131. b. Requiring administrator-level privileges is a characteristic of a nonmanaged environment, where system owners and users have substantial control over their own system. Owners and users can alter system configurations, making security weak. In a managed environment, one or more centralized groups have substantial control over the server and workstation operating system and application configurations across the enterprise. Recommended security practices include installing antivirus software on all hosts and keeping it up-to-date, using deny-by-default policies on firewalls, and applying patches to operating systems and applications. These practices enable a consistent security posture to be maintained across the enterprise.
132. Which of the following is required to control the actions of mobile code, stationary code, or downloaded code?
a. Technical controls
b. Administrative controls
c. Behavioral controls
d. Physical controls
132. c. Conceptually, behavioral controls can be viewed as a software cage or quarantine mechanism that dynamically intercepts and thwarts attempts by the subject code to take unacceptable actions that violate policy. As with firewalls and antivirus products, methods that dynamically restrain mobile code were born out of necessity to supplement existing mechanisms, and represent an emerging class of security product. Such products are intended to complement firewall and antivirus products that respectively block network transactions or mobile code based on predefined signatures (i.e., content inspection), and may refer to methods such as dynamic sandbox, dynamic monitors, and behavior monitors, used for controlling the behavior of mobile code. In addition to mobile code, this class of product may also be applicable to stationary code or downloaded code whose trust-worthiness is in doubt.
Technical controls, administrative controls, and physical controls are incorrect because they are not strong enough as the behavioral controls to combat mobile code.
133. Which of the following is basic, low-privilege access to a computer?
a. Application access
b. Administrative access
c. Privileged access
d. Root access
133. a. Application access is basic, low-privilege access. It may include access to data entry, data update, data query, data output, or report programs. Administrative access, privileged access, and root access are advanced levels of access to a computer system that include the ability to perform significant configuration changes to the computer’s operating system.
134. Assume that a new computer worm is released that can spread rapidly and damage any computer in an organization unless it is stopped. The organization has 1,000 computers, the budget for in-house technical support is $500,000 per year, and the budget for outsourced technical support is $600,000. It takes an average of 4 hours for one technical support worker to rebuild a computer at a rate of $70 per hour for wages and benefits. What is the total cost for not mitigating the worm release?
a. $280,000
b. $500,000
c. $560,000
d. $600,000
134. c. The cost not to mitigate = W × T × R, where W is the number of computers or workstations, T is the time spent fixing systems plus lost user productivity, and R is the hourly rate of time spent or lost. During downtime, the computer owner or user is without a computer to do his work, which should be added to the time required to rebuild a computer. This is translated into $560,000 (i.e., 1,000 computers × 8 hours × $70 per hour). $280,000 is incorrect because it fails to take into account the lost user productivity time. This is translated into $280,000 (i.e., 1,000 computers × 4 hours × $70 per hour). $500,000 is incorrect because it assumes the budget for in-house technical support. $600,000 is incorrect because it assumes the budget for outsourced technical support.
135. What is the major principle of configuration management?
a. To reduce risks to data confidentiality
b. To reduce risks to data integrity
c. To reduce risks to data availability
d. To provide repeatable mechanism for effecting system changes
