15. d. The audit log includes a timestamp, user’s identity, object’s identity, and type of action taken, but not the results from the action taken. The person reviewing the audit log needs to verify that the results of the action taken were appropriate.
16. Which of the following fault tolerance metrics are most applicable to the proper functioning of redundant array of disks (RAID) systems?
1. Mean time between failures (MTBF)
2. Mean time to data loss (MTTDL)
3. Mean time to recovery (MTTR)
4. Mean time between outages (MTBO)
a. 1 and 2
b. 1 and 3
c. 2 and 3
d. 3 and 4
16. c. Rapid replacement of RAID’s failed drives or disks and rebuilding them quickly is important, which is facilitated specifically and mostly through applying MTTDL and MTTR metrics. The MTTDL metric measures the average time before a loss of data occurred in a given disk array. The MTTR metric measures the amount of time it takes to resume normal operation, and includes the time to replace a failed disk and the time to rebuild the disk array. Thus, MTTDL and MTTR metrics prevent data loss and ensure data recovery.
MTBF and MTBO metrics are incorrect because they are broad measures of providing system reliability and availability respectively, and are not specifically applicable to RAID systems. The MTBF metric measures the average time interval between system failures and the MTBO metric measures the mean time between equipment failures.
17. All the following have redundancy built in except:
a. Fast Ethernet
b. Fiber distributed data interface
c. Normal Ethernet
d. Synchronous optical network
17. c. Normal Ethernet does not have a built-in redundancy. Fast Ethernet has built-in redundancy with redundant cabling for file servers and network switches. Fiber distributed data interface (FDDI) offers an optional bypass switch at each node for addressing failures. Synchronous optical network (SONET) is inherently redundant and fault tolerant by design.
18. Which of the following go hand-in-hand?
a. Zero-day warez and content delivery networks
b. Zero-day warez and ad-hoc networks
c. Zero-day warez and wireless sensor networks
d. Zero-day warez and converged networks
18. a. Zero-day warez (negative day or zero-day) refers to software, games, music, or movies (media) unlawfully released or obtained on the day of public release. An internal employee of a content delivery company or an external hacker obtains illegal copies on the day of the official release. Content delivery networks distribute such media from the content owner. The other three networks do not distribute such media.
Bluetooth mobile devices use ad-hoc networks, wireless sensor networks monitor security of a building perimeter and environmental status in a building (temperature and humidity), and converged networks combine two different networks such as voice and data.
19. Which of the following provides total independence?
a. Single-person control
b. Dual-person control
c. Two physical keys
d. Two hardware tokens
19. a. Single-person control means total independence because there is only one person performing a task or activity. In the other three choices, two individuals or two devices (for example, keys and tokens) work together, which is difficult to bypass unless collusion is involved.
20. The use of a no-trespassing warning banner at a computer system’s initial logon screen is an example of which of the following?
a. Correction tactic
b. Detection tactic
c. Compensating tactic
d. Deterrence tactic
20. d. The use of no-trespassing warning banners on initial logon screens is a deterrent tactic to scare system intruders and to provide legal evidence. The other three choices come after the deterrence tactic.
21. Countermeasures applied when inappropriate and/or unauthorized modifications have occurred to security functions include:
1. Reversing the change
2. Halting the system
3. Triggering an audit alert
4. Reviewing the records of change
a. 1 only
b. 2 only
c. 3 only
d. 1, 2, 3, and 4
21. d. Safeguards and countermeasures (controls) applied when inappropriate and/or unauthorized modifications have occurred to security functions and mechanisms include reversing the change, halting the system, triggering an audit alert, and reviewing the records of change. These countermeasures would reduce the risk to an information system.
