单选题Which of the following are necessary components of a Multi-Level Security Policy?下列哪一项是多级安全策略必需的组件？（）A Sensitivity Labels for subjects objects and a system high evaluation.对主体和客体实施敏感性标识以及对其进行系统高的评价B Security Clearances for subjects Security Labels fo

第1题：

What mechanism does a system use to compare the security labels of a subject and an object?系统使用什么机制来比较的主体和客体的安全标识？（）

• A、Security Module.安全模块
• B、Validation Module.验证模块
• C、Clearance Check.声明检查
• D、Reference Monitor.引用监视器

第2题：

Which of the following are necessary components of a Multi-Level Security Policy? 下面哪项是多级安全策略的必要组成部分吗？（）

• A、Sensitivity Labels for only objects and Mandatory Access Control.适合于唯一客体的敏感标记和强制访问控制。
• B、Sensitivity Labels for subjects&objects anda"system high"evaluation.适合于主体与客体的敏感标记以及“高级别系统”评价。
• C、Security Clearances for subjects&Security Labels for objects and Mandatory Access Control.主体安全声明&适合于唯一客体的敏感标记和强制访问控制。
• D、Sensitivity Labels for subjects&objects and Discretionary Access Control.适合于主体与客体的敏感标记和自主访问控制。

第3题：

第4题：

A network vulnerability scanner is part of which critical element of network and system security?（）

• A、host security
• B、perimeter security
• C、security monitoring
• D、policy management

第5题：

Which two firewall user authentication objects can be referenced in a security policy？（）

• A、access profile
• B、client group
• C、client
• D、default profile

第6题：

Which of the following are necessary components of a Multi-Level Security Policy?下列哪一项是多级安全策略必需的组件？（）

• A、Sensitivity Labels for subjects & objects and a "system high" evaluation.对主体和客体实施敏感性标识以及对其进行系统高的评价
• B、Security Clearances for subjects & Security Labels for objects and Mandatory Access Control.对主体和客体安全标识的安全许可以及强制访问控制
• C、Sensitivity Labels for only objects and Mandatory Access Control.只针对客体的敏感性标识和强制访问控制
• D、Sensitivity Labels for subjects & objects and Discretionary Access Control.对主体及客体的敏感性表情和自主访问控制

第7题：

What is a "system high" security policy?什么是一个“系统高”的安全策略？（）

• A、A system where all users are cleared to view the most highly classified data on the system.系统上的所有用户被许可查看最高级别的数据
• B、A system that contains only data of one security classification.只包含一个安全级别的数据
• C、A system with data that contains only data of the highest security classification.只包含最高安全级别的数据
• D、A system that uses a Multi-Level Security Policy to separate the highly classified data from the other data residing on the system.使用多级安全策略去划分高级别数据和其他数据。

第8题：

What is necessary for a subject to have read access to an object in a Multi-Level Security Policy?什么对于主体在多层安全策略中拥有对一个客体的访问权限是必要的？（）

• A、The subject's sensitivity label must dominate the object's sensitivity label.主体的敏感性标识必须支配客体的敏感性标识
• B、The subject's sensitivity label subordinates the object's sensitivity label.主体的敏感性标识从属于客体的敏感性标识
• C、The subject's sensitivity label is subordinated by the object's sensitivity label.主体的敏感性标识被客体的敏感性标识从属
• D、The subject's sensitivity label is dominated by the object's sensitivity label.主体的敏感性标识以客体的敏感性标识为主体

第9题：

When installing a security system， which of the following connectors would be used to connect the security system to the telephone service demarcation？（）

• A、RJ-31x
• B、RJ-11
• C、RS-232
• D、DB-9

第10题：

For the following attempts， which one is to ensure that no one employee becomes a pervasive securitythreat， that data can be recovered from backups， and that information system changes do not compromisea system’s security？（）

• A、Strategic security planning
• B、Disaster recovery
• C、Implementation security
• D、Operations security