Which of the following is a security assurance requirement class defined in Common Criteria (CC)? (Wentz QOTD)
A. Non-repudiation of receipt
B. Access control policy
C. Trusted path
D. Interactions between composed IT entities

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

You are implementing security controls to mitigate threats. Which of the following best describes the target you are treating? (Wentz QOTD)
A. Uncertainty, likelihood, or possibility
B. Effect, consequence, or impact
C. Residual risk
D. Risk exposure

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

On August 20, 1998, NIST announced a group of fifteen AES candidate algorithms at the First AES Candidate Conference (AES1) and selected five algorithms from the fifteen as “AES finalists in Round 2 (AES2). Which of the following is least considered in the NIST cryptographic standard selection process? (Wentz QOTD)
A. Kerckhoff’s principle
B. Open design
C. Work factor
D. Locard’s principle of exchange

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

You are counting letters in the ciphertext and drawing a histogram for cryptanalysis. Which of the following is least related to the cryptanalysis? (Wentz QOTD)
A. Transposition cipher
B. Frequency analysis
C. Ciphertext-only attack (COA)
D. Side-Channel Analysis

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

On August 20, 1998, NIST announced a group of fifteen AES candidate algorithms at the First AES Candidate Conference (AES1) and selected five algorithms from the fifteen as “AES finalists in Round 2 (AES2). Which of the following is not one of the five AES finalists? (Wentz QOTD)
A. MARS
B. RC6
C. Serpent
D. Blowfish

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

Which of the following doesn’t support the single sign-on (SSO) feature? (Wentz QOTD)
A. Credential Management Systems
B. Kerberos
C. Scripted access or logon scripts
D. Identity Federation

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.