Final Review - CIST1601-Information Security Fund
The filtering component of a content filter is like a set of firewall rules for Web sites, and is common in residential content filters. _________________________ A) True B) False
B) False
The first step in the work breakdown structure (WBS) approach encompasses activities, but not deliverables. A) True B) False
B) False
The fundamental difference between symmetric and asymmetric encryption is that the symmetric encryption uses two keys (private/public) and the asymmetric encryption uses only one key. A) True B) False
B) False
The general management community of interest must plan for the proper staffing for the information security function. _________________________ A) True B) False
B) False
The general management community of interest must plan for the proper staffing for the information security function. _________________________ A) True B) False
B) False
The information security function cannot be placed within protective services. A) True B) False
B) False
The most common credential for a CISO-level position is the Security+ certification. _________________________ A) True B) False
B) False
The networks layer of the bull's-eye is the outermost ring of the bull's eye. A) True B) False
B) False
The number of horizontal and vertical pixels captured and recorded is known as the image's contrast. _________________________ A) True B) False
B) False
Which one of the following is NOT a component of Lewin change model? A) Refreezing B) Freezing C) Moving D) Unfreezing
B) Freezing
__________ testing is a straightforward testing technique that looks for vulnerabilities in a program or protocol by feeding random input to the program or a network running the protocol. A) Buzz B) Fuzz C) Spike D) Black
B) Fuzz
___________________ is NOT an information security position. A) Physical Security Manager B) Information Security Planner C) Information Security Administrator D) Information Security Technician
B) Information Security Planner
What is a project plan? A) It is used to resolve any pending issues, critique the overall project effort, and draw conclusions about how to improve the process for the future. B) It instruct the individuals who are executing the implementation phase C) It involves running the new methods alonside the old methods. D) None of the above
B) It instruct the individuals who are executing the implementation phase
The service within Kerberos that generates and issues session keys is known as __________. A) VPN B) KDC C) AS D) TGS
B) KDC
__________ was developed by Phil Zimmermann and uses the IDEA Cipher for message encoding. A) PEM B) PGP C) S/MIME D) SSL
B) PGP
__________ is an integrated system of software, encryption methodologies, protocols, legal agreements, and third-party services that enables users to communicate securely. A) MAC B) PKI C) DES D) AES
B) PKI
The __________ algorithm, developed in 1977, was the first public key encryption algorithm published for commercial use. A) DES B) RSA C) MAC D) AES
B) RSA
Most guards have clear __________ that help them to act decisively in unfamiliar situations. A) MACs B) SOPs C) POSs D) OPSs
B) SOPs
SecSDLC stands for ____________________. A) Security Systems development Life Change B) Security Systems Development Life Cycle C) Security Systems Deployment Life Cycle D) Security Systems Deployment Life Change
B) Security Systems Development Life Cycle
Each of the following protects remote connections except ________________. A) VPN B) Sniffer C) Kerberos D) Diameter
B) Sniffer
__________ filtering requires that the filtering rules governing how the firewall decides which packets are allowed and which are denied be developed and installed with the firewall. A) Dynamic B) Static C) Stateful D) Stateless
B) Static
Kerberos __________ provides tickets to clients who request services. A) KDS B) TGS C) AS D) VPN
B) TGS
__________ occurs when an authorized person opens a door, and other people, who may or may not be authorized, also enter. A) Crowdsurfing B) Tailgating C) Freeloading D) Hitchhiking
B) Tailgating
Known as the ping service, ICMP is a(n) __________ and should be ___________. A) essential feature, turned on to save money B) common method for hacker reconnaissance, turned off to prevent snooping C) infrequently used hacker tool, turned off to prevent snooping D) common method for hacker reconnaissance, turned on to save money
B) common method for hacker reconnaissance, turned off to prevent snooping
Each of the following is a plannning parameter for the task being corrected except _________. A) quality or quantity of the deliverable B) cybernetic loop C) elapsed time or scheduling impact D) effort and money allocated
B) cybernetic loop
Some cases of __________ are simple, such as requiring employees to begin using a new password on an announced date. A) phased implementation B) direct changeover C) pilot implementation D) wrap-up
B) direct changeover
Keycard readers based on smart cards are often used to secure computer rooms, communications closets, and other restricted areas. A) True B) False
A) True
Keycard readers based on smart cards are often used to secure computer rooms, communications closets, and other restricted areas. A) True B) False
A) True
Least privilege is the requirement that employee is provided with minimal amount of information for minimal amount of time necessary for them to perform their duties. A) True B) False
A) True
Manual fire detection systems, include human responses, such as calling the fire department and manually activated alarms. _________________________ A) True B) False
A) True
Minutiae are unique points of reference that are digitzed and stored in an encrypted format when the user's system access credentials are created. A) True B) False
A) True
Most firewalls use packet header information to determine whether a specific packet should be allowed to pass through or should be dropped. _________________________ A) True B) False
A) True
Nonrepudiation means that customers or partners can be held accountable for transactions, such as online purchases, which they cannot later deny. A) True B) False
A) True
Once a project is underway, it is managed using a process known as gap analysis, which ensures that progress is measured periodically. _________________________ A) True B) False
A) True
Once the OS is known, all of the vulnerabilities to which a system is susceptible can easily be determined. A) True B) False
A) True
One encryption method made popular by spy movies involves using the text in a book as the key to decrypt a message. A) True B) False
A) True
PKI systems are based on public key cryptosystems and include digital certificates and certificate authorities. A) True B) False
A) True
Packet filtering firewalls scan network data packets looking for compliance with or violation of the rules of the firewall's database. A) True B) False
A) True
Packet-filtering firewalls scan network data packets looking for compliance with the rules of the firewall's database or violations of those rules. A) True B) False
A) True
Physical security is just as important as logical security to an information security program. _________________________ A) True B) False
A) True
Popular cryptosystems use a hybrid combination of symmetric and asymmetric algorithms. A) True B) False
A) True
Port scanners are used to fingerprint the computers that are active on the network. A) True B) False
A) True
Pretty Good Privacy (PGP) is a hybrid cryptosystem. A) True B) False
A) True
Pretty Good Privacy (PGP) uses the freeware ZIP algorithm to compress the message after it has been digitally signed but before it is encrypted. _________________________ A) True B) False
A) True
SOCKS is a de facto standard for circuit-level gateways. _________________________ A) True B) False
A) True
Secure Multipurpose Internet Mail Extensions builds on the encoding format of the MIME protocol and uses digital signatures based on public key cryptosystems to secure e-mail. _________________________ A) True B) False
A) True
Security managers accomplish objectives identified by the CISO and resolve issues identified by technicians. _________________________ A) True B) False
A) True
Security tools that go beyond routine intrusion detection include honeypots, honeynets and padded cell systems. A) True B) False
A) True
Smoke detection systems are perhaps the most common means of detecting a potentially dangerous fire, and they are required by building codes in most residential dwellings and commercial buildings. _________________________ A) True B) False
A) True
Some firewalls can filter packets by protocol name. A) True B) False
A) True
Static electricity is caused by a process called triboelectrification. A) True B) False
A) True
Steganography is a data hiding method that involves embedding information within other files, such as digital pictures or other images. A) True B) False
A) True
Steganography is used to hide messages within digital encoding of a picture or graphic. A) True B) False
A) True
TEMPEST is a program developed by the U.S. government to reduce the risk of EMR monitoring. A) True B) False
A) True
Technology governance is a complexe process that organizations use to manage the effects and costs of technology implementation, innovation, and obsolescence. A) True B) False
A) True
Telecommuters should use a securable operating system that requires password authentication. A) True B) False
A) True
Water-based systems are inexpensive, nontoxic, and can often be created by using an existing sprinkler system that may have been present in earlier construction. A) True B) False
A) True
Weak management support, with overly delegated responsibility and no champion, sentences a project to almost-certain failure. A) True B) False
