Information Assurance and Security 1

PRELIM QUIZ 1
Question 1
Correct

Mark 1.00 out of 1.00

Flag question

Question text
 Availability:Assurance that the systems responsible for delivering, storing and processing
information are accessible when needed, by those who need them.

Select one:

True 

False

Question 2
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Concept of Cybercrime
Cyber Crime Computer crime, or cybercrime, is any crime that involves a computer and a
network. The computer may have been used in the commission of a crime, or it may be the
target.
Select one:

True 

False

Question 3
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Availability: Availability of information refers to ensuring that authorized parties are able to
access the information when needed

Select one:

True 

False

Question 4
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Cybersecurity is the collection of tools, policies, security concepts, security safeguards,
guidelines, risk management approaches, actions, training, best practices, assurance and
technologies that can be used to protect the cyber environment and organization and user’s
assets.
Select one:

True 

False

Question 5
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Is the process of maintaining an acceptable level of perceived risk   
Security
Answer: 

Question 6
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Assurance that information is shared only among authorized persons or organizations.

Select one:

a.

Availability

b.
Integrity

c.

Confidentiality

d.

Security
Feedback
Your answer is correct.

Question 7
Correct

Mark 1.00 out of 1.00

Flag question

Question text
In information security, data integrity means maintaining and assuring the accuracy and
consistency of data over its entire life-cycle.
Select one:

True 

False

Question 8
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Assurance that the information is authentic and complete.
Select one:

a.

Availability

b.

Security

c.

Confidentiality

d.

Integrity
Feedback
Your answer is correct.

Question 9
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Cyberspace is "the environment in which communication over computer networks occurs.“
Select one:

True 

False

Question 10
Correct

Mark 1.00 out of 1.00

 Flag question

Question text
Is a process, not an end state
Security
Answer: 

Question 11
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Cyber security, also referred to as information technology security, focuses on protecting
computers, networks, programs and data from unintended or unauthorized access, change
or destruction.

Select one:

True 

False

Question 12
Correct

Mark 3.00 out of 3.00

Flag question
Question text
Three Features of Security
Select one:

a.

Confidentiality, Integrity and Availability

b.

Confidentiality, System and Availability

c.

Confidentiality, Integrity and Security

d.

CyberSpace, Integrity and Availability
Feedback
Your answer is correct.

Question 13
Correct

Mark 5.00 out of 5.00

Flag question

Question text
Six Concept of CyberCrime
Select one:

a.

System, Underground Economy, Phishing, Hacktivism, Cyberwar:Estonia Case and Stuxnet

b.
Digital Underground, Underground Economy, Phishing, Hacktivism, Cyberwar:Estonia Case
and Stuxnet

c.

Digital Underground, Virus, Phishing, Hacktivism, Cyberwar:Estonia Case and Stuxnet

d.

Digital Underground, Underground Economy, System, Hacktivism, Cyberwar:Estonia Case

and Stuxnet
Feedback
Your answer is correct.

Question 14
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Is roughly equivalent to privacy
Select one:

a.

Confidentiality

b.

Integrity

c.

Availability

d.

Security
Feedback
Your answer is correct.
PRELIM QUIZ 2
Question 1
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Raw facts with an unknown coding system
Noise
Answer: 

Question 2
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Assurance that the sender is provided with proof  of a data delivery and recipient is
provided with proof  of the sender’s identity, so that neither can later deny  having
processed the data.
Non-repudiation
Answer: 

Question 3
Correct

Mark 4.00 out of 4.00

Flag question
Question text
Four Security Domain
Select one:

a.

Physical Security, Personnel Security, IT Security and Operational Security

b.

System, Personnel Security, IT Security and Operational Security

c.

Physical Security, Virus, IT Security and Operational Security

d.

Physical Security, Personnel Security, IT Security and Security

Feedback
Your answer is correct.

Question 4
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Timely, reliable access to data and information  services for authorized users;
Availability
Answer: 

Question 5
Correct

Mark 1.00 out of 1.00

 Flag question

Question text
Actions taken that protect and defend information and  information systems by ensuring
their availability,  integrity, authentication, confidentiality and non-repudiation
Select one:

True 

False

Question 6
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Data and data processing activities in physical space;
Select one:

a.

