Like what you see? Get it in one document for easy printing!
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Test yourself better with 300 extra Security+ questions!
Get It Here!

Custom Search







Table Of Contents  CertiGuide to Security+
 9  Chapter 7:  Practice Exam Answers

Previous Topic/Section
Answers to Questions 86-90
Previous Page
Pages in Current Topic/Section
1
Next Page
Answers to Questions 96-100
Next Topic/Section

Answers to Questions 91-95

91. To ensure that your countermeasures are easily verified for compliant operation, you should avoid using countermeasures that are:

A. Proprietary

B. Commercial

C. Not ISC2 certified

D. Not listed in the Orange Book

Explanation: Countermeasures should be designed and thoroughly tested. If the design is totally proprietary, then it may be harder to verify compliant operation of the product. In addition, if the design in totally secret, then it may also be harder to change aspects of the countermeasure when some improved product is developed.

 

& Section 5.4.1.2: Due Care (Security Policy)

& Section 5.9.1: (Documentation) Standards and Guidelines

& Section 5.9.2: System Architecture (Documentation)

 

92. Which of the following is a type of covert channels that involves the direct or indirect writing of a storage location by one process and the direct or indirect reading of the storage location by another process?

A. Covert storage channel

B. Covert timing channel

C. Covert read/write channel

D. No Answer is Correct

Explanation: A covert channel that involves the direct or indirect writing of a storage location by one process and the direct or indirect reading of the storage location by another process. Covert channels typically involve a finite resource (e.g., sectors on a disk) that is shared by two subjects at different security levels.

& Section 5.6: Computer Forensics

 

93. Security Perimeter creates a ____________ where security controls are in effect to protect information assets.

A. Protection line

B. Boundary

C. DMZ

D. Zone

Explanation: Security Perimeter: boundary where security controls are in effect to protects assets.

A DMZ, or de-militarized zone, may be used in the implementation of a security perimeter, but it does not, in itself, protect the organization's information assets.

& Section 5.1.1: Access Control

 

94. When would an emergency system restart occur?

A. Before a system fails in an uncontrolled manner

B. After a system fails in a controlled manner

C. When a system fails in background

D. After a system fails in an uncontrolled manner

Explanation: Emergency system restart is done after a system fails in an uncontrolled manner in response to a media failure.

& Section 5.3.2: High Availability / Fault Tolerance

 

95. Wireless keypad is prone to:

A. Shoulder surfing

B. Piggybacking

C. Reverse engineering

D. Decryption

Explanation: Wireless keypad - the users identify themselves by depressing a series of keys on the keypad. The coded representation of the keys is then transmitted to a remote control device. (This type of device is prone to shoulder surfing, allowing someone else to see the code that is entered by "looking over the shoulder" of the person entering it.)

They may also be prone to piggybacking, in which one user follows an authorized user into a secure area, but this depends on the design of the area around the keypad. They are typically not subject to reverse engineering or decryption.

& Section 5.1.1: Access Control


Previous Topic/Section
Answers to Questions 86-90
Previous Page
Pages in Current Topic/Section
1
Next Page
Answers to Questions 96-100
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $



Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.