A) True
When Web services are offered outside the firewall, HTTP traffic should be blocked from internal networks through the use of some form of proxy access or DMZ architecture. A) True B) False
A) True
When a collection of honeypots connects several honeypot systems on a subnet, it may be called a(n) honeynet. _________________________ A) True B) False
A) True
When an asymmetric cryptographic process uses the sender's private key to encrypt a message, the sender's public key must be used to decrypt the message. A) True B) False
A) True
While a network-based IDPS(NIDPS) resides on a network segment and monitors activities accross that segment, a host-based IDPS(HIDPS)resides on a prticular computer or server, and monitors activity only on that system. A) True B) False
A) True
A(n) intranet is a segment of the DMZ where additional authentication and authorization controls are put into place to provide services that are not available to the general public. _________________________ A) True B) False
B) False
A(n) monitoring vulnerability scanner is one that listens in on the network and determines vulnerable versions of both server and client software. _________________________ A) True B) False
B) False
Accountability is the matching of an authenticated entity to a list of information assets and corresponding access levels. A) True B) False
B) False
Administrators who are wary of using the same tools that attackers use should remember that most organizations prohibit use of open source or freeware software tools. A) True B) False
B) False
Adopted by NIST in 1976 as a federal standard, DES uses a 64-bit block size and key. A) True B) False
B) False
All IDPS vendors target users with the same levels of technical and security expertise. A) True B) False
B) False
All organizations should designate a champion from the general management community of interest to supervise the implementation of an information security project plan. A) True B) False
B) False
All organizations with a router at the boundary between the organization's internal networks and the external service provider will experience improved network performance due to the complexity of the ACLs used to filter the packets. A) True B) False
B) False
An IDPS can be configured to dial a phone number and produce an alphanumeric page or other type of signal or message. A) True B) False
B) False
As DES became known as being too weak for highly classified communications, Double DES was created to provide a level of security far beyond that of DES. _________________________ A) True B) False
B) False
Authentication is a mechanism whereby unverified entities or supplicants who seek access to a resource provide a label by which they are known to the system.. _________________________ A) True B) False
B) False
Bluetooth is a defacto industry standard for long-range wireless communication between devices. A) True B) False
B) False
Certification is what authorized an IT system to process, store, or transmit information A) True B) False
B) False
Circuit-level gateways usually look at data traffic flowing between networks rather than preventing direct connections between networks. A) True B) False
B) False
CompTIA offers a vendor-specific certification program called the Security+ certification. A) True B) False
B) False
Dogs should be used for physical security when sense of smell and feeling can detect intrusion. A) True B) False
B) False
Each for-profit organization determines its capital budget and the rules for managing capital spending and expenses the same way. A) True B) False
B) False
Encryption is the process of converting the ciphertext message back into plaintext so that it can be readily understood. _________________________ A) True B) False
B) False
Enticement is the action of luring an individual into committing a crime to get a conviction. _________________________ A) True B) False
B) False
Even if Kerberos servers are subjected to denial-of-service attacks, a client can still request additional services. A) True B) False
B) False
Every organization needs to develop an information security department or program of its own. A) True B) False
B) False
Existing information security-related certifications are typically well understood by those responsible for hiring in the organizations. A) True B) False
B) False
Fail-safe lock is when the door lock fails and the door remains lock. A) True B) False
B) False
False positive is the failure of an IDPS to react to an actual attack event.This is the most grievious failure. A) True B) False
B) False
Fingerprinting is the organized research of the Internet addresses owned or controlled by a target organization. _________________________ A) True B) False
B) False
Fire suppression systems typically work by denying an environment one of the three requirements for a fire to burn: a spark, fuel, and oxygen. A) True B) False
B) False
Friendly departures include resignation, retirement, termination, or relocation A) True B) False
B) False
Friendly departures include termination for cause, permanent downsizing, temporary lay-off, or some instances of quitting. _________________________ A) True B) False
B) False
GIAC stands for Global Information Architecture Certification. _________________________ A) True B) False
B) False
Hashing functions require the use of keys. A) True B) False
B) False
IPSec uses only one cryptosystem: Diffie-Hellman A) True B) False
B) False
ISACA touts the CISA certification as being appropriate for accounting, networking, and security professionals. _________________________ A) True B) False
B) False
ISSMP stands for Information Systems Security Monitoring Professional. _________________________ A) True B) False
B) False
In 1953, Giovan Batista Bellaso introduced the idea of the passphrase (password) as a key for encryption. A) True B) False
B) False
In a book cipher, the key consists of a list of codes representing the page number, line number, and word number of the plaintext word._________________________ A) True B) False
B) False
In a(n) double conversion offline UPS, the primary power source is the inverter, and the power feed from the utility is constantly recharging the battery, which in turn powers the output inverter.. _________________________ A) True B) False
B) False
In general, the design phase is accomplished by changing the configuration and operation of the organization's information systems to make them more secure. A) True B) False
B) False
In project planning, the tasks or action steps that come before the specific task at hand are commonly referred to as prerequisites. _________________________ A) True B) False
B) False
In the early stages of planning, the project planner should attempt to specify completion dates only for major employees within the project. _________________________ A) True B) False
B) False
In transport mode the entire IP packet is encrypted and is then placed as the content portion of another IP packet. _________________________ A) True B) False
B) False
In tunnel mode, the data within an IP packet is encrypted, but not the header information. A) True B) False
B) False
Intrusion detection and prevention systems can deal effectively with switched networks. A) True B) False
B) False
Intrusion detection consists of procedures and systems that identify system intrusions and take action when an intrusion is detected. A) True B) False
B) False
Kerberos uses asymmetric key encryption to validate an individual user to various network resources. _________________________ A) True B) False
B) False
Many hiring managers in information security prefer to recruit a security professional who already has proven HR skills and professional experience, since qualified candidates with information security experience are scarce. _________________________ A) True B) False
B) False
Mechanical locks can accept a variety of inputs as keys, including magnetic strips on ID cards, radio signals from name badges, personal identification numbers (PINs) typed into a keypad, or some combination of these to activate an electrically powered servo to unlock the mechanism. _________________________ A) True B) False
B) False
Most current operating systems require specialized software to connect to VPN servers, as support for VPN services is no longer built into the clients. A) True B) False
B) False
Most information security projects require a trained project developer. _________________________ A) True B) False
B) False
One of the biggest challenges in the use of the trusted computer base (TCB) is the existence of explicit channels._________________________ A) True B) False
B) False
Organizations are not required by law to protect employee information that is sensitive or personal. A) True B) False
B) False
Passive scanners are advantageous in that they require vulnerability analysts to get approval prior to testing. A) True B) False
B) False
Planning for the implementation phase requires the creation of a detailed request for proposal, which is often assigned either to a project manager or the project champion. _________________________ A) True B) False
B) False
Port Address Translation assigns non-routing local addresses to the computer systems in the local area network and uses ISP-assigned addresses to communicate with the Internet, on a one-to-one basis. _________________________ A) True B) False
B) False
Port explorers are tools used by both attackers and defenders to identify (or fingerprint) the computers that are active on a network, as well as the ports and services active on those computers, the functions and roles the machines are fulfilling, anAn IDPS can be configured to dial a phone number and produce an alphanumeric page or other type of signal or message. A) True B) False other useful information. _________________________ A) True B) False