Physical Security

b.

IT Security

c.

Physical

d.

Personnel Security
Feedback
Your answer is correct.

Question 7
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Converting data into  information thus  requires knowledge
Select one:

a.

Data

b.

Information

c.

Noise

d.

Knowledge
Feedback
Your answer is correct.

Question 8
Correct

Mark 1.00 out of 1.00

Flag question
Question text
Information and data manipulation abilities in cyberspace;

Select one:

a.

Information Infrastructure

b.

Noise

c.

IT Security

d.

Physical Security
Feedback
Your answer is correct.

Question 9
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Security measures to establish the validity of a  transmission, message, or originator.

Authentication
Answer: 

Question 10
Correct

Mark 1.00 out of 1.00

 Flag question

Question text
It should be:  accurate, timely, complete, verifiable, consistent,  available.

Select one:

a.

Data

b.

Knowledge

c.

Information

d.

Noise
Feedback
Your answer is correct.

Question 11
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Information Assurance (IA) is the study of how to protect your  information assets from
destruction, degradation, manipulation and  exploitation.   
Select one:
 True 

False

Question 12
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Processed data
Information
Answer: 

Question 13
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Raw facts with a known coding system
Data
Answer: 

Question 14
Correct

Mark 1.00 out of 1.00

Flag question
Question text
Is data  endowed with relevance  and purpose.
Select one:

a.

Noise

b.

Data

c.

Information

d.

Knowledge
Feedback
Your answer is correct.

Question 15
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Assurance that information is not disclosed to  unauthorized persons
Confidentiality
Answer: 

Question 16
Correct

Mark 1.00 out of 1.00

 Flag question

Question text
Accepted facts, principles, or rules of thumb that are  useful  for specific domains.
Know ledge
Answer: 

Question 17
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Protection against unauthorized modification or  destruction of information
Integrity
Answer: 

MIDTERM QUIZ 1
Question 1
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Taking actions to reduce the losses due to a risk;  many technical countermeasures fall into
this  category.
Select one:
 a.

Risk transfer

b.

Risk mitigation

c.

Risk Acceptance

d.

Risk Avoidance
Feedback
Your answer is correct.

Question 2
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Shift the risk to someone else.
Select one:

a.

Risk Transfer

b.

Risk mitigation

c.

Risk Acceptance

d.
Risk avoidance
Feedback
Your answer is correct.

Question 3
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Is a generic term that implies a mechanism in place to  provide a basis for confidence in the
reliability/security of the  system.
Select one:

a.

Risk transfer

b.

The risk treatment

c.

Trust

d.

Trust mechanism
Feedback
Your answer is correct.

Question 4
Correct

Mark 1.00 out of 1.00

 Flag question

Question text
Risks not avoided or transferred are retained by  the organization.
Select one:

a.

Risk mitigation

b.

Risk Transfer

c.

Risk Avoidance

d.

Risk Acceptance
Feedback
Your answer is correct.

Question 5
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Acceptance, avoidance, mitigation,  transfer—are with respect to a specific risk for a specific
pary.
Select one:

a.
Risk transfer

b.

The risk treatment

c.

Trust mechanism

d.

Trust
Feedback
Your answer is correct.

Question 6
Correct

Mark 6.00 out of 6.00

Flag question

Question text
Risk Management Procedure consists of six steps.
Select one or more:

a.

Make risk management decisions

b.

Prioritize countermeasure options

c.

Assess vulnerabilities

d.

Assess productivity

e.
Assess profitable

f.

Assess threats

g.

Give feedback to production

h.

Assess assets

i.

Assess risks
Feedback
Your answer is correct.

Question 7
Correct

Mark 7.00 out of 7.00

Flag question

Question text
Seven Stages of lifecycle model
Select one:

a.

Requirements, Design, Trust Mechanism, Testing, Deployment, Production and

Decommission

b.

Requirements, Trust, Coding, Testing, Deployment, Production and Decommission

c.

