Which of the following requires all general support systems and major applications to be fully certified and accredited before these systems and applications are put into production? Each correct answer represents a part of the solution. Choose all that apply.

• A.NIST
• B.Office of Management and Budget (OMB)
• C.FIPS
• D.FISMA

Comment: *

Name: *

Email: *

Verification: *

Which of the following areas of information system, as separated by Information Assurance Framework, is a collection of local computing devices, regardless of physical location, that are interconnected via local area networks (LANs) and governed by a single security policy?

• A.Local Computing Environments
• B.Networks and Infrastructures
• C.Supporting Infrastructures
• D.Enclave Boundaries

Comment: *

Name: *

Email: *

Verification: *

Which of the following are the basic characteristics of declarative security? Each correct answer represents a complete solution. Choose all that apply.

• A.It is a container-managed security.
• B.It has a runtime environment.
• C.All security constraints are stated in the configuration files.
• D.The security policies are applied at the deployment time.

Comment: *

Name: *

Email: *

Verification: *

Which of the following scanning techniques helps to ensure that the standard software configuration is currently with the latest security patches and software, and helps to locate uncontrolled or unauthorized software?

• A.Port Scanning
• B.Discovery Scanning
• C.Server Scanning
• D.Workstation Scanning

Comment: *

Name: *

Email: *

Verification: *

Which of the following security design patterns provides an alternative by requiring that a user's authentication credentials be verified by the database before providing access to that user's data?

• A.Secure assertion
• B.Authenticated session
• C.Password propagation
• D.Account lockout

Comment: *

Name: *

Email: *

Verification: *