CS205 MID TERM SOLVED MCQs || PAST PAPERS || GROUP-2 || INFORMATION SECURITY || VuTech
Visit Website For More Solutions
www.vutechofficial.blogspot.com
CS205
Information Security
Solved Mid Term Past Papers
______________________________
MCQs
______________________________
Group-2
Question No: 1
Which variants of Microsoft SQL server exist on CIS website?
a) 2003. 2008. 2012
b) 2008. 2012. 2014
c) 2008. 2012. 2016
d) 2012. 2014. 2016
Correct Answer:
The correct answer is 'd'.
Question No: 2
Policy & Compliance practice of "Governance" function of software assurance maturity model is focused on ___________ .
a) On arming personnel involved in software lifecycle with knowledge and resources to design develop an deploy secure software
b) On establishing a framework within an organization for a software security assurance program
c) On proactively specifying the expected behavior of software with respect to security
d) Understanding and meeting external legal and regulatory requirements
Correct Answer:
The correct answer is 'd'.
Question No: 3
Which of the following protocols are used for remote administration of a system?
a) TCP and IP
b) SSH and FTP
c) SSH & Telnet
d) TCP and UDP
Correct Answer:
The correct answer is 'c'.
Visit Website For More Solutions
www.vutechofficial.blogspot.com
Question No: 4
Which vulnerability comes under cat 2 as per DISA STIG?
a) The exploitation of which will directly and immediately results in loss of cia
b) The exploitation of which has a potential to result in loss of cia
c) Existence of which degrades measure to protect against loss of cia
d) Any critical vulnerability
Correct Answer:
The correct answer is 'b'.
Question No: 5
Checklist of applicable security controls step includes?
a) Research for applicable controls
b) Make a checklist for progress tracking and share with it teams
c) Both b and c
d) Document controls in sop
Correct Answer:
The correct answer is 'a'.
Visit Website For More Solutions
www.vutechofficial.blogspot.com
Question No: 6
What does CCI explain about rule in DISA STIG?
a) Tells how to apply control
b) Describe the benefit of implementing control
c) References
d) Describes the control
Correct Answer:
The correct answer is 'c'.
Question No: 7
What contents a DISA STIG covers?
a) Rationale, audit, remediation
b) General information, discussion, check content, fix test. cci (references)
c) Check content, fix test, cci (references)
d) Discussion, check content, fix test
Correct Answer:
The correct answer is 'c'.
Question No: 8
Maturity level "3" for "security architecture" security practice in software assurance maturity model represents?
a) Direct the software design process to known secure services and secure by-default design
b) Consider security explicitly during software security requirements
c) Increase granularity of security requirement derived from business logic
d) Formally control the software design process and validate utilization of secure components
Correct Answer:
The correct answer is 'b'.
Visit Website For More Solutions
www.vutechofficial.blogspot.com
Question No: 9
What is the function of security team in security hardening?
a) Report the completion of controls implementation to ISMC
b) Study the security controls
c) Conduct validation of implemented security controls
d) Ensure it ops team receives required guidance and support
Correct Answer:
The correct answer is 'c'.
Question No: 10
Which activity is carried out in security hardening layer?
a) Ensure the proper utilization, ROI and audits of purchased devices
b) Aggregative controls involving people, process and technology
c) Scanning to inspect patching of all it assets
d) Address security configuration of all it assets
Correct Answer: