Cybersecurity final Multiple choice
Porous Defenses
"Improper Access Control (Authorization)" is in the _________ software error category.
Risky Resource Management
"Incorrect Calculation of Buffer Size" is in the __________ software error category
patent
A _____ for an invention is the grant of a property right to the inventor.
Regular expression
A _____ is a pattern composed of a sequence of characters that describe allowable input variants.
pre-shared key (PSK)
A _____ is a secret key shared by the AP and a STA and installed in some fashion outside the scope of IEEE 802.11i.
threat
A _____ is anything that might hinder or present an asset from providing appropriate levels of the key security services.
company rights
A _____ policy states that the company may access, monitor, intercept, block access, inspect, copy, disclose, use, destroy, or recover using computer forensics any data covered by this policy.
Code injection
A ______ attack is where the input includes code that is then executed by the attacked system.
trademark
A ______ is a word, name, symbol, or device that is used in trade with goods to indicate the source of the goods and to distinguish them from the goods of others.
security audit
A ______ is conducted to determine the adequacy of system controls, ensure compliance with established security policy and procedures, detect breaches in security services, and recommend any changes that are indicated for countermeasures.
disciplinary action
A ______ policy states that violation of this policy may result in immediate termination of employment or other discipline deemed appropriate by the company.
Command Injection
A _______ attack occurs when the input is used in the construction of a command that is subsequently executed by the system with the privileges of the Web server.
repository
A _______ is a generic term used to denote any method for storing certificates and CRLs so that they can be retrieved by end entities.
distributor
A ________ provides distribution channels, such as an online shop or a Web retailer.
platform as a service
A __________ cloud provides service to customers in the form of a platform on which the customer's applications can run.
public cloud
A __________ infrastructure is made available to the general public or a large industry group and is owned by an organization selling cloud services.
gateway
A __________ interconnects the IoT-enabled devices with the higher-level communication networks.
cloud service consumer
A __________ is a person or organization that maintains a business relationship with, and uses service from, cloud providers.
cloud broker
A __________ is an entity that manages the use, performance and delivery of cloud services, and negotiates relationships between CSPs and cloud consumers.
A. that it is below the transport layer and transparent to applications B. there is no need to revoke keying material when users leave the organization C. it can provide security for individual users if needed D. all of the above
A benefit of IPsec is __________.
A. CIRT B. CIRC C. CSIRT D. all of the above
A capability set up for the purpose of assisting in responding to computer security-related incidents that involve sites within a defined constituency is called a ______.
larger, more detailed
A contingency plan for systems critical to a large organization would be ______ than than for a small business
A. workflow automation B. delegated administration C. authentication D. all of the above
A principal element of an identity management system is _______.
memory leak
A steady reduction in memory available on the heap to the point where it is completely exhausted is known as a _____.
distribution system
A system used to interconnect a set of basic service sets and LANs to create an extended service set is a _______.
A. cell tower B. Wi-Fi hotspot C. wireless AP to a LAN or WAN D. All of the above
A wireless access point is a ______.
A. a cell phone B. a Wi-Fi enabled laptop C. A bluetooth device D. all of the above
A wireless client can be ______.
access point
A(n) _______ is any entity that has station functionality and provides access to the distribution system via the wireless medium for associated stations.
A. risks B. recommended controls C. responsible personnel D. all of the above
An IT security plan should include details of ______.
Network injection
An example of a(n) ______ attack is one in which bogus reconfiguration commands are used to affect routers and switches to degrade network performance.
serial number
An integer value unique within the issuing CA that is unambiguously associated with the certificate is the ________.
intellectual property
Any intangible asset that consists of human knowledge and ideas is _______.
MUA
At its most fundamental level the Internet mail architecture consists of a user world in the form of _________.
PHP remote code injection
Blocking assignment of form field values to global variables is one of the defenses available to prevent a ______ attack.
Computer Emergency Response Team
CERT stands for ______.
A. events related to the security mechanisms on the system B. operating system access C. remote access D. all of the above
Data items to capture for a security audit trail include:
Secure Programming
Defensive programming is sometimes referred to as
tunnel
ESP supports two modes of use: transport and _________.
