis tools
d. Network and host intrusion detection systems
__ is the identification of data that exceed a particular baseline value.
Select one:
a. Anomaly detection
b. Real-time analysis
c. Thresholding
d. All of the above
__ refers to setting a maximum number with respect to roles.
Select one:
a. Cardinality
b. Prerequisite
c. Exclusive
d. Hierarchy
__ systems should not run automatic updates because they may possibly introduce instability.
Select one:
a. Configuration controlled
b. Policy controlled
c. Change controlled
d. Process controlled
Subject attributes, object attributes and environment attributes are the three types of attributes in the __ model.
Select one:
a. DSD
b. RBAC
c. ABAC
d. SSD
A restricted area within close proximity of a security interest has a classification of __.
Select one:
a. exclusion
b. controlled
c. limited
d. unrestricted
A __ is any action that compromises the security of information owned by an organization.
Select one:
a. security mechanism
b. security attack
c. security policy
d. security service
__ specification indicates the impact on the organization should the particular threat in question actually eventuate.
Select one:
a. Risk
b. Consequence
c. Threat
d. Likelihood
_ is a tool used to automatically identify potentially vulnerable programs.
Select one:
a. Slamming
b. Sledding
c. Fuzzing
d. All the above
__ is an organization that receives the encrypted data from a data owner and makes them available for distribution to clients.
Select one:
a. User
b. Client
c. Data owner
d. Server
Identification and authentication is part of the _ class of security controls.
Select one:
a. technical
b. operational
c. management
d. none of the above
Answers
- d
- a
- a
- a
- c
- b
- c
- d
- a
- b
- c
- a
- c
- c
- c
- b
- b
- c
- d
- a