280 Chapter 11 ■ Practice Test 3
- Which one of the following goals of physical security environments occurs first in the
functional order of controls?
A. Delay
B. Detection
C. Deterrence
D. Denial - In what type of trusted recovery process is the system able to recover without administra-
tor intervention but the system may suffer some loss of data?
A. Automated recovery
B. Manual recovery
C. Automated recovery without undue data loss
D. Function recovery - Skip needs to transfer files from his PC to a remote server. What protocol should he use
instead of FTP?
A. SCP
B. SSH
C. HTTP
D. Tel net - Ben’s New York–based commercial web service collects personal information from Cali-
fornia residents. What does the California Online Privacy Protection Act require Ben to do
to be compliant?
A. Ben must encrypt all personal data he receives.
B. Ben must comply with the EU GDPR.
C. Ben must have a conspicuously posted privacy policy on his site.
D. Ben must provide notice and choice for users of his website. - What process is used to verify that a dial-up user is connecting from the phone number
they are preauthorized to use in a way that avoids spoofing?
A. CallerID
B. Callback
C. CHAP
D. PPP - ‘The Meltdown bug announced in early 2018 exposed kernel data to user application
space. What two rings are these referred to as for x86 PCs?
A. Rings 0 and 1
B. Rings 1 and 2