IT462 Midterm Exam Study Quizes
If the Single Loss Expectancy (SLE) of an asset is $90,000 and the Annualized Rate of Occurrence (ARO) for a specific threat to that asset is 50%, then what is the Annualized Loss Expectancy (ALE)? $45,000 .5 $180000 0
$45,000
What is the most important aspect of marking media? Content description Classification Date labeling Electronic labeling
Classification
Hosted by MITRE, the ______________________ database is a public repository that catalogs all publicly known vulnerabilities for software solutions and provides them with a corresponding number and severity level.These numbers, are, in turn, used by software vendors to reference when issuing a security patch to remedy the issue. Management Controls Standards Advanced Persistent Threat Common Vulnerabilities and Exposures Common Mitigation Practices
Common Vulnerabilities and Exposures
The person responsible for the management of data or an asset. Asset Owner Asset Delegate Data Custodian Data User
Data Custodian
This role is assigned to the user who is responsible for the tasks of implementing the prescribed protection defined by the security policy and senior management. Security Professional Data Custodian Auditor Data Owner
Data Custodian
In Reduction Analysis or Decomposition, which of the following are key concepts? Data Flow Paths Details about Security Stance and Approach Processor Operations Input Points Trust Boundaries
Data Flow Paths Details about Security Stance and Approach Input Points Trust Boundaries The other one is privileged operations... not processor ops.
Ring 2 is synonymous with the kernel, which handles and manages all system requests, including enforcing system security. True False
False That's Ring 0
Job Rotation is the security concept in which critical, significant, and sensitive work tasks are divided among several individuals. True False
False That's Separation of Duties.
Trusted Platform Module is both a specification for a cryptoprocessor chip on a mainboard and the general name for implementation of the specification. It is NOT required by Windows 11. True False
False Trusted Platform Module is both a specification for a cryptoprocessor chip on a mainboard and the general name for implementation of the specification. It is NOT required by Windows 11.
T/F. LDAP cannot run unless the system has Active Directory installed. True False
False. Active Directory is dependent upon LDAP, but LDAP is not dependent upon Active Directory.
Microsoft developed a threat categorization scheme known as the STRIDE threat model. Which of the following words or phrases is not a part of that threat model? Spoofing Information Security Tampering Denial of Service
Information Security
A buffer overflow attack abuses a program's lack of length limitations on the data it receives before storing the input in memory, which can lead to arbitrary code execution. True False
True
A holistic approach must be pursued or at least considered when identifying enterprise cyber security solutions, which incorporate policy, procedures, and technology. True False
True
Cipher Block Chaining is a block mode that XORs the previously encrypted block to the next block of plaintext to be encrypted. True False
True
Due diligence is practicing the activities that maintain the due care effort. True False
True
In a series configuration, failure of a single security control does not render the entire solution ineffective, as opposed to parallel configurations. True False
True
What type of federal government computing system requires that all individuals accessing the system have a need to know of all the information processed by the system? compartmented dedicated multilevel classified
dedicated
A ________is defined as a logical group of network objects (computers, users, devices) that share the same Active Directory database. directory domain netblock subgroup
domain
In virtualization technology, like cloud computing, where multiple operating systems are run through a hypervisor, if the adversary gains access to the underlying kernel-level of the Host Operating System, the adversary would then have the capability of gaining access to the Guest or Virtual OSs running through the hypervisor. True False
True
Recently, we have seen an uptick in the amount of cyber attacks targeting different platforms that have had real world effects, to include affecting life-critical hospital care, cause localized power outages, and temporarily degrade core internet infrastructure. True False
True
SHA-256 and MD5 are examples of hashing algorithms. True False
True
Swatting is a term used to describe a hoax call made to emergency services, typically reporting an immediate threat to human life, to draw a response from law enforcement and the S.W.A.T. team to a specific location. True False
