Click
below link for Answers
SE571 Principles of Information Security and Privacy - Midterm
Exam A+ tutorial
1.
Question :
(TCO A) What are the three goals of security in computing? For
each goal, list two controls that can be implemented to help achieve that goal.
Points Received:
23 of 23
2.
Question :
(TCO A) May a database contain two identical records without a
negative effect on the integrity of the database? Why or why not?
Points Received:
23 of 23
3.
Question :
(TCO B) It's been said that firewalls are dead. Some think that,
because of the prevalence of application-layer attacks, packet filtering
firewalls are of no real use in protecting networks. Name three advantages of
using packet filtering firewalls in modern networks.
Points Received:
23 of 23
4.
Question :
(TCO C) Respond to each part of this question:
a) Describe how a long number (encryption key) can be shared
between sender and receiver without using any source that is obvious to
outsiders and without directly sending the number from sender and receiver.
b) Describe how a long number (encryption key) can be shared
between sender and receiver over an unsecured network without loss of
confidentiality.
Points Received:
23 of 23
5.
Question :
(TCO B) Which of the following is a correct statement?
Points Received:
8 of 8
SE571 Week 8 - Final Exam - Devry SE571 SE 571, A+ Tutorial,
fully answered
1. (TCO A) You are responsible
for developing a security evaluation process that can be used to assess various
operating systems both during and after development. List the five most
desirable qualities your evaluation process should have and explain why they
are important. (Be sure to address qualities of the evaluation process, not
specific metrics for assessment of operating systems.) (Points : 40)
2. (TCO B) The Open Systems
Interconnection model is inherently inefficient. On the source host, each layer
must take the work of higher layers, add some result, and pass the work to
lower layers. On the destination host, each layer must process these results
from lower layers and pass the appropriate information to upper layers. Surely
this wrapping and unwrapping process is inefficient. Assess the security
advantage of this layered approach. (Points : 40)
3. (TCO C) Why is a firewall
usually a good place to terminate a Virtual Private Network (VPN) connection
from a remote user? Why not terminate the VPN connection at the actual servers
being accessed? Under what circumstances would VPN termination at the server be
a good idea? (Points : 40)
4. (TCO D) A computer
programmer has been arraigned for a computer crime. She is suspected of having
accessed system files on a public Web server. The programmer's attorney argues
that his client was only trying to determine if the website was secure and that
no harm was done to the Web server or its system files. The programmer's
attorney also argues that it is possible that the log files that show that his
client accessed system files were tampered with. The attorney claims that the
Web server was made accessible to the public anyway so that there was no
violation of the law and that the arraignment against her client should be
thrown out. You're the judge. What is your analysis of these arguments? (Points
: 40)
5. (TCO E) After reading about
attacks on servers similar to the ones used in one of your company's
departments, the CIO has asked you to come up with a report as to what, if any,
steps should be taken with your servers. List and describe the steps you would
need to take in order to complete a detailed report. (Points : 40)
6. (TCO F) In the U.S., laws
are enforced by police agencies and the courts. What are ethics and who
enforces them? (Points : 40)
7. (TCO G) Which of the
following statements is true? (Points : 20)
8. (TCO H) Some IT department
policies are designed to prevent behaviors by IT staff. While some depend upon
the employee voluntarily complying with the policy (for example: do not reveal
technical information to outside parties), others are enforced technically (for
example, authentication required for system access). What is an example of a
policy that technically enforces ethical behavior by IT staff? Provide policy wording
for your example. (Points : 40)
SE571 Principles of Information Security and Privacy - All 7
Weeks Discussions
W1 DQ1 Vulnerabilities of Your
Systems
W1 DQ2 Threats against Your Systems
W2 DQ1 Security Issues in Telecommunications
W2 DQ2 What Access Controls Are in Use
W3 DQ1 Cryptographic Products
W3 DQ2 Cryptographic Standards
W4 DQ1 Network Services
W4 DQ2 Security Architecture
W5 DQ1 Case Study - Would you hire Goli
W5 DQ2 Privacy - Right or Privilege
W6 DQ1 BC and DR
W6 DQ2 Meeting Regulations
W7 DQ1 Personal - Group Ethics
W7 DQ2 Security Skills
SE571
COMPLETE COURSE SE 571 COMPLETE COURSE
Click
below link for Answers