Plan
Establishing security policy, objectives, processes and procedures is part of the ______ step.
private cloud
Examples of services delivered through the __________ include database on demand, email on demand, and storage on demand.
A. remove the person's name from all lists of authorized access B. recover all assets, including employee ID, disks, documents and equipment C. remove all personal access codes D. all of the above
From a security point of view, which of the following actions should be done upon the termination of an employee?
A. a router advertisement comes from an authorized router B. a routing update is not forged C. a redirect message comes from the router to which the initial packet was sent D. all of the above
IPsec can assure that _________.
A. Determining organizational IT security objectives, strategies and policies B. detecting and reacting to incidents C. specifying appropriate safeguards D. All of the above
IT security management functions include:
technical
Identification and authentication is part of the _____ class of security controls.
Do
Implementing the risk treatment plan is part of the _____ step.
WPA (Wi-Fi protected access)
In order to accelerate the introduction of strong security into WLANs the Wi-Fi Alliance promulgated _____, a set of security mechanisms that eliminates most 802.11 security issues, as a Wi-Fi standard.
Clear-signed data
In the case of ________ only the digital signature is encoded using base64.
Input
Incorrect handling of program _______ is one of the most common failings in software security.
DES
Kerberos uses the _______ encryption algorithm.
real property
Land and things permanently attached to the land, such as trees, buildings, and stationary mobile homes are _______.
Act
Maintaining and improving the information security risk management process in response to incidents is part of the ______ step
management
Maintenance of security controls, security compliance checking, change and configuration management, and incident handling are all included in the follow-up stage of the _____ process.
cost-benefit analysis
Management could conduct a ______ to identify those controls that are most appropriate and provide the greatest benefit to the organization given the available resources.
cloud computing
Measured service and rapid elasticity are essential characteristics of _________.
Kerberos
One of the earliest and most widely used services is _________.
maintenance
Periodically reviewing controls to verify that they still function as intended, upgrading controls when new requirements are discovered, ensuring that changes to systems do not adversely affect the controls, and ensuring new threats or vulnerabilities have not become known are all ______ tasks.
personal property
Personal effects, moveable property and goods, such as cars, bank accounts, wages, securities, a small business, furniture, insurance policies, jewelry, patents, and pets are all examples of _________.
A. provide data that can be used to define anomalous behavior B. maintain a record useful in computer forensics C. generate data that can be used in after-the-fact analysis of an attack D. all of the above
Security auditing can:
accountability
Security awareness, training, and education programs can serve as a deterrent to fraud and actions by disgruntled employees by increasing employees' knowledge of their _____ and of potential penalties.
emerg
Severe messages, such as immediate system shutdown, is a(n) _____ severity.
alert
System conditions requiring immediate attention is a(n) _______ severity.
4-way handshake
The MPDU exchange for distributing pairwise keys is known as the ______.
education and experience
The ____ level focuses on developing the ability and vision to perform complex, multidisciplinary activities and the skills needed to further the IT security profession and to keep pace with threat and technology changes.
informal
The _____ approach involves conducting a risk analysis for the organization's IT systems and exploits the knowledge and expertise of the individual s performing the analysis.
security basics and literacy
The _____ category is a transitional stage between awareness and training.
audit trail collector
The _____ is a module on a centralized system that collects audit trail records from other systems and creates a combined audit trail.
ISO (International Standards Organization)
The ______ has revised and consolidated a number of national and international standards into a consensus of best practice.
audit dispatcher
The ______ is a module that transmits the audit trail records from its local system to the centralized audit trail collector.
event discriminator
The ______ is logic embedded into the software of the system that monitors system activity and detects security-related events that it has been configured to detect.
MDA
The ______ is responsible for transferring the message from the MHS to the MS.
period of validity
The _______ consists of two dates: the first and last on which the certificate is valid.
protocol identifier
The _______ field in the outer IP header indicates whether the association is an AH or ESP security association.
mail submission agent
The ________ accepts the message submitted by a message user agent and enforces the policies of the hosting domain and the requirements of Internet standards.
Enveloped data
The ________ function consists of encrypted content of any type and encrypted-content encryption keys for one or more recipients.
private
The _________ cloud deployment model is the most secure option.
