A. Layer 0
B. Layer 1
C. Layer 3
D. Layer 4
15. What is the last phase of the TCP/IP three-way handshake sequence?
A. SYN packet
B. ACK packet
C. NAK packet
D. SYN/ACK packet
16. Which one of the following vulnerabilities would best be countered by adequate parameter checking?
A. Time of check to time of use
B. Buffer overflow
C. SYN flood
D. Distributed denial of service
17. What is the value of the logical operation shown here?
X: 0 1 1 0 1 0Y: 0 0 1 1 0 1_________________X ∨ Y: ?
A. 0 1 1 1 1 1
B. 0 1 1 0 1 0
C. 0 0 1 0 0 0
D. 0 0 1 1 0 1
18. In what type of cipher are the letters of the plain-text message rearranged to form the cipher text?
A. Substitution cipher
B. Block cipher
C. Transposition cipher
D. One-time pad
19. What is the length of a message digest produced by the MD5 algorithm?
A. 64 bits
B. 128 bits
C. 256 bits
D. 384 bits
20. If Renee receives a digitally signed message from Mike, what key does she use to verify that the message truly came from Mike?
A. Renee’s public key
B. Renee’s private key
C. Mike’s public key
D. Mike’s private key
21. Which of the following is not a composition theory related to security models?
A. Cascading
B. Feedback
C. Iterative
D. Hookup
22. The collection of components in the TCB that work together to implement reference monitor functions is called the ____________________.
A. Security perimeter
B. Security kernel
C. Access matrix
D. Constrained interface
23. Which of the following statements is true?
A. The less complex a system, the more vulnerabilities it has.
B. The more complex a system, the less assurance it provides.
C. The less complex a system, the less trust it provides.
D. The more complex a system, the less attack surface it generates.
24. Ring 0, from the design architecture security mechanism known as protection rings, can also be referred to as all but which of the following?
A. Privileged mode
B. Supervisory mode
C. System mode
D. User mode
25. Audit trails, logs, CCTV, intrusion detection systems, antivirus software, penetration testing, password crackers, performance monitoring, and cyclic redundancy checks (CRCs) are examples of what?
A. Directive controls
B. Preventive controls
C. Detective controls
D. Corrective controls
26. System architecture, system integrity, covert channel analysis, trusted facility management, and trusted recovery are elements of what security criteria?
A. Quality assurance
B. Operational assurance
C. Life cycle assurance
D. Quantity assurance
27. Which of the following is a procedure designed to test and perhaps bypass a system’s security controls?
A. Logging usage data
B. War dialing
C. Penetration testing
D. Deploying secured desktop workstations
28. Auditing is a required factor to sustain and enforce what?
A. Accountability
B. Confidentiality
C. Accessibility
D. Redundancy
29. What is the formula used to compute the ALE?
A. ALE = AV * EF * ARO
B. ALE = ARO * EF
C. ALE = AV * ARO
D. ALE = EF * ARO
30. What is the first step of the business impact assessment process?
A. Identification of priorities
B. Likelihood assessment
C. Risk identification
D. Resource prioritization
31. Which of the following represent natural events that can pose a threat or risk to an organization?
A. Earthquake
B. Flood
C. Tornado
D. All of the above
32. What kind of recovery facility enables an organization to resume operations as quickly as possible, if not immediately, upon failure of the primary facility?
A. Hot site
B. Warm site
C. Cold site
D. All of the above
33. What form of intellectual property is used to protect words, slogans, and logos?
A. Patent
B. Copyright
C. Trademark
D. Trade secret
34. What type of evidence refers to written documents that are brought into court to prove a fact?
A. Best evidence
B. Payroll evidence
C. Documentary evidence
D. Testimonial evidence
35. Why are military and intelligence attacks among the most serious computer crimes?
A. The use of information obtained can have far-reaching detrimental strategic effects on national interests in an enemy’s hands.
B. Military information is stored on secure machines, so a successful attack can be embarrassing.
C. The long-term political use of classified information can impact a country’s leadership.
D. The military and intelligence agencies have ensured that the laws protecting their information are the most severe.
36. What type of detected incident allows the most time for an investigation?
A. Compromise
B. Denial of service
C. Malicious code
D. Scanning
37. If you want to restrict access into or out of a facility, which would you choose?
A. Gate
B. Turnstile
C. Fence
D. Mantrap
38. What