Chapter 3 ■ Security Architecture and Engineering (Domain 3) 53
- Ralph is designing a physical security infrastructure for a new computing facility that will
remain largely unstaffed. He plans to implement motion detectors in the facility but would
also like to include a secondary verification control for physical presence. Which one of
the following would best meet his needs?
A. CCTV
B. IPS
C. Turnstiles
D. Faraday cages - Harry would like to retrieve a lost encryption key from a database that uses m of n
control, with m = 4 and n = 8. What is the minimum number of escrow agents required
to retrieve the key?
A. 2
B. 4
C. 8
D. 12 - Fran’s company is considering purchasing a web-based email service from a vendor and
eliminating its own email server environment as a cost-saving measure. What type of cloud
computing environment is Fran’s company considering?
A. SaaS
B. IaaS
C. CaaS
D. PaaS - Bob is a security administrator with the federal government and wishes to choose a digital
signature approach that is an approved part of the federal Digital Signature Standard under
FIPS 186-4. Which one of the following encryption algorithms is not an acceptable choice
for use in digital signatures?
A. DSA
B. H AVA L
C. RSA
D. ECDSA - Harry would like to access a document owned by Sally and stored on a file server. Applying
the subject/object model to this scenario, who or what is the subject of the resource request?
A. Harry
B. Sally
C. Server
D. Document