Information Security Fundamentals CIST 1401: Chapters 9-15
Information Systems Security Certification Consortium, Inc. (ISC)2 is the baseline for federal and DoD work-role definitions. a) True b) False
b) False
Internet Control Message Protocol (ICMP) is a method of IP address assignment that uses an alternate, public IP address to hide a system's real IP address. a) True b) False
b) False
Master's programs are generally broad and don't focus on a particular field of study. a) True b) False
b) False
Which type of virus targets computer hardware and software startup functions? a) Hardware infector b) System infector c) File infector d) Data infector
b) System infector
Alice would like to send a message to Bob securely and wishes to encrypt the contents of the message. What key does she use to encrypt this message? a) Alice's public key b) Alice's private key c) Bob's public key d) Bob's private key
c) Bob's public key
The purpose of continuing education is to provide formal training courses that lead to a certificate or professional certification and NOT a degree. a) True b) False
a) True
What wireless security technology contains significant flaws and should never be used? a) Wired Equivalent Privacy (WEP) b) Wi-Fi Protected Access (WPA) c) WPA2 d) Remote Authentication Dial-In User Service (RADIUS)
a) Wired Equivalent Privacy (WEP)
Donna is building a security awareness program designed to meet the requirements of the Payment Card Industry Data Security Standard (PCI DSS) 3.2. How often must she conduct training for all current employees? a) Monthly b) Semi-annually c) Annually d) Biannually
c) Annually
A person demonstrates anonymity when posting information to a web discussion site without authorities knowing who he or she is. a) True b) False
a) True
The Data Link Layer of the OSI Reference Model is responsible for transmitting information on computers connected to the same local area network (LAN). a) True b) False
a) True
The HealthCare Certified Information Security and Privacy Practitioner (HCISPP) credential recognizes the knowledge and skills necessary to perform and conduct security and privacy work for health care organizations. a) True b) False
a) True
The National Institute of Standards and Technology (NIST) 800 Series publications cover all NIST-recommended procedures for managing information security. a) True b) False
a) True
What tool might be used by an attacker during the reconnaissance phase of an attack to glean information about domain registrations? a) Whois b) Simple Network Management Protocol (SNMP) c) Ping d) Domain Name System (DNS)
a) Whois
Continuing professional education (CPE) credits typically represent ________ minutes of classroom time per CPE unit. a) 30 b) 50 c) 60 d) 120
b) 50
How many domains of knowledge are covered by the Certified Information Systems Security Professional (CISSP) exam? a) 7 b) 8 c) 9 d) 10
b) 8
What program, released in 2013, is an example of ransomware? a) BitLocker b) Crypt0L0cker c) FileVault d) CryptoVault
b) Crypt0L0cker
A border router can provide enhanced features to internal networks and help keep subnet traffic separate. a) True b) False
b) False
DoD Directive 8570.01 is a voluntary certification requirement. a) True b) False
b) False
Federal agencies fall under the legislative branch of the U.S. government. a) True b) False
b) False
IP addresses are eight-byte addresses that uniquely identify every device on the network. a) True b) False
b) False
Sarbanes-Oxley Act (SOX) Section 404 compliance requirements are highly specific. a) True b) False
b) False
Symantec offers vendor-neutral certifications as well as certifications for its product lines. a) True b) False
b) False
The Centers for Medicare & Medicaid Services (CMS) investigates and responds to complaints from people who claim that a covered entity has violated the Health Insurance Portability and Accountability Act (HIPAA). a) True b) False
b) False
What federal government agency is charged with the responsibility of creating information security standards and guidelines for use within the federal government and more broadly across industries? a) National Security Administration (NSA) b) National Institute of Standards and Technology (NIST) c) Department of Defense (DoD) d) Federal Communications Commission (FCC)
b) National Institute of Standards and Technology (NIST)
Alison discovers that a system under her control has been infected with malware, which is using a key logger to report user keystrokes to a third party. What information security property is this malware attacking? a) Integrity b) Availability c) Accounting d) Confidentiality
d) Confidentiality
A security awareness program that focuses on an organization's Bring Your Own Device (BYOD) policy is designed to cover the use of what type of equipment? a) Servers b) Workstations c) Printers d) Personally owned devices
d) Personally owned devices
Under the Health Insurance Portability and Accountability Act (HIPAA) Security Rule, what type of safeguards must be implemented by all covered entities, regardless of the circumstances? a) Addressable b) Standard c) Security d) Required
