DEVRY SEC360 WEEK 5 QUIZ

(TCO 6) The layers of physical security defense in depth do not include _____.

monitoring (video or human)

intrusion detection/prevention

mechanical and electronic

environmental

security clearances

(Week 4 Lecture) Security clearances are personnel security controls. Authenticating clearances may well be part of the physical security process.

Points Received: 5 of 5

Comments:

Question 2. Question :

(TCO 6) Which of the following are categories of intrusion detection devices?

Door sensors

Biometric detectors

Perimeter detectors

Security detectors

All of the above

Text, pages 175-176

Points Received: 5 of 5

Comments:

Question 3. Question :

(TCO 6) Physical security deals with all of the following except _____.

buildings

logical systems

computer rooms

computer devices

fences

Text, Chapter 8, p. 165

Points Received: 5 of 5

Comments:

Question 4. Question :

(TCO 7) Security operations generally does not provide controls for _____.

IN personnel security

resource protection

backup and recovery of locally stored workstation data

privileged entity controls

virus scanning

Text, page 193

Points Received: 0 of 5

Comments:

Question 5. Question :

(TCO 7) Security operations does NOT use controls for _____.

threats

vulnerabilities

intrusions

communications devices

management decision making

(Lecture) Security operations provides information to management, but does not decide for management.

Points Received: 5 of 5

Comments:

Question 6. Question :

(TCO 8) Disaster recovery planning includes all of the following except _____.

IT systems and applications

application data

data entry users

networks

IN communication lines

Text, pages 129-133

Points Received: 0 of 5

Comments:

Question 7. Question :

(TCO 8) A business impact analysis identifies _____.

risks to the business

quantifies risks

risks to the business if critical services are discontinued

IN priorities of restoring critical services

All of the above

Text, Chapter 6, p. 128

Points Received: 0 of 5

Comments:

Question 8. Question :

(TCO 9) The minimum set of access rights or privileges needed to perform a specific job description is called _____.

separation of duties

least privilege

privileged controls

separation of privilege

Text, pages 188 & 206

Points Received: 5 of 5

Comments:

Question 9. Question :

(TCO 9) Which of the following is NOT true for RADIUS?

Uses remote access Dial-In User Service

Used by AOL to authenticate users

Creates a private tunnel between end points

Policies can be centrally administered

Can use multifactor authentication

(Text, p. 220) Radius is not a tunneling technology.

Points Received: 5 of 5

Comments:

Question 10. Question :

(TCO 9) The predominant strategy that is used to assure confidentiality is _____.

biometric authentication

discretionary access control

role-based access control

symmetric encryption

the principle of least privilege

Text, page 206

Points Received: 5 of 5

Comments:

* Times are displayed in (GMT-07:00) Mountain Time (US & Canada)