CompTIA Security_ Deluxe Study Guide_ SY0-201 - Emmett Dulaney [167]
a. EMI
b. RFI
c. CC EAL 4
d. TEMPEST
15. Which term defines the process of a WAP losing sensitivity due to RFI?
a. RFI desensitization
b. EMI pickup
c. Access control
d. TEMPEST
16. Due to growth beyond current capacity, a new server room is being built. As a manager, you want to make certain that all the necessary safety elements exist in the room when it’s finished. Which fire-suppression system works best when used in an enclosed area by displacing the air around a fire?
a. Gas based
b. Water based
c. Fixed system
d. Overhead sprinklers
17. The CBF identifies which aspects of a business?
a. Access control
b. Critical access points
c. Essential business functions
d. BIA
18. You’re the chief security contact for MTS. One of your primary tasks is to document everything related to security and create a manual that can be used to manage the company in your absence. Which documents should be referenced in your manual as the ones that identify the methods used to accomplish a given task?
a. Policies
b. Standards
c. Guidelines
d. BIA
19. Which classification of information designates that information can be released on a restricted basis to outside organizations?
a. Private information
b. Full distribution
c. Restricted information
d. Limited distribution
20. You’ve recently been hired by ACME to do a security audit. The managers of this company feel that their current security measures are inadequate. Which information access control prevents users from writing information down to a lower level of security and prevents users from reading above their level of security?
a. Bell La-Padula model
b. Biba model
c. Clark-Wilson model
d. Noninterference model
Answers to Review Questions
1. A. The first layer of access control is perimeter security. Perimeter security is intended to delay or deter entrance into a facility.
2. C. Type C fire extinguishers are intended for use in electrical fires.
3. B. Electrical devices, such as motors, that generate magnetic fields cause EMI. Humidity control won’t address EMI.
4. A. A security zone is a smaller part of a larger area. Security zones can be monitored individually if needed. Answers B, C, and D are examples of security zones.
5. B. Partitioning is the process of breaking a network into smaller components that can each be individually protected. This is analogous to building walls in an office building.
6. B. Access control is the primary process of preventing access to physical systems.
7. A. Perimeter security involves creating a perimeter or outer boundary for a physical space. Video surveillance systems wouldn’t be considered a part of perimeter security, but they can be used to enhance physical security monitoring.
8. C. A security zone is an area that is a smaller component of the entire facility. Security zones allow intrusions to be detected in specific parts of the building.
9. A. Biometrics is a technology that uses personal characteristics, such as a retinal pattern or fingerprint, to establish identity.
10. A. Social engineering uses the inherent trust in the human species, as opposed to technology, to gain access to your environment.
11. A. Wireless cell systems are primarily line-of-site communication systems. These systems use the microwave band for communications.
12. D. Global System for Mobile Communications (GSM) is the newest standard for cellular communications. GSM promises to provide encryption as well as international usability.
13. A. Shielding keeps external electronic signals from disrupting operations.
14. D. TEMPEST is the certification given to electronic devices that emit minimal RF. The TEMPEST certification is difficult to acquire, and it significantly increases the cost of systems.
15. A. Receivers