- Many PC operating systems provide functionality that enables them to support the simultaneous execution of multiple applications on single-processor systems. What term is used to describe this capability?
A. Multiprogramming
B. Multithreading
C. Multitasking
D. Multiprocessing
Answer: C
Multitasking is processing more than one task at the same time. In most cases, multitasking is simulated by the operating system even when not supported by the processor.
- What technology provides an organization with the best control over BYOD equipment?
A. Application whitelisting
B. Mobile device management
C. Encrypted removable storage
D. Geotagging
Answer: B
Mobile device management (MDM) is a software solution to the challenging task of managing the myriad mobile devices that employees use to access company resources. The goals of MDM are to improve security, provide monitoring, enable remote management, and support troubleshooting. Not all mobile devices support removable storage, and even fewer support encrypted removable storage. Geotagging is used to mark photos and social network posts, not for BYOD management. Application whitelisting may be an element of BYOD management, but is only part of a full MDM solution.
- You have three applications running on a single-core single-processor system that supports multitasking. One of those applications is a word processing program that is managing two threads simultaneously. The other two applications are using only one thread of execution. How many application threads are running on the processor at any given time?
A. One
B. Two
C. Three
D. Four
Answer: A
A single-processor system can operate on only one thread at a time. There would be a total of four application threads (ignoring any threads created by the operating system), but the operating system would be responsible for deciding which single thread is running on the processor at any given time.
- What type of federal government computing system requires that all individuals accessing the system have a need to know all of the information processed by that system?
A. Dedicated
B. System high
C. Compartmented
D. Multilevel
Answer: A
In a dedicated system, all users must have a valid security clearance for the highest level of information processed by the system, they must have access approval for all information processed by the system, and they must have a valid need to know of all information processed by the system.
- What is a security risk of an embedded system that is not commonly found in a standard PC?
A. Software flaws
B. Access to the Internet
C. Control of a mechanism in the physical world
D. Power loss
Answer: C
Because an embedded system is in control of a mechanism in the physical world, a security breach could cause harm to people and property. This typically is not true of a standard PC. Power loss, Internet access, and software flaws are security risks of both embedded systems and standard PCs.
- What type of memory chip allows the end user to write information to the memory only one time and then preserves that information indefinitely without the possibility of erasure?
A. ROM
B. PROM
C. EPROM
D. EEPROM
Answer: B
Programmable read-only memory (PROM) chips may be written to once by the end user but may never be erased. The contents of ROM chips are burned in at the factory, and the end user is not allowed to write data. EPROM and EEPROM chips both make provisions for the end user to somehow erase the contents of the memory device and rewrite new data to the chip.
- Which type of memory chip can be erased only when it is removed from the computer and exposed to a special type of ultraviolet light?
A. ROM
B. PROM
C. EPROM
D. EEPROM
Answer: C
EPROMs may be erased through exposure to high-intensity ultraviolet light. ROM and PROM chips do not provide erasure functionality. EEPROM chips may be erased through the application of electrical currents to the chip pins and do not require removal from the computer prior to erasure.
- Which one of the following types of memory might retain information after being removed from a computer and, therefore, represent a security risk?
A. Static RAM
B. Dynamic RAM
C. Secondary memory
D. Real memory
Answer: C
Secondary memory is a term used to describe magnetic, optical, or flash media. These devices will retain their contents after being removed from the computer and may later be read by another user.
- What is the most effective means of reducing the risk of losing the data on a mobile device, such as a notebook computer?
A. Defining a strong logon password
B. Minimizing sensitive data stored on the mobile device
C. Using a cable lock
D. Encrypting the hard drive
Answer: B
The risk of a lost or stolen notebook is the data loss, not the loss of the system itself. Thus, keeping minimal sensitive data on the system is the only way to reduce the risk. Hard drive encryption, cable locks, and strong passwords, although good ideas, are preventive tools, not means of reducing risk. They don’t keep intentional and malicious data compromise from occurring; instead, they encourage honest people to stay honest.
- What type of electrical component serves as the primary building block for dynamic RAM chips?
A. Capacitor
B. Resistor
C. Flip-flop
D. Transistor
Answer: A
Dynamic RAM chips are built from a large number of capacitors, each of which holds a single electrical charge. These capacitors must be continually refreshed by the CPU in order to retain their contents. The data stored in the chip is lost when power is removed.
- Which one of the following storage devices is most likely to require encryption technology in order to maintain data security in a networked environment?
A. Hard disk
B. Backup tape
C. Removable drives
D. RAM
Answer: C
Removable drives are easily taken out of their authorized physical location, and it is often not possible to apply operating system access controls to them. Therefore, encryption is often the only security measure short of physical security that can be afforded to them. Backup tapes are most often well controlled through physical security measures. Hard disks and RAM chips are often secured through operating system access controls.
- In which of the following security modes can you be assured that all users have access permissions for all information processed by the system but will not necessarily need to know of all that information?
A. Dedicated
B. System high
C. Compartmented
D. Multilevel
Answer: B
In system high mode, all users have appropriate clearances and access permissions for all information processed by the system but need to know only some of the information processed by that system.
- The most commonly overlooked aspect of mobile phone eavesdropping is related to which of the following?
A. Storage device encryption
B. Screen locks
C. Overhearing conversations
D. Wireless networking
Answer: C
The most commonly overlooked aspect of mobile phone eavesdropping is related to people in the vicinity overhearing conversations (at least one side of them). Organizations frequently consider and address issues of wireless networking, storage device encryption, and screen locks.
- What type of memory device is usually used to contain a computer’s motherboard BIOS?
A. PROM
B. EEPROM
C. ROM
D. EPROM
Answer: B
BIOS and device firmware are often stored on EEPROM chips to facilitate future firmware updates.
- What type of memory is directly available to the CPU and is often part of the CPU?
A. RAM
B. ROM
C. Register Memory
D. Virtual memory
Answer: C
Registers are small memory locations that are located directly on the CPU chip itself. The data stored within them is directly available to the CPU and can be accessed extremely quickly.
- In what type of addressing scheme is the data actually supplied to the CPU as an argument to the instruction?
A. Direct addressing
B. Immediate addressing
C. Base+offset addressing
D. Indirect addressing
Answer: B
In immediate addressing, the CPU does not need to actually retrieve any data from memory. The data is contained in the instruction itself and can be immediately processed.
- What type of addressing scheme supplies the CPU with a location that contains the memory address of the actual operand?
A. Direct addressing
B. Immediate addressing
C. Base+offset addressing
D. Indirect addressing
Answer: D
In indirect addressing, the location provided to the CPU contains a memory address. The CPU retrieves the operand by reading it from the memory address provided (which is why it’s called indirect).
- What security principle helps prevent users from accessing memory spaces assigned to applications being run by other users?
A. Separation of privilege
B. Layering
C. Process isolation
D. Least privilege
Answer: C
Process isolation provides separate memory spaces to each process running on a system. This prevents processes from overwriting each other’s data and ensures that a process can’t read data from another process.
- Which security principle mandates that only a minimum number of operating system processes should run in supervisory mode?
A. Abstraction
B. Layering
C. Data hiding
D. Least Privilege
Answer: D
The principle of least privilege states that only processes that absolutely need kernel-level access should run in supervisory mode. The remaining processes should run in user mode to reduce the number of potential security vulnerabilities.
- Which security principle takes the concept of process isolation and implements it using physical controls?
A. Hardware segmentation
B. Data hiding
C. Layering
D. Abstraction
Answer: A
Hardware segmentation achieves the same objectives as process isolation but takes them to a higher level by implementing them with physical controls in hardware.