B) False
Port explorers are tools used by both attackers and defenders to identify (or fingerprint) the computers that are active on a network, as well as the ports and services active on those computers, the functions and roles the machines are fulfilling, and other useful information. _________________________ A) True B) False
B) False
SESAME, as described in RFC 4120, keeps a database containing the private keys of clients and servers—in the case of a client, this key is simply the client's encrypted password.. _________________________ A) True B) False
B) False
SSL builds on the encoding format of the Multipurpose Internet Mail Extensions protocol and uses digital signatures based on public key cryptosystems to secure e-mail. A) True B) False
B) False
Sequence encryption is a series of encryptions and decryptions between a number of systems, wherein each system in a network decrypts the message sent to it and then reencrypts it using different keys and sends it to the next neighbor, and this process continues until the message reaches the final destination. A) True B) False
B) False
Services using the TCP/IP protocol can run only on their commonly used port number as specified in their original Internet standard. A) True B) False
B) False
Standby power supply (SPS) UPSs provide power conditioning. A) True B) False
B) False
Symmetric encryption uses two different but related keys, and either key can be used to encrypt or decrypt the message. _________________________ A) True B) False
B) False
Syntax errors in firewall policies are usually extremely difficult to identify. A) True B) False
B) False
Task rotation is the requirement that two individuals review and approve each other's work before the task is categorized as finished. A) True B) False
B) False
Task-based controls are associated with the assigned role a user performs in an organization, such as a position or temporary assignment like project manager. A) True B) False
B) False
Tasks or action steps that come before the specific task at hand are called successors. A) True B) False
B) False
The AES algorithm was the first public key encryption algorithm to use a 256 bit key length. A) True B) False
B) False
The CISA credential is geared toward experienced information security managers and others who may have similar management responsibilities. _________________________ A) True B) False
B) False
The CISSP-ISSEP concentration focuses on the knowledge areas that are part of enterprise security management. A) True B) False
B) False
The RADIUS system decentralizes the responsibility for authenticating each user, by validating the user's credentials on the NAS server. A) True B) False
B) False
The RFP determines the impact that a specific technology or approach can have on the organization's information assets and what it may cost. _________________________ A) True B) False
B) False
The S-HTTP security solution provides six services: authentication by digital signatures, message encryption, compression, e-mail compatibility, segmentation, and key management. A) True B) False
B) False
The SSCP examination is much more rigorous that the CISSP examination. A) True B) False
B) False
The Virtual Private Network Consortium (VPNC) defines three VPN technologies: trusted VPN, secure VPN, and mixed VPN. A) True B) False
B) False
The ability of a router to restrict traffic to a specific service is an advanced capability and not considered a standard feature for most routers. A) True B) False
B) False
The activities that gather information about the organization and its network activities and assets is called fingerprinting. _________________________ A) True B) False
B) False
The application header (AH) protocol provides secrecy for the contents of network communications as well as system-to-system authentication and data integrity verification. _________________________ A) True B) False
B) False
The disadvantages of using the honeypot or padded cell approach include the fact that the technical implications of using such devices are not well understood. _________________________ A) True B) False
B) False
__________ is the information used in conjunction with an algorithm to create the ciphertext from the plaintext or derive the plaintext from the ciphertext. A) Password B) Cipher C) Key D) Passphrase
C) Key
Which one of the following is NOT an IDPS Control Strategy? A) Partially Distributed Control Strategy B) Centralized Control Strategy C) Localized Control Strategy D) Fully Distributed Control Strategy
C) Localized Control Strategy
Which security protocols are used to protect e-mails? A) S/MIME and SET B) SSL and PEM C) PGP and PEM D) PGP and S-HTTP
C) PGP and PEM
The CompTIA's Security+ exam objectives focus on the following except ___________. A) System security B) Organization security C) Personel security D) Cryptography
C) Personel security
Which one of the following is NOT a symmetric encryption cryptosystem? A) Advanced Encryption Standard (AES) B) Triple DES (3DES) C) Rivest-Shamir-Adleman (RSA) D) Data Encryption Standard (DES)
C) Rivest-Shamir-Adleman (RSA)
System Administration, Networking, and Security Organization is better known as __________. A) SANO B) SAN C) SANS D) SANSO
C) SANS
__________ is a cornerstone in the protection of information assets and in the prevention of financial loss. A) Fire suppression B) Business separation C) Separation of duties D) Collusion
C) Separation of duties
__________ is a cornerstone in the protection of information assets and in the prevention of financial loss. A) Fire suppression B) Business separation C) Separation of duties D) Collusion
C) Separation of duties
The __________ layer of the bull's-eye model includes computers used as servers, desktop computers, and systems used for process control and manufacturing systems. A) Policies B) Networks C) Systems D) Applications
C) Systems
Which of the following version of TACACS is still in use? A) TACACS B) Extended TACACS C) TACACS+ D) All of the above
C) TACACS+
Free Response %100 Read the SonicWall Firewall document.What are the technologies utilized in the firewall to protect an organization?
packet inspection, content filtering, built in anti-virus, clean VPN, portshield security and built in anti-spam
A padded cell is a hardened honeynet. _________________________ A) True B) False
B) False
Evasion is the process by which attackers change the format and/or timing of their activities to avoid being detected by the IDPS. A) True B) False
A) True
Firewalls can be categorized by processing mode, development era, or structure. A) True B) False
A) True
For laptops, there are theft alarms made up of a PC card or other device that contains a motion detector. A) True B) False
A) True
For laptops, there are theft alarms made up of a PC card or other device that contains a motion detector. A) True B) False
A) True
Gaseous emission systems can be used in the suppression of fires. _________________________ A) True B) False
A) True
Grounding ensures that the returning flow of current is properly discharged to the ground. _________________________ A) True B) False
A) True
Guards can evaluate each situation as it arises and make reasoned responses. _________________________ A) True B) False
A) True
Hash algorithms are public functions that create a message digest by converting variable-length messages into a single fixed-length value. _________________________ A) True B) False
A) True
Hash functions are used to confirm message identity and integrity. A) True B) False
A) True
Honeypots are decoy systems designed to lure potential attackers away from critical systems. A) True B) False
A) True
IDPS responses can be classified as active or passive. A) True B) False
A) True
In DNS cache poisoning, valid packets exploit poorly configured DNS servers to inject false information to corrupt the servers' answers to routine DNS queries from other systems on the network. A) True B) False
A) True
In addition to being credited with inventing a substitution cipher, Julius Caesar was associated with an early version of the transposition cipher. A) True B) False
A) True
In many organizations, information security teams lacks established roles and responsibilities. A) True B) False
A) True
In order to determine which IDPS best meets an organization's needs, first consider the organizational environment in technical, physical, and political terms. A) True B) False
A) True
In static filtering, configuration rules must be manually created, sequenced, and modified within the firewall.. _________________________ A) True B) False
A) True
Internet Protocol Security (IPSec) is an open-source protocol framework for security development within the TCP/IP family of protocol. A) True B) False
A) True
Internet Protocol Security is designed to protect data integrity, user confidentiality, and authenticity at the IP packet level. _________________________ A) True B) False
A) True
Free Response %100 What is a VPN? Why is it becoming more widely used?
A Virtual Private Network is a private network that uses the public infrastructure and maintains privacy by using tunneling protocols. They are becoming more widely used because they can be used to set up tunneling points across the internet to encrypt data and create a secure line of communication
It is important that e-mail traffic reach your e-mail server and only your e-mail server. A) True B) False
A) True
Kerberos uses symmetric key encryption to validate an individual user to various network resources. A) True B) False
A) True
Free Response %100 What is the typical relationship among the untrusted network, the firewall, and the trusted network?
