IFT 302 Final Exam Prep
Which type of surveillance camera can be viewed from virtually anywhere in the world? - A digital camera - A digital IP camera - An analog camera - A hybrid camera
- A digital IP camera
Which of the following options represent physical barriers? (Select all that apply) - A surveillance camera - An RFID badge reader - A locked door - A receptionist
- A locked door - A receptionist
Which of the following best describes the meaning of lux rating as it applies to surveillance cameras? - Rating for the size of the camera lens - Specifies the color resolution of the camera - Amount of light required for an acceptable image - Resolution of the camera lens
- Amount of light required for an acceptable image
Using natural design elements such as structures and landscaping to guide people as they enter and exit spaces is referred to as: - Natural access control - Ingress/egress planning - Crowd control features - Physical access management
- Natural access control
Which of the following options represent physical barriers? (Select all that apply) - A surveillance camera - A locked door - A receptionist - An RFID badge reader
A locked door, A receptionist
This technical access control manages and documents accounts (authorizing, establishing, activating, modifying, reviewing, disabling, and removing). - Access enforcement - Separation of functions - Concurrent session control - Account management
Account management
The OODA loop and Deming Cycle (PDCA) have a similar structure and objective. They also share one term. Which one is it? - Distinguish - Act - Availability - Decide
Act
A mathematical process or series of structured steps for performing some function. - Heuristic - Substitution - Transposition - Algorithm
Algorithm
A type of cryptography that uses a cipher with two separate keys, one public and one private, to encrypt and decrypt messages? - Psychic - Asymmetric - Telepathic - Symmetric
Asymmetric
The security goal that seeks continuous operation is: - Auditing - Availability - Authentication - Integrity
Availability
The security goal that seeks continuous operation is: - Auditing - Integrity - Authentication - Availability
Availability
The easiest and most logical way to combat malware. - Risk Acceptance - Behavior Avoidance - Threat Mitigation - Role Transference
Behavior Avoidance
Trying all possible keys until finding the right key. - Brute force attack - Algorithmic process - Social engineering - Heuristic process
Brute force attack
_____ is a type of image sensor used in cameras designed to produce the highest quality images. - Charged coupled device - Fish-eye lens - Infrared - Photo-electric sensor
Charged coupled device
_____ is a type of image sensor used in cameras designed to produce the highest quality images. - Charged coupled device - Photo-electric sensor - Infrared - Fish-eye lens
Charged coupled device
This term refers to an individual's need to create their own subjective social reality and is part of the several processes that we use to remember how to operate ourselves, meaning how and why we decide to do things. - Social Engineering - Threat Modeling - Problem Solving - Cognitive Bias
Cognitive Bias
The security goal that seeks to ensure that only authorized people are given access is: - Authentication - Auditing - Availability - Confidentiality
Confidentiality
What is CIA? - Cohesiveness, Ingenuity, Accuracy - Confidentiality, Integrity, Availability - Can Initiate access? - Containerize, Integrate, Accountability
Confidentiality, Integrity, Availability
In Robert Cialdini's Principles of Persuasion, he discusses factors in which we may be more apt to respond favorably to persuasion or influence. The desire to do what we've said we'll do is an example of: - Consistency - Reciprocity - Liking - Authority
Consistency
The desire to do what we've said we'll do is an example of: - Liking - Consistency - Reciprocity - Authority
Consistency
Possible infection symptoms include: - Contact by law enforcement - Bounces of forged emails - Alerts from security software - Unusual and lucrative offers from royalty - Deja vu - Precisely targeted advertisements
Contact by law enforcement, Bounces of forged emails, Alerts from security software
Mechanisms or protections against behavior that is outside an expected norm. - Controls - Encryption - Motive - Money
Controls
Which of the following is not a subsystem involved in infrastructure security management? - Corporate cybersecurity policies - Video surveillance systems - Access-control and monitoring systems - Intrusion-detection and reporting systems
Corporate cybersecurity policies
These sorts of controls reduce the consequences of an incident, perhaps by limiting the damage that is likely to occur no matter what other controls exist. - Deterrent - Preventative - Corrective - Detective
Corrective
Which of the following are Internal Controls? - Corrective - Detective - Preventative - Deterrent - ACLs
Corrective, Detective, Preventative, Deterrent
This attack uses Javascript to perform commands on the user's system, when the user visits sites using a vulnerable browser. - Key Logging - Man-in-the-Browser (MitB) - Cross Site Scripting (XSS) - Man-in-the-Middle (MitM)
Cross Site Scripting (XSS)
What are Technical Controls, monitoring and planned responses - Cyber Security - Software Assurance - OODA - Deming Cycle - Threat Processing
