IT462 Midterm Exam Study Quizes

¡Supera tus tareas y exámenes ahora con Quizwiz!

If the Single Loss Expectancy (SLE) of an asset is $90,000 and the Annualized Rate of Occurrence (ARO) for a specific threat to that asset is 50%, then what is the Annualized Loss Expectancy (ALE)? $45,000 .5 $180000 0

$45,000

What is the most important aspect of marking media? Content description Classification Date labeling Electronic labeling

Classification

Hosted by MITRE, the ______________________ database is a public repository that catalogs all publicly known vulnerabilities for software solutions and provides them with a corresponding number and severity level.These numbers, are, in turn, used by software vendors to reference when issuing a security patch to remedy the issue. Management Controls Standards Advanced Persistent Threat Common Vulnerabilities and Exposures Common Mitigation Practices

Common Vulnerabilities and Exposures

The person responsible for the management of data or an asset. Asset Owner Asset Delegate Data Custodian Data User

Data Custodian

This role is assigned to the user who is responsible for the tasks of implementing the prescribed protection defined by the security policy and senior management. Security Professional Data Custodian Auditor Data Owner

Data Custodian

In Reduction Analysis or Decomposition, which of the following are key concepts? Data Flow Paths Details about Security Stance and Approach Processor Operations Input Points Trust Boundaries

Data Flow Paths Details about Security Stance and Approach Input Points Trust Boundaries The other one is privileged operations... not processor ops.

Ring 2 is synonymous with the kernel, which handles and manages all system requests, including enforcing system security. True False

False That's Ring 0

Job Rotation is the security concept in which critical, significant, and sensitive work tasks are divided among several individuals. True False

False That's Separation of Duties.

Trusted Platform Module is both a specification for a cryptoprocessor chip on a mainboard and the general name for implementation of the specification. It is NOT required by Windows 11. True False

False Trusted Platform Module is both a specification for a cryptoprocessor chip on a mainboard and the general name for implementation of the specification. It is NOT required by Windows 11.

T/F. LDAP cannot run unless the system has Active Directory installed. True False

False. Active Directory is dependent upon LDAP, but LDAP is not dependent upon Active Directory.

Microsoft developed a threat categorization scheme known as the STRIDE threat model. Which of the following words or phrases is not a part of that threat model? Spoofing Information Security Tampering Denial of Service

Information Security

A buffer overflow attack abuses a program's lack of length limitations on the data it receives before storing the input in memory, which can lead to arbitrary code execution. True False

True

A holistic approach must be pursued or at least considered when identifying enterprise cyber security solutions, which incorporate policy, procedures, and technology. True False

True

Cipher Block Chaining is a block mode that XORs the previously encrypted block to the next block of plaintext to be encrypted. True False

True

Due diligence is practicing the activities that maintain the due care effort. True False

True

In a series configuration, failure of a single security control does not render the entire solution ineffective, as opposed to parallel configurations. True False

True

What type of federal government computing system requires that all individuals accessing the system have a need to know of all the information processed by the system? compartmented dedicated multilevel classified

dedicated

A ________is defined as a logical group of network objects (computers, users, devices) that share the same Active Directory database. directory domain netblock subgroup

domain

In virtualization technology, like cloud computing, where multiple operating systems are run through a hypervisor, if the adversary gains access to the underlying kernel-level of the Host Operating System, the adversary would then have the capability of gaining access to the Guest or Virtual OSs running through the hypervisor. True False

True

Recently, we have seen an uptick in the amount of cyber attacks targeting different platforms that have had real world effects, to include affecting life-critical hospital care, cause localized power outages, and temporarily degrade core internet infrastructure. True False

True

SHA-256 and MD5 are examples of hashing algorithms. True False

True

Swatting is a term used to describe a hoax call made to emergency services, typically reporting an immediate threat to human life, to draw a response from law enforcement and the S.W.A.T. team to a specific location. True False