d) Required
What type of network device normally connects directly to endpoints and uses MAC-based filtering to limit traffic flows? a) Router b) Hub c) Access point d) Switch
d) Switch
Bob received a message from Alice that contains a digital signature. What cryptographic key does Bob use to verify the digital signature? a) Alice's public key b) Alice's private key c) Bob's public key d) Bob's private key
a) Alice's public key
Distance learning is another term for online study. a) True b) False
a) True
A digitized signature is a combination of a strong hash of a message and a secret key. a) True b) False
b) False
The main goal of the Gramm-Leach-Bliley Act (GLBA) is to protect investors from financial fraud. a) True b) False
b) False
Under the Health Insurance Portability and Accountability Act (HIPAA), a security incident is any impermissible use or disclosure of unsecured PHI that harms its security or privacy. a) True b) False
b) False
You must always use the same algorithm to encrypt information and decrypt the same information. a) True b) False
b) False
What certification organization began as an offshoot of the SANS Institute training programs? a) International Information Systems Security Certification Consortium, Inc. (ISC)2 b) CompTIA c) Certified Internet Webmaster (CIW) d) Global Information Assurance Certification (GIAC)
d) Global Information Assurance Certification (GIAC)
What organization offers a variety of security certifications that are focused on the requirements of auditors? a) International Information Systems Security Certification Consortium, Inc. (ISC)2 b) CompTIA c) Global Information Assurance Certification (GIAC) d) ISACA
d) ISACA
Which of the following allows a certificate authority (CA) to revoke a compromised digital certificate in real time? a) Certificate revocation list (CRL) b) International Data Encryption Algorithm (IDEA) c) Transport Layer Security (TLS) d) Online Certificate Status Protocol (OCSP)
d) Online Certificate Status Protocol (OCSP)
__________ is a continuous process designed to keep all personnel vigilant. a) Awareness b) Training c) Education d) Professional development
a) Awareness
What mathematical problem forms the basis of most modern cryptographic algorithms? a) Factoring large primes b) Traveling salesman problem c) Quantum mechanics d) Birthday problem
a) Factoring large primes
Which approach to cryptography provides the strongest theoretical protection? a) Quantum cryptography b) Asymmetric cryptography c) Elliptic curve cryptography d) Classic cryptography
a) Quantum cryptography
Ben is working toward a position as a senior security administrator and would like to earn his first International Information Systems Security Certification Consortium, Inc. (ISC)2 certification. Which certification is most appropriate for his needs? a) Systems Security Certified Practitioner (SSCP) b) Certified Information Systems Security Professional (CISSP) c) Certified Secure Software Lifecycle Professional (CSSLP) d) Certified Cloud Security Professional (CCSP)
a) Systems Security Certified Practitioner (SSCP)
A GIAC credential holder may submit a technical paper that covers an important area of information security. If the paper is accepted, it adds the Gold credential to the base GIAC credential. a) True b) False
a) True
A substitution cipher replaces bits, characters, or blocks of information with other bits, characters, or blocks. a) True b) False
a) True
An algorithm is a repeatable process that produces the same result when it receives the same input a) True b) False
a) True
An electronic mail bomb is a form of malicious macro attack that typically involves an email attachment that contains macros designed to inflict maximum damage. a) True b) False
a) True
Attacks against confidentiality and privacy, data integrity, and availability of services are all ways malicious code can threaten businesses. a) True b) False
a) True
Because people inside an organization generally have more detailed knowledge of the IT infrastructure than outsiders do, they can place logic bombs more easily. a) True b) False
a) True
The Certified Secure Software Lifecycle Professional (CSSLP) credential measures the knowledge and skills necessary for professionals involved in the process of authorizing and maintaining information systems. a) True b) False
b) False
The Gramm-Leach-Bliley Act (GLBA) applies to the financial activities of both consumers and privately held companies. a) True b) False
b) False
The ISACA Certified in Risk and Information Systems Control (CRISC) certification targets security professionals who ensure that their organization satisfies IT governance requirements. a) True b) False
b) False
Hilda is troubleshooting a problem with the encryption of data. At which layer of the OSI Reference Model is she working? a) Application b) Presentation c) Session d) Data Link
b) Presentation