Cyber Security
_____ provides detailed, actionable data about supply and demand in the cybersecurity job market.
CyberSeek
Which layer controls how data is packaged and moved between communication points? - Transmission - Human - Data - Link - Physical
Data
Which OSI model layer is responsible for controlling how data is packaged and moved between communication points? - Application layer - Data link layer - Transport layer - Network layer
Data link layer
Two tools used in reverse engineering malware include: - Decompilers and Debuggers - Static and Destructive Analysis - Behavioral and Threat Analysis - Winsome and Losesome
Decompilers and Debuggers
The act of unscrambling ciphertext into plaintext. - Decryption - Transposition - Symmetric - Substitution
Decryption
A non-encrypted message is:
Decyphered OR Plaintext
In the STRIDE model, what does the 'D' stand for? - Denial of service - Disclosure of Information - Destruction - Deliberate
Denial of service
These sorts of controls are intended to reduce attacks on a system merely by advertising that they're there. Much like a wall or barbed wire fence, or an armed guard, these controls typically reduce the threat level by informing potential attackers that there will be adverse consequences for them if they proceed. - Deterrent - Corrective - Preventive - Detective
Deterrent
SETA is an important tool for an organization seeking to improve knowledge of cybersecurity topics pertains to? - Public awareness - Research - Education - Analysis
Education
Collecting intelligence information from people as part of human intelligence is known as:
Elicitation OR Social engineering
Where components are isolated from other components in a way that limits the amount of damage any fault could cause. - Modularity - Encapsulation - Information hiding - Cohesion
Encapsulation
Which of the following are software development techniques intended to reduce the frequency and severity of vulnerabilities in software. - Encapsulation - Behavioral-based Anti-malware - Wireless Equivalent Privacy - Endpoint Detection & Response - Information Hiding - Internet Protocol Security - Modularity
Encapsulation, Information Hiding, Modularity
_____ is a report that incorrectly authenticates the individual, which could provide access to equipment or data that this person should not have. - False acceptance - True negative failure - TPS cover sheet - True positive failure
False acceptance
_____ is a report that incorrectly authenticates the individual, which could provide access to equipment or data that this person should not have. - TPS cover sheet - True positive failure - False acceptance - True negative failure