Baseline
The advantages of the _____ approach are that it doesn't require the expenditure of additional resources in conducting a more formal risk assessment and that the same measures can be replicated over a range of systems.
the public key certificate
The basic tool that permits widespread use of S/MIME is ________.
A. reproduction right B. distribution right C. modification right D. all of the above
The copyright owner has which exclusive right(s)?
intrusion management
The core of ___________ is the implementation of intrusion detection systems and intrusion prevention systems at entry points to the cloud and on servers in the cloud.
RSN (Robust security network)
The final form of the 802.11i standard is referred to as ________.
A. maintenance of security controls B. security compliance checking C. incident handling D. all of the above
The follow-up stage of the management process includes ______
MAC (Medium Access Control)
The function of the ______ layer is to control access to the transmission medium and to provide an orderly and efficient use of that capacity.
security officer
The implementation process is typically monitored by the organizational ______.
Fuzzing
The intent of _______ is to determine whether the program or function correctly handles all abnormal inputs or whether it crashes or otherwise fails to respond appropriately.
Corporate security policy
The intent of the _____ is to provide a clear overview of how an organization's IT infrastructure supports its overall business objectives.
lock
The most common technique for using an appropriate synchronization mechanism to serialize the accesses to prevent errors is to acquire a _____ on the shared file, ensuring that each process has appropriate access in turn.
XSS reflection
The most common variant of injecting malicious script content into pages returned to users by the targeted sites is the ______ vulnerability.
handshake protocol
The most complex part of TLS is the __________.
smart objects/embedded systems
The most vulnerable part of an IoT is the __________ .
compliance
The objective of the ______ control category is to avoid breaches of any law, statutory, regulatory, or contractual obligations, and of any security requirements.
business continuity management
The objective of the ______ control category is to counteract interruptions to business activities and to protect critical business processes from the effects of major failures of information systems or disasters and to ensure their timely resumption.
establishing the context
The purpose of _______ is to determine the basic parameters within which the risk assessment will be conducted and then to identify the assets to be examined.
digital signature
The result of S/MIME encrypting the digest using DSS and the sender's private DSS key is the ________.
risk register
The results of the risk analysis should be documented in a _______
BSS (Basic Service Set)
The smallest building block of a wireless LAN is a ______
cipher suite
The specification of a protocol along with the chosen key length is known as a __________ .
Cybercrime victims
The success of cybercriminals, and the relative lack of success of law enforcement, influence the behavior of _______.
MPDU (MAC Protocol Data Unit)
The unit of data exchanged between two peer MAC entities using the services of the physical layer is a(n) ________.
SaaS
The use of __________ avoids the complexity of software installation, maintenance, upgrades, and patches.
DoS
The wireless environment lends itself to a _____ attack because it is so easy for the attacker to direct multiple wireless messages at the target.
radix-64
To protect the data, either the signature alone or the signature plus the message are mapped into printable ASCII characters using a scheme known as ________ or base64mapping.
nine
Windows allows the system user to enable auditing in _______ different categories.
dynamically linked shared libraries
With _________ the linking to shared library routines is deferred until load time so that if changes are made any program that references the library is unaffected.
detection and recovery
_____ controls focus on the response to a security breach, by warning of violations or attempted violations of security policies.
MIME
_____ defines a number of content formats, which standardize representations for the support of multimedia e-mail.
XML
_____ is a markup language that uses sets of embedded tags or labels to characterize text elements within a document so as to indicate their appearance, function, meaning, or context.
A. Using encryption B. Using anti-virus and anti-spyware software C. Turning off identifier broadcasting D. all of the above
_____ is the recommended technique for wireless network security.
DMCA
_____ strengthens the protection of copyrighted materials in digital format.
environment variables
______ are a collection of string values inherited by each process from its parent that can affect the way a running process behaves.
A. Posters B. Newsletters C. Workshops and training sessions D. All of the above
______ are ways for an awareness program to promote the security message to employees.
cross-site scripting
______ attacks are vulnerabilities involving the inclusion of script code in the HTML content of a Web page displayed by a user's browser.
system-level
______ audit trails are generally used to monitor and optimize system performance.
application-level
______ audit trails may be used to detect security violations within an application or to detect flaws in the application's interaction with the system.