A firewall program is similar to a fire wall in a building. A fire wall is made to protect the separate parts of a building from the other parts so that, if there is a fire, only one section is destroyed. A firewall helps to make sure that only specific types of information move between untrusted networks (the internet) and trusted networks
According to Schwartz, Erwin, Weafer, and Briney "__________" are the real techies who create and install security solutions. A) Builders B) Administrators C) Engineers D) Definers
A) Builders
The __________ position is typically considered the top information security officer in the organization. A) CISO B) CFO C) CTO D) CEO
A) CISO
The CA periodically distributes a(n) _________ to all users that identifies all revoked certificates. A) CRL B) RA C) MAC D) RDL
A) CRL
Which one of the following is not a class of fire? A) Class F B) Class A C) Class C D) Class D
A) Class F
Digital signatures should be created using processes and products that are based on the __________. A) DSS B) NIST C) SSL D) HTTPS
A) DSS
__________ are encrypted messages that can be mathematically proven to be authentic. A) Digital signatures B) MAC C) Message certificates D) Message digests
A) Digital signatures
Which one of the following is NOT a method of data interception? A) Electromechanic interception B) Interception of data transmission C) Direct observation D) Electromagnetic interception
A) Electromechanic interception
__________ is the process of converting an original message into a form that is unreadable to unauthorized individuals. A) Encryption B) Decryption C) Cryptology D) Cryptography
A) Encryption
Each of the following is a conversion strategy except _________________. A) Enterprise Resource Planning (ERP) B) phased implementation C) cold turkey D) pilot implementation
A) Enterprise Resource Planning (ERP)
__________ is the action of luring an individual into committing a crime to get a conviction. A) Entrapment B) Enticement C) Intrusion D) Padding
A) Entrapment
__________ are decoy systems designed to lure potential attackers away from critical systems. A) Honeypots B) Bastion Hosts C) Wasp Nests D) Designated Targets
A) Honeypots
A(n) __________ works like a burglar alarm in that it detects a violation (some system activities analogous to an opened or broken window) and activates an alarm. A) IDPS B) WiFi C) UDP D) DoS
A) IDPS
Using __________, the system reviews the log files generated by servers, network devices, and even other IDPSs. A) LFM B) stat IDPS C) AppIDPS D) HIDPS
A) LFM
__________ firewalls are designed to operate at the media access control sublayer of the data link layer of the OSI network model. A) MAC layer B) Circuit gateway C) Application gateways D) Packet filtering
A) MAC layer
__________ are usually passive devices and can be deployed into existing networks with little or no disruption to normal network operations. A) NIDPSs B) HIDPSs C) AppIDPSs D) SIDPSs
A) NIDPSs
_________ is a hybrid cryptosystem that combines some of the best available cryptographic algorithms and has become the open-source de facto standard for encryption and authentication of e-mail and file storage applications. A) PGP B) DES C) AH D) ESP
A) PGP
__________ firewalls examine every incoming packet header and can selectively filter packets based on header information such as destination address, source address, packet type, and other key information. A) Packet-filtering B) Application gateways C) Circuit gateways D) MAC layer firewalls
A) Packet-filtering
__________ sensors project and detect an infrared beam across an area. A) Photoelectric B) Smoke C) Air-aspirating D) Thermal
A) Photoelectric
The __________ level of the bull's-eye model establishes the ground rules for the use of all systems and describes what is appropriate and what is inappropriate; it enables all other information security components to function correctly. A) Policies B) Networks C) Systems D) Applications
A) Policies
__________ locks can be changed after they are put in service, allowing for combination or key changes without a locksmith and even allowing the owner to change to another access method (key or combination) to upgrade security. A) Programmable B) Manual C) Biometric D) Electronic
A) Programmable
__________ and TACACS are systems that authenticate the credentials of users who are trying to access an organization's network via a dial-up connection. A) RADIUS B) RADIAL C) TUNMAN D) IPSEC
A) RADIUS
__________ involves a wide variety of computing sites outside the organization's primary facility and includes all forms of telecommuting. A) Remote site computing B) Telecommuting C) Remote working D) Hot site computing
A) Remote site computing
__________ are hired by the organization to serve in a temporary position or to supplement the existing workforce. A) Temporary employees B) Consultants C) Contractors D) Self-employees
A) Temporary employees
Corrective action decisions are usually expressed in terms of trade-offs. _________________________ A) True B) False
A) True
Electronic locks can be integrated into alarm systems and combined with other building management systems. A) True B) False
A) True
What is the typical relationship among the untrusted network, firewal, and the trusted network? Choose the best answer. A) The firewall prevents specific types of information from moving between untrusted network and the trusted network. B) The firewall prevents specific types of information from moving from the untrusted network to the trusted network. C) The firewall prevents specific types of information from moving from the trusted network to the untrusted network. D) None of the above
A) The firewall prevents specific types of information from moving between untrusted network and the trusted network.
Which one of the following is NOT a compelling reason to use an IDPS?Choose the best possible answer. A) To protect all the computers at once on the network B) To document the existing threat to an organization C) To act as quality control for security design and administration. D) To detect attacks and other security violations that are not prevented by other security measures.
A) To protect all the computers at once on the network
"Separation of duties" control stipulates that the completion of a significant task that involves sensitive information should require at least two people. A) True B) False
A) True
A HIDPS can monitor systems logs for predefined events. A) True B) False
A) True
A VPN, used properly, allows a user to use the Internet as if it were a private network. A) True B) False
A) True
A background check must always be conducted to determine the level of trust the business can place in a candidate for an information security position. A) True B) False
A) True
A background check should be conducted before an organization extends a job offer to a candidate. A) True B) False
A) True
A behavior-based IDPS collects statistical summaries by observing traffic that is known to be normal. A) True B) False
A) True
A content filter, also known as a reverse firewall, is a network device that allows administrators to restrict access to external content from within a network. A) True B) False
A) True
A deliverable is a completed document or program module that can either serve as the beginning point for a later task or become an element in the finished project. A) True B) False
A) True
A fully distributed IDPS control strategy is an IDPS implementation approach in which all control functions are applied at the physical location of each IDPS component.. A) True B) False
A) True
A milestone is a specific point in the project plan when a task that has a noticeable impact on the progress of the project is complete. A) True B) False
A) True
A passive vulnerability scanner is one that listens in network and determines vulnerable versions of both server and client software. A) True B) False
A) True
A phased implementation is the most common conversion strategy and involves a measured rollout of the planned system. A) True B) False
A) True
A proven method for prioritizing a program of complex change is the bull's-eye method. _________________________ A) True B) False
A) True
A strategy based on the concept of defense in depth is likely to include intrusion detection systems, active vulnerability scanners, passive vulnerability scanners, automated log analyzers, and protocol analyzers. A) True B) False
A) True
A(n) distinguished name uniquely identifies a certificate entity, to a user's public key. _________________________ A) True B) False
A) True
A(n) known vulnerability is a published weakness or fault in an information asset or its protective systems that may be exploited and result in loss. _________________________ A) True B) False
A) True
A(n) log file monitor is similar to a NIDPS. _________________________ A) True B) False
A) True
A(n) partially distributed IDPS control strategy combines the best of the other two strategies. _________________________ A) True B) False
A) True
AES implements a block cipher called the Rijndael Block Cipher. _________________________ A) True B) False
A) True
Access control is achieved by means of a combination of policies, programs, and technologies. _________________________ A) True B) False
A) True
Alarm events that are accurate and noteworthy but do not pose significant threats to information security are called noise. _________________________ A) True B) False
A) True
Alarm filtering is the process of classifying IDPS alerts so that they can be more effectively managed. A) True B) False
A) True
An HIDPS can detect local events on host systems and also detect attacks that may elude a network-based IDPS. A) True B) False
A) True
An IDPS can be configured to dial a phone number and produce an alphanumeric page or other type of signal or message. A) True B) False
A) True
Authentication is the process of validating a supplicant's purported identity. A) True B) False
A) True
Best practices in firewall rule set configuration state that the firewall device never allows administrative access directly from the public network. _________________________ A) True B) False
A) True
Bluetooth is a de facto industry standard for short-range wireless communications between devices. A) True B) False
A) True
Carbon dioxide systems remove a fire's supply of oxygen. A) True B) False
A) True
Ciphertext or cryptogram is the encoded message, or a message that has been successfully encrypted. _________________________ A) True B) False
A) True
Contract employees are typically hired to perform specific services for the organization. A) True B) False
A) True
The CISSP certification requires both the successful complition of the examination and an endorsement by a qualified third party, typically another CISSP-certified professional, the candidate's employer, or a licensed , certified, or commissioned professional. A) True B) False
A) True
The Diameter protocol defines the minimum requirements for a system that provides authentication, authorization, and accounting (AAA) services. A) True B) False
A) True
The International Society of Forensic Computer Examiners (ISFCE) offers two levels of certification, the Certified Computer Examiner (CCE) and the Master Certified Computer Examiner (MCCE). _________________________ A) True B) False
A) True
The anomaly-based IDPS collects statistical summaries by observing traffic that is known to be normal. A) True B) False
A) True
The application layer firewall is firewall type capable of performing filtering at the application layer of the OSI model, most commonly based on the type of service. A) True B) False
A) True
The budgets of public organizations are usually the product of legislation or public meetings. A) True B) False
A) True
The bull's-eye model can be used to evaluate the sequence of steps taken to integrate parts of the information security blueprint into a project plan. A) True B) False
A) True
The difference between digital certificates and digital signatures is that digital signatures help authenticate the origin of a message and digital certificates authenticate the cryptographic key that is embedded in the certificate. A) True B) False
A) True
The dynamic packet-filtering firewall is perceived to offer improved security over static packet filtering. A) True B) False
A) True
The effective use of a DMZ is one of the primary methods of securing an organization's networks. A) True B) False
A) True
The encapsulating security payload protocol provides secrecy for the contents of network communications as well as system-to-system authentication and data integrity verification. A) True B) False
A) True
The false reject rate describes the number of legitimate users who are denied access because of a failure in the biometric device._________________________ A) True B) False
A) True
The general management community of interest must work with the information security professionals to integrate solid information security concepts into the personnel management practices of the organization. A) True B) False
A) True
The most common hybrid system is based on the Diffie-Hellman key exchange, which is a method for exchanging private keys using public key encryption. A) True B) False
A) True
The most popular modern version of steganography involves hiding information within files that contain digital pictures or other images. _________________________ A) True B) False
A) True
The online UPS can deliver a constant, smooth, conditioned power stream to computing systems. A) True B) False
A) True
The optimal time frame for training is usually one to three weeks before the new policies and technologies come online. _________________________ A) True B) False
A) True
The organization should integrate the security awareness education into a new hire's ongoing job orientation and make it a part of every employee's on-the-job security training. A) True B) False
A) True
The permutation cipher simply rearranges the values within a block to create the ciphertext. A) True B) False
A) True
The presence of external requests for Telnet services can indicate a potential attack. _________________________ A) True B) False
A) True
The primary disadvantage of Stateful Packet Inspection firewalls is the additional processing required to manage and verify packets against the state table. _________________________ A) True B) False
A) True
The primary drawback to the direct changeover approach is that if the new system fails or needs modification, users may be without services while the system's bugs are worked out. A) True B) False
A) True
The process of integrating information security perspectives into the hiring process begins with reviewing and updating all job descriptions. A) True B) False
A) True
The size of the organization and the normal conduct of business may preclude a large training program on new security procedures or technologies. A) True B) False
A) True
The use of standard job descriptions can increase the degree of professionalism in the information security field. A) True B) False
A) True
Though not used as much in Windows environments, terminal emulation is still useful to systems administrators on Unix/Linux systems. A) True B) False
A) True
To assist in the footprint intelligence collection process, attackers may use an enhanced Web scanner that, among other things, can scan entire Web sites for valuable pieces of information, such as server names and e-mail addresses. A) True B) False
A) True
To use a packet sniffer legally, an administrator only needs permission of the organization's top computing executive. A) True B) False
A) True
True attack stimulus is an event that triggers alarms and causes an IDPS to react as if a real attack is in progress. A) True B) False
A) True
Unfreezing in the Lewin change model involves thawing hard-and-fast habits and established procedures. A) True B) False
A) True
Upper management should learn more about the budgetary needs of the information security function and the positions within it. _________________________ A) True B) False
A) True
Which one of the following is NOT a question that must be addressed when selecting a firewall? A) Where was the firewall manufactured? B) Which type of firewall technology offers the right balance between protection and cost? C) How easy it is to set up and configure a firewall? D) Is the firewall scalable?