False acceptance
_____ provides security templates for various systems.
FedRAMP
This device uses a set of rules about what traffic will be allowed to enter or leave a network. - Content filter - Firewall - Data loss prevention - Network intrusion detection and protection
Firewall
This system monitors the host operating system's logs, including processing, memory usage, file structures, and accesses or merely attempted accesses to files, functions, and network ports, looking for abnormal behavior. - NIDS - EDR - HIDS - SIEM
HIDS
These sorts of anti malware and intrusion detection systems build a model of acceptable baseline behavior, use inference engines to make decisions on what they detect, and flag exceptions to that model? - Mapping Based - Prevention Based - Signature Based - Heuristic based
Heuristic based
These sorts of antimalware and intrusion detection systems build a model of acceptable baseline behavior, use inference engines to make decisions on what they detect, and flag exceptions to that model. - Signature based - Heuristic based - Host based - Network based
Heuristic based
A message alerting a user to a non-existent threat, which may falsely indicate malware infection and cause them to perform tasks to actually expose their system to actual malware. - Hoaxware - Remote Access Trojan - Payload propagation - Honeypot
Hoaxware
Which of the following cameras provides the ability to maintain a degree of secrecy by using illumination that is undetectable by a human eye? - Infrared security camera - color camera - CCD camera - Black-and-white camera
Infrared security camera
What does it mean when a virus is wormable? - It gets up early - It is easy to find and kill - It is devious - It can propagate by itself
It can propagate by itself
Which component is considered the core of the operating system? - Kernel - System call interface - Security module - Hardware
Kernel
The process of issuing keys to valid users of a cryptosystem so that they can communicate. - Substitution - Key distribution - Symmetric - Decryption
Key distribution
This device can be used to record and store input into a computer system. - Bluetooth transmitter - KVM switch - LCD display - Key logger
Key logger
_____ is a type of security device used for programming, controlling, and operating access control and management devices. - Stingray - Keypad - Multimeter - TI-85+
Keypad
_____ is a type of security device used for programming, controlling, and operating access control and management devices. - Multimeter - Stingray - Keypad - TI-85+
Keypad
A password, passphrase, or PIN are examples of which authentication factor? - Possession - Location - Inherence - Knowledge
Knowledge
Which layer of the OSI model represents the human user of a network application? - Layer 4 - Layer 2 - Layer 0 - Layer 8
Layer 8
Which are viable ways that attackers can hide their conduct from network security appliances? - Unique patterns - Encryption - Operator fatigue - Packet fragmentation attack - Payload obfuscation
Literally all of them
These sorts of risks are those that might have simple to effect mitigations, like putting on a seat belt, looking twice before crossing the street, or tying your shoes. - High likelihood, Low impact - Low likelihood, High impact - Moderate likelihood, High impact - Low-hanging fruit
Low-hanging fruit
In which type of network attack to attackers update their own MAC addresses with the target's MAC address to cause a switch to forward traffic to both locations? - Man-in-the-middle - N/A - This is not possible - MAC duplicating - MAC flooding
MAC duplicating
Which organization manages and maintains the Common Vulnerabilities & Exposures database? - MITRE Corporation - Hewlett Packard Enterprise - Northrop Grumman - Lockheed Martin
MITRE Corporation
Dividing processing tasks or programs into subtasks that have a single purpose, small enough to understand, with as simple logic as possible, and with independent execution, to avoid things like race conditions. - Modularity - Farming - Project management - Compartmentalization
Modularity
This system receives logs from firewalls and other network equipment, including from the operating systems of connected computers. Also, this system can operate in stealth mode, passively as if it's merely a bump on the wire, and hidden from the detection of an attacker. - HIPS - EDR - SIEM - NIDS
NIDS
NICE stands for
National Initiative for Cybersecurity Education
NIST stands for
National Institute of Standards and Technology
Network managers plan for changes in traffic load using which of the following mechanisms or tactics? - Network load balancing - Shunning - Heuristic based scanning - Capacity planning - Network protocol analysis
Network load balancing, Shunning, Capacity planning
What is OODA? - Available - Orient - Observe - Debate - Act - Decide - Authentication - Awareness - Options - Open
Observe, Orient, Decide, Act
The part of your computer that is the environment architecture, which abstracts the low-level interfaces to bare processing hardware or peripherals. It allows convenient use and interfaces to the user and hides the tedious low-level stuff, to include resource scheduling and allocation, memory management, deadlock avoidance, and interfaces for low-level hardware - Operating System - The Stack - Buffer boundary - Memory Transit Authority
Operating System
Which are viable ways that attackers can hide their conduct from network security appliances? - Signature reuse - Capacity planning - Packet Fragmentation Attacks - Operator fatigue - Denial of Service attacks
Packet Fragmentation Attacks, Operator fatigue, Denial of Service Attacks
Otherwise known as red team or tiger team analysis, uses a team of experts that try to crack the target system. - Penetration - Assurance - End-to-End - Verification
Penetration
