IT279M1-1:\u00a0Examine engineering processes and secure design principles.
GEL-1.02:\u00a0Demonstrate college-level communication through the composition of original materials in Standard English.
Purpose
This Assessment tests your knowledge about engineering processes and secure design principles. You will also be completing the university-mandated communication literacy for the course.
Instructions
Part 1:\u00a0Computer Architecture and Protection Mechanisms
Answer the following 12 questions by selecting the one best answer for each. Cite your course texts, or other credible source,\u00a0and provide a 50\u2013100-word explanation of why you chose your answer.
1.\u00a0 Which statement is true of complex instruction set computers (CISC)?
A.\u00a0 An instruction set executes a single low-level operation.
B.\u00a0\u00a0 The access calls to main memory are fewer as compared to RISC.
C.\u00a0 The instruction set supports all the low-level programming languages.
2.\u00a0 What is the best description of reduced instruction set computing (RISC)?
A.\u00a0 Processing that executes one instruction at a time
B.\u00a0\u00a0 Computing using instructions that perform many operations per instruction
C.\u00a0 Computing using instructions that are simpler and require fewer clock
cycles to execute
3.\u00a0 Memory space that is insulated from other running processes in a multipurpose system is part of a _________.
A.\u00a0 Security perimeter
B.\u00a0\u00a0 Protection domain
C.\u00a0 Trusted path
4.\u00a0 What is the best description of an execution domain?
A.\u00a0 Memory space insulated from other running processes in a multiprocessing system.
B.\u00a0\u00a0 A communication channel between an application and the kernel in the TCB.
C.\u00a0 An isolated area that is used by trusted processes when they are run in privileged state.
5.\u00a0 The trusted computing system is defined as __________.
A.\u00a0 The total combination of protection mechanisms within a computer system that are\u00a0trusted to enforce\u00a0security policy.
B.\u00a0\u00a0 The boundary separating the trusted mechanisms from the remainder of the system.
C.\u00a0 A system that employs the necessary hardware and software assurance measures to enable\u00a0processing multiple levels of classified or sensitive information to occur.
6.\u00a0 You are responsible for managing the virtual computers on your network. Which guideline is important when managing virtual computers?
A.\u00a0 Update the operating system and applications only on the host computer.
B.\u00a0\u00a0 Implement a firewall only on the host computer.
C.\u00a0 Isolate the host computer and each virtual computer from each other.
7.\u00a0 Which statements do NOT define the requirements of a security kernel?
a.\u00a0\u00a0 The reference monitor should be verified as correct.
b.\u00a0 The reference monitor should provide process isolation.
c.\u00a0\u00a0 The security kernel should be verified in a comprehensive manner.
d.\u00a0 A method to circumvent the security should be implemented by the reference monitor.
A.\u00a0 Option a
B.\u00a0\u00a0 Option b
C.\u00a0 Option c
D. Option d
E.\u00a0\u00a0 Option a and c
F.\u00a0\u00a0 Option b and d <\/p>\n
8.\u00a0 Which characteristics do NOT identify a reference monitor?
a.\u00a0\u00a0 analysis
b.\u00a0 isolation
c.\u00a0\u00a0 verifiability
d.\u00a0 vulnerability
A.\u00a0 option a
B.\u00a0\u00a0 option b
C.\u00a0 option c
D. option d
E.\u00a0\u00a0 option a and d
F.\u00a0\u00a0 obtion b and c
9.\u00a0 What part of the TCB concept validates access to every resource prior to granting the requested access?
A.\u00a0 Security kernel
B.\u00a0\u00a0 TCB partition
C.\u00a0 Reference monitor
10.\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 What is the best definition of a security model?
A.\u00a0 A security model provides a framework to implement\u00a0security policy.
B.\u00a0\u00a0 A security model states policies that an organization must follow.
C.\u00a0 Hey security.
11.\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 What is an access object?
A.\u00a0 A list of valid access rules
B.\u00a0\u00a0 A resource a user or process wants to access
C.\u00a0 A user\u00a0we’re process that wants to access a resource
12.\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 What is a security\u00a0control?
A.\u00a0 A mechanism that limits access to an object.
B.\u00a0\u00a0 A list of valid access rules.
C.\u00a0 A security component that stores\u00a0attributes that describe an object.
\u00a0
Part 2: Computer Hardware Security Concepts
Section 1: Using Credible Sources, Justify Your Answers to Questions
Answer the following 12 questions by selecting the one best answer for each. Cite your course texts, or other credible source, and provide a 50\u2013100-word explanation of why you chose your answer.
1.\u00a0 Which statement is true of the dedicated security mode?
A.\u00a0 All users have the clearance and formal approval required to access all the data.
B.\u00a0\u00a0 Some users have the clearance and formal approval required to access all the data.
C.\u00a0 All the users have the clearance and formal approval required to access some of the data.
2.\u00a0 Which statement is true of a multilevel security mode?
A.\u00a0 The multilevel security mode involves the use of sensitivity labels.
B.\u00a0\u00a0 The multilevel security\u00a0mode is based on role-based memberships.
C.\u00a0 The multilevel security mode is represented by the Chinese Wall model.
3.\u00a0 Which processes define the supervisor mode?
A.\u00a0 Processes with no protection mechanism.
B.\u00a0\u00a0 Processes that are executed in the outer protection rings.
