Chapter 10 ■ Practice Test 2 241
- Which one of the following techniques can an attacker use to exploit a TOC/TOU vulner-
ability?
A. File locking
B. Exception handling
C. Algorithmic complexity
D. Concurrency control - Susan is configuring her network devices to use syslog. What should she set to ensure that
she is notified about issues but does not receive normal operational issue messages?
A. The facility code
B. The log priority
C. The security level
D. The severity level - What RAID level is also known as disk mirroring?
A. RAID 0
B. RAID 1
C. RAID 3
D. RAID 5- What type of firewall uses multiple proxy servers that filter traffic based on analysis of the
protocols used for each service?
A. A static packet filtering firewall
B. An application-level gateway firewall
C. A circuit-level gateway firewall
D. A stateful inspection firewall - Surveys, interviews, and audits are all examples of ways to measure what important part
of an organization’s security posture?
A. Code quality
B. Service vulnerabilities
C. Awareness
D. Attack surface - Tom is the general counsel for an Internet service provider, and he recently received notice
of a lawsuit against the firm because of copyrighted content illegally transmitted over the
provider’s circuits by a customer. What law protects Tom’s company in this case?
A. Computer Fraud and Abuse Act
B. Digital Millennium Copyright Act
C. Wiretap Act
D. Copyright Code