Answered You can buy a ready-made answer or pick a professional tutor to order an original one.

QUESTION

Question 1. 1. (TCO 1) Information security is a process that protects all of the following except _____. (Points : 5)

Question 1. 1. (TCO 1) Information security is a process that protects all of the following except _____. (Points : 5)

      personal privacy      payroll integrity      service availability      readiness      hardware integrity 

Question 2. 2. (TCO 2) The _____ of the 17 NIST control _____ can be placed into the 10 IISSCC _____ comprising the common body of knowledge for information security. (Points : 5)

      technologies, domains, families      controls, families, domains      domains, families, technologies      principles, domains, families      controls, domains, principles 

Question 3. 3. (TCO 2) What are the classes of security controls? (Points : 5)

      Detection, prevention, and response      Management, technical, and operational      Administrative, technical, and physical      Administrative, technical, and procedural 

Question 4. 4. (TCO 3) Security policies, regardless of level, should ensure that _____ of assets is distinguished, _____ of people is maintained, and that _____ is managed because that is the enemy of security. (Points : 5)

      sensitivity, separation of duties, technology      labels, responsibility, complexity      labels, accountability, technology      organization, accountability, complexity      sensitivity, separation of duties, complexity 

Question 5. 5. (TCO 4) Privacy legislation is written to protect _____. (Points : 5)

      companies      managers      citizens      employees      All of the above 

Question 6. 6. (TCO 5) Ideas can be evaluated using _____, which are _____ that are not meant to be _____. (Points : 5)

      models, controls, solutions      controls, abstractions, solutions      models, abstractions, solutions      solutions, controls, abstractions      models, controls, abstractions 

Question 7. 7. (TCO 6) Many believe that the most important physical security control is _____. (Points : 5)

      closed-circuit television      a good security plan      an educated workforce      certified security staff      resources 

Question 8. 8. (TCO 7) The security principle that says that each user should have access to exactly the information resources needed to do his/her job--no more and no less--is called _____. (Points : 5)

      separation of duties      need to know      least privilege      minimal access      least common mechanism 

Question 9. 9. (TCO 8) Security recovery strategies should always seek to restore _____. (Points : 5)

      system files      application data      user access      networks supporting the IT infrastructure      the known good state 

Question 10. 10. (TCO 9) Access controls manage the use of _____ by _____ in an information system. (Points : 5)

      files, people      information resources, programs      objects, subjects      computer time, people      computer cycles, applications 

Question 11. 11. (TCO 10) As a generalization, symmetric cryptography is used to encrypt _____, and asymmetric cryptography is used to encrypt _____. (Points : 5)

      messages, identities      data, identities      data, signatures      data, messages      messages, signatures 

Question 12. 12. (TCO 10) In a given city, there are a group of people who wish to communicate through the use of asymmetric cryptography. They do not wish to work with any type of certificate authority. Given this information, how would this be accomplished? (Points : 5)

      Internal certificate authority      Private extranet      Public VPN provider      IPSec tunnels      Utilize PGP 

Question 13. 13. (TCO 11) A firewall that disconnects an internal network from an external network is called a(n) _____. (Points : 5)

      packet-filtering router      circuit-level gateway      application-level gateway      stateful inspection firewall      bridge firewall 

Question 14. 14. (TCO 12) In addition to normal functional and assurance bugs, intrusion detection is subject to two kinds of errors called _____ and _____. (Points : 5)

      type a, type b      false positive, false negative      hardware, software      functional, assurance      performance, availability 

Question 15. 15. (TCO 13) Identify the SDLC phase in which business stakeholders and project team members should refer to company information security policies? (Points : 5)

      System requirements      System design      Detailed design      Coding      Project inception 

Question 1. 1. (TCO 1) Explain what is wrong with this policy clause, and show how you could fix it. People shall obey corporate policies. (Points : 15)

Question 2. 2. (TCO 2) The three effects of security controls are prevention, detection, and recovery. Briefly explain how these effects are related to the known good state. (Points : 15)

Question 3. 3. (TCO 3) Briefly explain the "principle" that states that security = risk management. (Points : 15)

Question 4. 4. (TCO 4)  Briefly explain what needs to be accomplished before your company monitors the activities of authorized users of your company systems, and then explain what should be accomplished to legally monitor the activities of a hacker (unauthorized user) of your system. (Points : 15)

Question 5. 5. (TCO 5) Explain why the Bell-LaPadula model and the Biba model are called dual models. (Points : 15)

Question 6. 6. (TCO 6) Briefly explain why good physical security is critical to good information security. (Points : 15)

Question 7. 7. (TCO 7) Explain what media disposition means. (Points : 15)

Question 8. 8. (TCO 8) Explain the term cold site. (Points : 15)

1. (TCO 9) Explain the advantage of role-based access controls. (Points : 15)

Question 2. 2. (TCO 10) Name the two uses of a private key in asymmetric cryptography. (Points : 15)