True
The USRCLASS.DAT hive, virtualized under HKCU\Software\Classes contains entries that allow us to identify any file directory a user has ever browsed to on the system. True False
True
The process by which the goals of risk management are achieved is known as risk analysis. True False
True
Windows services run applications in the background without requiring user interaction and can be set to run when the system boots up, start manually, or be placed in a disabled state. True False
True
According to the Department of Homeland Security, quantum computing advances by whom pose a threat to the breaking of current cryptographic standards? by governments by terrorists by script-kiddies by hackivists
by governments
____________ is the Linux based command to change a file or directories permissions. ifconfig chmod nslookup tracert
chmod
What type of memory is directly available to the CPU and is often part of the CPU? ROM Register memory RAM Virtual memory
Register memory
Qualitative risk analysis uses real dollar figures to contextualize the loss of an asset. True False
False That's Quantitative
What type of cryptographic attack attempts every possible valid combination for a key or password, typically involving massive amounts of processing power to guess the key? Statistical Attack Frequency Attack Brute Force Attack Analytic Attack
Brute Force Attack
An/a ___________ is the security role responsible for providing oversight within an organization to ensure policy compliance. Manager User Auditor Custodian
Auditor
Which could be considered a single point of failure within a single sign-on implementation? Authentication server User's workstation Logon credentials RADIUS
Authentication server A In a single sign-on technology, all users are authenticating to one source. If that source goes down, authentication requests cannot be processed.
How many bits make up the effective length of the DES key? 56 64 32 16
56
Which of the following describes the difference between the Data Encryption Standard and the Rivest-Shamir-Adleman algorithm? A. DES is symmetric, while RSA is asymmetric B. DES is asymmetric, while RSA is symmetric C. They are hashing algorithms, but RSA produces 160-bit hashing value D. DES creates public and private keys, while RSA encrypt messages
A. DES is symmetric, while RSA is asymmetric
Which Bell-LaPadula state machine property dictates that a subject may not read information at a higher sensitivity level (no read up)? A. Simple security property B. * (star) security property C. Mandatory security property D. Discretionary security property
A. Simple security property
Which of the following statements about Crossover Error Rate (CER) is true: A. This is the point where False Reject Rate and False Accept Rate are equal B. This is the point where False Reject Rate and False Accept Rate add to 100% C. This is the point where the False Accept Rate falls below 50% D. This is the point where the False Reject Rate falls below 50%
A. This is the point where False Reject Rate and False Accept Rate are equal
Match the Risk Terminology words/phrases with its definition or example. - Asset Asset Valuation Threats Vulnerability Exposure Risk Safeguards Attack A. The malicious actor exploited the weakness in the firewall to get in. B. Patch the source code and place sandbags around the building. C. The malicious actor might leverage the loophole in the source code to get in. D. $100,000 E. Flaw in source code F. The IT infrastructure room might flood. G. Hurricane H. IT infrastructure
Asset H Asset Valuation D Threats G Vulnerability E Exposure F Risk A Safeguards B Attack C
What common applications are associated with ports 20/21, 23, 25, 80, and 443? A. Telnet, SSH, SMTP, HTTP, and HTTPS B. FTP, Telnet, SMTP, HTTP, and HTTPS C. ICMP, Telnet, SMTP, HTTP, and HTTPS D. HTTP, HTTPS, Telnet, SNMP, and NetBios
B. FTP, Telnet, SMTP, HTTP, and HTTPS
The Biba model was developed to protect which of the following? A. Availability B. Integrity C. Confidentiality D. Access Control
B. Integrity
The statement "Promote professionalism among information system security practitioners through the provisioning of professional certification and training" is an example of a/an: A. Objective B. Mission statement C. Goal D. Vision
B. Mission statement
Authentication, encryption, and ACLs are examples of: A. Administrative controls B. Technical controls C Defense in depth D. Detective controls
B. Technical controls
