INFX 322
A user receives an e-mail warning of a dangerous computer virus and instructing the user to delete files it claims were put there by the virus. However the files are actually critical system files. Which term describes this scenario? Select one: a. A hoax b. Social engineering c. Reverse social engineering d. Phishing
A hoax
What is a sophisticated countermeasure to piggybacking? Select one: a. A man trap b. A rogue access point c. A camera d. A concrete barrier
A man trap
Which term refers to the step between the account having access and the account being removed from the system? Select one: a. Account disablement b. Account recovery c. Account expiration d. Account termination
Account disablement
Which statement describes how dumpster diving is accomplished? Select one: a. An attacker attempts to find little bits of information that could be useful for an attack in a target trash can. b. An attacker changes URLs in a server's domain name table. c. An attacker watches what a user discards into the Windows recycle bin on the user's computer. d. An attacker directly observes the target entering sensitive information on a form keypad or keyboard.
An attacker attempts to find little bits of information that could be useful for an attack in a target trash can.
Which statement describes an example of a poor security practice? Select one: a. An organization allows flower and pizza deliveries to a guard's desk only. b. An organization allows their users to load software with the knowledge and assistance of administrators. c. An organization hires employees that challenge personnel without proper ID. d. An employee creates a good password and then uses it for all accounts.
An employee creates a good password and then uses it for all accounts.
What term refers to the boundary around a system where external inputs can interact with a system? Select one: a. Encapsulated bubble b. Low-Water-Mark c. Fortress d. Attack surface
Attack surface
Which document outlines what the loss of any critical functions will mean to the organization? Select one: a. Business continuity plan (BCP) b. Succession plan c. Business impact analysis (BIA) d. Disaster recovery plan (DRP)
Business impact analysis (BIA)
Which term describes a legal agreement between partners establishing the terms conditions and expectations of the relationship between the partners? Select one: a. Business partnership agreement (BPA) b. Interconnection security agreement (ISA) c. Memorandum of understanding (MOU) d. Service level agreement (SLA)
Business partnership agreement (BPA)
Which plan defines the data and resources necessary and the steps required to restore critical organizational processes? Select one: a. Business impact analysis (BIA) b. Disaster recovery plan (DRP) c. Succession plan d. Business continuity plan (BCP)
Disaster recovery plan (DRP)
Which term refers to making different layers of security dissimilar so that even if attackers know how to get through a system that comprises one layer they may not know how to get through a different type of layer that employs a different system for security? Select one: a. Sandboxing b. Diversity of defense c. Reverse-engineering d. Economy of mechanism
Diversity of defense
Which term generally refers to the standard of care a business is expected to exercise in preparation for a business transaction? Select one: a. Due diligence b. Due care c. Incident response d. Acceptable use
Due diligence
Which security principle is described as always using simple solutions when available? Select one: a. Economy of mechanism b. Fail-safe defaults c. Open design d. Least common mechanism
Economy of mechanism
Who is considered to be the ultimate insider with his name being synonymous with the insider threat issue? Select one: a. Vladimir Levin b. Edward Snowden c. Robert Morris d. Kevin Mitnick
Edward Snowden
What is an advantage of enclaves? Select one: a. Enclaves avoids packet-looping issues through an architecture that does not have tiers. b. Enclaves can create areas of trust where special protections can be employed. c. Enclaves can create faster packet transmissions. d. Enclaves acts as a buffer zone between Internets.
Enclaves can create areas of trust where special protections can be employed.
Because of malware's nefarious purpose there is no criminal distinction between the writers of malware and those who release malware. Select one: a. False b. True
False
Criminal activity on the Internet at its most basic is quite different from criminal activity in the physical world. Select one: a. False b. True
False
The focus of business continuity is on the recovery and rebuilding of the organization after a disaster has occurred. Select one: a. False b. True
False
Which backup technique requires a large amount of space and is considered to have a simple restoration process? Select one: a. Incremental b. Full c. Delta d. Differential
Full
Into which threat category does information warfare fall? Select one: a. Structured b. Highly structured c. Critical d. Open-source
Highly structured
Which term refers to a network designed to look like a corporate network but is made attractive to attackers? Select one: a. Airgap b. Extranet c. Honeynet d. Enclave
Honeynet
What is a good way to reduce the chance of a successful social engineering attack? Select one: a. Implement a strong security education and awareness training program. b. Use security guards at the building entry point. c. Lock all doors to the organization's building. d. Use biometric security controls.
Implement a strong security education and awareness training program.
Which security principle states that if you have not specifically been allowed access then it should be denied? Select one: a. Complete mediation b. Least privilege c. Security through obscurity d. Implicit deny
Implicit deny
Which term describes a network that lies completely inside a trusted area of a network and is under the security control of the system and network administrators? Select one: a. Internet b. Extranet c. DMZ d. Intranet
Intranet
Which statement describes a common attack mechanism implemented within the ICMP protocol? Select one: a. Sending Internet worms b. Stealing passwords and credit card numbers c. Launching denial-of-service (DoS) attacks d. Sending spam
Launching denial-of-service (DoS) attacks
Which term refers to the ability to distribute the processing load over two or more systems? Select one: a. Infrastructure as a Service (IaaS) b. Single point of failure c. High availability clustering d. Load balancing
Load balancing
What is one benefit of Network Address Translation (NAT)? Select one: a. NAT translates MAC addresses to IP addresses. b. NAT creates a DMZ. c. NAT compensates for the lack of available IP address space. d. NAT allows devices using two different protocols to communicate.