Question 3. 3. (TCO 11) Explain how a demilitarized zone might be used to protect critical resources that are not to be shared outside of an organization. (Points : 15)

Question 4. 4. (TCO 11) What is often another term for a bastion host? (Points : 15)

Question 5. 5. (TCO 12) Explain why intrusion detection is necessary in terms of the known good state. (Points : 15)

Question 6. 6. (TCO 12) Summarize the benefits of application-level gateways. (Points : 15)

Question 7. 7. (TCO 13) Explain what a virus is, pointing out how it is different from a worm. (Points : 15)

Show more
  • @
  • 165 orders completed
ANSWER

Tutor has posted answer for $20.00. See answer's preview

$20.00

********** * * **** 1) *********** ******** *** ******* **** ******** *** ** the ********* ****** ***** (Points * 5)personal ************** **************** ***************************** ***************** readiness  Question * * (TCO ** The_____ of ***** **** ************ can ** placed **** ***** IISSCC_____ ********** *** ****** **** ** knowledge *** *********** ******** (Points * ************** domains familiescontrols ******** ************** ******** ********************** ******* familiescontrols ******* principlesAnswer:- controls families ******************* 3 * (TCO ** **** *** *** classes ** security ********* ******* : 5)Detection ********** *** responseManagement ********* *** operationalAdministrative technical *** physicalAdministrative ********* *** ****************** Detection ********** *** ****************** 4 * **** ********** ******** regardless ** levelshould ****** **** _____ ** ******** ******************** ****** ** ********** and ********* ** ******* ******* **** ** *** ***** ** ******** (Points * 5)sensitivity ********** of ****** **************** ************** **************** accountability ********************** ************** ********************* ********** of ****** ****************** *********** separation ** ****** technology  Question * * **** 4) Privacy *********** ** written ** ******* ***** (Points * 5)companiesmanagerscitizensemployeesAll ** the ************* *** ** the *************** * * (TCO ** ***** can ** evaluated ********** ***** *** ***** that *** not ***** ** be ***** ******* * 5)models ******** ***************** abstractions *************** abstractions ****************** ******** ****************** ******** ******************** models ************ solutions Question * 7 (TCO 6) **** ******* **** *** **** importantphysical security control ** ************ : **************** *************** ******** ****** educated ****************** security ********************** ** educated ******************* 8 8 **** 7) The security ********* **** says **** each user ****** **** ****** to ******* the *********** ********* ****** ** ** ******* job--no **** *** ** ************** _____ ******* * ************ ** ********** to knowleast **************** accessleast ****** ***************** least ******************* 9 9 **** ** ******** recovery ********** ****** ****** seek to ******* _____ ******* * ******** **************** ******** accessnetworks ********** *** ** ***************** known **** stateanswer:-user access Question ** ** (TCO 9) ****** ******** ****** the *** ******* ******* ** ** *********** ****** ******* * ******* ***************** ********* programsobjects **************** **** ************** ****** ******************** files **************** 11 ** **** *** ** * generalization ********* ************ ** **** to ************ *** asymmetric ************ ** used ** encrypt ***** ******* * ********** identitiesdata ************** signaturesdata **************** ****************** **** signatures Question ** ** **** ***** a ***** **** ***** are a ***** ** ****** *** wish ** *********** through *** *** of ********** ************ **** ** *** wish to **** **** *** **** of certificate ********* Given **** *********** *** would **** ** ************* ******* * ********** certificate **************** ************** *** providerIPSec ************** *********** Private extranet Question 13 ** **** *** A ******** **** *********** ** ******** network **** an ******** network ** ****** **** _____ (Points * ****************** routercircuit-level ************************ gatewaystateful ********** ************** firewallanswer:- **************** ****************** ** ** (TCO *** ** ******** ** **************** and ********* bugs ********* ********* is subject ** *** ***** ** ****** *********** *** ***** ******* : ****** * type ****** ******** ***** **************** ****************** assuranceperformance ******************** false ******** ***** negative Question ** ** (TCO 13) Identify the **** phasein ************* ************ *** ******* **** members ****** ***** ** ******* *********** security ********* (Points : ******** requirementsSystem ************** ******************* ***************** System ****************** * * **** ** ******* **** is wrong with **** policy clause and **** *** *** could *** ** ****** ***** obey ********* policies ******* : *********** this ****** does *** ****** *** user *************** ***** is ** important part ** any ****** **** ** ** **** To fix **** ***** ** ****** ensure *** user *************** *** ******* the **** with complete ****** **** *** data ******** under *** ****** ** ***** kept ***** security *** ***** ** ** ***** ******* ** *** confidentiality  Question * * **** ** *** ***** ******* ** ******** ******** *** prevention ********* *** recovery ******* explain *** ***** effects are ******* to the known **** ***** (Points * *********** *** *** ***** **** ***** prevention detection *** ******** *** **** ********* ********** ***** *** ************ ****** **** **** the **** ***** ***** the ********* ******* if ***** is any **** of ********* ** *** security ****** ** *** *** **** one ** recovery this is very ********* as **** *** **** ** **** this effect ******* gain ** *** **** data *** provide the **** ******************* * * (TCO 3) ******* explain *** *********** **** ****** **** ******** * risk ********** (Points * *********** according ** this ********* *** ******** ** equivalent to *** **** management and **** **** ******* **** ***** ** ****** ******** provided **** there ** no need *** risk ********** as *** ******** **** can ****** ** in a ****** *** Risk ********** ** ********** ** ** equal ** security ********* ** this ***************** * * (TCO ** ******* explain **** ***** to ** ************ ****** **** ******* monitors *** activities of ********** ***** ** **** ******* ******* and then explain **** should ** accomplished ** ******* ******* *** ********** ** * hacker (unauthorized ***** ** **** ****** (Points * *********** ******* ****** ******* **** **** ****** to the **** **** ** of ***** *** ** this case only ***** ***** will *** ** **** ***** **** related ***** while the ******* **** still try to *** ****** ** ***** ***** *** ******* will ****** **** *** the ****** ** ******* user ** **** **************** 5 5 (TCO ** ******* why the ************* ***** and *** **** ***** *** ****** **** models ******* : ************************ ***** *** *** Biba ***** *** ****** **** ****** ******* these **** ****** *** ******* ** *** enforced ****** to *** ********** ** ******** ***** *** *** main ***** ** **** these models is ** *** ********* ** *** ************** 6 * (TCO ** Briefly explain why **** ******** ******** is ******** ** **** information ******** (Points * *********** good ******** ******** **** often ******* in bad information ******** ******* ** ******* * ****** ******** security *** ***** officer require ******** body person but ***** people **** **** *** ******** *** *********** ** *** ********* ** ******** * **** *********** ****************** 7 * (TCO 7) ******* **** media *********** means ******* * *********** ***** disposal means **** ***** ** **** ***** to those *** **** ***** in ***** **** ** **** *** ******* any ***** ******* ** *********** ** **** ** media ***** oppose **** ** try to ***** *** ******* ***** ***** ****** **** ** ******* to ******** *** *********** ** destroying the ********* ** *** media    Question * 8 **** ** ******* *** term **** **** (Points * 15)Answer:- **** **** ** ** ******** recovery **** in which *** ****** ***** ** ******** ***** *** ****** ** *** **** **** agreement *** *** ********* and all ***** ********* ****** **** ** ********* ** *** ******** ****** *** ***** *** not ******** ***** *** cold **** ************** (TCO ** ******* *** ********* ** ********** ****** ******** ******* * 15)Answer:_ **** based access controls ******* the customer *** flexibility they **** ** run ***** system **** based access controls also ******* ***** range of ********** ********** ***** ******* *** **** to ** **** *** ** *** **** time ** has *** ********* ** ******* of application  Question * * **** *** **** *** *** uses ** * ******* *** in ********** ************ ******* * 15)Answer:_ ***** *** ** ********** *** ****** *** ** ********************** 3 * (TCO *** ******* how * ************* **** ***** be used ** ******* ******** ********* **** are not to be ****** ******* ** ** ************ ******* : *********** ******** ********* **** *** *** ** be ****** ******* ** an ************ can ** ************** *** ************* **** ******* ** ************* **** **** *** apply *** ******** control over the data **** ** not ** ** ****** ******* *** organization  Question * 4 **** *** What ** ***** ******* **** *** * bastion host? ******* * *********** ******* **** *** * ******* **** ** *** or demilitarized ****************** * 5 (TCO *** Explain *** intrusion ********* ** necessary ** ***** of the ***** **** ***** ******* : *********** ********* detection ** ********* ** terms of ***** **** ***** ******* ** ***** *** **** to **** an *** ** *** ******** ** get ****** ** *** data *** ** ******* ** ******* is trying to *** the data ** as to ******** ***** **** ***** *** **** *** ********* *********************** * * (TCO *** Summarize *** ******** ** ***************** ******** (Points : *********** benefit ** *********** ***** gateway ** **** ******* **** level authentication which ** **** important ******* **** ** provide It also **** *** ****** ********** between *** ******** *** ******** **** and another ******* ** *********** ***** gateway is **** the *********** ******** *** ******** inside *** **** ********************* * 7 **** 13) Explain **** * ***** is ******** *** *** ** is ********* from a **** (Points : *********** ** ** ******* **** of ******* **** ****** *** **** ***** *** **** ******* *** ***** ********** ******** *** * ***** is different from **** ** * **** ******* ** replicates itself **** *** ******* files *** it ****** *** **** files **** ****** and other ******** ** *** ******** ************

or Buy custom answer
LEARN MORE EFFECTIVELY AND GET BETTER GRADES!
Ask a Question