What is the only unbreakable cipher when it is used properly? a) Rivest-Shamir-Adelman (RSA) b) Vernam c) Elliptic Curve Diffie-Hellman in Ephemeral mode (ECDHE) d) Blowfish
b) Vernam
What is the maximum value for any octet in an IPv4 IP address? a) 65 b) 129 c) 255 d) 513
c) 255
Federal agencies are required to name a senior official in charge of information security. What title is normally given to these individuals? a) Chief information officer (CIO) b) Chief technology officer (CTO) c) Chief information security officer (CISO) d) Chief financial officer (CFO)
c) Chief information security officer (CISO)
Vincent recently went to work for a hospital system. He is reading about various regulations that apply to his new industry. What law applies specifically to health records? a) Health Insurance Portability and Accountability Act (HIPAA) b) Sarbanes-Oxley (SOX) Act c) Payment Card Industry Data Security Standard (PCI DSS) d) Gramm-Leach-Bliley Act (GLBA)
a) Health Insurance Portability and Accountability Act (HIPAA)
Adam discovers a virus on his system that is using encryption to modify itself. The virus escapes detection by signature-based antivirus software. What type of virus has he discovered? a) Polymorphic virus b) Stealth virus c) Cross-platform virus d) Multipartite virus
a) Polymorphic virus
What type of security role is covered by the Committee on National Security Systems (CNSS) Training Standard CNSS-4012? a) Senior System Manager b) System Administrator c) Information Assurance Officer d) Risk Analyst
a) Senior System Manager
In a chosen-ciphertext attack, cryptanalysts submit data coded with the same cipher and key they are trying to break to the decryption device to see either the plaintext output or the effect the decrypted message has on some system. a) True b) False
a) True
Internet Small Computer System Interface (iSCSI) is a storage networking standard used to link data storage devices to networks using IP for its transport layer. a) True b) False
a) True
Many security training courses specifically prepare students for certification exams. a) True b) False
a) True
Master of science (MS) degree programs prepare a student to enter the field of information security and perform the work of securing systems. a) True b) False
a) True
Network access control (NAC) works on wired and wireless networks. a) True b) False
a) True
One requirement of the GIAC Security Expert (GSE) credential is that candidates must hold three GIAC credentials, with two of the credentials being Gold. a) True b) False
a) True
A packet-filtering firewall remembers information about the status of a network communication. a) True b) False
b) False
A smurf attack tricks users into providing logon information on what appears to be a legitimate website but is in fact a website set up by an attacker to obtain this information. a) True b) False
b) False
Advantages of self-study programs include self-motivation, low-cost, and interaction with other students or an instructor. a) True b) False
b) False
What type of security communication effort focuses on a common body of knowledge? a) Emails b) Acceptable use policy (AUP) c) Education d) Professional development
c) Education
Whereas a master of science (MS) program prepares students to perform information security work, a master of business administration (MBA) program prepares students to manage and maintain the people and environment of information security. a) True b) False
a) True
Another name for a border firewall is a DMZ firewall. a) True b) False
b) False
What type of malicious software allows an attacker to remotely control a compromised computer? a) Worm b) Polymorphic virus c) Remote Access Tool (RAT) d) Armored virus
c) Remote Access Tool (RAT)
The (ISC)2 Systems Security Certified Practitioner (SSCP) credential covers the seven domains of best practices for information security. a) True b) False
a) True
Henry's last firewall rule must allow inbound access to a Windows Terminal Server. What port must he allow? a) 143 b) 443 c) 989 d) 3389
d) 3389
Barbara is investigating an attack against her network. She notices that the Internet Control Message Protocol (ICMP) echo replies coming into her network far exceed the ICMP echo requests leaving her network. What type of attack is likely taking place? a) Teardrop b) Land c) Smurf d) Cross-site scripting (XSS)
c) Smurf
What type of malware does NOT have an anti-malware solution and should be covered in security awareness training? a) Ransomware c) Zero-day c) Virus d) Worm
c) Zero-day
Product cipher is an encryption algorithm that has no corresponding decryption algorithm. a) True b) False
b) False
Erin is a system administrator for a federal government agency. What law contains guidance on how she may operate a federal information system? a) Family Educational Rights and Privacy Act (FERPA) b) Federal Information Security Management Act (FISMA) c) Gramm-Leach-Bliley Act (GLBA) d) Sarbanes-Oxley (SOX) Act
b) Federal Information Security Management Act (FISMA)
