Fill in Order Details

  • Submit paper details for free using our simple order form

Make Payment Securely

  • Add funds to your account. There are no upfront payments. The writer will only be paid once you have approved your paper

Writing Process

  • The best qualified expert writer is assigned to work on your order
  • Your paper is written to standard and delivered as per your instructions

Download your paper

  • Download the completed paper from your online account or your email
  • You can request a plagiarism and quality report along with your paper
Posted on by admin

sc 494 final answers

Multiple Choice questions, (2 points each)

1.Which of the following describes the first step in establishing an encrypted session using a Data Encryption Standard (DES) key?

A. Key clustering

B. Key compression

C. Key signing

D. Key exchange

2. When an employee transfers within an organization …

A. The employee must undergo a new security review.

B. The old system IDs must be disabled.

C. All access permission should be reviewed.

D. The employee must turn in all access devices.

3. Company X is planning to implement rule based access control mechanism for controlling access to its information assets, what type of access control is this usually related to?

A. Discretionary Access Control

B. Task-initiated Access Control

C. Subject-dependent Access Control

D. Token-oriented Access Control

4. As an information systems security manager (ISSM), how would you explain the purpose for a system security policy?

A. A definition of the particular settings that have been determined to provide optimum security

B. A brief, high-level statement defining what is and is not permitted during the operation of the system

C. A definition of those items that must be excluded on the system

D. A listing of tools and applications that will be used to protect the system

5. Configuration management provides assurance that changes…?

A. to application software cannot bypass system security features.

B. do not adversely affect implementation of the security policy.

C. to the operating system are always subjected to independent validation and verification.

D. in technical documentation maintain an accurate description of the Trusted Computer Base.

6. What type of cryptanalytic attack where an adversary has the least amount of information to work with?

A. Known-plaintext

B. Ciphertext-only

C. Plaintext-only

D. Chosen-ciphertext

7. Prior to installation of an intrusion prevention system (IPS), a network engineer would place a packet sniffer on the network, what is the purpose for using a packet sniffer?

A. It tracks network connections.

B. It monitors network traffic.

C. It scans network segments for cabling faults.

D. It detects illegal packets on the network.

8. What determines the assignment of data classifications in a mandatory access control (MAC) philosophy?

A. The analysis of the users in conjunction with the audit department

B. The assessment by the information security department

C. The user’s evaluation of a particular information element

D. The organization’s published security policy for data classification

9. An access control system that grants users only those rights necessary for them to perform their work is operating on which security principle?

A. Discretionary Access

B. Least Privilege

C. Mandatory Access

D. Separation of Duties

10. Which of the following is the primary goal of a security awareness program?

A. It provides a vehicle for communicating security procedures.

B. It provides a clear understanding of potential risk and exposure.

C. It provides a forum for disclosing exposure and risk analysis.

D. It provides a forum to communicate user responsibilities.

11. An information security program should include the following elements:

A. Disaster recovery and business continuity planning, and definition of access control requirements and human resources policies.

B. Business impact, threat and vulnerability analysis, delivery of an information security awareness program, and physical security of key installations.

C. Security policy implementation, assignment of roles and responsibilities, and information asset classification.

D. Senior management organizational structure, message distribution standards, and procedures for the operation of security management systems.

12. Which of the following refers to a series of characters used to verify a user’s identity?

A. Token serial number

B. User ID

C. Password

D. Security ticket

13. Security of an automated information system is most effective and economical if the system is…?

A. optimized prior to addition of security.

B. customized to meet the specific security threat.

C. subjected to intense security testing.

D. designed originally to meet the information protection needs.

14. Act of obtaining information of a higher level of sensitivity by combining information from lower level of sensitivity is called?

A. Aggregation

B. Data mining

C. Inference

D. Polyinstantiation

15. Which of the following is the least important information to record when logging a security violation?

A. User’s name

B. User id.

C. Type of violation

D. Date and time of the violation

16. The goal of cryptanalysis is to…?

A. forge coded signals that will be accepted as authentic.

B. ensure that the key has no repeating segments.

C. reduce the system overhead for cryptographic functions.

D. determine the number of encryption permutations required.

17. Pretty Good Privacy (PGP) provides…?

A. confidentiality, integrity, and authenticity.

B. integrity, availability, and authentication.

C. availability, authentication, and non-repudiation.

D. authorization, non-repudiation, and confidentiality.

18. Which of the following transaction processing properties ensures once a transaction completes successfully (commits), the updates survive even if there is a system failure?

A. Atomicity.

B. Consistency.

C. Isolation.

D. Durability.

19. A security policy provides a way to…?

A. establish a cost model for security activities.

B. allow management to define system recovery requirements.

C. identify and clarify security goals and objectives.

D. enable management to define system access rules.

20. Computer security is generally considered to be the responsibility of…?

A. everyone in the organization.

B. corporate management.

C. the corporate security staff.

D. everyone with computer access.

21. What is a set of step-by-step instructions used to satisfy control requirements called?

A. Policy

B. Standard

C. Guideline

D. Procedure

22. The accounting branch of a large organization requires an application to process expense vouchers. Each voucher must be input by one of many accounting clerks, verified by the clerk’s applicable supervisor, then reconciled by an auditor before the reimbursement check is produced. Which access control technique should be built into the application to best serve these requirements?

