60. As the information system changes over time, which of the following is required to maintain the baseline configuration?
a. Enterprise architecture
b. New baselines
c. Operating system
d. Network topology
60. b. Maintaining the baseline configuration involves creating new baselines as the information system changes over time. The other three choices deal with information provided by the baseline configuration as a part of standard operating procedure.
61. Software quality is not measured by:
a. Defect levels
b. Customer satisfaction
c. Time-to-design
d. Continuous process improvement
61. c. Quality is more than just defect levels. It should include customer satisfaction, time-to-market, and a culture committed to continuous process improvement. Time-to-design is not a complete answer because it is a part of time-to-market, where the latter is defined as the total time required for planning, designing, developing, and delivering a product. It is the total time from concept to delivery. These software quality values lead to quality education, process assessments, and customer satisfaction.
62. Which of the following responds to security incidents on an emergency basis?
a. Tiger team
b. White team
c. Red team
d. Blue team
62. b. A white team is an internal team that initiates actions to respond to security incidents on an emergency basis. Both the red team and blue team perform penetration testing of a system, and the tiger team is an old name for the red team.
63. Which of the following is the most important function of software inventory tools in maintaining a consistent baseline configuration?
a. Track operating system version numbers.
b. Track installed application systems.
c. Scan for unauthorized software.
d. Maintain current patch levels.
63. c. Software inventory tools scan information for unauthorized software to validate against the official list of authorized and unauthorized software programs. The other three choices are standard functions of software inventory tools.
64. A user’s session auditing activities are performed in consultation with which of the following?
a. Internal legal counsel and internal audit
b. Consultants and contractors
c. Public affairs or media relations
d. External law enforcement authorities and previous court cases
64. a. An information system should provide the capability to capture/record, log, and view all the content related to a user’s session in real time. Session auditing activities are developed, integrated, and used with internal legal counsel and internal audit departments. This is because these auditing activities can have legal and audit implications.
Consultants and contractors should not be contacted at all. It is too early to talk to the public affairs or media relations within the organization. External law enforcement authorities should be contacted only after the session auditing work is completed and only after there is a discovery of high-risk incidents.
65. Regarding access restrictions associated with changes to information systems, which of the following makes it easy to discover unauthorized changes?
a. Physical access controls
b. Logical access controls
c. Change windows
d. Software libraries
65. c. Change windows mean changes occur only during specified times, and making unauthorized changes outside the window are easy to discover. The other three choices are also examples of access restrictions, but changes are not easy to discover in them.
66. Which of the following is an example of software reliability metrics?
a. Number of defects per million lines of source code with comments
b. Number of defects per function point
c. Number of defects per million lines of source code without comments
d. The probability of failure-free operation in a specified time