Risk Transfer, Design, Coding, Testing, Deployment, Production and Decommission

 d.

Requirements, Design, Coding, Testing, Deployment, Production and Decommission

Feedback
Your answer is correct.

Question 8
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Not performing an activity that would incur risk.
Select one:

a.

Risk Avoidance

b.

Risk mitigation

c.

Risk Acceptance

d.

Risk transfer
Feedback
Your answer is correct.

Question 9
Correct

Mark 1.00 out of 1.00

 Flag question

Question text
Are the security features of a system that  provide enforcement of a security policy.

Select one:

a.

Trust

b.

Design

c.

Coding

d.

Trust mechanism
Feedback
Your answer is correct.

MIDTERM QUIZ 2
Question 1
Correct

Mark 1.00 out of 1.00

Flag question
Question text
Infecting a victim system with a computer trojan, backdoor or other malware application of
this type that ensures the attacker’s presence in the target environment;

Installation
Answer: 

Question 2
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Making a malware application (for example, a computer trojan) that, combined with an
exploitable security breach, allows remote access. Moreover, PDF (Portable Document
Format) files or Microsoft Office suite-specific files can be regarded as weapons available to
the attacker;

Select one:

a.

Reconnaissance

b.

Delivery

c.

Weaponization

d.

Exploitation
Feedback
Your answer is correct.
Question 3
Correct

Mark 1.00 out of 1.00

Flag question

Question text
After the weapon is delivered to the victim, follows the targeting of an application or
vulnerability of the operating system. The infected file can be used by the self-execution
facility to launch the malware code, or it can be executed by the user himself;

Select one:

a.

Weaponization

b.

Exploitation

c.

Delivery

d.

Reconnaissance
Feedback
Your answer is correct.

Question 4
Correct

Mark 7.00 out of 7.00

 Flag question

Question text
What are the steps in intrusion model?
Select one:

a.

System, Weaponise, Deliver, Exploit, Install, C2 and Action

b.

Recon, Weaponise, Deliver, Exploit, Install, System and Action

c.

Recon, Weaponise, Deliver, System, Install, C2 and Action

d.

Recon, Weaponise, Deliver, Exploit, Install, C2 and Action

Feedback
Your answer is correct.

Question 5
Correct

Mark 1.00 out of 1.00

Flag question

Question text
After the first six phases, an attacker can act to achieve the goals. These actions typically
consist of collecting information, modifying data integrity, or attacking the availability of
services and devices, but the victim system can also be used as a starting point for infecting
other systems or for expanding access to the local network.
Action on objective
Answer: 
Question 6
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Transmitting the weapon to the target environment. 

Select one:

a.

Delivery

b.

Reconnaissance

c.

Exploitation

d.

Weaponization
Feedback
Your answer is correct.

Question 7
Correct

Mark 1.00 out of 1.00

Flag question
Question text
These actions typically consist of collecting information, modifying data integrity, or
attacking the availability of services and devices, but the victim system can also be used as a
starting point for infecting other systems or for expanding access to the local network.
Select one:

a.

Exploitation

b.

Installation

c.

Command and Control

d.

Action on objective
Feedback
Your answer is correct.

Question 8
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Physical security consist in the closure of IT equipment in a dedicated space and the
provision of access control.

Select one:

a.

Prevent Cyber-Attacks
 b.

System

c.

Recon

d.

Install
Feedback
Your answer is correct.

Question 9
Correct

Mark 1.00 out of 1.00

Flag question

Question text
The main ways of transport are e-mails (attachment of infected files), web platforms
(running malware scripts), or removable USB memories;
Select one:

a.

C2

b.

Recon

c.

Delivery

d.

Install
Feedback
Your answer is correct.

Question 10
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Usually an infected host must be accessible outside of the local network to establish a
command and control channel between the victim and the attacker. Once this bidirectional
communication has been made, an attacker has access inside the target environment and
can usually control the activity by manually launching commands;

Command and Control

Answer: 

Question 11
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Logical security consists in software that are necessary to control the access to information
and services of a system. The logical level is divided into two categories: access security level
and service security level.