C.\u00a0 Processes that are executed in the inner protection rings.
4.\u00a0 What happens when a trusted computing base (TCB) failure occurs as a result of a lower-privileged process trying to access restricted memory segments?
A.\u00a0 The system reboots immediately.
B.\u00a0\u00a0 The system goes into maintenance mode.
C.\u00a0 Administrator intervention is required.
5.\u00a0 Which statement is true of covert channels?
A.\u00a0 A covert channel is addressed by a C2 rating provided by TCSEC.
B.\u00a0\u00a0 A covert channel is not controlled by a security mechanism.
C.\u00a0 A covert channel\u00a0acts a trusted path for authorized communication.
6.\u00a0 What type of channel is used when one process writes data to a hard drive and another process reads it?
A.\u00a0 Covert timing channel
B.\u00a0\u00a0 Covert storage channel
C.\u00a0 Overt timing channel
7.\u00a0 What is another name for an asynchronous attack?
A.\u00a0 Buffer overflow
B.\u00a0\u00a0 Maintenance hook
C.\u00a0 Time-of-check\/time-of-use (TOC\/TOU) attack
8.\u00a0 What is meant by the term fail safe?
A.\u00a0 A system’s ability to recover automatically through a reboot
B.\u00a0\u00a0 A system’s ability to preserve a secure state before and after failure
C.\u00a0 A system’s ability to terminate processes when a failure is identified
9.\u00a0 Which term is\u00a0an evaluation of security components and their compliance prior to formal acceptance?
A.\u00a0 Accreditation
B.\u00a0\u00a0 Security control
C.\u00a0 Certification
10.\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 There are several types of audits used in various situations that you might encounter in the enterprise. Which type of audit would include audits in support of SOX, HIPAA, or SAS 70?
A.\u00a0 Compliance audits
B.\u00a0\u00a0 Forensic audits
C.\u00a0 Operational audits
11.\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 Which of the following statements CORRECTLY\u00a0describe Qualitative Risk Analysis methods?
A.\u00a0 Qualitative analysis is based on some categories like low, medium, or high.
B.\u00a0\u00a0 Qualitative risk analysis uses value at risk.
C.\u00a0 Qualitative analysis is based on calculations.
12.\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 Which of the following statements\u00a0BEST describes an attribute for effective risk management strategy?
A.\u00a0 Risk awareness communication may not be required at each step of the risk management process.
B.\u00a0\u00a0 Effective risk management activities should not be supported on on-going activities by all the members of orgainization.
C.\u00a0 Risk management strategy must be an integrated business\u00a0processes with defined objectives that incorporates all of the organization\u2019s risk management processes.
\u00a0
\u00a0
\u00a0
\u00a0
\u00a0
Minimum Submission Requirements
This Assessment should be a Microsoft Word document and\u00a0PowerPoint presentation that fulfills the minimum length requirements and any other special requirements listed in the instructions, in addition to the title and reference pages.
Respond to the questions in a thorough manner, providing specific examples of concepts, topics, definitions, and other elements asked for in the questions. Your submission should be highly organized, logical, and focused.
Your submission must be written in Standard English and demonstrate exceptional content, organization, style, and grammar and mechanics.
Your submission should provide a clearly established and sustained viewpoint and purpose.
Your writing should be well ordered, logical and unified, as well as original and insightful.
A separate page at the end of your submission should contain a list of references, in APA format. Use your textbook, the Library, and the internet for research.
Be sure to cite both in-text and reference list citations where appropriate and reference all sources. Your sources and content should follow\u00a0proper APA citation style. Review the writing resources for APA formatting and citation found in Academic Tools. Additional writing resources can be found within the Academic Success Center. For more information on APA style formatting, go to Academic Writer, formerly APA Style Central, under the Academic Tools area of this course.
Your submission should:
include a cover sheet;
be double-spaced;
be typed in Times New Roman, 12 -point font;
include correct citations
be written in Standard English with no spelling or punctuation errors; and
include correct references at the bottom of the last page.
If work submitted for this competency assessment does not meet the minimum submission requirements, it will be returned without being scored.
\u00a0
\u00a0
Plagiarism
Plagiarism is an act of academic dishonesty. It violates the University Honor Code, and the offense is subject to disciplinary action. You are expected to be the sole author of your work. Use of another person’s work or ideas must be accompanied by specific citations and references. Whether the action is intentional or not, it still constitutes plagiarism.
\u00a0
\u00a0 <\/p>\n","protected":false},"excerpt":{"rendered":"
IT279M1-1:\u00a0Examine engineering processes and secure design principles. GEL-1.02:\u00a0Demonstrate college-level communication through the composition of original materials in Standard English. Purpose This Assessment tests your knowledge about engineering processes and secure design principles. You will also be completing the university-mandated communication literacy for the course. Instructions Part 1:\u00a0Computer Architecture and Protection Mechanisms Answer the following 12 […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[36],"class_list":["post-17162","post","type-post","status-publish","format-standard","hentry","category-research-paper-writing","tag-information-technology"],"_links":{"self":[{"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/posts\/17162","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/comments?post=17162"}],"version-history":[{"count":0,"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/posts\/17162\/revisions"}],"wp:attachment":[{"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/media?parent=17162"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/categories?post=17162"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/tags?post=17162"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}