Which of the following provides a method of quantifying risks associated with information technology in addition to helping with validating the abilities of new security controls and countermeasures to address the identified risks?

The use of the proxies to protect more trusted assets from less sensitive ones is an example of which of the following types of security services?

Which stage of the Capability Maturity Model (CMM) is characterized by having organizational processes that are proactive?

Formal acceptance of an evaluated system by management is known as

In the Common Criteria, the common set of functional and assurance requirements for a category of vendor products deployed in a particular type of environment is known as

Which of the following evaluation assurance level that is formally verified, designed and tested is expected for high risk situation?

Which of the following ISO standard provides the evaluation criteria that can be used to evaluate security requirements of diff erent vendor products?

Which of the following models must be most considered in a shared data hosting environment so that the data of one customer is not disclosed a competitor or other customers sharing that hosted environment?

Which of the following is the security model that is primarily concerned with how the subjects and objects are created and how subjects are assigned rights or privileges?

The * security property of which of the following models ensures that a subject with clearance level of Secret has the ability to write only to a set of objects and in order to prevent disclosure, the subject may write to objects classified as Secret or Top Secret but is prevented from writing information classified as Public?