Several factors can be used to identify someone as an Insider Threat. These include: - Personal - Behavioral - Authority - Security Model - Organizational - Liking
Personal, Behavioral, and Organizational
Which of the following is the most fundamental step in providing physical security for network connectivity devices? - Placing devices in secure wall cabinets or locating them within the security of the server room to provide physical protection - Resetting the manufacturer's default passwords - Disabling any management features that are not needed - Configuring device management settings so that required features are as secure as necessary to provide the performance level needed
Placing devices in secure wall cabinets or locating them within the security of the server room to provide physical protection
A smart card, token, or identification device are examples of which authentication factor? - Inherence - Possession - Knowledge - Location
Possession
Several types of internal controls exist. They include: - Standards - Ethics - Preventative - Corrective - Detective
Preventative, Corrective, Detective
This sort of malicious activity is where a legitimate file is replaced by a different and potentially malicious file. - Cross Site Scripting (XSS) - Man-in-the-Browser (MitB) - Program download substitution - Drive-by-download
Program download substitution
When a virus is labeled as 'wormable' it implies that it does what? - Is harmless until clicked - Allows remote access - Propagates independently - Known but unpatched
Propagates independently
This server type allows clients to dial into a computer from a remote site, even if they are not connected to a LAN. - RAS - SAN - NAS - FTP
RAS
Malware that makes multiple copies of itself on a single computer until it clogs the system. - Stuxnet - Slammer - Rabbit virus - Remote Access Trojan
Rabbit virus
In Robert Cialdini's Principles of Persuasion, he discusses factors in which we may be more apt to respond favorably to persuasion or influence. In this context, the term used for your obligation to give when you receive is: - Reciprocity - Commitment - Liking - Authority
Reciprocity
Term used for your obligation to give when you receive is: - Commitment - Authority - Liking - Reciprocity
Reciprocity
An independent group that challenges an organization to improve its effectiveness by assuming an adversarial role. - Red team - Blue team - Open source intelligence - Black hat conference
Red team
_____ are technologies used to report alarm conditions to key personnel or remote monitoring organizations. - Remote notification systems - Force sensors - Keypad - Unlocked condition monitoring
Remote notification systems
_____ are technologies used to report alarm conditions to key personnel or remote monitoring organizations. - Unlocked condition monitoring - Remote notification systems - Force sensors - Keypad
Remote notification systems
In the STRIDE model, what does the 'R' stand for? - Review - Repudiation - Revocable - Reliability
Repudiation
NIST CSF Core - Respond - Protect - Compliance - Recover - Detect - Identify
Respond Protect Recover Detect Identify
Enumerate the probability and impact of each risk describes which step in the Risk Management process? - Control Evaluation - Risk Identification - Risk Analysis - Control Monitoring
Risk Analysis
Enumerate the probability and impact of each risk describes which step in the Risk Management process? - Privilege of Access - Recovery Steps - Risk Analysis - Threat Ranking
Risk Analysis
A persuasive argument based on the short supply of a good for sale is an example of: - Consistency - Reciprocity - Liking - Scarcity
Scarcity
In Robert Cialdini's Principles of Persuasion, he discusses factors in which we may be more apt to respond favorably to persuasion or influence. A persuasive argument based on the short supply of a good for sale is an example of: - Scarcity - Consistency - Liking - Reciprocity
Scarcity
These appliances gather logs from various devices (servers, firewalls, routers, etc.) and attempt to correlate the log data and provide analysis capabilities. - Network Intrusion Detection and Prevention System (NIDPS) - Host based Intrusion Prevention System (HIPS) - Security Information and Event Management (SIEM) - Incident Response System (IRS)
Security Information and Event Management (SIEM)
In Bruce Schneier's Ted Talk, he discusses the Security Mirage. He discusses how our feeling of security chases our model of security, which chases the reality of our security. In some cases, the security model and security reality don't match up, but yet we tend to feel secure. What is this called? - Threat Modeling - Cognitive Disonance - Security Trade Off - Security Theatre
Security Theatre
In some cases, the security model and security reality don't match up, but yet we tend to feel secure. What is this called? - Security Trade Off - Threat Modeling - Cognitive Disonance - Security Theatre
Security Theatre
These sorts of antimalware and intrusion detection systems perform simple pattern-matching functions and report or act on situations when there's a match. - Anomaly based - Heuristic based - Honeypot based - Signature based
Signature based
Defined as the level of confidence that software is free from vulnerabilities and that it functions in the intended manner. - Software Development Life Cycle - Risk Management Model - Software Assurance - Information Assurance
Software Assurance
Which cloud service model does this describe? Provider gives users access to specific application software (CRM, e-mail, games). The provider gives the customer's network-based access to a single copy of an application created specifically for SaaS distribution and use. - Software as a Service (SaaS) - Infrastructure as a Service (IaaS) - Platform as a Service (Paas) - Security as a Service (SaaS)
Software as a Service (SaaS)
Which are factors of authentication?
