Computer Security Principles And Practice 3rd Edition by Stalling - Test Bank

Computer Security Principles And Practice 3rd Edition by Stalling – Test Bank

Instant Download – Complete Test Bank With Answers

Sample Questions Are Posted Below

Chapter 5 – Database and Cloud Security

TRUE/FALSE QUESTIONS:

T          F          1.   A query language provides a uniform interface to the database.

T          F          2.   A single countermeasure is sufficient for SQLi attacks.

T          F          3.   To create a relationship between two tables, the attributes that define the

primary key in one table must appear as attributes in another table, where they are referred to as a foreign key.

T          F          4.  The value of a primary key must be unique for each tuple of its table.

T          F          5.   A foreign key value can appear multiple times in a table.

T          F          6.  A view cannot provide restricted access to a relational database so it cannot

be used for security purposes.

T          F          7.  The database management system makes use of the database description

tables to manage the physical database.

.

T          F          8.  The cloud carrier is useful when cloud services are too complex for a cloud

consumer to easily manage.

T          F          9.  Fixed server roles operate at the level of an individual database.

T          F          10.  SQL Server allows users to create roles that can then be assigned access

rights to portions of the database.

T          F          11.  An IDS is a set of automated tools designed to detect unauthorized access to

a host system.

T          F          12.  Business continuity consists of security services that allocate access,

distribute, monitor, and protect the underlying resource services.

.

T          F          13.  An IPS incorporates IDS functionality but also includes mechanisms

designed to block traffic from intruders.

T          F          14.   The CSP can provide backup at multiple locations, with reliable failover

and disaster recovery facilities.

T          F          15.  Encryption is a pervasive service that can be provided for data at rest in the

cloud.

.

MULTIPLE CHOICE QUESTIONS:

1. A(n) __________ is a structured collection of data stored for use by one or more applications.
2. attribute                         B.  database
3. tuple                         D.  inference
4. The basic building block of a __________ is a table of data, consisting of rows and columns, similar to a spreadsheet.
5. relational database                        B.  query set
6. DBMS                                           D.  perturbation
7. In relational database parlance, the basic building block is a __________, which is a flat table.
8. attribute                                         B.  tuple
9. primary key                                   D.  relation
10. In a relational database rows are referred to as _________.
11. relations                                         B.  attributes
12. views                                             D.  tuples
13. A _________ is defined to be a portion of a row used to uniquely identify a row in a table.
14. foreign key                                    B.  query
15. primary key                                   D.  data perturbation
16. A _________ is a virtual table.
17. tuple                                              B.  query
18. view                                               D.  DBMS
19. A(n) __________ is a user who has administrative responsibility for part or all of the database.
20. administrator                                 B.  database relations manager
21. application owner                          D.  end user other than application owner

8. An end user who operates on database objects via a particular application but does not own any of the database objects is the __________.
9. application owner                         B.  end user other than application owner
10. foreign key                                                D.  administrator
11. __________ is the process of performing authorized queries and deducing unauthorized information from the legitimate responses received.
12. Perturbation                                  B.  Inference
13. Compromise                                  D.  Partitioning
14. A ___________ is a person or organization that maintains a business relationship with cloud providers.
15. cloud consumer                             B.  cloud auditor
16. cloud carrier                                   D.  cloud broker
17. __________ includes people, processes, and systems that are used to manage access to enterprise resources by assuring that the identity of an entity is verified, and then granting the correct level of access based on this assured identity.
18. CSP                                   B.  DLP
19. IAM                                  D.  IPS
20. __________ encompasses intrusion detection, prevention and response.
21. Intrusion management                               B.  Security assessments
22. Database access control                            D.  Data loss prevention
23. _________ is an organization that produces data to be made available for controlled release, either within the organization or to external users.
24. Client                                            B.  Data owner
25. User                                               D.  Server
26. __________ is an organization that receives the encrypted data from a data owner and makes them available for distribution to clients.
27. User                                              B.  Client
28. Data owner                                    D.  Server

15. The __________ cloud infrastructure is a composition of two or more clouds that remain unique entities but are bound together by standardized or proprietary technology that enables data and application portability.
16. hybrid                                B.  community
17. private                               D.  public

SHORT ANSWER QUESTIONS:

1. A __________ is a suite of programs for constructing and maintaining the database and for offering ad hoc query facilities to multiple users and applications.
2. In a relational database columns are referred to as _________.
3. A _________ is the result of a query that returns selected rows and columns from one or more tables.
4. __________ is a standardized language that can be used to define schema, manipulate, and query data in a relational database.
5. With ___________ administration the owner (creator) of a table may grant and revoke access rights to the table.
6. In a ___________ administration a small number of privileged users may grant and revoke access rights.
7. In addition to granting and revoking access rights to a table, in a ___________ administration the owner of the table may grant and revoke authorization rights to other users, allowing them to grant and revoke access rights to the table.
8. In a discretionary access control environment database users are classified into three broad categories: administrator, end user other than application owner, and __________.
9. The information transfer path by which unauthorized data is obtained is referred to as an ___________ channel.
10. The __________ is responsible both for the cloud infrastructure and for the control of data and operations within a public cloud.
11. The __________ cloud infrastructure is operated solely for an organization.
12. A __________ language provides a uniform interface to the database for users and applications.
13. _________ is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction.
14. A __________  cloud infrastructure is made available to the general public or a large industry group and is owned by an organization selling cloud services.
15. The _________ model provides a predefined environment for the cloud subscriber that is shared with other tenants, typically through tagging data with a subscriber identifier.

Chapter 5 – Database and Cloud Security

Answer Key

TRUE/FALSE QUESTIONS:

1. T
2. F
3. T
4. T
5. T
6. F
7. T
8. F
9. F
10. T
11. T
12. F
13. T
14. T
15. T

MULTIPLE CHOICE QUESTIONS:

1. B
2. A
3. D
4. D
5. C
6. C
7. A
8. B
9. B
10. A
11. C
12. A
13. B
14. D
15. A

SHORT ANSWER QUESTIONS:

1. database management system (DBMS)
2. attributes
3. view
4. Structured query language (SQL)
5. ownership-based
6. centralized
7. decentralized
8. application owner
9. inference
10. cloud provider
11. private
12. query
13. Cloud computing
14. public
15. multi-tenant