CESPE – CEBRASPE – 2014 – TJ/SE – TÉCNICO JUDICIÁRIO (Cargo 20) – LÍNGUA INGLESA – CONCURSO PÚBLICO – TRIBUNAL DE JUSTIÇA DE SERGIPE – PROVA COM GABARITO.

Welcome back to another post!

➧ PROVA DE LÍNGUA INGLESA: CEBRASPE-2014-TJ/SE- TÉCNICO JUDICIÁRIO (Cargo 20).

➧ BANCA/ORGANIZADOR:

➧ PADRÃO/COMPOSIÇÃO DA PROVA: 09 questões do tipo  CORRETA (C) ou ERRADA (E).

➧ GABARITO:

01-C, 02-C, 03-E, 04-E, 05-C

06-C, 07-E, 08-C, 09-E

➧ VOCABULÁRIO:

• Verbo (to assess=avaliar) ➝ assessed = avaliada. 
• Verbo (to access=acessar) ➝ accessed = acessada.
• An information security assessment - Uma avaliação de segurança da informação.

➧ TEXTO 1:

An information security assessment is the process of determining how effectively an entity being assessed (e.g., host, system, network, procedure, person — known as the assessment object) meets specific security objectives. Three types of assessment methods can be used to accomplish this — testing, examination, and interviewing. Testing is the process of exercising one or more assessment objects under specified conditions to compare actual and expected behaviors. Examination is the process of checking, inspecting, reviewing, observing, studying, or analyzing one or more assessment objects to facilitate understanding, achieve clarification, or obtain evidence. Interviewing is the process of conducting discussions with individuals or groups within an organization to facilitate understanding, achieve clarification, or identify the location of evidence. Assessment results are used to support the determination of security control effectiveness over time.

Technical guide to information security testing and assessment. Internet: <http://csrc.nist.gov> (adapted).

Based on the above text, judge the following items.

01. In the text, the word “accomplish” (l.5) has the same meaning as “achieve” (l.11).

02. Testing, examination and interviewing are methods which can result in effective assessments of people.

03. In the text, “used to” (l.15) could be correctly replaced by accustomed, without changing the meaning of the text.

04. In the text, the word “assessed” (l.2) is synonymous with the word accessed.

➧ TEXTO 2:

Facebook wasn’t the first to offer security researchers bounties for reporting vulnerabilities — but the social network reports it paid out $1.5m in 2013 for bug reports, and says it is increasing the amount of cash on offer in the coming year.

According to the advertising giant, it received 14,763 reports of suspected flaws last year, an increase of 246 per cent on the 2012 figure. Unfortunately for Facebook’s security team there were a lot of false positives in there, and only 687 write-ups turned out to be worth paying for — and, thankfully, roughly six per cent were classified as high-severity issues.

3

US researchers found 92 correct flaws, with an average payday of $2,272 each, while the British contingent sent in valid bugs each worth $2,950 on average. Facebook’s highest payout went to Brazilian researcher Reginaldo Silva, who earned $33,500 for finding an XML external entity vulnerability within a PHP page.

Iain Thomson. How much is a security bug report

worth to Facebook? About $2,100. Internet:

<www.theregister.co.uk> (adapted)

Based on the text, judge the items that follow.

05. The word “figure” (l.7) means number.

06. The smallest amount Facebook paid for a bug report wasn’t for Brazilian Reginaldo Silva.

07. In 2013, Facebook paid about 2,100 dollars for each of the 14,763 bug reports.

08. The expression “social network” (l.2) refers to “Facebook” (l.1).

09. Facebook didn’t pay some of the 687 write-ups.