CIS 502 Final Exam Guide CIS 502 Final Exam Guide | Page 5

• 35 The innermost portion of an operating system is known as :
• 36 A security analyst has a system evaluation criteria manual called the “ Orange Book ”. This is a part of :
• 37 The component in a computer where program instructions are executed is called the :
• 38 A resource server contains an access control system . When a user requests access to an object , the system examines the permission settings for the object and the permission settings for the user , and then makes a decision whether the user may access the object . The access control model that most closely resembles this is :
• 39 The TCSEC system evaluation criteria is used to evaluate systems of what type :
• 40 A source code review uncovered the existence of instructions that permit the user to bypass security controls . What was discovered in the code review ?
• 41 A hidden means of communication between two systems has been discovered . This is known as :
• 42 A security officer has declared that a new information system must be certified before it can be used . This means :
• 43 A systems engineer is designing a system that consists of a central computer and attached peripherals . For fastest throughput , which of the following technologies should be used for communication with peripheral devices :