Appendix A. Answers to Assessment Questions
The level of confidence that software functions as intended and is free of vulnerabilities, either intentionally or unintentionally designed or inserted as part of the software, is the definition of:
Option C is the definition of assurance from the U.S. Department of Defense (DoD) Software Assurance Initiative. Options A, B, and D are made-up distracters.
Seven complementary elements that support information assurance are confidentiality, integrity, availability, authentication, authorization, accountability, and:
Options A, C, and D are not directly involved with the support of assurance.
A form of confidentiality breach that is accomplished by studying the volume, rate, source, and destination of transmitted messages is:
Covert channel analysis
Option D is correct by the definition of traffic analysis. Options A and C are made-up distracters, and option B refers to hidden data transfer paths.
An unauthorized and unintended communication path that provides for exchange of information is a:
The correct option is B.
The ability of an entity to use and correlate information protected at one level of security to uncover information that is protected at a higher security level is called: ...