Something you have Something you are Something you know
The lecture mentioned this product as a popular example of a SIEM. - Splunk for Security - ESET Enterprise Inspector - McAfee Enterprise Security Manager - Norton Internet Security
Splunk for Security
In the STRIDE model, what does the 'S' stand for? - Security - Situational awareness - Systems - Spoofing
Spoofing
This famous worm was created by an advanced persistent threat group known as the Equation Group to find and disable specific nuclear enriching centrifuges. - Wannacry - CryptoLocker - Stuxnet - Mirai botnet
Stuxnet
This cryptographic primitive describes the replacement of a character or set of bits with another character or set of bits. - Sophistication - Transposition - Substitution - Heuristic
Substitution
This form of cryptography uses the same key to encrypt as it does to decrypt. - Caesar cipher - Symmetric - Turing and Flowers - Asymmetric
Symmetric
_____ employs structures, systems, and devices to prevent unauthorized entry and create a clear difference between what is public and private. - Common sense security - Territorial reinforcement - Logical security - Natural access control
Territorial reinforcement
In the lecture, when referring to Cloud Service Providers (CSP) seeking to meet possibly over-stringent regulatory compliance standards, your instructor described them as a high-water mark. What does the adoption of such a standard provide to reassure its clients and potential clients? - The water level at the highest recorded point - Getting more than they paid for - Getting less than they paid for - The lowest acceptable risk level
The lowest acceptable risk level
When referring to Cloud Service Providers (CSP) seeking to meet possibly over-stringent regulatory compliance standards, your instructor described them as a high-water mark. What does the adoption of such a standard provide to reassure its clients and potential clients? - Getting more than they paid for - The lowest acceptable risk level - The water level at the highest recorded point - Getting less than they paid for
The lowest acceptable risk level
Securing which of the following involves controlling who can move (walk, drive, fly) across the physical or logical line that marks this perimeter, such as property lines or the exterior walls of a building or complex? - The interior space - The primary zone - The outer perimeter - The inner perimeter
The outer perimeter
_____ is a condition monitoring system that can record and signal each time a specific gate or door is unlocked (access granted) and what type of access is granted. - Force sensor monitoring - Photo-electric monitoring - Open condition monitoring - Unlocked condition monitoring
Unlocked condition monitoring
_____ is a condition monitoring system that can record and signal each time a specific gate or door is unlocked (access granted) and what type of access is granted. - Open condition monitoring - Force sensor monitoring - Photo-electric monitoring - Unlocked condition monitoring
Unlocked condition monitoring
Tests the system or execution "correctness", optimal and boundary conditions, or tries to break the system or the unit under test. - Verification - Penetration - End-to-End - Assurance
Verification
This service creates a secure tunnel between a set of routers or between an application and its server. - Virtual Private Network - Remote Access Service - Secure Shell - Remote Desktop Protocol
Virtual Private Network
Defined as the exploitation of an unknown vulnerability or a known but unpatched vulnerability. - Black Hat conference - Common weakness exploitation - Zero Day Initiative - Zero-day attack
Zero-day attack