True

The USRCLASS.DAT hive, virtualized under HKCU\Software\Classes contains entries that allow us to identify any file directory a user has ever browsed to on the system. True False

True

The process by which the goals of risk management are achieved is known as risk analysis. True False

True

Windows services run applications in the background without requiring user interaction and can be set to run when the system boots up, start manually, or be placed in a disabled state. True False

True

According to the Department of Homeland Security, quantum computing advances by whom pose a threat to the breaking of current cryptographic standards? by governments by terrorists by script-kiddies by hackivists

by governments

____________ is the Linux based command to change a file or directories permissions. ifconfig chmod nslookup tracert

chmod

What type of memory is directly available to the CPU and is often part of the CPU? ROM Register memory RAM Virtual memory

Register memory

Qualitative risk analysis uses real dollar figures to contextualize the loss of an asset. True False

False That's Quantitative

What type of cryptographic attack attempts every possible valid combination for a key or password, typically involving massive amounts of processing power to guess the key? Statistical Attack Frequency Attack Brute Force Attack Analytic Attack

Brute Force Attack

An/a ___________ is the security role responsible for providing oversight within an organization to ensure policy compliance. Manager User Auditor Custodian

Auditor

Which could be considered a single point of failure within a single sign-on implementation? Authentication server User's workstation Logon credentials RADIUS

Authentication server A In a single sign-on technology, all users are authenticating to one source. If that source goes down, authentication requests cannot be processed.

How many bits make up the effective length of the DES key? 56 64 32 16

56

Which of the following describes the difference between the Data Encryption Standard and the Rivest-Shamir-Adleman algorithm? A. DES is symmetric, while RSA is asymmetric B. DES is asymmetric, while RSA is symmetric C. They are hashing algorithms, but RSA produces 160-bit hashing value D. DES creates public and private keys, while RSA encrypt messages

A. DES is symmetric, while RSA is asymmetric

Which Bell-LaPadula state machine property dictates that a subject may not read information at a higher sensitivity level (no read up)? A. Simple security property B. * (star) security property C. Mandatory security property D. Discretionary security property

A. Simple security property

Which of the following statements about Crossover Error Rate (CER) is true: A. This is the point where False Reject Rate and False Accept Rate are equal B. This is the point where False Reject Rate and False Accept Rate add to 100% C. This is the point where the False Accept Rate falls below 50% D. This is the point where the False Reject Rate falls below 50%

A. This is the point where False Reject Rate and False Accept Rate are equal

Match the Risk Terminology words/phrases with its definition or example. - Asset Asset Valuation Threats Vulnerability Exposure Risk Safeguards Attack A. The malicious actor exploited the weakness in the firewall to get in. B. Patch the source code and place sandbags around the building. C. The malicious actor might leverage the loophole in the source code to get in. D. $100,000 E. Flaw in source code F. The IT infrastructure room might flood. G. Hurricane H. IT infrastructure

Asset H Asset Valuation D Threats G Vulnerability E Exposure F Risk A Safeguards B Attack C

What common applications are associated with ports 20/21, 23, 25, 80, and 443? A. Telnet, SSH, SMTP, HTTP, and HTTPS B. FTP, Telnet, SMTP, HTTP, and HTTPS C. ICMP, Telnet, SMTP, HTTP, and HTTPS D. HTTP, HTTPS, Telnet, SNMP, and NetBios

B. FTP, Telnet, SMTP, HTTP, and HTTPS

The Biba model was developed to protect which of the following? A. Availability B. Integrity C. Confidentiality D. Access Control

B. Integrity

The statement "Promote professionalism among information system security practitioners through the provisioning of professional certification and training" is an example of a/an: A. Objective B. Mission statement C. Goal D. Vision

B. Mission statement

Authentication, encryption, and ACLs are examples of: A. Administrative controls B. Technical controls C Defense in depth D. Detective controls

