CMIT 425 FINAL EXAM A GRADE, Quizzes of Computer Science

CMIT 425 FINAL EXAM Question 1 (1 point) ________________ refers to software that allows for the automated development of software, which can come in the form of program editors, debuggers, code analyzers, version control mechanisms, and more. Question 1 options: Privacy impact rating CASE Attack surface analysis Threat modeling

Typology: Quizzes

2022/2023

Available from 07/17/2023

ExamOracle
ExamOracle šŸ‡ŗšŸ‡ø

4.3

(3)

226 documents

1 / 98

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
CMIT 425 FINAL EXAM
Quiz
Note: It is recommended that you save your response as you complete each question.
Question 1 (1 point)
________________ refers to software that allows for the automated development of software,
which can come in the form of program editors, debuggers, code analyzers, version control
mechanisms, and more.
Question 1 options:
Privacy impact rating
CASE
Attack surface analysis
Question 2 (1 point)
In which testing phase ensures that the code meets customer requirements?
Question 2 options:
Integration testing
Unit testing
Threat modeling
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23
pf24
pf25
pf26
pf27
pf28
pf29
pf2a
pf2b
pf2c
pf2d
pf2e
pf2f
pf30
pf31
pf32
pf33
pf34
pf35
pf36
pf37
pf38
pf39
pf3a
pf3b
pf3c
pf3d
pf3e
pf3f
pf40
pf41
pf42
pf43
pf44
pf45
pf46
pf47
pf48
pf49
pf4a
pf4b
pf4c
pf4d
pf4e
pf4f
pf50
pf51
pf52
pf53
pf54
pf55
pf56
pf57
pf58
pf59
pf5a
pf5b
pf5c
pf5d
pf5e
pf5f
pf60
pf61
pf62

Partial preview of the text

Download CMIT 425 FINAL EXAM A GRADE and more Quizzes Computer Science in PDF only on Docsity!

CMIT 425 FINAL EXAM

Quiz

Note: It is recommended that you save your response as you complete each question. Question 1 (1 point) ________________ refers to software that allows for the automated development of software, which can come in the form of program editors, debuggers, code analyzers, version control mechanisms, and more. Question 1 options: Privacy impact rating CASE Attack surface analysis Question 2 (1 point) In which testing phase ensures that the code meets customer requirements? Question 2 options: Integration testing Unit testing Threat modeling

Acceptance testing Regression testing Question 3 (1 point) Incident response procedures include the following activities, but of which stage can be difficult in case of a virus attack. Question 3 options: Incident identification Containment Tracking Recovery Question 4 (1 point) Phreaking is a type of hacking primarily concerned with what type of systems? Question 4 options: LAN Telephony SCADA

N(N-1)/

N(N*2)/

N/

N*2/

Question 8 (1 point) You are told by your supervisor to maintain evidence for later use during a legal proceeding. What process do you need to document referring to the proper handling of the evidence? Question 8 options: Chain of custody Due Diligence Escalation of Privilege Incident response Order of volatility Question 9 (1 point) What type of network device is responsible for determining the best route from the source to the destination? Question 9 options:

Switch Repeater Bridge Router Question 10 (1 point) The strength of an encryption is determined by many components. However, one of the following does not contribute to the strength of an encryption. Question 10 options: The secrecy of the key The length of the key The initialization vector The cryptanalyst skills Question 11 (1 point) Which risk handling method defines the acceptable risk level the organization can tolerate and reduces the risk to that level? Question 11 options: Risk avoidance Risk transfer Risk mitigation

Question 14 (1 point) Simultaneous execution of more than one program by a single OS is called _____________. Fill in the blank. Question 14 options: interrupt Multitasking Multiprocessing Preemptive multitasking Question 15 (1 point) What type of malware is self-replicating? Question 15 options: Trojan Worm Clone Spam Virus

Question 18 (1 point) What is RAID 5? Question 18 options: Stripping Mirroring Stripping with parity Clustering Question 19 (1 point) Which access control model is based on an operating system enforcing the system's policy through the use of security labels? Question 19 options: DAC MAC RBAC Non-RBAC Question 20 (1 point) What type of evidence is not viewed as reliable and strong in proving innocence or guilt when compared to best evidence? Question 20 options: Circumstantial Evidence

Secondary Evidence Corroborative Evidence Opinion Evidence Question 21 (1 point) Which of the following Hash Algarithms is a more secure Hash Algorithm? Question 21 options: MD SHA HAVAL RIPEMD Question 22 (1 point) Different functionalities of security controls are applied to produce the desired security outcomes. Which of the following security controls is intended to fix components or systems after an incident has occurred? Question 22 options: Detective

Question 25 (1 point) The BCP committee must identify the threats to the company and map them to the following but one. Question 25 options: Maximum tolerable downtime and disruption for activities. Operational disruption and productivity Third party relationship Reputation Question 26 (1 point) Which of the following is not an application protocol? Question 26 options: SMTP HTTP SNMP ICMP Question 27 (1 point) Cryptography algorithms are either __________ algorithms, which use private keys, or ____________ algorithms, which use public & private keys. Fill in the blanks. Question 27 options: Asymmetric, symmetric

Symmetric, asymmetric

Question 30 (1 point) Software is usually developed for _______________ first, not ___________ first. To get the best of both worlds, security and functionality would have to be designed and integrated into the individual phases of the SDLC. Fill in the blanks. Question 30 options: Security, functionality Functionality, security Requirement, functionality Functionality, requirement Question 31 (1 point) What is RAID 1? Question 31 options: Stripping Mirroring Stripping with parity Clustering Question 32 (1 point) What is the level of risk an organization is willing to accept? Question 32 options: Baseline Minimum configuration Acceptable risk

Risk appetite Question 33 (1 point) In SDLC model, _________________ deploys the software and then ensures that it is properly configured, patched, and monitored. Question 33 options: Requirement gathering Design Testing Maintenance Question 34 (1 point) ____________ means that an individual should have just enough permission and rights to fulfill his roles and responsibilities in the company and no more. Question 34 options: Least privilege Job rotation Mandatory vacations Collusion

Vulnerability assessment Risk mitigation Risk monitoring Question 38 (1 point) A process can be in any of these states except Question 38 options: running blocked parked ready Question 39 (1 point) In which testing is performed after a change to a system takes place, retesting to ensure functionality performance, and protection. Question 39 options: Integration testing

Unit testing Acceptance testing Regression testing Question 40 (1 point) In SDLC model, the _________ phase deals with how the software will accomplish the goals identified, which are encapsulated into a functional design. Question 40 options: Requirement gathering Design Testing Maintenance Question 41 (1 point) Which software development model emphasizes risk analysis per iteration and is iterative in approach? This approach integrates customer feedback in the development process. Question 41 options: Agile