Chapter 12: Practice Test 4 453
- B. The recovery time objective (RTO) is the amount of time that it may take to restore a
service after a disaster without unacceptable impact on the business. The RTO for each
service is identified during a business impact assessment. - D. The United States Code (USC) contains the text of all federal criminal and civil laws
passed by the legislative branch and signed by the president (or where the president’s veto
was overruled by Congress). - B. A post-admission philosophy allows or denies access based on user activity after
connection. Since this doesn’t check the status of a machine before it connects, it can’t
prevent the exploit of the system immediately after connection. This doesn’t preclude
out-of-band or in-band monitoring, but it does mean that a strictly post-admission policy
won’t handle system checks before the systems are admitted to the network. - B. The principle of implicit denial states that any action that is not explicitly allowed is
denied. This is an important concept for firewall rules and other access control systems.
Implementing least privilege ensures that subjects have only the rights they need to
accomplish their job. While explicit deny and final rule fall-through may sound like
important access control concepts, neither is. - B. Risks are the combination of a threat and a vulnerability. Threats are the external
forces seeking to undermine security, such as the hacker in this case. Vulnerabilities are
the internal weaknesses that might allow a threat to succeed. In this case, web defacement
is the risk. In this scenario, if the hacker attempts a SQL injection attack (threat) against
the unpatched server (vulnerability), the result is website defacement (risk). - A. The kernel of an operating system is the collection of components that work together
to implement a secure, reliable operating system. The kernel contains both the Trusted
Computing Base (TCB) and the reference monitor. - A. Val can use statistical sampling techniques to choose a set of records for review that
are representative of the entire day’s data. Clipping chooses only records that exceed a set
threshold, so it is not a representative sample. Choosing records based on the time they
are recorded may not produce a representative sample because it may capture events that
occur at the same time each day and miss many events that simply don’t occur during the
chosen time period. - D. Fiber-optic cable is more expensive and can be much harder to install than stranded
copper cable or coaxial cable, but it isn’t susceptible to electromagnetic interference
(EMI). That makes it a great solution for Jen’s problem, especially if she is deploying EMI-
hardened systems to go with her EMI-resistant network cables. - D. The request control process provides an organized framework within which users can
request modifications, managers can conduct cost/benefit analyses, and developers can
prioritize tasks.
8 7. B. Change control provides an organized framework within which multiple developers
can create and test solutions prior to rolling them out into a production environment.