260 Chapter 11 ■ Practice Test 3
- Fred’s data role requires him to maintain system security plans and to ensure that system
users and support staff get the training they need about security practices and acceptable
use. What is the role that Fred is most likely to hold in the organization?
A. Data owner
B. System owner
C. User
D. Custodian - Sally is using IPsec’s ESP component in transport mode. What important information
should she be aware of about transport mode?
A. Transport mode provides full encryption of the entire IP packet.
B. Transport mode adds a new, unencrypted header to ensure that packets reach their
destination.
C. Transport mode does not encrypt the header of the packet.
D. Transport mode provides no encryption; only tunnel mode provides encryption. - Which one of the following is not a key process area for the Repeatable phase of the Soft-
ware Capability Maturity Model (SW-CMM)?
A. Software Project Planning
B. Software Quality Management
C. Software Project Tracking
D. Software Subcontract Management - Ben wants to provide predictive information about his organization’s risk exposure in an
automated way as part of an ongoing organizational risk management plan. What should
he use to do this?
A. KRIs
B. Quantitative risk assessments
C. KPIs
D. Penetration tests - In the image shown here, what does system B send to system A at step 2 of the three-way
TCP handshake?
A 12A^3 BB