338 Appendix ■ Answers
9 8. D. When the value of data changes due to legal, compliance, or business reasons,
reviewing classifications and reclassifying the data is an appropriate response. Once the
review is complete, data can be reclassified and handled according to its classification
level. Simply relabeling the data avoids the classification process and may not result in the
data being handled appropriately. Similarly, selecting a new baseline or simply encrypting
the data may not handle all of the needs that the changes affecting the data create.- C. PGP, or Pretty Good Privacy (or its open-source alternative, GPG) provide strong encryp-
tion of files, which can then be sent via email. Email traverses multiple servers and will be unen-
crypted at rest at multiple points along its path as it is stored and forwarded to its destination. - A. While many nongovernment organizations create their own classification schemes, a
common model with levels that align with the US government’s classification labels is shown
here. In the given options, B and D do not match the US government’s Top Secret, Secret,
Confidential scheme, and C incorrectly matches business proprietary data with confidential
data as well as Top Secret data with business sensitive data. Business internal is often another
term for business sensitive, meaning that it is used to match two classifications!
Chapter 3: Security Architecture and Engineering (Domain 3)
- D. The Brewer-Nash model allows access controls to change dynamically based upon a
user’s actions. It is often used in environments like Matthew’s to implement a “Chinese
wall” between data belonging to different clients. - A. Fires may be detected as early as the incipient stage. During this stage, air ionization
takes place, and specialized incipient fire detection systems can identify these changes to
provide early warning of a fire. - A. Closed-circuit television (CCTV) systems act as a secondary verification mechanism
for physical presence because they allow security officials to view the interior of the facility
when a motion alarm sounds to determine the current occupants and their activities. - B. In an M of n control system, at least M of n possible escrow agents must collaborate
to retrieve an encryption key from the escrow database. - A. This is an example of a vendor offering a fully functional application as a web-
based service. Therefore, it fits under the definition of software as a service (SaaS). In
infrastructure as a service (IaaS), compute as a service (CaaS), and platform as a service
(PaaS) approaches, the customer provides their own software. In this example, the vendor
is providing the email software, so none of those choices is appropriate.