1.

D *
The Brewer-Nash model allows access controls to change dynamically based upon
a user's actions. It is often used in environments like Matthew's to implement a
"Chinese wall" between data belonging to different clients.
2.A *
Fires may be detected as early as the incipient stage. During this stage, air
ionization takes place, and specialized incipient fire detection systems can
identify these changes to provide early warning of a fire.
3.A
Closed-circuit television (CCTV) systems act as a secondary verification
mechanism for physical presence because they allow security officials to view the
interior of the facility when a motion alarm sounds to determine the current
occupants and their activities.
4.B *
In an m of n control system, at least m of n possible escrow agents must
collaborate to retrieve an encryption key from the escrow database
5.A
This is an example of a vendor offering a fully functional application as a
web-based service. Therefore, it fits under the definition of software as a service
(SaaS). In infrastructure as a service (IaaS), compute as a service (CaaS), and
platform as a service (PaaS) approaches, the customer provides their own software.
In this example, the vendor is providing the email software, so none of those
choices is appropriate.
6.B
The Digital Signature Standard approves three encryption algorithms for use
in digital signatures: the Digital Signature Algorithm (DSA); the Rivest, Shamir,
Adleman (RSA) algorithm; and the Elliptic Curve DSA (ECDSA) algorithm. HAVAL is a
hash function, not an encryption algorithm. While hash functions are used as part
of the digital signature process, they do not provide encryption.
7.A *
In the subject/object model of access control, the user or process making the
request for a resource is the subject of that request. In this example, Harry is
requesting resource access and is, therefore, the subject.
8.C
Michael should conduct his investigation, but there is a pressing business
need to bring the website back online. The most reasonable course of action would
be to take a snapshot of the compromised system and use the snapshot for the
investigation, restoring the website to operation as quickly as possible while
using the results of the investigation to improve the security of the site.
9.C
The use of a sandbox is an example of confinement, where the system restricts
the access of a particular process to limit its ability to affect other processes
running on the same system.
10.D
Assurance is the degree of confidence that an organization has that its
security controls are correctly implemented. It must be continually monitored and
reverified.
11.A
Maintenance hooks, otherwise known as backdoors, provide developers with easy
access to a system, bypassing normal security controls. If not removed prior to
finalizing code, they pose a significant security vulnerability if an attacker
discovers the maintenance hook.
12.B
The Simple Integrity Property states that an individual may not read a file
classified at a lower security level than the individual's security clearance.
13.B
Supervisory control and data acquisition (SCADA) systems are used to control
and gather data from industrial processes. They are commonly found in power plants
and other industrial environments.
14.B
The Trusted Platform Module (TPM) is a hardware security technique that
stores an encryption key on a chip on the motherboard and prevents someone from
accessing an encrypted drive by installing it in another
15.D
Intentional collisions have been created with MD5, and a real-world collision
attack against SHA 1 was announced in early 2017. 3DES is not a hashing tool,
leaving SHA 256 (sometimes called SHA 2) as the only real choice that Chris has in
this list.
16.C
In an asymmetric cryptosystem, the sender of a message always encrypts the
message using the recipient's public key.
17.D
When Bob receives the message, he uses his own private key to decrypt it.
Since he is the only one with his private key, he is the only one who should be
able to decrypt it, thus preserving confidentiality.
18.B
Each user retains their private key as secret information. In this scenario,
Bob would only have access to his own private key and would not have access to the
private key of Alice or any other user.
19.B
Alice creates the digital signature using her own private key. Then Bob, or
any other user, can verify the digital signature using Alice's public key.
20.B
The salt is a random value added to a password before it is hashed by the
operating system. The salt is then stored in a password file with the hashed
password. This increases the complexity of cryptanalytic attacks by negating the
usefulness of attacks that use precomputed hash values, such as rainbow tables.
21.A
Hash functions do not include any element of secrecy and, therefore, do not
require a cryptographic key.
22.D
A preaction fire suppression system activates in two steps. The pipes fill
with water once the early signs of a fire are detected. The system does not
dispense water until heat sensors on the sprinkler heads trigger the second phase.
23.B
The Encapsulating Security Payload (ESP) protocol provides confidentiality
and integrity for packet contents. It encrypts packet payloads and provides limited
authentication and protection against replay attacks.
24.D
The greatest risk when a device is lost or stolen is that sensitive data
contained on the device will fall into the wrong hands. Confidentiality protects
against this risk.
25.C
The exclusive or (XOR) operation is true when one and only one of the input
values is true.
26.A
ES uses a 64-bit encryption key, but only 56 of those bits are actually used
as keying material in the encryption operation. The remaining 8 bits are used to
detect tampering or corruption of the key.
27.C *
The *-Security Property states that an individual may not write to a file at
a lower classification level than that of the individual. This is also known as the
confinement property.
28.B
The Diffie-Hellman algorithm allows for the secure exchange of symmetric
encryption keys over a public network.
29.C *
 Protection Profiles (PPs) specify the security requirements and protections
that must be in place for a product to be accepted under the Common Criteria.
30.A
Hash functions must be able to work on any variable-length input and produce
a fixed-length output from that input, regardless of the length of the input.
31.C
Binary keyspaces contain a number of keys equal to two raised to the power of
the number of bits. Two to the fifth power is 32, so a 5-bit keyspace contains 32
possible keys.
32.B
Kerckhoff's principle says that a cryptographic system should be secure even
if everything about the system, except the key, is public knowledge.
33.A
Mantraps use a double set of doors to prevent piggybacking by allowing only a
single individual to enter a facility at a time.
34.A
While it would be ideal to have wiring closets in a location where they are
monitored by security staff, this is not feasible in most environments. Wiring
closets must be distributed geographically in multiple locations across each
building used by an organization.
35.D
he *-Integrity Property states that a subject cannot modify an object at a
higher integrity level than that possessed by the subject.
36.The architecture security concepts match with the descriptions as follows:
1. Time of check: C. The time at which the subject checks whether
an object is available.
2. Covert channel: A. A method used to pass information over a
path not normally used for communication.
3. Time of use: D. The time at which a subject can access an object.
4. Maintenance hooks: E. An access method known only to the developer of
the system.
5. Parameter checking: F. A method that can help prevent buffer overflow
attacks.
6. Race condition: B. The exploitation of difference between time
of check and time of use.
37.B
In the Fair Cryptosystem approach to key escrow, the secret keys used in
communications are divided into two or more pieces, each of which is given to an
independent third party.
38.A
The Ready state is used when a process is prepared to execute but the CPU is
not available. The Running state is used when a process is executing on the CPU.
The Waiting state is used when a process is blocked waiting for an external event.
The Stopped state is used when a process terminates.
39.A
EAL1 assurance applies when the system in question has been functionally
tested. It is the lowest level of assurance under the Common Criteria.
40.A
Administrators and processes may attach security labels to objects that
provide information on an object's attributes. Labels are commonly used to apply
classifications in a mandatory access control system.
41.B
Open-source software exposes the source code to public inspection and
modification. The open-source community includes major software packages such as
the Linux operating system.
42.A
Adam created a list of individual users that may access the file. This is an
access control list, which consists of multiple access control entries. It includes
the names of users, so it is not role-based, and Adam was able to modify the list,
so it is not mandatory access control.
43.C *
Parameter checking, or input validation, is used to ensure that input
provided by users to an application matches the expected parameters for the
application. Developers may use parameter checking to ensure that input does not
exceed the expected length, preventing a buffer overflow attack.
44.A *
Kernel mode, supervisory mode, and system mode are all terms used to describe
privileged modes of system operation. User mode is an unprivileged mode.
45.