Select one:

a.
Recon

b.

Prevent Cyber-Attacks

c.

System

d.

Install
Feedback
Your answer is correct.

Question 12
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Once this bidirectional communication has been made, an attacker has access inside the
target environment and can usually control the activity by manually launching commands;

Command and Control

Answer: 

Question 13
Correct

Mark 1.00 out of 1.00

Flag question
Question text
Research, target identification and selection: it may be looking for e-mail addresses, social
relationships, or data about a particular technology, information displayed on various
websites;

Select one:

a.

Delivery

b.

Exploitation

c.

Reconnaissance

d.

Weaponization
Feedback
Your answer is correct.

Question 14
Correct

Mark 1.00 out of 1.00

Flag question

Question text
The infected file can be used by the self-execution facility to launch the malware code, or it
can be executed by the user himself;

Select one:
 a.

Reconnaissance

b.

Installation

c.

Exploitation

d.

Weaponization
Feedback
Your answer is correct.

FINAL QUIZ 1
Question 1
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Security architecture introduces its own normative flows through systems and among
applications.
Select one:

True 

False

Question 2
Correct

Mark 1.00 out of 1.00

 Flag question

Question text
Security architecture introduces unique, single-purpose components in the design.
Select one:

True 

False

Question 3
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Security architecture calls for its own unique set of skills and competencies of the enterprise
and IT architects.
Select one:

True 

False

Question 4
Correct

Mark 1.00 out of 1.00

Flag question
Question text
Security architecture composes its own discrete views and viewpoints.

Select one:

True 

False

Question 5
Correct

Mark 2.00 out of 2.00

Flag question

Question text
Those units outside the scoped enterprise who will need to enhance their security
architecture for interoperability purposes
Identify extended enterprise
Answer: 

Question 6
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Those who are most affected and achieve most value from the security work
Identify core enterprise
Answer: 

Question 7
Correct

Mark 1.00 out of 1.00

 Flag question

Question text
The ability to add and change security policies, add or change how policies are
implemented in the enterprise, and add or change the persons or entities related to the
systems.
Select one:

a.

Audit

b.

Administration

c.

Assurance

d.

Risk Management
Feedback
Your answer is correct.

Question 8
Correct

Mark 1.00 out of 1.00

Flag question

Question text
The ability to test and prove that the enterprise architecture has the security attributes
required to uphold the stated security policies.
Select one:
 a.

Authorization

b.

Authentication

c.

Assurance

d.

Audit
Feedback
Your answer is correct.

Question 9
Correct

Mark 1.00 out of 1.00

Flag question

Question text
The protection of information assets from loss or unintended disclosure, and resources from
unauthorized and unintended use.

Select one:

a.

Administration

b.

Audit

c.
Risk Management

d.

Asset Protection
Feedback
Your answer is correct.

Question 10
Correct

Mark 1.00 out of 1.00

Flag question

Question text
The ability of the enterprise to function without service interruption or depletion despite
abnormal or malicious events.
Select one:

a.

Audit

b.

Availability

c.

Authentication

d.

Assurance
Feedback
Your answer is correct.

Question 11
Correct

Mark 1.00 out of 1.00

 Flag question

Question text
The substantiation of the identity of a person or entity related to the enterprise or system in
some way.
Select one:

a.

Authorization

b.

Assurance

c.

Audit

d.

Authentication
Feedback
Your answer is correct.

Question 12
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Those who will see change to their capability and work with core units but are otherwise not
directly affected
Identify soft enterprise
Answer: 
Question 13
Correct

Mark 1.00 out of 1.00

Flag question

Question text
The definition and enforcement of permitted capabilities for a person or entity whose
identity has been established.
Select one:

a.

Authorization

b.

Audit

c.

Authentication

d.

Assurance
Feedback
Your answer is correct.

Question 14
Correct

Mark 1.00 out of 1.00

Flag question

Question text
The organization's attitude and tolerance for risk.
Select one:

a.

Assurance

b.

Assurance

c.

Audit

d.

Risk Management
Feedback
Your answer is correct.

Question 15
Correct

Mark 1.00 out of 1.00

Flag question

Question text
The ability to provide forensic data attesting that the systems have been used in accordance
with stated security policies.
Select one:

a.

Authentication

b.

Assurance

c.

Authorization
 d.

Audit
Feedback
Your answer is correct.

Question 16
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Security architecture has its own discrete security methodology.
Select one:

True 

False

Question 17
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Security architecture addresses non-normative flows through systems and among
applications.
Select one:

True 

False
Question 18
Correct

Mark 2.00 out of 2.00

Flag question

Question text
Those stakeholders who will be affected by security capabilities and who are in groups of
communities
Identify communities involved
Answer: 

FINAL QUIZ 2
Question 1
Correct

Mark 1.00 out of 1.00

Flag question

Question text
In a phased implementation the new security components are usually part of the
infrastructure in which the new system is implemented. The security infrastructure needs to
be in a first or early phase to properly support the project. What phase is that?
Select one:

a.

Phase A: Architecture Vision

b.

Phase F: Migration Planning

c.
Phase B: Business Architecture

d.

Phase G: Implementation Governance

Feedback
Your answer is correct.

Question 2
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Assess and baseline current security-specific technologies. What phase is that?
Select one:

a.

Phase C: Information System Architecture

b.

Phase D: Technology Architecture

c.

Phase A: Architecture Vision

d.

Phase B: Business Architecture

Feedback
Your answer is correct.

Question 3
Correct

Mark 1.00 out of 1.00

 Flag question

Question text
The following security specifics appropriate to the security architecture must be addressed
within each phase in addition to the generic phase activities. What phase is that?

Select one:

a.

Phase D: Technology Architecture

b.

Phase A: Architecture Vision

c.

Phase C: Information Systems Architecture

d.

Phase B: Business Architecture

Feedback
Your answer is correct.

Question 4
Correct

Mark 1.00 out of 1.00

Flag question
Question text
Changes in security standards are usually less disruptive since the trade-off for their
adoption is based on the value of the change. However, standards changes can also be
mandated. What phase is that?

Select one:

a.

Phase G: Implementation Governance

b.

Phase B: Business Architecture

c.

Phase H: Architecture Change Mana

d.

Phase A: Architecture Vision

Feedback
Your answer is correct.

Question 5
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Identify existing security services available for re-use. What phase is that?

Select one:

a.
Phase D: Technology Architecture

b.

Phase E: Opportunities & Solutions

c.

Phase F: Migration Planning

d.

Phase A: Architecture Vision

Feedback
Your answer is correct.

Question 6
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Revisit assumptions regarding interconnecting systems beyond project control, Identify
and evaluate applicable recognized guidelines and standards and Identify methods to
regulate consumption of resources. What phase is that?

Select one:

a.

Phase E: Opportunities & Solutions

b.

Phase D: Technology Architecture

c.

Phase A: Architecture Vision

 d.

Phase B: Business Architecture

Feedback
Your answer is correct.

Question 7
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Many security vulnerabilities originate as design or code errors and the simplest and least
expensive method to locate and find such errors is generally an early review by experienced
peers in the craft. What phase is that?
Select one:

a.

Phase H: Architecture Change Management

b.

Phase G: Implementation Governance

c.

Phase A: Architecture Vision

d.

Phase B: Business Architecture

Feedback
Your answer is correct.

Question 8
Correct

Mark 1.00 out of 1.00

 Flag question

Question text
Determine who are the legitimate actors who will interact with the
product/service/process. What phase is that?

Select one:

a.

Phase A: Architecture Vision

b.

Phase B: Business Architecture

c.

Phase C: Information Systems Architecture

d.

Phase D: Technology Architecture

Feedback
Your answer is correct.

Question 9
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Establish architecture artifact, design, and code reviews and define acceptance criteria for
the successful implementation of the findings. What phase is that?
Select one:

a.

Phase H: Architecture Change Management

b.

Phase G: Implementation Governance

c.

Phase B: Business Architecture

d.

Phase A: Architecture Vision

Feedback
Your answer is correct.