Which of the following programs requires passing a standardized examination that is based upon a job-task analysis? a) Certificate of completion b) Professional certification c) Bachelor's degree d) Doctoral degree
b) Professional certification
Yolanda would like to prevent attackers from using her network as a relay point for a smurf attack. What protocol should she block? a) Hypertext Transfer Protocol (HTTP) b) Transmission Control Protocol (TCP) c) Internet Control Message Protocol (ICMP) d) User Datagram Protocol (UDP)
c) Internet Control Message Protocol (ICMP)
Helen has no experience in security. She would like to earn a certification that demonstrates that she has the basic knowledge necessary to work in the information security field. What certification would be an appropriate first step for her? a) Certified Information Systems Security Professional (CISSP) b) GIAC Security Expert (GSE) c) Security+ d) CompTIA Advanced Security Practitioner (CASP)
c) Security+
What level of academic degree requires the shortest period of time to earn and does NOT require any other postsecondary degree as a prerequisite? a) Bachelor's degree b) Master's degree c) Doctoral degree d) Associate's degree
d) Associate's degree
Jim is an experienced security professional who recently accepted a position in an organization that uses Check Point firewalls. What certification can Jim earn to demonstrate his ability to administer these devices? a) CISSP b) CCIE c) Security+ d) CCSA
d) CCSA
Val would like to limit the websites that her users visit to those on an approved list of pre-cleared sites. What type of approach is Val advocating? a) Blacklisting b) Context-based screening c) Packet filtering d) Whitelisting
d) Whitelisting
Spyware does NOT use cookies. a) True b) False
b) False
Which of the following is NOT an advantage to undertaking self-study of information security topics? a) Self-motivation b) Flexible materials c) Fixed pace d) Low cost
c) Fixed pace
RSA is a global provider of security, risk, and compliance solutions for enterprise environments. a) True b) False
a) True
Security awareness training should remind employees to ensure confidentiality by not leaving any sensitive information or documents on their desks. a) True b) False
a) True
The three main categories of network security risk are reconnaissance, eavesdropping, and denial of service. a) True b) False
a) True
The four primary types of malicious code attacks are unplanned attacks, planned attacks, direct attacks, and indirect attacks. a) True b) False
b) False
Which of the following certifications is considered the flagship Information Systems Security Certification Consortium, Inc. (ISC)2 certification and the gold standard for information security professionals? a) Certified Authorization Professional (CAP) b) Certified Cloud Security Professional (CCSP) c) Certified Information Systems Security Professional (CISSP) d) Systems Security Certified Practitioner (SSCP)
c) Certified Information Systems Security Professional (CISSP)
A certificate of completion is a document that is given to a student upon completion of a continuing education program and is signed by the instructor. a) True b) False
a) True
A certification is an official statement that validates that a person has satisfied specific job requirements. a) True b) False
a) True
Compliance not only includes the actual state of being compliant, but it also includes the steps and processes taken to become compliant. a) True b) False
a) True
Integrity-checking tools use cryptographic methods to make sure nothing and no one has modified the software. a) True b) False
a) True
It is common for rootkits to modify parts of the operating system to conceal traces of their presence. a) True b) False
a) True
Juniper Networks offers vendor-specific certifications. a) True b) False
a) True
The Payment Card Industry (PCI) Council has only one priority: to assist merchants and financial institutions in understanding and implementing standards for security policies, technologies, and ongoing processes that protect their payment systems from breaches and theft of cardholder data. a) True b) False
b) False
What type of organizations are required to comply with the Sarbanes-Oxley (SOX) Act? a) Non-profit organizations b) Publicly traded companies c) Government agencies d) Privately held companies
b) Publicly traded companies
Taylor is a security professional working for a retail organization. She is hiring a firm to conduct the Payment Card Industry Data Security Standard (PCI DSS) required quarterly vulnerability scans. What credential should she seek in a vendor? a) Qualified security assessor (QSA) b) Self-assessment vendor (SAV) c) Approved scanning vendor (ASV) d) Independent Scanning Assessor (ISA)
c) Approved scanning vendor (ASV)
What is the highest level of academic degree that may be earned in the field of information security? a) Bachelor of science (BS) b) Master of business administration (MBA) c) Doctor of philosophy (PhD) d) Master of science (MS)
c) Doctor of philosophy (PhD)