SEC 360 Course Quizzes Week 1, 3, 5 and 7

Question. (TCO 1) Risk analysis is an analytic process that estimates _____.
Question. (TCO 1) What are the common effects of controls?
Question. (TCO 1) Which of the following is NOT an activity designed to preserve information system availability?
Question. (TCO 1) The unique security issues and considerations of every system make it crucial to understand all of the following, except _____.
Question. (TCO 2) Which of the following domains is not part of the IISSCC CBK?
Question. (TCO 2) The different kinds of security controls are:
Question. (TCO 2) Which of the following is not a common class of ratings for safes?
Question. (TCO 2) What are the effects of security controls?
Question. (TCO 1) Policies and procedures are often referred to as _____.
Question. (TCO 2) There are _____ domains of the Common Body of Knowledge.

Question 1. (TCO 3) To be successful, the one thing that any security program must have is _____.
Question 2. (TCO 3) An excellent document to review for best practices in security management is _____.
Question 3. (TCO 3) _____ authorize access to information.
Question 4. (TCO 3) What does SDLC stands for?
Question 5. (TCO 4) Various countries have different views of individual privacy. The European Union (EU) has very different privacy laws than the United States has. To allow U.S. companies better ease of operation in the European Union, the Department of Commerce negotiated the _____ with the EU.
Question 6. (TCO 4) Which of the following “commandments” should be part of the
Question 7. (TCO 5) _____ prevents data leakage and modification of the data while it is in memory.
Question 8. (TCO 5) The Common Criteria is used to evaluate _____.
Question 9. (TCO 4) Which of the following have been identified by the CISSP as major categories of computer crimes?
Question 10. (TCO 5) What does a product or system have enforced over it by one or more components of the trusted computing base (TCB)?

Question (TCO 6) The media control that includes locked doors, desks, file cabinets, or safes is _____.
Question (TCO 6) Which of the following are categories of intrusion detection devices?
Question (TCO 6) Which of the following is not a main area of fire detection and suppression?
Question (TCO 7) Record retention processes _____.
Question (TCO 7) As a security operations rule, policy should be established stating that media should _____.
Question (TCO 8) ………. in a disaster recovery plan or business continuity plan?
Question (TCO 8) A business impact analysis identifies _____.
Question (TCO 9) The minimum set of access rights or privileges needed to perform a specific job description is called _____.
Question (TCO 9) Access controls control access of _____ to _____.
Question (TCO 9) When a transaction requires only a _____, there is not any actual proof that a particular person conducted that transaction.

Question (TCO 10) Generally, symmetric cryptography is used to encrypt _____, and asymmetric cryptography is used to encrypt _____.
Question (TCO 10) Cryptography is …………, except _____.
Question (TCO 11) A packet filter that keeps track of the state of a connection is called a _____.
Question (TCO 11) Which of the following is not a characteristic of a proxy server?
Question (TCO 12) Modern intrusion detection systems act as sensors for hosts and network devices and work in a centrally controlled distributed fashion using _____.
Question (TCO 12) The Internet Engineering Task Force Intrusion Detection working group has developed a standard called the _____.
Question (TCO 12) An event where seemingly harmless data is forwarded by the router to a host on an internal network is known as a _____.
Question (TCO 13) Which form of malware is independent of the operating system and replicating?
Question (TCO 13) Which of the following is not an example of a software agent?
Question (TCO 13) Which form of malware contains hidden code that is triggered by meeting or reaching a specific condition?