User Account

All Pages

What is general term for the process of protecting objects

Assignment Help Management Information Sys
Reference no: EM131103114

Question 1. Reasons people might be reluctant to use biometrics for authentication is: hygiene or fear of personal injury and false negatives (falsely not being allowed into a system).

True
False

Question 2. A hash algorithm uses a one-way cryptographic function, whereas both secret-key and public-key systems use two-way (i.e., reversible) cryptographic functions.

True
False

Question 3. AES uses the Rijndael algorithm.

True
False

Question 4. Encrypting a message with the sender's private key ensures proof of receipt of a message.

True
False

Question 5. Two purpose of using a salt value in storing (hashed) passwords is to prevent password duplication and thwart guessing whether a user has the same password on multiple systems.

True
False

Question 6. In Role-Based Access Control Systems, a user is assigned no more than one role to limit the damage a user can do.

True
False

Question 7. If person A uses AES to transmit an encrypted message to person B, which key or keys will A have to use:

A's private key

A's public key

B's private key or public key

None of the keys listed above

Question 8. Which one of the following is not a goal of cryptographic systems?

Nonrepudiation

Availability

onfidentiality

Integrity

Question 9. Mia, Ashley, Mark, and Chris are studying at Café Roma. Who may be putting their personal information at risk (select all that apply)?

Chris logs in to eLearning to work on an assignment that does not contain sensitive information.

Ashley turns off the wireless option when working on files that don't need an Internet connection.

Mark is paying credit card bills on-line.

Mia takes a break from studying by doing some online shopping. She buys shoes from a site she's never visited before.

Question 10. For any organization, understanding the nature of the cybersecurity threat requires knowing at least which of the following elements: (select all that apply)

number and types of security guards

number and types of vulnerabilities that exist in a system

number and types of likely threats to a system

number and types of employees

Question 11. There are basically three categories of rules in control models:

Mandatory, control, and access

Discretionary, mandatory and protection

Non-discretionary, discretionary and logical control

Mandatory, discretionary, and non-discretionary

Question 12. To control access by a subject (____________) to an object ( ) requires management to establish access rules.

person or program, files or device

os or memory, files or device

person or program, access or control

none of the above

Question 13. __________ implements a security policy that specifies who or what may have access to each specific system resource and the type of access that is permitted in each instance.

Audit control

Access control

System control

Resource control

Question 14. IT security management functions include:

determining organizational IT security objectives, strategies, and policies

detecting and reacting to incidents

specifying appropriate safeguards

all of the above

Question 15. To counter threats to remote user authentication, systems generally rely on some form of ___________ protocol.

challenge-response

eavesdropping

Trojan horse

denial-of-service

Question 16. Each individual who is to be included in the database of authorized users must first be __________ in the system.

verified

authenticated

enrolled

identified

Question 17. A __________ is an entity capable of accessing objects.

group

object

subject

owner

Question 18. Based on the concept in Chapter 4, the final permission bit is the _________ bit.

superuser

kernel

sticky

user

Question 19. What is the general term for the process of protecting objects that are part of the multiprocessing environment?

Memory segmentation

Multitasking

Process control

Access control

Question 20. __________ defines user authentication as "the process of verifying an identity claimed by or for a system entity".

RFC4949

RFC2298

RFC2493

RFC2328

Question 21. Recognition by fingerprint, retina, and face are examples of __________.

face recognition

dynamic biometrics

static biometrics

token authentication

Question 22. The __________ strategy is when users are told the importance of using hard to guess passwords and provided with guidelines for selecting strong passwords.

reactive password checking

proactive password checking

user education

computer-generated password

Question 23. To counter threats to remote user authentication, systems generally rely on some form of ___________ protocol.

eavesdropping

challenge-response

Trojan horse

denial-of-service

Question 24. An institution that issues debit cards to cardholders and is responsible for the cardholder's account and authorizing transactions is the _________.

cardholder

issuer

auditor

processor

Question 25. Any program that is owned by, and SetUID to, the "superuser" potentially grants unrestricted access to the system to any user executing that program.

True
False

Question 26. The main innovation of the NIST standard is the introduction of the RBAC System and Administrative Functional Specification,which defines the features required for an RBAC system.

True
False

Question 27. __________ is the traditional method of implementing access control.

MAC

RBAC

MBAC

DAC

Question 28. A concept that evolved out of requirements for military information security is ______ .

reliable input

mandatory access control

discretionary input

open and closed policies

Question 29. The default set of rights should always follow the rule of least privilege or read-only access.

True
False

Question 30. The principal objectives of computer security are to prevent unauthorized users from gaining access to resources, to prevent legitimate users from accessing resources in an unauthorized manner, and to enable legitimate users to access resources in an authorized manner.

True
False

Question 31. __________ implements a security policy that specifies who or what may have access to each specific system resource and the type of access that is permitted in each instance.

Audit control

Resource control

System control

Access control

Question 32. _________ is the granting of a right or permission to a system entity to access a system resource.

Authorization

Authentication

Monitoring

Control

Question 33. A __________ is a named job function within the organization that controls this computer system.

permission

role

user

session

Question 34. Can a user cleared for <secret; {dog, cat, pig}> have access to documents classified in each of the following ways under the military security model?
Yes/No
<top secret; dog> _________________
<secret; {dog}> __________________
<secret; {dog, cow}> __________________
<secret; {moose}> _________________
<confidential; {dog, cat, pig}> _________
<confidential; {moose}>

Reference no: EM131103114

Questions Cloud

What effect does the trend in stock prices : What effect does the trend in stock prices (subsequent to issue) have on a firm's ability to raise funds through (a) Convertibles and (b) Warrants?
How will dns be handled for the second site : How many total servers are needed? Which roles will be combined? Which edition of Windows Server will be used for each server (e.g., Standard, Data)? Should servers be virtualized using Hyper-V? How will DNS be handled for the second site?
Is preferred stock more like bonds or common stock : Is preferred stock more like bonds or common stock? Explain
When should magnus recognize revenue related : When should Magnus recognize revenue related to its catering service?
What is general term for the process of protecting objects : The __________ strategy is when users are told the importance of using hard to guess passwords and provided with guidelines for selecting strong passwords.
What is the nal of the lease : Assume that Big Sky Mining will continue to use the machine beyond the expiration of the lease and must purchase it at an estimated residual value of $250,000 at the end of the 4th year. What is the NAL of the lease?
Compare server-based and client-based architecture : Compare and contrast server-based architectures, client-based architectures and client-server- based architectures.
Describes all steps required to solve the problem : Start with Include pseudocode that describes all steps required to solve the problem - Employ variable names that describe the values they store and adhere to Python naming conventions.
A cellulosic ethanol plant : A cellulosic ethanol plant which will use energy cane biomass as the primary feedstock is currently being constructed with production operations to begin in 2012. This plant will have an initial annual ethanol production capacity of approximately 500..

Reviews

Write a Review

Management Information Sys Questions & Answers

  How you personally conduct business

PowerPoint presentation of technology - how the use of technology figures into how you personally conduct business. As well as how do you think you will be conducting business in the future?

  Which entity should have the most influence on the design

which entity should have the most influence on the design of a database system management or the workers?give an

  Create a system wide clinical documentation program

Write a 2 page report (paper) on your plan to create and implement a system wide clinical documentation program at your organization

  Does the approach scale for large organizations

What do you think about Ying's approach to the automation of classifying information content for the purpose of managing that information? Does the approach scale for large organizations? How would you try to improve on his approach if it were to..

  Qualities of data required for evaluating expenditure cycle

Explain the importance of three qualities of data required for evaluating expenditure cycle - Efficiency and Effectives of Expenditure Cycle Processes

  Identify the motivation for potential attacks

Research and classify common weaknesses and attacks associated with e-commerce and social networking applications. Identify the motivation for potential attacks. Identify the roles such as system administrator, developer, security engineer, and qual..

  Benefits of the dhss efforts with cyber storm

From the e-Activity, explain in your own words the benefits of the DHS's efforts with Cyber Storm and whether or not you believe this is a necessary and useful activity in terms of incident response preparedness

  Explain importance of explicit enterprise security policies

Identify the predominant electronic and physical threats to communications networks. Explain the importance of explicit enterprise security policies and procedures. Describe potential threat detection and protection techniques

  The appropriate erp

The appropriate ERP - What enterprise resource planning (ERP) systems do your organization rely on

  Discuss the positive and negative effects

Discuss the positive and negative effects that a significant increase of customers would have on each department over a one-year time period

  Learning technology relationshipscompare the three 3

learning technology relationshipscompare the three 3 learning technologies verbal information intellectual skill and

  Documentation to justify the request

Cost control is important, so you don't want to overspend. If you need to ask for more money than was budgeted, you will need documentation to justify the request.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd