What Distributed Computing Environment (DCE) component provides a mechanism to ensure that services are made available only to properly designated parties?

Authentication and Control Service

Which of the following is the most reliable authentication device?

Combination of variable and fixed callback system

Which of the following statements pertaining to the Trusted Computer System Evaluation Criteria (TCSEC) is incorrect?

With TCSEC, functionality and assurance are evaluated separately

Database management systems are not covered by the TCSEC

TCSEC provides a means to evaluate the trustworthiness of an information system

Why would an information security policy require that communications test equipment be controlled?

The equipment can be used to browse information passing on a network

The equipment is susceptible to damage

The equipment must always be available for replacement if necessary

The equipment can be used to reconfigure the network multiplexers

Within the Open Systems Interconnection (OSI) Reference Model, authentication addresses the need for a network entity to verify both

The identity of a remote communicating entity and the authenticity of the source of the data that are received.

The location of a remote communicating entity and the path through which communications are received.

The authenticity of a remote communicating entity and the path through which communications are received.

The identity of a remote communicating entity and the level of security of the path through which data are received.

What is the PRIMARY advantage of using a separate authentication server (e.g., Remote Access DialIn User System, Terminal Access Controller, Access Control System) to authenticate dial-in users?

Audit and access information are not kept on the access server.

Each session has a unique (one-time) password assigned to it

Call-back is very difficult to defeat.

Single user logons are easier to manage and audit.

Which of the following is true regarding a secure access model?

Secure information cannot flow to a less secure user.

Secure information can flow to a less secure user

Secure information cannot flow to a more secure user

Which of the following choices is NOT part of a security policy?

Description of specific technologies used in the field of information security

Statement of management intend, supporting the goals and principles of information security

Definition of general and specific responsibilities for information security management

Definition of overall steps of information security and the importance of security

The access matrix model consists of which of the following parts?

A function that returns an objects type.

Which of the following is not a part of risk analysis?

Quantify the impact of potential threats

Provide an economic balance between the impact of the risk and the cost of the associated countermeasures

Memory only cards work based on:

Something you know and something you have

What should be the size of a Trusted Computer Base?

Small – in order to facilitate the detailed analysis necessary to prove that it meets design requirements.

Large – in order to enable it to protect the potentially large number of resources in a typical commercial system environment.

Large – in order to accommodate the implementation of future updates without incurring the time and expense of recertification.

Small – in order to permit it to be implemented in all critical system components without using excessive resources.

Which of the following are objectives of an information systems security program?

Integrity, confidentiality, and availability

Authenticity, vulnerabilities, and costs

Security, information value, and threats

Threats, vulnerabilities, and risks

Which one of the following are examples of security and controls that would be found in a “trusted” application system?

File integrity routines and audit trail

Correction routines and reliability

Reconciliation routines and data labels

Data validation and reliability

Which of the following are the types of eye scan in use today?

Reflective scans and iris scans

Retinal scans and reflective scans.

What is an access control model?

A formal description of security policy.

A formal description of access control ID specification.

A formal description of a sensibility label

All of the following are basic components of a security policy EXCEPT the _____.

statement of performance of characteristics and requirements

statement of roles and responsibilities

definition of the issue and statement of relevant terms

statement of applicability and compliance requirements

Which of the following best explains why computerized information systems frequently fail to meet the needs of users?

Inadequate user participation in defining the system’s requirements

Inadequate quality assurance (QA) tools

iss midterm

Authored by Mạnh nguyễn

Other

University

Used 5+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

60 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Risk analysis is MOST useful when applied during which phase of the system development process?

Requirements definition

Implementation planning

Project identification

System construction

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which must bear the primary responsibility for determining the level of protection needed for information systems resources?

Senior Management

Seniors security analysts

System auditors

IS security specialists

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which one of the following describes a covert timing channel?

Provides the timing trigger to activate a malicious program disguised as a legitimate function.

Used by a supervisor to monitor the productivity of a user without their knowledge

Allows one process to signal information to another by modulating its own use of system resources

Modulated to carry an unintended information signal that can only be detected by special, sensitive receivers.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following is being considered as the most reliable kind of personal identification?

Finger print

Ticket Granting

Password

Token

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What is the main responsibility of the information owner?

making the determination to decide what level of classification the information requires

periodically checking the validity and accuracy for all data in the information system

running regular backups

audit the users when they require access to the information

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What is called the access protection system that limits connections by calling back the number of a previously authorized location?

Sendback forward systems

Callback forward systems

Sendback system

Callback systems

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What is called a type of access control where a central authority determines what subjects can have access to certain objects, based on the organizational security policy?

Rule-based access control

Non-discretionary Access Control

Mandatory Access Control

Discretionary Access Control

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

59 questions

FPPE TEST FINAL

Quiz

•

University

60 questions

SELEKSI OMI 2025

Quiz

•

University

58 questions

FFA History

Quiz

•

6th Grade - University

60 questions

Round 1: Rapid Fire

Quiz

•

University

55 questions

final exam study(drivers ed)

Quiz

•

10th Grade - Professi...

60 questions

วิชาหลักการตลาด

Quiz

•

University

65 questions

ASE A5 Certification Practice Test

Quiz

•

10th Grade - University

65 questions

ôn tập kiểm tra giữa kỳ K12_2024-2025

Quiz

•

12th Grade - University

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

54 questions

Analyzing Line Graphs & Tables

Quiz

•

4th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

15 questions

Equivalent Fractions

Quiz

•

4th Grade

Discover more resources for Other

7 questions

How James Brown Invented Funk

Interactive video

•

10th Grade - University

5 questions

Helping Build the Internet: Valerie Thomas | Great Minds

Interactive video

•

11th Grade - University

12 questions

IREAD Week 4 - Review

Quiz

•

3rd Grade - University

23 questions

Subject Verb Agreement

Quiz

•

9th Grade - University

7 questions

Renewable and Nonrenewable Resources

Interactive video

•

4th Grade - University

19 questions

Review2-TEACHER

Quiz

•

University

15 questions

Pre2_STUDENT

Quiz

•

University

20 questions

Ch. 7 Quadrilateral Quiz Review

Quiz

•

KG - University

iss midterm

Risk analysis is MOST useful when applied during which phase of the system development process?

Which must bear the primary responsibility for determining the level of protection needed for information systems resources?

Which one of the following describes a covert timing channel?

Which of the following is being considered as the most reliable kind of personal identification?

What is the main responsibility of the information owner?

What is called the access protection system that limits connections by calling back the number of a previously authorized location?

What is called a type of access control where a central authority determines what subjects can have access to certain objects, based on the organizational security policy?

What control is based on a specific profile for each user?

Which of the following implements the authorized access relationship between subjects and objects of a system?

What represents the amount of time you hold down in a particular key?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Other