Читаем CISSP Practice полностью

96. c. Logical access controls verify the terminal identification (ID) number and are not a part of physical security. Logical access controls provide a technical means of controlling what information users can utilize, the programs they can run, and the modifications they can make. The other three choices deal with physical security, which is the right kind of control to prevent unauthorized people from entering a computer center.

97. Which one of the following statements is not true regarding a water-based fire extinguishing system?

a. Water cools the equipment relatively quickly.

b. The release of water can be localized to where it is needed.

c. Water and Halon gas systems are mutually exclusive.

d. Jet sprayers can be an alternative to water sprinklers.

97. c. Water and Halon gas should be used with heat and smoke detectors and mechanisms for automatically shutting off electrical power and air conditioning devices. (That is, they are not used in a water-based fire extinguishing system.) It is true that water cools the equipment relatively quickly. It is true that the release of water can be localized to where it is needed. It is true that jet sprayers can be an alternative to water sprinklers. Jet sprayers located on the ceiling spray a fine water mist that turns to steam on contact with the fire, smothering it.

98. Controls such as locked doors, intrusion detection devices, and security guards address which of the following risks?

a. Heat failure

b. Fraud or theft

c. Power failure

d. Equipment failure

98. b. Locked doors, intrusion detection devices, and security guards that restrict physical access are important preventive measures to control sabotage, riots, fraud, or theft. Sabotage can be caused by a disgruntled employee as well as by outsiders. Personnel policies should require the immediate termination and removal from the premise of any employee considered a threat. Restricting access to information that may be altered reduces fraud or theft exposures.

Heat failure may cause an inconvenience to employees. Power failure can be controlled by uninterruptible power supply. Equipment failure may result in extended processing delays. Performance of preventive maintenance enhances system reliability and should be extended to all supporting equipment, such as temperature and humidity control systems and alarm or detecting devices.

99. Which of the following security controls is the simplest safeguard with the least amount of delay?

a. Operating system security controls

b. Network security controls

c. Physical security controls

d. Application system security controls

99. c. Physical security is achieved through the use of locks, guards, and administratively controlled procedures such as visitor badges. It also protects the structures housing the computer and related equipment against damage from accident, fire, and environmental hazards, thus ensuring the protection of their contents. Physical security measures are the first line of defense against the risks that stem from the uncertainties in the environment as well as from the unpredictability of human behavior. Frequently, they are the simplest safeguards to implement and can be put into practice with the least delay. The controls listed in the other three choices take a long time to implement and are not simple to install.

100. Which of the following is not a technical security measure?

a. Hardware

b. Software

c. Firmware

d. Physical control

100. d. A major part of the security of an IT system can often be achieved through nontechnical measures, such as organizational, personnel, physical, and administrative controls. However, there is a growing tendency and need to employ technical IT security measures implemented in hardware, software, and firmware either separately or converged.

101. Which of the following is not a protective measure to control physical access to information system distribution and transmission lines?

a. Card readers

b. Locked wiring closets

c. Locked jacks

d. Protected cables

101. a. Card readers are physical access devices to control entry to facilities containing information systems. Protective measures to control physical access to information system distribution and transmission lines include locked wiring closets, disconnected or locked spare jacks, and cables protected by conduit or cable trays.