IT330 Final Exam 2024;Graded A+ with complete solution
All of the following are typical RACF security services, except?
A. Identifies logon users via a USERID and password
B. Each RACF USERID has a unique password
C. Password is one way encrypted so no one else can get your password, not
even the administrator
D. Prevents connections from outside the network to access sensitive
applications - firewall.
E. A USERID is revoked after a preset number of invalid password attempts
D
In RACF, a _____________ describes the security characteristics of a user, a
group, or resource.
A. user account
B. security entry
C. profile
D. SAF
C
In order for a resource to be RACF-protected, it must
A. have a RACF profile
B. have a password
C. limit access to local connections
D. define users and groups who may access the resource
A
The security role which is responsible for reviewing security policy, violation and
exposures is ______.
A. Security administrator
B. Security auditor
C. System operator
D. Systems programmer
E. System Administrator
B
Which of the following statements BEST describes z/OS's storage protection
function?
A. Limit access to sensitive datasets and libraries to authorized users and
programs.
B. Prevents unauthorized reading or alteration of storage
C. Protects virtual address spaces from unauthorized access or alteration.
D. Encrypts removable storage devices using the storage protection key.
B
Which of the following statements BEST describes the concept of "console
security"?
A. Specifies which z/OS commands operators can execute at a designated
, console.
B. Specifies z/OS USERIDS may login to a designated console.
C. Specifies groups and userids that logon to a designated console.
D. Specifies the time of day one may logon to a designated console.
E. All of answers are correct.
A
Which of the following is NOT an example of a RACF protected resource?
A. datasets and tapes
B. JES or TSO
C. IMS or CICS transactions
D. Console and system commands
E. Users and groups
E
A security policy should ______.
A. determine which RACF functions to use
B. identify the level of RACF protection
C. identify which data to protect
D. identify administrative structures and users
E. include all of the presented options
E
Concerning the security of application programs, which of the following
statements is FALSE?
A. Application programs may or may not be stored in an APF-library
B. Application programs are normally executed in problem state.
C. Application programs normally use a storage protection key between 0 and 7.
D. Applications programs are normally developed by IBM customers or third-
parties.
C
z/OS directly provides all of the following security and integrity controls beyond
facilities provided by the IBM Security Server or RACF, except?
A. Authorized Program Facility
B. Storage Protection
C. Cross-memory communication
D. MS Windows Firewall Technologies
D
Which of the following statements concerning z/OS's storage protection is
FALSE?
A. Information for each 4 KB page of real storage is protected from unauthorized
use by means of multiple storage protection keys.
B. Storage protection keys are used to encrypt the contents of real memory to
prevent un-authorized system or user programs from reading the contents of the
page.
C. z/OS uses 16 storage protection keys.A specific key is assigned according to
the type of work being performed.
All of the following are typical RACF security services, except?
A. Identifies logon users via a USERID and password
B. Each RACF USERID has a unique password
C. Password is one way encrypted so no one else can get your password, not
even the administrator
D. Prevents connections from outside the network to access sensitive
applications - firewall.
E. A USERID is revoked after a preset number of invalid password attempts
D
In RACF, a _____________ describes the security characteristics of a user, a
group, or resource.
A. user account
B. security entry
C. profile
D. SAF
C
In order for a resource to be RACF-protected, it must
A. have a RACF profile
B. have a password
C. limit access to local connections
D. define users and groups who may access the resource
A
The security role which is responsible for reviewing security policy, violation and
exposures is ______.
A. Security administrator
B. Security auditor
C. System operator
D. Systems programmer
E. System Administrator
B
Which of the following statements BEST describes z/OS's storage protection
function?
A. Limit access to sensitive datasets and libraries to authorized users and
programs.
B. Prevents unauthorized reading or alteration of storage
C. Protects virtual address spaces from unauthorized access or alteration.
D. Encrypts removable storage devices using the storage protection key.
B
Which of the following statements BEST describes the concept of "console
security"?
A. Specifies which z/OS commands operators can execute at a designated
, console.
B. Specifies z/OS USERIDS may login to a designated console.
C. Specifies groups and userids that logon to a designated console.
D. Specifies the time of day one may logon to a designated console.
E. All of answers are correct.
A
Which of the following is NOT an example of a RACF protected resource?
A. datasets and tapes
B. JES or TSO
C. IMS or CICS transactions
D. Console and system commands
E. Users and groups
E
A security policy should ______.
A. determine which RACF functions to use
B. identify the level of RACF protection
C. identify which data to protect
D. identify administrative structures and users
E. include all of the presented options
E
Concerning the security of application programs, which of the following
statements is FALSE?
A. Application programs may or may not be stored in an APF-library
B. Application programs are normally executed in problem state.
C. Application programs normally use a storage protection key between 0 and 7.
D. Applications programs are normally developed by IBM customers or third-
parties.
C
z/OS directly provides all of the following security and integrity controls beyond
facilities provided by the IBM Security Server or RACF, except?
A. Authorized Program Facility
B. Storage Protection
C. Cross-memory communication
D. MS Windows Firewall Technologies
D
Which of the following statements concerning z/OS's storage protection is
FALSE?
A. Information for each 4 KB page of real storage is protected from unauthorized
use by means of multiple storage protection keys.
B. Storage protection keys are used to encrypt the contents of real memory to
prevent un-authorized system or user programs from reading the contents of the
page.
C. z/OS uses 16 storage protection keys.A specific key is assigned according to
the type of work being performed.