A. Mandatory Access Control (MAC)

B. Password Security

C. Role-based Access Control (RBAC)

D. Terminal Access Controller Access System (TACACS)

23. When verifying key control objectives of a system design, the security specialist should ensure that the…?

A. final system design has security administrator approval.

B. auditing procedures have been defined.

C. vulnerability assessment has been completed.

D. impact assessment has been approved.

24. Which of the followings are security concerns with distributed systems?

A. Downloaded data from the Internet via the web or through e-mail may infect other computers.

B. Desktop systems may not be properly secured.

C. Unauthorized access to a secured network could be made through remote control or terminal server programs running on a desktop.

D. A, B, and C.

25. Three principal schemes that provide a framework for managing access control are:

A. Discretionary Access Control (DAC), Mandatory Access Control (MAC), and Role Based Access Control (RBAC).

B. Discretionary Access Control (DAC), Mandatory Access Control (MAC), and Layer Based Access Protocol (LBAP).

C. Mandatory Access Control (MAC), Layer Based Access Protocol (LBAP), and Target Based Access Protocol (TBAP).

D. Role Based Access Control (RBAC), Layer Based Access Protocol (LBAP), and Target Based Access Protocol (TBAP).

Essay Questions (10 points each)

  • Each device on a network actually has two network-related addresses: MAC address and IP address. Describe each of these addresses and what is ARP positioning attack.
  • Describe what is SNMP (Simple Network Management Protocol)?
  • What is Reconnaissance attack?And What is port scanning? How it can be prevented?
  • What is DOS denial-of-service and DDOS distributed denial-of-service?
  • Describe how do we secure public servers? Describe how do we secure Server Farms?

ORDER A SIMILAR PAPER AND DELEGATE FULFILMENT OF YOUR ASSIGNMENT TO EXPERT ACADEMIC WRITERS. PLAGIARISM-FREE, GUARANTEED A, TIMELY DELIVERY.

strategic planning visioning session

WHAT OUR CURRENT CUSTOMERS SAY

  • Google
  • Sitejabber
  • Trustpilot
Zahraa S
Zahraa S
Absolutely spot on. I have had the best experience with Elite Academic Research and all my work have scored highly. Thank you for your professionalism and using expert writers with vast and outstanding knowledge in their fields. I highly recommend any day and time.
Stuart L
Stuart L
Thanks for keeping me sane for getting everything out of the way, I’ve been stuck working more than full time and balancing the rest but I’m glad you’ve been ensuring my school work is taken care of. I'll recommend Elite Academic Research to anyone who seeks quality academic help, thank you so much!
Mindi D
Mindi D
Brilliant writers and awesome support team. You can tell by the depth of research and the quality of work delivered that the writers care deeply about delivering that perfect grade.
Samuel Y
Samuel Y
I really appreciate the work all your amazing writers do to ensure that my papers are always delivered on time and always of the highest quality. I was at a crossroads last semester and I almost dropped out of school because of the many issues that were bombarding but I am glad a friend referred me to you guys. You came up big for me and continue to do so. I just wish I knew about your services earlier.
Cindy L
Cindy L
You can't fault the paper quality and speed of delivery. I have been using these guys for the past 3 years and I not even once have they ever failed me. They deliver properly researched papers way ahead of time. Each time I think I have had the best their professional writers surprise me with even better quality work. Elite Academic Research is a true Gem among essay writing companies.
Got an A and plagiarism percent was less than 10%! Thanks!
prevnext

ORDER NOW


Consider Your Assignments Done

“All my friends and I are getting help from eliteacademicresearch. It’s every college student’s best kept secret!”

Jermaine Byrant
BSN

“I was apprehensive at first. But I must say it was a great experience and well worth the price. I got an A!”

Nicole Johnson
Finance & Economics

ORDER NOW

Our Top Experts

See Why Our Clients Hire Us Again And Again!


OVER

10.3k
Reviews

RATING
4.89/5
Average

YEARS
13
Mastery

Success Guarantee

When you order form the best, some of your greatest problems as a student are solved!

Reliable

Professional

Affordable

Quick

See our Results

ORDER YOUR ASSIGNMENT NOW

Using this writing service is legal and is not prohibited by any law, university or college policies. Services of Elite Academic Research are provided for research and study purposes only with the intent to help students improve their writing and academic experience. We do not condone or encourage cheating, academic dishonesty, or any form of plagiarism. Our original, plagiarism-free, zero-AI expert samples should only be used as references. It is your responsibility to cite any outside sources appropriately. This service will be useful for students looking for quick, reliable, and efficient online class-help on a variety of topics.