A) Where was the firewall manufactured?
The CISA credential is touted by ISACA as the certification that is appropriate for all but which type of professionals? A) accounting B) security C) networking D) auditing
A) accounting
Which of the following is NOT used to secure wireless network? A) bluetooth B) WEP C) WPA D) TKIP
A) bluetooth
Which one of the following is NOT a control of physical security? A) cats B) dogs C) Locks and keys D) Fencing
A) cats
Each of the following is an internal control strategy except ______________. A) firewall control B) Separation of duties C) Least privilege D) Task rotatio
A) firewall control
Network Behavior Analysis system __________ sensors are typically intended for network perimeter use, so they would be deployed in close proximity to the perimeter firewalls, often between the firewall and the Internet border router to limit incoming attacks that could overwhelm the firewall. A) inline B) offline C) passive D) bypass
A) inline
In the __________ UPS, the internal components of the standby models are replaced with a pair of inverters and converters. A) line-interactive B) ferroresonant C) true online D) offline
A) line-interactive
Each of the following is a type of fire detection systems except _______________. A) motion detector systems B) flame detector systems C) smoke detection systems D) thermal detection systems
A) motion detector systems
n the __________ process, measured results are compared against expected results. A) negative feedback loop B) wrap-up C) direct changeover D) turnover
A) negative feedback loop
A(n) __________ IDPS is focused on protecting network information assets. A) network-based B) host-based C) application-based D) server-based
A) network-based
A __________ vulnerability scanner listens in on the network and identifies vulnerable versions of both server and client software. A) passive B) aggressive C) active D) secret
A) passive
A key or cryptovariable is _________________________. A) the information used in conjunction with an algorithm to cipher or decipher a message. B) the entire range of values that can be used to contruct an individual encryption. C) the amount of effort to perform cryptanalysis to decode an encrypted message when the key or algorithm are unknown. D) the programmatic steps used to convert an unencrypted message into an encrypted sequence of bits that represent the message.
A) the information used in conjunction with an algorithm to cipher or decipher a message.
A ferrosonant standy UPS is an offline battery backup that detects the interruption of power to the equipment and activates a transfer switch that provides power to batteries. A) True B) False
B) False
A firewall cannot be deployed as a separate network containing a number of supporting devices. A) True B) False
B) False
A mandatory furlough provides the organization with the ability to audit the work of an individual. _________________________ A) True B) False
B) False
A mantrap is a small enclosure that has combine entry and exit points. A) True B) False
B) False
A padded cell is a honeynet that has been protected so that it cannot be easily compropmised. A) True B) False
B) False
A passive IDPS response is a definitive action automatically initiated when certain types of alerts are triggered. A) True B) False
B) False
A routing table tracks the state and context of each packet in the conversation by recording which station sent what packet and when. _________________________ A) True B) False
B) False
A wet-pipe system is usually considered appropriate in computer rooms. A) True B) False
B) False
A(n) NIDPS functions on the host system, where encrypted traffic will have been decrypted and is available for processing. _________________________ A) True B) False
B) False
A(n) event is an indication that a system has just been attacked or is under attack. _________________________ A) True B) False
B) False
A multipart authentication code (MAC) is a key-dependent, one-way hash function that allows only specific recipients (symmetric key holders) to access the message digest. _________________________ A) True B) False
B) False
A packet sniffer is a network tool that scan networks for highly detailed information. A) True B) False
B) False
A HIDPS is optimized to detect multihost scanning, and it is able to detect the scanning of non-host network devices, such as routers or switches. A) True B) False
B) False
A broadcast vulnerability scanner is one that initiates traffic on the network in order to determine security holes. A) True B) False
B) False
A brute force function is a mathematical algorithms that generate a message summary or digest (sometimes called a fingerprint) to confirm message identity and integrity. A) True B) False
B) False
A cryptovariable is a value representing the application of a hash algorithm on a message. A) True B) False
B) False
A direct changeover is also known as going "fast turnkey." _________________________ A) True B) False
B) False
A false positive is the failure of an IDPS system to react to an actual attack event. A) True B) False
B) False
The __________ protocol provides system-to-system authentication and data integrity verification, but does not provide secrecy for the content of a network communication. A) ESP B) AH C) HA D) SEP
B) AH
Class __________ fires are extinguished by agents that remove oxygen from the fire. A) A B) B C) C D) D
B) B
At the World Championships in Athletics in Helsinki in August of 2005, a virus called Cabir infected dozens of __________, the first time this occurred in a public setting. A) Ipad tablets B) Bluetooth mobile phones C) WiFi routers D) laptop Macintosh computers
B) Bluetooth mobile phones
Each of the following is a CISO's function except _______________. A) Drafting or approving information security policies. B) Creating efficiency in the processing and accessing of an organization's information. C) Acting as the spokesperson for the information security team. D) Developing information security budgets based on available funding
B) Creating efficiency in the processing and accessing of an organization's information
The __________ is an intermediate area between a trusted network and an untrusted network. A) perimeter B) DMZ C) domain D) firewall
B) DMZ
"Administrators" provide the policies, guidelines and standards in the Schwartz, Erwin,Weafer, and Briney classification. _________________________ A) True B) False
B) False
3DES was created to offer the same strength as the DES algorithm but ran three times as fast, thus saving time. A) True B) False
B) False
A Cost Benefit Analysis (CBA) determines the impact of a specific business or approach can have on the organization's information assets and what it may cost. A) True B) False
B) False
The parallel operations strategy works well when an isolated group can serve as a test area, which prevents any problems with the new system from dramatically interfering with the performance of the organization as a whole. _________________________ A) True B) False
B) False
The popular use for tunnel mode VPNs is the end-to-end transport of encrypted data. _________________________ A) True B) False
B) False
The primary advantages of a a centralized IDPS control strategy are cost and ease-of-use. _________________________ A) True B) False
B) False
The process by which attackers change the format and/or timing of their activities to avoid being detected by the IDPS is known as a false attack stimulus. A) True B) False
B) False
The process of entrapment is when an attacker changes the format and/or timing of their activities to avoid being detected by an IDPS. _________________________ A) True B) False
B) False
The screened subnet protects the DMZ systems and information from outside threats by providing a network with intermediate security, which means the network is less secure as the general public networks but more secure than the internal network. A) True B) False
B) False
The security systems implementation life cycle involves collecting information about an organization's objectives, its technical architecture, and its information security environment. _________________________ A) True B) False
B) False
The static packet filtering allows only a particular packet with a particular source, destination, and port address to enter. A) True B) False
B) False
The static packet filtering firewall can react to an emergent event and update or create rules to deal with that event. _________________________ A) True B) False
B) False
There are very few qualified and professional agencies that provide physical security consulting and services. A) True B) False
B) False
Thermal detectors detect movement within a confined space and are either active or passive. A) True B) False
B) False
Third generation firewalls are stateful inspection firewall, which monitor network connections between internal and external systems using state tables. A) True B) False
B) False
To encipher means to decrypt, decode, or convert, ciphertext into the equivalent plaintext. _________________________ A) True B) False
B) False
To perform the Caesar cipher encryption operation, the pad values are added to numeric values that represent the plaintext that needs to be encrypted. A) True B) False
B) False
To use a packet sniffer legally, an administrator only needs permission of the organization's top computing executive. A) True B) False
B) False
To use a packet sniffer legally, an administrator only needs permission of the organization's top computing executive. A) True B) False
B) False
Traceroute, formally known as ICMP Echo request, is used by internal systems administrators to ensure that clients and servers can communicate. _________________________ A) True B) False
B) False
