Correct answer:

The Bell-LaPadula model uses the Simple Security Property rule (no read up) and the * property rule (no write down) to enforce confidentiality.

Incorrect answers:

The Simple Security Property rule specifies “no read up,” not “no write up.” The Bell-LaPadula model does not use the Simple Integrity Axiom rule.

The Biba model enforces integrity and uses the Simple Integrity Axiom (no read down) and the * Integrity Axiom (no write up) rules.

Correct answer:

Advanced Encryption Standard 256 (AES-256) uses 256-bit keys and is the strongest of the given choices.

Incorrect answers:

AES-128 and AES-192 are both strong encryption algorithms, but with smaller keys they aren’t as strong as AES-256.

Data Encryption Standard (DES) has been cracked and should not be used.

Correct answer:

A penetration test should stop before causing damage to a live system or network. The goal is not to affect the mission of the organization, but instead to prove that the mission can be affected.

Incorrect answers:

A penetration test starts with a vulnerability assessment, so it wouldn’t be stopped at the completion of the vulnerability assessment.

A penetration test should stop before a system fails or before it has fully exploited the vulnerability.

Correct answer:

Trivial File Transport Protocol (TFTP) uses User Datagram Protocol (UDP) port 69.

AIncorrect answers:

File Transport Protocol (FTP) uses Transmission Control Protocol (TCP) ports 20 and 21.

Correct answer:

If the chain-of-custody document isn’t maintained, courts will likely question the validity of the evidence and disallow its use in a court of law.

Incorrect answers:

The chain-of-custody document authenticates the evidence and provides assurances that it hasn’t been modified.

However, just because the document wasn’t maintained, that doesn’t mean the evidence was modified.

The evidence can still be analyzed, even if it can’t be used in a court.

Correct answer:

A password policy requires the creation of strong passwords. Strong passwords have a minimum number of characters (minimum length), are changed regularly (maximum age), and are created with a mixture of characters (such as uppercase and lowercase letters, numbers, and symbols).

Incorrect answer:

A password audit verifies that passwords are strong, but it doesn’t ensure the creation of strong passwords.

Correct answer:

The Bell-LaPadula model enforces confidentiality.

Incorrect answers:

The Biba model is a Mandatory Access Control (MAC)-based model and enforces integrity.

Access control models don’t provide availability or authentication.

Correct answers:

Audit logs, intrusion detection systems, and forensics analysis are all examples of detective controls.

Incorrect answer:

An employee background check is a preventive control, not a detective control.

Correct answer:

A smart card is in the “something you have” factor and a PIN is in the “something you know” factor.

Incorrect answers:

All the other answers are single-factor examples because they combine requirements from a single factor.

A smart card and a token are both in the “something you have” factor.

A password and a personal identification number (PIN) are both in the “something you know” factor. A retina scan and a fingerprint are both in the “something you are” factor.

Correct answer:

A false negative occurs when a vulnerability assessment indicates that a vulnerability doesn’t exist even though it does.

Incorrect answers:

A false positive occurs when a vulnerability assessment indicates that a vulnerability exists even though it doesn’t.

A vulnerability assessment result does not indicate success or failure of a penetration test.