Chapters 1-4 Exam 67 Questions

¡Supera tus tareas y exámenes ahora con Quizwiz!

Which one of the following is the best example of an authorization control?

Access control lists

Brian notices an attack taking place on his network. When he digs deeper, he realizes that the attacker has a physical presence on the local network and is forging Media Access Control (MAC) addresses. Which type of attack is most likely taking place?

Address Resolution Protocol (ARP) poisoning

Which security control is most helpful in protecting against eavesdropping on wireless LAN (WLAN) data transmissions that would jeopardize confidentiality?

Applying strong encryption

During what phase of a remote access connection does the end user prove his or her claim of identity?

Authentication

Which password attack is typically used specifically against password files that contain cryptographic hashes?

Birthday attacks

Tom is the IT manager for an organization that experienced a server failure that affected a single business function. What type of plan should guide the organization's recovery effort?

Business continuity plan (BCP)

What is NOT a common endpoint for a virtual private network (VPN) connection used for remote network access?

Content filter

Which item in a Bring Your Own Device (BYOD) policy helps resolve intellectual property issues that may arise as the result of business use of personal devices?

Data ownership

Which technology can be used to protect the privacy rights of individuals and simultaneously allow organizations to analyze data in aggregate?

Deidentification

Which one of the following is an example of a disclosure threat?

Espionage

Barry discovers that an attacker is running an access point in a building adjacent to his company. The access point is broadcasting the security set identifier (SSID) of an open network owned by the coffee shop in his lobby. Which type of attack is likely taking place?

Evil twin

A security policy is a comparison of the security controls you have in place and the controls you need in order to address all identified threats.

False

Cryptography is the process of transforming data from cleartext into ciphertext.

False

The weakest link in the security of an IT infrastructure is the server.

False

Which compliance obligation includes security requirements that apply specifically to federal government agencies in the United States?

Federal Information Security Management Act (FISMA)

Which of the following is used to transfer files using the File Transfer Protocol (FTP) to and from the vWorkstation?

FileZilla

Which control is not designed to combat malware?

Firewalls

Which one of the following is an example of a business-to-consumer (B2C) application of the Internet of Things (IoT)?

Health monitoring

Rachel is investigating an information security incident that took place at the high school where she works. She suspects that students may have broken into the student records system and altered their grades. If correct, which one of the tenets of information security did this attack violate?

Integrity

Which organization pursues standards for Internet of Things (IoT) devices and is widely recognized as the authority for creating standards on the Internet?

Internet Engineering Task Force

Which Internet of Things (IoT) challenge involves the difficulty of developing and implementing protocols that allow devices to communicate in a standard fashion?

Interoperability

Which network device is capable of blocking network connections that are identified as potentially malicious?

Intrusion prevention system (IPS)

Which type of denial of service attack exploits the existence of software flaws to disrupt a service?

Logic attack

Which one of the following measures the average amount of time that it takes to repair a system, application, or component?

Mean time to repair (MTTR)

During the vulnerability assessment, any known vulnerabilities or bugs will be flagged and identified by:

Nessus

The _______________ report summary includes both a bar chart and a pie chart showing the distribution of vulnerability findings for each host.

Nessus

Which of the following interfaces enables you to scan several IP addresses at once or type in an IP address to create a simple scan of any machine?

Nessus

Which of the following performs remote scans and audits of UNIX, Windows, and network infrastructures and can perform a network discovery of devices, operating systems, applications databases, and services running on those devices?

Nessus

Which of the following allows analysts to view and analyze network packet traces?

NetWitness Investigator

What is NOT a commonly used endpoint security technique?

Network firewall

Which of the following work together to complete the scanning and vulnerability assessment phase of the ethical hacking process?

Nmap (Zenmap) and Nessus

What level of technology infrastructure should you expect to find in a cold site alternative data center facility?

No technology infrastructure

Maria's company recently experienced a major system outage due to the failure of a critical component. During that time period, the company did not register any sales through its online site. Which type of loss did the company experience as a result of lost sales?

Opportunity cost

Holly would like to run an annual major disaster recovery test that is as thorough and realistic as possible. She also wants to ensure that there is no disruption of activity at the primary site. What option is best in this scenario?

Parallel test

Tony is working with a law enforcement agency to place a wiretap pursuant to a legitimate court corder. The wiretap will monitor communications without making any modifications. What type of wiretap is Tony placing?

Passive wiretap

Which element of the security policy framework requires approval from upper management and applies to the entire organization?

Policy

Chris is writing a document that provides step-by-step instructions for end users seeking to update the security software on their computers. Performing these updates is mandatory. Which type of document is Chris writing?

Procedure

Which of the following allows Wireshark to capture packets destined to any host on the same subnet or virtual LAN (VLAN)?

Promiscuous mode

During which phase of a hacker's five-step approach does the hacker scan a network to identify IP hosts, open ports, and services enabled on servers and workstations?

Reconnaissance

Alan is developing a business impact assessment for his organization. He is working with business units to determine the maximum allowable time to recover a particular function. What value is Alan determining?

Recovery time objective (RTO)

Which formula is typically used to describe the components of information security risks?

Risk = Threat X Vunerability

Earl is preparing a risk register for his organization's risk management program. Which data element is LEAST likely to be included in a risk register?

Risk survey results

In which type of attack does the attacker attempt to take over an existing connection between two systems?

Session hijacking

As a follow-up to her annual testing, Holly would like to conduct quarterly disaster recovery tests that introduce as much realism as possible but do not require the use of technology resources. What type of test should Holly conduct?

Simulation test

Kaira's company recently switched to a new calendaring system provided by a vendor. Kaira and other users connect to the system, hosted at the vendor's site, using a webbrowser. Which service delivery model is Kaira's company using?

Software as a Service (SaaS)

Who is responsible for hosting the CVE database listing web site, under contract with the Department of Homeland Security and the U.S. National Cyber Security Division?

The Mitre Corporation

Which term describes any action that could damage an asset?

Threat

A DOS attack is a coordinated attempt to deny service by occupying a computer to perform large amounts of unnecessary tasks.

True

Access control lists (ACLs) are used to permit and deny traffic in an IP router.

True

An alteration threat violates information integrity

True

For businesses and organizations under recent compliance laws, data classification standards typically include private, confidential, internal use only and public domain categories.

True

Metadata of Internet of Things (IoT) devices can be sold to companies seeking demographic marketing data about users and their spending habits.

True

Rootkits are malicious software programs designed to be hidden from normal methods of detection.

True

The business impact analysis (BIA) identifies the resources for which a business continuity plan (BCP) is necessary.

True

The recovery point objective (RPO) is the maximum amount of data loss that is acceptable.

True

Florian recently purchased a set of domain names that are similar to those of legitimate websites and used the newly purchased sites to host malware. Which type of attack is Florian using?

Typosquatting

Dawn is selecting an alternative processing facility for her organization's primary data center. she would like to have a facility that balances cost and switchover time. What would be the best option in this situation?

Warm site

Which of the following is a protocol analyzer tool (sometimes called a "packet sniffer") that is used to capture IP traffic from a variety of sources?

Wireshark

Which of the following is a graphical interface for Nmap that is typically used during the scanning phase of the ethical hacking process?

Zenmap

Which of the following is used to perform a scan of the network and create a network topology chart?

Zenmap

Most Linux interactions take place:

from the command line

Conducting a vulnerability scan on entire subnets:

is time consuming and noisy (making them easily detected).

The CVE listing is a database of:

known software vulnerabilities and exposures as well as how to mitigate them with software patches and updates.

To be effective, hackers and cybercriminals:

only need to know one vulnerability, or how to use one automated tool that attacks that vulnerability.

A successful _______________ assessment of a network is all about using the right tools to map the network and identify any vulnerabilities that can be the opening for a future attack.

scanning and vulnerability

You can limit the breadth and scope of a vulnerability scan by:

using a text file, which lists only the hosts you want to scan

Ethical hackers must obtain _________________ prior to performing a scanning and vulnerability assessment on a live production network.

written authorization from the client


Conjuntos de estudio relacionados

which of the following actions done in a substance abused nurse would result in immediate suspension/termination vs must be reported to board of nursing?

View Set

Article 90 - Introduction to the NEC (Quarter 4)

View Set