UltraViolet wireless (UVW) is a de facto industry standard for short-range wireless communications between devices. _________________________ A) True B) False
B) False
Usually, as the length of a crytpovariable increases, the number of random guesses that have to be made in order to break the code is reduced. A) True B) False
B) False
Vibration detectors measure rates of change in the ambient temperature in the room. _________________________ A) True B) False
B) False
Vibration sensors fall into the motion sensor category. A) True B) False
B) False
Videoconferencing is off site computing that uses Internet connections, dialup connections, connections over leased point-to-point links between offices, and other mechanisms. _________________________ A) True B) False
B) False
Water damage is considered less dangerous to computer systems than hazardous chemicals like Halon. A) True B) False
B) False
When a bastion host approach is used, the host contains two NICs, forcing all traffic to go through the device. _________________________ A) True B) False
B) False
When the lock of a door fails and causes the the door become unlocked, it is classified as a fail-secure lock. A) True B) False
B) False
When using trap-and-trace, the trace usually consists of a honeypot or padded cell and an alarm. _________________________ A) True B) False
B) False
Within a PKI, a(n) registration authority issues, manages, authenticates, signs, and revokes users' digital certificates, which typically contain the user name, public key, and other identifying information. _________________________ A) True B) False
B) False
You cannot combine the XOR operation with a block cipher operation. A) True B) False
B) False
Your organization's operational goals, constraints, and culture should not affect the selection of the IDPS and other security tools and technologies to protect your systems. A) True B) False
B) False
"Know more than you say, and be more skillful than you let on" advise for information security professionals indicates the actions taken to protect information should not interfere with users' actions. A) True B) False
B) False
Discretionary access control is an access control approach whereby the organization specifies use of resources based on the assignment of data classification schemes to resources and clearance levels to users. A) True B) False
B) False
Which one of the following is not a benefit of Job Rotaion? A) ensures that no one employee is performing actions that cannot be physically audited by another employee. B) ensures that no unnecessary access to data exists and that only those individuals who must access the data do so. C) the organization can survive the loss of any employee. D) increases the chance to detect an information system misuse or abuse.
B) ensures that no unnecessary access to data exists and that only those individuals who must access the data do so.
Negative feedback loop or cybernetic loop ___________________________. A) involves stopping the old method and beginning the new. B) ensures that progress is measured periodically C) is usually handled as procedural task and assigned a mid-level IT or information security manager. D) involves a measured rollout of the planned system
B) ensures that progress is measured periodically
Which one is a mode that locks use when they fail? A) fail-over lock B) fail-secure lock C) fail-in lock D) fail-out lock
B) fail-secure lock
A(n) __________ is an event that triggers an alarm when no actual attack is in progress. A) false neutral B) false attack stimulus C) false negative D) noise
B) false attack stimulus
Burglar alarm systems rely on the following types of detectors except ___________. A) contact sensor B) flame detector C) weight sensor D) motion detector
B) flame detector
Technology __________ guides how frequently technical systems are updated, and how technical updates are approved and funded. A) wrap-up B) governance C) turnover D) changeover
B) governance
Each of the following is an attack on Cryptosystems except ____________ attack. A) dictionary B) hoax C) timing D) man-in-the-middle
B) hoax
The model commonly used by large organizations places the information security department within the __________ department. A) management B) information technology C) financial D) production
B) information technology
The false reject rate is _________________________. A) is the percentage of identification instances in which unauthorized users are allowed access to systems or areas as a result of a failure in the biometric device. B) is the percentage of identification instances in which authorized users are denied access as a result of a failure in the biometric device C) is the level at which the number of false rejections equals the false acceptances. D) none of the above
B) is the percentage of identification instances in which authorized users are denied access as a result of a failure in the biometric device
Cryptanalysis is the process of ___________________. A) making and using codes to secure the transmission of information. B) obtaining the original message called plaintext from an encrypted message called ciphertext without knowing the algorightms and keys used to perform the encryption. C) converting the ciphertext message back into plaintext so that it can be readily understood. D) converting an original message into a form that is unreadable to unauthorized individuals.
B) obtaining the original message called plaintext from an encrypted message called ciphertext without knowing the algorightms and keys used to perform the encryption.
The ability to detect a target computer's __________ is very valuable to an attacker. A) manufacturer B) operating system C) peripherals D) BIOS
B) operating system
A __________ is usually the best approach to security project implementation. A) direct changeover B) phased implementation C) pilot implementation D) parallel operation
B) phased implementation
Hostile depatures include the following except ________________. A) termination B) relocation C) temporary lay-off, D) permanent downsizing
B) relocation
Tasks or action steps that come after the task at hand are called __________. A) predecessors B) successors C) children D) parents
B) successors
Fire __________ systems are devices installed and maintained to detect and respond to a fire, potential fire, or combustion danger situation. A) detection B) suppression C) protection D) prevention
B) suppression
A method of encryption that requires the same secret key to encipher and decipher the message is known as __________ encryption. A) asymmetric B) symmetric C) public D) private
B) symmetric
In __________ mode, the data within an IP packet is encrypted, but the header information is not. A) tunnel B) transport C) public D) symmetric
B) transport
The Circuit Gateway firewall operates at the ________________ layer of the OSI. A) data link B) transport C) application D) physical
B) transport
The primary benefit of a VPN that uses _________ is that an intercepted packet reveals nothing about the true destination system. A) intermediate mode B) tunnel mode C) reversion mode D) transport mode
B) tunnel mode
Which of the following is not one of the categories of positions as defined by Schwartz, Erwin, Weafer, and Briney? A) definer B) user C) builder D) administrator
B) user
The goal of the __________ is to resolve any pending project-related issues, critique the overall effort of the project, and draw conclusions about how to improve the project management process for the future. A) direct changeover B) wrap-up C) phased implementation D) pilot implementation
B) wrap-up
Computing and other electrical equipment used in areas where water can accumulate must be uniquely grounded, using __________ equipment. A) UPS B) HVAC C) GFCI D) ESD
C) GFCI
What does HVAC stand for? A) Heating, Ventilation, And Conditioning B) Heating, Vent, and Air Conditioning C) Heating, Ventilation, and Air Conditioning D) Heat, Ventilation, and Air Conditioning
C) Heating, Ventilation, and Air Conditioning
__________ is a protocol that can be used to secure communications across any IP-based network such as LANs, WANs, and the Internet. A) PEM B) SSH C) IPSec D) SET
C) IPSec
The ISSEP allows CISSP certificate holders to demonstrate expert knowledge of all of these except __________. A) Systems security engineering B) Technical management C) International laws D) Certification and accreditation/risk management framework
C) International laws
SHA-1 produces a(n) ___________-bit message digest, which can then be used as an input to a digital signature algorithm. A) 48 B) 56 C) 160 D) 256
C) 160
__________ is the current federal information processing standard that specifies a cryptographic algorithm used within the U.S. government to protect information in federal agencies that are not a part of the national defense infrastructure. A) DES B) 2DES C) AES D) 3DES
C) AES
Class __________ fires are safely extinguished with non-conducting agents only. A) A B) B C) C D) D
C) C
The breadth and depth covered in each of the domains makes the __________ one of the most difficult-to-attain certifications on the market. A) NSA B) CISO C) CISSP D) ISEP
C) CISSP
The breadth and depth covered in each of the domains makes the __________ one of the most difficult-to-attain certifications on the market. A) NSA B) CISO C) CISSP D) ISEP
C) CISSP
Which one of the following is NOT a hybrid firewall? A) Combination of packet filering firewall and circuit gateway firewall. B) Combination of packet filtering firewall and a proxy server C) Combination of Proxy server and an application gateway firewall. D) Combination of stateful inspection firewall and a MAC layer Firewall
C) Combination of Proxy server and an application gateway firewall.
