CIS 502 All Assignments CIS 502 All Assignments | Page 6

•
36
A security analyst has a system evaluation criteria manual called the “Orange
Book”. This is a part of:
•
the:
37 The component in a computer where program instructions are executed is called
•
38
A resource server contains an access control system. When a user requests access
to an object, the system examines the permission settings for the object and the permission
settings for the user, and then makes a decision whether the user may access the object. The
access control model that most closely resembles this is:
•
39
The TCSEC system evaluation criteria is used to evaluate systems of what type:
•
40
A source code review uncovered the existence of instructions that permit the user
to bypass security controls. What was discovered in the code review?
•
41
A hidden means of communication between two systems has been discovered.
This is known as:
•
42
A security officer has declared that a new information system must be certified
before it can be used. This means:
•
43
A systems engineer is designing a system that consists of a central computer and
attached peripherals. For fastest throughput, which of the following technologies should be
used for communication with peripheral devices: