Chapters 3 & 4
What is the first step in a disaster recovery effort?
Ensure that everyone is safe
Which one of the following is an example of a disclosure threat?
Espionage
Barry discovers that an attacker is running an access point in a building adjacent to his company. The access point is broadcasting the security set identifier (SSID) of an open network owned by the coffee shop in his lobby. Which type of attack is likely taking place?
Evil twin
Vishing is a type of wireless network attack.
False
Bob is using a port scanner to identify open ports on a server in his environment. He is scanning a web server that uses Hypertext Transfer Protocol (HTTP). Which port should Bob expect to be open to support this service?
80
Brian notices an attack taking place on his network. When he digs deeper, he realizes that the attacker has a physical presence on the local network and is forging Media Access Control (MAC) addresses. Which type of attack is most likely taking place?
Address Resolution Protocol (ARP) poisoning
Denial of service (DoS) attacks are larger in scope than distributed denial of service (DDoS) attacks.
False
Most enterprises are well prepared for a disaster should one occur.
False
Removable storage is a software application that allows an organization to monitor and control business data on a personally owned device.
False
Which control is not designed to combat malware?
Firewall
Which group is the most likely target of a social engineering attack?
Receptionists and administrative assistants
A surge protector is an example of a preventative component of a disaster recovery plan (DRP).
True
An alteration threat violates information integrity.
True
Regarding data center alternatives for disaster recovery, a mobile site is the least expensive option but at the cost of the longest switchover time.
True
Remote wiping is a device security control that allows an organization to remotely erase data or email in the event of loss or theft of the device.
True
Rootkits are malicious software programs designed to be hidden from normal methods of detection.
True
Screen locks are a form of endpoint device security control.
True
Spyware gathers information about a user through an Internet connection, without his or her knowledge.
True
The term risk management describes the process of identifying, assessing, prioritizing, and addressing risks.
True
The term risk methodology refers to a list of identified risks that results from the risk-identification process.
True
An attacker uses exploit software when wardialing.
false
Authorization controls include biometric devices.
False
What is NOT one of the three tenets of information security?
Safety
Failing to prevent an attack all but invites an attack.
True
Tony is working with a law enforcement agency to place a wiretap pursuant to a legitimate court order. The wiretap will monitor communications without making any modifications. What type of wiretap is Tony placing?
passive wiretap
Users throughout Alison's organization have been receiving unwanted commercial messages over the organization's instant messaging program. What type of attack is taking place?
spim
A birthday attack is a type of cryptographic attack that is used to make brute-force attack of one-way hashes easier.
true
The recovery point objective (RPO) is the maximum amount of data loss that is acceptable.
true
The anti-malware utility is one of the most popular backdoor tools in use today.
False
Using a secure logon and authentication process is one of the six steps used to prevent malware.
False
Betsy recently assumed an information security role for a hospital located in the United States. What compliance regulation applies specifically to health care providers?
HIPPA
What level of technology infrastructure should you expect to find in a cold site alternative data center facility?
No technology infrastructure
Which tool can capture the packets transmitted between systems over a network?
Protocol analyzer
George is the risk manager for a U.S. federal government agency. He is conducting a risk assessment for that agency's IT risk. What methodology is best suited for George's use?
Risk Management Guide for Information Technology Systems (NIST SP800-30)
Earl is preparing a risk register for his organization's risk management program. Which data element is LEAST likely to be included in a risk register?
Risk survey results
A DoS attack is a coordinated attempt to deny service by occupying a computer to perform large amounts of unnecessary tasks.
True
Continuity of critical business functions and operations is the first priority in a well-balanced business continuity plan (BCP).
True
In a Bring Your Own Device (BYOD) policy, the user acceptance component may include separation of private data from business data.
True
The Government Information Security Reform Act (Security Reform Act) of 2000 focuses on management and evaluation of the security of unclassified and national security systems.
True
The Gramm-Leach-Bliley Act (GLBA) addresses information security concerns in the financial industry.
True
When servers need operating system upgrades or patches, administrators take them offline intentionally so they can perform the necessary work without risking malicious attacks.
True
Yuri is a skilled computer security expert who attempts to break into the systems belonging to his clients. He has permission from the clients to perform this testing as part of a paid contract. What type of person is Yuri?
White-hat hacker
A dictionary password attack is a type of attack in which one person, program, or computer disguises itself as another person, program, or computer to gain access to some resource.
false
A security policy is a comparison of the security controls you have in place and the controls you need in order to address all identified threats.
false
Spam is some act intended to deceive or trick the receiver, normally in email messages.
false
The main difference between a virus and a worm is that a virus does not need a host program to infect.
false
Which type of denial of service attack exploits the existence of software flaws to disrupt a service?
logic attack