B.  Keeping a database from being accessed by unauthorized
                        visitors

                    C.  Restricting a subject at a lower classification level from

                        accessing data at a higher classification level

                    D.  Preventing an application from accessing hardware directly

               14.  What is the primary goal of change management?

                    A.  Maintaining documentation

                    B.  Keeping users informed of changes

                    C.  Allowing rollback of failed changes

                    D.  Preventing security compromises

               15.  What is the primary objective of data classification schemes?

                    A.  To control access to objects for authorized subjects

                    B.  To formalize and stratify the process of securing data based on

                        assigned labels of importance and sensitivity

                    C.  To establish a transaction trail for auditing accountability

                    D.  To manipulate access controls to provide for the most efficient
                        means to grant or restrict functionality

               16.  Which of the following is typically not a characteristic considered
                    when classifying data?

                    A.  Value

                    B.  Size of object


                    C.  Useful lifetime

                    D.  National security implications

               17.  What are the two common data classification schemes?

                    A.  Military and private sector

                    B.  Personal and government

                    C.  Private sector and unrestricted sector

                    D.  Classified and unclassified