A. Dramatic works B. Architectural works C. Software-related works D. all of the above
______ can be copyrighted.
supportive
______ controls are pervasive, generic, underlying technical IT security capabilities that are interrelated with, and used by, many other controls.
management
______ controls focus on security policies, planning, guidelines, and standards that influence the selection of operational and technical controls to reduce the risk of loss and to protect the organization's mission.
audit analysis
______ identifies the level of auditing, enumerates the types of auditable events, and identifies the minimum set of audit-related information provided.
security controls
______ include management, operational, and technical processes and procedures that act to reduce the exposure of the organization to some risks by reducing the ability of a threat source to exploit some vulnerabilities.
A. Improving employee behavior B. Increasing the ability to hold employees accountable for their actions C. Mitigating liability of the organization for an employee's behavior D. All of the above
______ is a benefit of security awareness, training, and education programs to organizations.
risk acceptance
______ is choosing to accept a risk level greater than normal for business reasons.
fair use
______ is intended to permit others to perform, show, quote, copy, and otherwise distribute portions of the work for certain purposes.
thresholding
______ is the identification of data that exceed a particular baseline value.
triage
______ is the process of receiving, initial sorting, and prioritizing of information to facilitate its appropriate handling.
SIEM
______ software is a centralized logging software package similar to, but much more complex than, syslog.
Artifacts
_______ can include computer viruses, Trojan horse programs, worms, exploit scripts, and toolkits.
X.509
_______ certificates are used in most network security applications, including IP security, secure sockets layer, secure electronic transactions, and S/MIME.
IT security management
_______ ensures that critical assets are sufficiently protected in a cost-effective manner.
computers as targets
_______ is a form of crime that targets a computer system to acquire information stored on that computer system, to control the target system without authorization or payment, or to alter the integrity of data or interfere with the availability of the computer or server.
CipherSuite
_______ is a list that contains the combinations of cryptographic algorithms supported by the client.
security awareness
_______ is explicitly required for all employees.
X.509
_______ is important as part of the directory service that it supports and is also a basic building block used in other standards.
Workflow automation
_______ is movement of data in a business process.
certification
_______ is the process in which a CA issues a certificate for a user's public key and returns that certificate to the user's client system and/or posts that certificate in a repository.
registration
_______ is the process whereby a user first makes itself known to a CA prior to that CA issuing a certificate or certificates for that user.
executives
_______ need training on the development of risk management goals, means of measurement, and the need to lead by example in the area of security awareness.
system integrity verification tools
_______ scan critical system files, directories, and services to ensure they have not been changed without proper authorization.
unlinkability
________ ensures that a user may make multiple uses of resources or services without others being able to link these uses together.
anonymization
________ is a function that removes specific identifying information from query results, such as last name and telephone number, but creates some sort of unique identifier so that analysts can detect connections between queries.
federation
________ is a process where authentication and permission will be passed on from one system to another, usually across multiple enterprises, reducing the number of authentications needed by the user.
Injection attack
________ is a program flaw that occurs when the program input data can accidentally or deliberately influence the flow of execution of the program.
Kerberos
________ requires that a user prove his or her identity for each service invoked and, optionally, requires servers to prove their identity to clients.
Nova
_________ is the management software module that controls VMs within the IaaS cloud computing platform.
business continuity and disaster recovery
__________ comprise measures and mechanisms to ensure operational resiliency in the event of any service interruptions.
MiniSec
__________ has two operating modes, one tailored for single-source communication, and another tailored for multi-source broadcast communication.
data loss prevention
__________ is the monitoring, protecting, and verifying the security of data at rest, in motion, and in use.
A. control B. safeguard C. countermeasure D. All of the above
an IT security ______ helps to reduce risks
IT security management
is a formal process to ensure that critical assets are sufficiently protected in a cost-effective manner
selective revelation
is a method for minimizing exposure of individual information while enabling continuous analysis of potentially interconnected data.
SOAP
is a minimal set of conventions for invoking code using XML over HTTP that enables applications to request services from one another with XML-based requests and receive responses as data formatted with XML.
consequence
specification indicates the impact on the organization should the particular threat in question actually eventuate.