NAT compensates for the lack of available IP address space.
Which term describes a method to check the security of a system by simulating an attack by a malicious individual? Select one: a. Due diligence b. Due care c. Vulnerability assessment d. Penetration test
Penetration test
Which RAID configuration known as mirrored disks copies the data from one disk onto two or more disks? Select one: a. RAID 0 b. RAID 5 c. RAID 1 d. RAID 4
RAID 1
Which strategy is focused on backup frequency? Select one: a. Recovery time objective (RTO) b. Recovery point objective (RPO) c. Business continuity plan (BCP) d. Infrastructure as a Service (IaaS)
Recovery point objective (RPO)
Which term describes a high-level statement produced by senior management that outlines both what security means to the organization and the organization's goals for security? Select one: a. Security guidelines b. Security policy c. Acceptable use policy (AUP) d. Product life cycle
Security policy
Which security concept uses the approach of protecting something by hiding it? Select one: a. Open design b. Least common mechanism c. Economy of mechanism d. Security through obscurity
Security through obscurity
Which term is used when separation of privilege is applied to people? Select one: a. Diversity of defense b. Security through obscurity c. Separation of duties d. Nonrepudiation
Separation of duties
Which term refers to a security principle employed in many organizations to ensure that no single individual has the ability to conduct transactions alone? Select one: a. Defense in depth b. Separation of duties c. Least privilege d. Due diligence
Separation of duties
Which security principle states that access should be based on more than one item? Select one: a. Complete mediation b. Separation of privilege c. Fail-safe defaults d. Economy of mechanism
Separation of privilege
What are the three operational tenets found in secure deployments? Select one: a. Session management exception management and configuration management b. Host management network management and configuration management c. Least privilege separation of privilege and defense in depth d. Session management host management network management
Session management exception management and configuration management
Which term describes a topology where all of the network components are connected to a central point? Select one: a. Bus b. Star c. Ring d. Hybrid
Star
Which statement describes the main difference between TCP and UDP packets? Select one: a. UDP is considered to be more reliable because it performs error checking. b. UDP packets are a more widely used protocol. c. TCP packets are smaller and thus more efficient to use. d. TCP packets are connection oriented whereas UPD packets are connectionless.
TCP packets are connection oriented whereas UPD packets are connectionless.
Which term refers to an attack conducted against a site with software that is vulnerable to a specific exploit? Select one: a. Specific target attack b. Target of opportunity c. Time bombs d. Advanced persistent threats
Target of opportunity
Who is responsible for defining data handling characteristics? Select one: a. Privileged users b. The data owner c. Executive users d. The system owner
The data owner
Which statement describes the security risk of installing games on an organization's system? Select one: a. The games may take up too much memory on the computer and slow down processing making it difficult to work. b. The games may not be compatible with the operating system version. c. The users may play during work hours instead of during breaks. d. The software may contain a piece of malicious code capable of opening a backdoor.
The software may contain a piece of malicious code capable of opening a backdoor.
Which statement accurately describes how pharming is accomplished? Select one: a. The attacker attempts to engage the target in conversation and tries to evoke sympathy so that the target feels sorry for the individual and is more prone to provide information. b. The attacker acts as a custodian and while watering the organization's plants he places cameras to record keystrokes. c. The user is directed to a fake web site as a result of modification of local host files which are used to convert URLs to the appropriate IP address. d. The attacker gathers prominent bits of information from the organization's recycling/trash.
The user is directed to a fake web site as a result of modification of local host files which are used to convert URLs to the appropriate IP address.
Which statement applies to viruses? Select one: a. They are the best tool to use in attacks where secrecy is vital. b. They are targeted at a specific organization. c. They typically are highly visible once released. d. They are the best tool to use in highly structured attacks.
They typically are highly visible once released.
A DMZ acts as a buffer zone between the Internet where no controls exist and the inner secure network where an organization has security policies in place. Select one: a. True b. False
True
DDoS mitigators must by nature exist outside the area they are protecting. Select one: a. False b. True
True
Most current ransomware attacks use a hybrid encrypting scheme locking the files on a victim's computer until a ransom is paid. Select one: a. False b. True
True
Which term describes a category of attacks that generally are conducted over short periods of time (lasting at most a few months) involve a smaller number of individuals have little financial backing and are accomplished by insiders or outsiders who do not seek collusion with insiders? Select one: a. Structured threat category b. Critical infrastructure category c. Unstructured threat category d. Highly structured threat category
Unstructured threat category
What is a logical implementation of a LAN that allows computers connected to different physical networks to act and communicate as if they were on the same physical network? Select one: a. Extranet b. Tunnel c. DMZ d. VLAN
VLAN
Which term is used when an attacker attempts to get credit card numbers using telephone and voice communication technologies? Select one: a. Vishing b. Phreaking c. Voicing d. Telephishing
Vishing
Which alternative site is partially configured usually having peripherals and software but perhaps not the more expensive main processing components? Select one: a. Hot site b. Reciprocal site c. Cold site d. Warm site
Warm site
Which password best meets typical complexity requirements? Select one: a. password12 b. drowssap c. p@ssw7rD d. PASSWORD
p@ssw7rD
