Information Security

141. The best defense against a NOP sled attack is:

1. Firewall
2. Anti-virus
3. The strcpy() function
4. Input boundary checking

View answer

142. The best time to introduce security into an application is:

1. Implementation
2. Design
3. Development
4. Testing

View answer

143. The categories of controls are:

1. Detective, deterrent, preventive, corrective, recovery, and compensating
2. Detective, preventive, and deterrent
3. Technical, logical, and physical
4. Detective, preventive, recovery, and compensating

View answer

144. The categories of laws in the U.S. are:

1. Civil, criminal, administrative, and family
2. Intellectual, privacy, and computer crime
3. Criminal, civil, and administrative
4. Criminal, civil, and family

View answer

145. The Common Criteria supersedes which evaluation frameworks:

1. Neither TCSEC nor ITSEC
2. ITSEC
3. TCSEC and ITSEC
4. TCSEC

View answer

146. The component in a computer used for long-term storage is called:

1. Secondary storage
2. Main storage
3. Virtual memory
4. File system

View answer

147. The component in a computer where program instructions are executed is called the:

1. CPU
2. Bus
3. Front-side bus
4. Firmware

View answer

148. The Data Encryption Standard:

1. Is used by Secure Sockets Layer (SSL) encryption
2. Has been replaced by the International Data Encryption Algorithm (IDEA)
3. Uses a 64-bit encryption key
4. Uses a 56-bit encryption key

View answer

149. The definition of Recovery Point Objective (RPO) is:

1. The location of the recovery site
2. The maximum amount of downtime
3. The method used to recover backup data
4. The maximum amount of data loss

View answer

150. The definition of Recovery Time Objective (RTO) is:

1. The location of the recovery site
2. The maximum amount of downtime
3. The method used to recover backup data
4. The maximum amount of data loss

View answer