One of the leading causes of damage to sensitive circuitry is __________. A) CPU B) EPA C) ESD D) HVAC
C) ESD
Which of the following is NOT a difference between an application layer firewall and a packet-filtering firewall? A) The packet-filtering firewall is installed at the perimeter of the network while the application layer firewall is installed on a dedicated computer. B) The packet filtering firewall examines the header information of the data packets while the application layer firewall inspects the body of the packet. C) The application layer firewall and the packet filtering firewall are each hybrid firewall. D) The application layer firewall functions at the application layer of the OSI model while the packet filtering firewall functions at the network layer of the OSI (Open SystemsInterconnect) model.
C) The application layer firewall and the packet filtering firewall are each hybrid firewall.
Project scope describes the amount of ___________________ needed to deliver the planned features and quality level of the project deliverables. A) time B) effort-hours C) a) and b) D) space
C) a) and b)
The International Society of Forensic Computer Examiners (ISFCE) offers which certifications? A) Certified Computer Examiner (CCE) B) Master Certified Computer Examiner (MCCE) C) both a & b D) neither a nor b
C) both a & b
The __________ methodology has been used by many organizations and requires that issues be addressed from the general to the specific, and that the focus be on systematic solutions instead of individual problems. A) parallel B) direct changeover C) bull's-eye D) wrap-up
C) bull's-eye
Which one of the following is an advantage of cache server.choose the best possible answer. A) Can operate at the Media Access Control layer B) can prevent direct connection between one network and another C) can store the most recently accessed pages in their internal cache D) Can check for connection state table
C) can store the most recently accessed pages in their internal cache
Some vulnerability scanners feature a class of attacks called _________, that are so dangerous they should only be used in a lab environment. A) aggressive B) divisive C) destructive D) disruptive
C) destructive
Many organizations use a(n) __________ interview to remind the employee of contractual obligations, such as nondisclosure agreements, and to obtain feedback on the employee's tenure in the organization. A) hostile B) departure C) exit D) termination
C) exit
Each of the following is a threat to physical security except _____________. A) Extreme temperature B) Energy anomalies C) malicious programs D) Liquids
C) malicious programs
The date for sending the final RFP to vendors is considered a(n) __________, because it signals that all RFP preparation work is complete. A) intermediate step B) resource C) milestone D) deliverable
C) milestone
Interior walls only partially reach to the next floor, which leaves a space above the ceiling. This space is called a(n) __________. A) kneespace B) attic C) plenum D) padding
C) plenum
More advanced substitution ciphers use two or more alphabets, and are referred to as __________ substitutions. A) multialphabetic B) monoalphabetic C) polyalphabetic D) polynomic
C) polyalphabetic
By managing the __________, the organization can reduce unintended consequences by having a process to resolve potential conflict and disruption that uncoordinated change can introduce. A) conversion process B) wrap-up C) process of change D) governanc
C) process of change
Using a database of precomputed hashes from sequentially calculated passwords called a(n) __________, an attacker can simply look up a hashed password and read out the text version. A) timing matrix B) agile scrum C) rainbow table D) smurf list
C) rainbow table
A(n) __________ is a software program or hardware appliance that can intercept, copy, and interpret network traffic. A) packet scanner B) packet sniffer C) honey pot D) honey packet
C) signatures
To determine whether an attack has occurred or is underway, NIDPSs compare measured activity to known __________ in their knowledge base. A) vulnerabilities B) fingerprints C) signatures D) footprints
C) signatures
To use a packet sniffer legally, the administrator must __________. A) be on a network that the organization owns B) be under direct authorization of the network's owners C) have knowledge and consent of the content's creators D) all of the above
C) signatures
The information security function can be placed within the __________. A) insurance and risk management function B) administrative services function C) legal department D) All of the above
D) All of the above
The restrictions most commonly implemented in packet-filtering firewalls are based on __________. A) IP source and destination address B) Direction (inbound or outbound) C) TCP or UDP source and destination port requests D) All of the above
D) All of the above
What does a vulnerability scanner do? A) Shows open network shares B) Scans networks for highly detailed information. C) Identifies exposed usernames and groups D) All of the above
D) All of the above
What is a DMZ? A) Can be a dedicated port on the firewall device linking a single bastion host. B) Can be connected to a screened subnet. C) Can contain servers providing services through an untrusted network D) All of the above
D) All of the above
Security technicians are the technically qualified individuals tasked to _____________. A) diagnose and troubleshoot problems B) implement security software C) deploy IDPS D) All of the above
D) All of the above
The Lewin change model includes __________. A) unfreezing B) moving C) refreezing D) All of the above
D) All of the above
The information security function can be placed within the __________. A) insurance and risk management function B) administrative services function C) legal department D) All of the above
D) All of the above
Telnet protocol packets usually go to TCP port __________ whereas SMTP packets go to port __________. A) 23, 52 B) 80, 52 C) 80, 25 D) 23, 25
D) 23, 25
A content filter is used ________________. A) to protect against misuse and unintentional denial-of-service issues B) to restrict access to content from within a network C) to restrict internal access to external material( as reverse firewalls) D) All of above
D) All of above
What are honeypots designed to do? A) Encourage the stay on the systemlong enough for administrator to document the event. B) Divert an attacker from critical systems C) Collect information about the attacker's activity D) All of above
D) All of above
A chemical designated as clean agent does not _________________________. A) interfere with the operation of electrical equipment B) leave any residue after use C) interfere with the operation of electronic equipment D) All of the above
D) All of the above
A project plan can accomplish the following: A) improve security B) describes how to acquire and implement the needed security controls C) describe how to acquire and create a setting in which those controls achieve the desired outcomes D) All of the above
D) All of the above
What is true about a Signature-Based IDPS? A) Examines network traffic in search of patterns that match known signatures. B) Sometime called a knowledge-based IDPS C) A slow and methodical attack might escape detection if the relevant IDPS attack signature has a shorter time frame. D) All of the above
D) All of the above
Which one of the following is a major step executing a project plan? A) planning the project B) Wrapping up C) Supervising tasks and action steps D) All of the above
D) All of the above
A VPN that proposes to offer a secure and reliable capability while relying on public networks must accomplish the following except ________________. A) Encapsulation B) Authorization C) Encryption D) Authentication
D) Authentication
A(n) __________, used to justify the project is typically prepared in the analysis phase of the SecSDLC, must be reviewed and verified prior to the development of the project plan. A) RFP B) WBS C) SDLC D) CBA
D) CBA
In recent years, the __________ certification program has added a set of concentration exams. A) ISSEP B) ISSMP C) ISSAP D) CISSP
D) CISSP
What is crytography? A) Crytography is the process of converting an original message into a form that is unreadable to unauthorized individuals. B) Crytography is the process of obtening the original message called plaintext from an encrypted message called ciphertext without knowing the algorithms and keys used to perform the encryption. C) Crytography encompasses encryption and decryption. D) Crytography is the process of making and using codes to secure the transmission of information.
D) Crytography is the process of making and using codes to secure the transmission of information.