B. Technical controls

Which type of firewall can be described as "a device that filters traffic based on its source IP address, destination IP address, and their respective ports"? A. A dynamic firewall B. An Application layer firewall C. A static packet filtering firewall D. A "straight out of Compton" firewall

C. A static packet filtering firewall

Which authentication protocol commonly used for PPP links encrypts both the user name and password, uses a challenge/handshake response to prevent replay attacks, and periodically re-authenticates its use in a given session? A. PAP B. EAP C. CHAP D. DOG

C. CHAP

The Bell-LaPadula model was developed to protect which of the following? A. Availability B. Integrity C. Confidentiality D. Access Control

C. Confidentiality

Signs, guards, guard dogs, and visible notices are examples of... A. Administrative controls B. Corrective controls C. Preventive controls D. Detective controls

C. Preventive controls

Which type of cipher operates in real time on a single character or single bits of data? A. Block B. Rolling C. Stream D. Continuous

C. Stream

Which type of encryption only uses one shared key to encrypt and decrypt? A. Public key B. Asymmetric C. Symmetric D. TCB Key

C. Symmetric

What is used to create a digital signature? A. The receiver's private key B. The sender's public key C. The sender's private key D. The receiver's public key

C. The sender's private key

There are four common VPN protocols. Which group of the four below contains all of the common VPN protocols? A. PPTP, LTP, L2TP, and IPSec B. PPP, PPTP, L2TP, and IPSec C. PPTP, L2TP, IPSec, and TLS D. L2F, L2TP, PPTP, and IPSec

D. L2F, L2TP, PPTP, and IPSec

Who is ultimately responsible for making sure data is classified and protected? A. Data owners B. Users C. Administrators D. Management

D. Management The key word here is "ultimately". Remember that senior managers are always responsible/liable for security.

An employee allows another employee to have access to his digital signature password. What do you do to his certificate? A. Suspend it B. Destroy it C. Transfer it D. Revoke it

D. Revoke it

You are working on a Linux system and receive an access denied error when attempting to open a file you just created. Which command would you use to change the file's attributes to allow you to open it? A. pwd B. sudo C icacls D. chmod

D. chmod

________________________ are often dynamically linked libraries (.dll files), which define the capabilities of a program, that provide the instructions for how the software can interface with pieces of hardware. Master Boot Record Ransomware Firmware Device Drivers

Device Drivers

The DREAD rating system is designed to provide a flexible rating solution that is based on the answers to five main questions about each threat: Damage potential, Reproducibility, Exploitability, Affected users, and __________. Confidentiality Annual Probability of Damage Privileged Operations Discoverability

Discoverability

What is the intent of least privilege, the principle of least privilege? Enforce the most restrictive rights required by users to complete assigned tasks. Enforce the most restrictive rights required by users to run system processes. Enforce the least restrictive rights required by users to complete assigned tasks. Enforce the least restrictive rights required by users to run system processes.

Enforce the most restrictive rights required by users to complete assigned tasks.

A zero day exploit takes advantage of a publicly known vulnerability. True False

False

An issue-specific security policy focuses on issues relevant to every aspect of an organization. True False

False

Apple should not perform ongoing security monitoring of their supply chain since they are planning to be 100% carbon neutral by 2030. True False

False

Bruce Schneier was involved in developing the first public key algorithm. True False

False

From a forensic perspective PsExec is secure, it does not cache logon credentials. True False

False

If I were sending out an invite to a party over a network protocol and wanted to know who had RSVP'ed I would use the UDP protocol. True False

False

Private IPv4 address 172.331.255.255 is an example of a full Class A address, as defined by Request For Comment 1918. True False

False

Security management is a responsibility of IT staff and considered part of IT administration. True False

False

DES Stands for Date Encryption Signature? True False

False Data Encryption Standard

EPROM is the type of memory device usually used to contain a computer's motherboard BIOS. True False

