308 Chapter 12 ■ Practice Test 4
- You are conducting a qualitative risk assessment for your organization. The two important
risk elements that should weigh most heavily in your analysis of risk are probability
and.
A. Likelihood
B. History
C. Impact
D. Cost - Using the OSI model, what format does the Data Link layer use to format messages
received from higher up the stack?
A. A datastream
B. A frame
C. A segment
D. A datagram - What is the maximum penalty that may be imposed by an (ISC)^2 peer review board when
considering a potential ethics violation?
A. Revocation of certification
B. Termination of employment
C. Financial penalty
D. Suspension of certification - Which one of the following statements about the SDLC is correct?
A. The SDLC requires the use of an iterative approach to software development.
B. The SDLC requires the use of a sequential approach to software development.
C. The SDLC does not include training for end users and support staff.
D. The waterfall methodology is compatible with the SDLC. - In the diagram shown here, Harry is prevented from reading a file at a higher classification
level than his security clearance. What security model prevents this behavior?
HarryRead RequestData FileA. Bell-LaPadula
B. Biba
C. Clark-Wilson
D. Brewer-Nash