Which one of the following is NOT a function of a Security Manager? A) Performing assigned duties in the area of incident response management and disaster recovery response. B) Representing the information security organization in the organization's change management process. C) Developing and managing information security programs and control systems under the supervision of a CISO. D) Making decisions or recommendations on the recruiting, hiring, and firing of security staff.
D) Making decisions or recommendations on the recruiting, hiring, and firing of security staff.
If the task is to write firewall specifications for the preparation of a(n) __________, the planner would note that the deliverable is a specification document suitable for distribution to vendors. A) WBS B) CBA C) SDLC D) RFP
D) RFP
The __________ is responsible for the fragmentation, compression, encryption, and attachment of an SSL header to the cleartext prior to transmission. A) Standard HTTP B) SFTP C) S-HTTP D) SSL Record Protocol
D) SSL Record Protocol
__________ are the technically qualified individuals tasked to configure firewalls, deploy IDSs, implement security software, diagnose and troubleshoot problems, and coordinate with systems and network administrators to ensure that an organization's security technology is properly implemented. A) CSOs B) CISOs C) Security managers D) Security technicians
D) Security technicians
__________ are the technically qualified individuals tasked to configure firewalls, deploy IDSs, implement security software, diagnose and troubleshoot problems, and coordinate with systems and network administrators to ensure that an organization's security technology is properly implemented. A) CSOs B) CISOs C) Security managers D) Security technicians
D) Security technicians
__________ is the requirement that every employee be able to perform the work of another employee. A) Two-man control B) Collusion C) Duty exchange D) Task rotation
D) Task rotation
What are the two mode of IP Security? A) ESP and AH B) Tunnel and Ecapsulating Security Payload (ESP) C) Transport and Application Hearder (AH) D) Transport and Tunnel
D) Transport and Tunnel
A device that assures the delivery of electric power without interruption is a(n) __________. A) GFCI B) HVAC C) GPS D) UPS
D) UPS
__________ is the amount of effort (usually in hours) required to perform cryptanalysis to decode an encrypted message when the key or algorithm (or both) are unknown. A) Code B) Algorithm C) Key D) Work factor
D) Work factor
A wireless security toolkit should include the ability to ____________________. A) sniff wireless traffic B) assess the level of privacy or confidenciality afforded on the wireless network C) scan wireless hosts D) all of the above
D) all of the above
Physical security encompasses the ______________of countermeasures that protect the physical resources of an organization. A) implementation B) design C) maintenance D) all of the above
D) all of the above
The most sophisticated locks are __________ locks. A) manual B) programmable C) electronic D) biometric
D) biometric
Electronic monitoring includes __________ systems. A) blocked video B) local video C) open-circuit television D) closed-circuit television
D) closed-circuit television
Intrusion __________ activities finalize the restoration of operations to a normal state and seek to identify the source and method of the intrusion in order to ensure that the same type of attack cannot occur again. A) prevention B) reaction C) detection D) correction
D) correction
Which of the following is NOT a described IDPS control strategy? A) centralized B) fully distributed C) partially distributed D) decentralized
D) decentralized
The PGP security solution provides the following services except____________. A) compression B) segmentation C) key management D) digital certificates
D) digital certificates
Activities that scan network locales for active systems and then identify the network services offered by the host systems is known as __________. A) port knocking B) doorknob rattling C) footprinting D) fingerprinting
D) fingerprinting
A stateful inspection __________________________.Choose the best possible answer. A) functions at the application layer of the Open System Interconnect (OSI) model B) does not inspect the information in the header of the packet C) examines the content of the packet D) keeps track of each network connection between internal and external systems.
D) keeps track of each network connection between internal and external systems.
In a __________ implementation, the entire security system is put in place in a single office, department, or division before expanding to the rest of the organization. A) loop B) direct C) parallel D) pilot
D) pilot
In most common implementation models, the content filter has two components: __________. A) encryption and decryption B) filtering and encoding C) rating and decryption D) rating and filtering
D) rating and filtering
Many public organizations must spend all budgeted funds within the fiscal year - otherwise, the subsequent year's budget is __________. A) increased by the unspent amount B) not affected unless the deficit is repeated C) automatically audited for questionable expenditures D) reduced by the unspent amount
D) reduced by the unspent amount
Since the bastion host stands as a sole defender on the network perimeter, it is commonly referred to as the __________ host. A) trusted B) domain C) DMZ D) sacrificial
D) sacrificial
The dominant architecture used to secure network access today is the __________ firewall. A) static B) bastion C) unlimited D) screened subnet
D) screened subnet
The SecSDLC involves which of the following activities? A) collecting information about an organization's objectives B) collecting information about an organization's information security environment C) collecting information about an organization's technical architecture D) all of the above
D) all of the above
Which of the following is a category of locks? A) Biometric lock B) programmable lock C) Electronic lock D) Manual lock E) All of above
E) All of above
A background check may consist of : _________________________. A) identity check B) motor vehicle record C) criminal court history D) drug history E) All of the above
E) All of the above
By managing the process of change, organization can do the following: ________________. A) Enhance coordination between groups within the organization as change is scheduled and completed B) improve communication about change across the organization C) improve quality of service as potential failures are eliminated and groups work together D) Reduced unintended consequences by having a process to resolve conflict and disruption that change can introduce E) All of the above
E) All of the above
How do you prepare for Security Certification? A) Self-study guides B) Work experience C) Formal training program D) Mentors and study partners E) All of the above
E) All of the above
Projectisis is when the project manager spends more time______________ than accomplishing meaningful project work. A) recording project task information B) updating project complition forecasts C) documenting project tasks D) Collecting performance measurements E) All of the above
E) All of the above
When hiring information security professionals, organizations frequently look for individuals who understand the following:__________________ A) How an organization operates at all levels. B) The terminology of IT and information security. C) The threat facing an organization and how these threats can become attacks. D) How to protect an organization's asset from information security attacks. E) All of the above
E) All of the above
Which security protocols are predominantly used in Web-based electronic commerce? A) Secure Sockets Layer (SSL) B) Secure Electronic Transactions (SET) C) Secure Shell (SSH-2) D) IP Security (IPSec) E) All of the above
E) All of the above
__________________ is a layer of the Bull's-Eye Model. A) Networks B) Application C) Systems D) Policies E) All of the above
E) All of the above
______________________ UPS is a basic configuration of UPS. A) A ferroresonant standby B) The line-interactive C) An Offline D) A true online E) All of the above
E) All of the above
Biometric authentication includes the following except _____________. A) facial recognition B) fingerprint comparison C) Retinal print comparison D) Iris pattern comparison E) None of the above
E) None of the above
Each of the following is a component of Public-Key Infrastructure (PKI) except _________. A) Management protocols. B) Certificate authority (CA). C) Registration Authority (RA). D) Policies and procedures. E) None of the above
E) None of the above
The following protocols are hybrid cryptosystems except ______________. A) IPSec B) SET C) PGP D) PEM E) None of the above
E) None of the above
To make information systems more secure the following items need to be changed except _____________. A) People B) Software C) Data D) procedures E) None of the above
E) None of the above
Which one of the following is NOT a basic operation of cryptography? A) Exclusive OR B) Permutation C) Transposition D) Substitution E) None of the above
E) None of the above
Which one of the following organizational functions is NOT an option available for the location of information security function within an organization? A) Insurance and risk management B) Legal department C) IT function D) Physical security E) None of the above
E) None of the above
When an employee prepares to leave an organizatio, the following tasks must be performed:________________. A) removable media must be returned B) hard drives must be secured C) office door locks must be changed D) keycard access must be revoked E) all of the above
E) all of the above
Free Response %100 How does the Tunnel Mode in a VPN works?
In tunnel mode, the information from the sender is encrypted and added as the data portion of a packet. Then it travels from one tunneling server to another where it is decrypted and sent to the final point.
Which one of the following is NOT a component of Kerberos three interacting services? A) Key Distribution Center(KDC) B) Authentication server (AS) C) SESAME D) Kerberos Ticket Granting Service (TGS)
SESAME
Free Response %100 What is a DMZ?
The Demilitarized Zone is an intermediate area between two networks designed to provide services and firewall filtering between a trusted internal network and the outside, untrusted network.
A Bastion host is a dedicated server that receives screened network traffic. A) True B) False
True