False That's EEPROM

Role-based Access Control classifies subjects into security labels and compares it to the object's label to grant access if the two labels match. Role-based access control was designed to support military needs to protect sensitive data by restricting it to those who "need-to-know". True False

False That's Mandatory Access Control (MAC) - MAC

What must you turn off in dual homed firewalls? Automatic Updates DNS Services IP Forwarding Packet Sniffing

IP Forwarding

There are four common VPN protocols. Which group of the four below contains all of the common VPN protocols? PPTP, LTP, L2TP, and IPSec TLS, IPSec, PPTP, L2TP PPP, PPTP, L2TP, and IPSec IPSec, PPTP, L2F, L2TP

IPSec, PPTP, L2F, L2TP

Unfortunately, MS-CHAP and MS-CHAP v-2, suffer from vulnerabilities. Instead of using MS-CHAP, many people have migrated to _____ or ______ or some other type of secure VPN communication. IPSec or LDAP L2TP or RDP L2TP or IPSec Putty or L1TP

L2TP or IPSec

The ________ file holds information on all of the domain users and their credentials, why is the information in this file not very easy to steal or download? Because it is stored in memory. It is also hashed. NTDS.dit Active Directory Domain Control NTSC.secure

NTDS.dit

The Sarbanes-Oxley Act of 2002 is an example of regulation regarding what? Privacy Documentation Service-level agreements Compliance

Privacy Also HIPAA, FERPA, Gram-Leach-Bliley Act, PCI-DSS and GDPR have Privacy requirements.

This level of commercial business sector classification is used for all data that does not fit in one of the higher classifications and its disclosure does not have a serious negative impact on the organization. Unclassified Public Sensitive For Office Use Only

Public

What is the name of a program that is used to remote into machines that have a different OS from which you are using? Virtual Machine Remote Desktop Protocol Putty Remote Connect

Putty

If a company has a high turn-over rate, which access control structure is best? Role-based Decentalized Rule-based Discretionary

Role-based A role-based ... It is easier on the administrator if she only has to create one role, assign all of the necessary rights and permissions to that role, and plug a user into that role when needed. Otherwise, she would need to assign and extract permissions and rights on all systems as each individual came and left the company.

Which of the following types of memory might retain information after being removed from a computer, thus representing a security risk? Static RAM SDRAM Secondary Memory Real Memory

Secondary Memory

What are the two main types of email encryption standards discussed during our lecture? MIME and RC4 Pretty Good Privacy and SHA-32 Secure MIME and Pretty Good Privacy MIME and GNU Privacy Guard

Secure MIME and Pretty Good Privacy

What is the collection of practices related to supporting, defining, and directing the security efforts of an organization? Security policy top-down approach Change management Security governance

Security governance

______ is a centralized authentication database that administers access to multiple resources. Active Directory Multi-factor authentication Kerberos Single Sign On

Single Sign On

If a company uses and outside organization to handle some business functions and for security governance it is called: Risk transference Documentation review Third-party governance Authorization to operate

Third-party governance

Which of the following statements about Crossover Error Rate (CER) is true: This is the point where the False Accept Rate falls below 50% This is the point where False Reject Rate and False Accept Rate add to 100% This is the point where the False Reject Rate falls below 50% This is the point where False Rejection Rate and False Acceptance Rate are equal

This is the point where False Rejection Rate and False Acceptance Rate are equal

The ____________ service creates a back up snapshot of content stored on a Windows workstation or server at predefined intervals. Password Hash Volume Shadow Shadow Banning RegEdit

Volume Shadow

It is recommended that employees be terminated during which day of the week: Friday Saturday Wednesday Monday

Wednesday The book says end of shift midweek


Conjuntos de estudio relacionados

A&P 2: Chapter 19 Quiz Questions

View Set

Fundamentals of Corporate Finance: Chapter 2 - Financial Statements, Taxes, and Cash Flows

View Set

Art Appreciation Chapter 2 - Developing Visual Literacy

View Set