Question 10
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Every system will rely upon resources that may be depleted in cases that may or may not be
anticipated at the point of system design. What phase is that?
Select one:

a.

Phase C: Information System Architecture

b.

Phase A: Architecture Vision

c.

Phase D: Technology Architecture

 d.

Phase B: Business Architecture

Feedback
Your answer is correct.

Question 11
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Changes in security requirements are often more disruptive than a simplification or
incremental change. Changes in security policy can be driven by statute, regulation, or
something that has gone wrong. What phase is that?

Select one:

a.

Phase A: Architecture Vision

b.

Phase H: Architecture Change Management

c.

Phase F: Migration Planning

d.

Phase G: Implementation Governance

Feedback
Your answer is correct.

Question 12
Correct
Mark 1.00 out of 1.00

Flag question

Question text
From the Baseline Security Architecture and the Enterprise Continuum, there will be existing
security infrastructure and security building blocks that can be applied to the requirements
derived from this architecture development engagement. What phase is that?
Select one:

a.

Phase D: Technology Architecture

b.

Phase B: Business Architecture

c.

Phase A: Architecture Vision

d.

Phase E: Opportunities & Solutions

Feedback
Your answer is correct.

Question 13
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Assess the impact of new security measures upon other new components or existing
leveraged systems. What phase is that?
Select one:

a.

Phase A: Architecture Vision

b.

Phase E: Opportunities & Solutions

c.

Phase B: Business Architecture

d.

Phase F: Migration Planning

Feedback
Your answer is correct.

Question 14
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Definition of relevant stakeholders and discovery of their concerns and objectives will
require development of a high-level scenario. What phase is that?
Select one:

a.

Phase A: Architecture Vision

b.

Phase B: Business Architecture

c.

Phase C: Information Systems Architecture

 d.

Phase D: Technology Architecture

Feedback
Your answer is correct.

Question 15
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Definition of relevant stakeholders and discovery of their concerns and objectives will
require development of a high-level scenario. What phase is that?
Select one:

a.

Phase D: Technology Architecture

b.

Phase B: Business Architecture

c.

Phase C: Information Systems Architecture

d.

Phase A: Architecture Vision

Feedback
Your answer is correct.

Question 16
Correct

Mark 1.00 out of 1.00

 Flag question

Question text
Assess and baseline current security-specific technologies. What phase is that?
Select one:

a.

Phase D: Technology Architecture

b.

Phase C: Information System Architecture

c.

Phase A: Architecture Vision

d.

Phase B: Business Architecture

Feedback
Your answer is correct.

Question 17
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Are applicable to ensuring that security requirements are addressed in subsequent phases
of the ADM. What phase is that?
Select one:

a.
Phase D: Technology Architecture

b.

Phase A: Architecture Vision

c.

Phase C: Information Systems Architecture

d.

Phase B: Business Architecture

Feedback
Your answer is correct.

Question 18
Correct

Mark 1.00 out of 1.00

Flag question

Question text
Assess and baseline current security-specific architecture elements. What phase is that?
Select one:

a.

Phase B: Business Architecture

b.

Phase D: Technology Architecture

c.

Phase C: Information System Architecture

d.

Phase A: Architecture Vision

Feedback
Your answer is correct.

Question 19
Correct

Mark 1.00 out of 1.00

Flag question

Question text
A full inventory of architecture elements that implement security services must be compiled
in preparation for a gap analysis. What phase is that?
Select one:

a.

Phase B: Business Architecture

b.

Phase D: Technology Architecture

c.

Phase C: Information System Architecture

d.

Phase A: Architecture Vision

Feedback
Your answer is correct.

Question 20
Correct

Mark 1.00 out of 1.00

Flag question
Question text
Development of the business scenarios and subsequent high-level use-cases of the project
concerned will bring to attention the people actors and system actors involved. What phase
is that?
Select one:

a.

Phase B: Business Architecture

b.

Phase A: Architecture Vision

c.

Phase C: Information System Architecture

d.

Phase D: Technology Architecture

Feedback
Your answer is correct.