Which type of firewall can be described as "a device that filters traffic based on its source IP address, destination IP address, and their respective ports"? A. A dynamic firewall B. An Application layer firewall C. A static packet filtering firewall D. A "straight out of Compton" firewall
C. A static packet filtering firewall
Which authentication protocol commonly used for PPP links encrypts both the user name and password, uses a challenge/handshake response to prevent replay attacks, and periodically re-authenticates its use in a given session? A. PAP B. EAP C. CHAP D. DOG
C. CHAP
The Bell-LaPadula model was developed to protect which of the following? A. Availability B. Integrity C. Confidentiality D. Access Control
C. Confidentiality
Signs, guards, guard dogs, and visible notices are examples of... A. Administrative controls B. Corrective controls C. Preventive controls D. Detective controls
C. Preventive controls
Which type of cipher operates in real time on a single character or single bits of data? A. Block B. Rolling C. Stream D. Continuous
C. Stream
Which type of encryption only uses one shared key to encrypt and decrypt? A. Public key B. Asymmetric C. Symmetric D. TCB Key
C. Symmetric
What is used to create a digital signature? A. The receiver's private key B. The sender's public key C. The sender's private key D. The receiver's public key
C. The sender's private key
There are four common VPN protocols. Which group of the four below contains all of the common VPN protocols? A. PPTP, LTP, L2TP, and IPSec B. PPP, PPTP, L2TP, and IPSec C. PPTP, L2TP, IPSec, and TLS D. L2F, L2TP, PPTP, and IPSec
D. L2F, L2TP, PPTP, and IPSec
Who is ultimately responsible for making sure data is classified and protected? A. Data owners B. Users C. Administrators D. Management
D. Management The key word here is "ultimately". Remember that senior managers are always responsible/liable for security.
An employee allows another employee to have access to his digital signature password. What do you do to his certificate? A. Suspend it B. Destroy it C. Transfer it D. Revoke it
D. Revoke it
You are working on a Linux system and receive an access denied error when attempting to open a file you just created. Which command would you use to change the file's attributes to allow you to open it? A. pwd B. sudo C icacls D. chmod
D. chmod
________________________ are often dynamically linked libraries (.dll files), which define the capabilities of a program, that provide the instructions for how the software can interface with pieces of hardware. Master Boot Record Ransomware Firmware Device Drivers
Device Drivers
The DREAD rating system is designed to provide a flexible rating solution that is based on the answers to five main questions about each threat: Damage potential, Reproducibility, Exploitability, Affected users, and __________. Confidentiality Annual Probability of Damage Privileged Operations Discoverability
Discoverability
What is the intent of least privilege, the principle of least privilege? Enforce the most restrictive rights required by users to complete assigned tasks. Enforce the most restrictive rights required by users to run system processes. Enforce the least restrictive rights required by users to complete assigned tasks. Enforce the least restrictive rights required by users to run system processes.
Enforce the most restrictive rights required by users to complete assigned tasks.
A zero day exploit takes advantage of a publicly known vulnerability. True False
False
An issue-specific security policy focuses on issues relevant to every aspect of an organization. True False
False
Apple should not perform ongoing security monitoring of their supply chain since they are planning to be 100% carbon neutral by 2030. True False
False
Bruce Schneier was involved in developing the first public key algorithm. True False
False
From a forensic perspective PsExec is secure, it does not cache logon credentials. True False
False
If I were sending out an invite to a party over a network protocol and wanted to know who had RSVP'ed I would use the UDP protocol. True False
False
Private IPv4 address 172.331.255.255 is an example of a full Class A address, as defined by Request For Comment 1918. True False
False
Security management is a responsibility of IT staff and considered part of IT administration. True False
False
DES Stands for Date Encryption Signature? True False
False Data Encryption Standard
EPROM is the type of memory device usually used to contain a computer's motherboard BIOS. True False
False That's EEPROM
Role-based Access Control classifies subjects into security labels and compares it to the object's label to grant access if the two labels match. Role-based access control was designed to support military needs to protect sensitive data by restricting it to those who "need-to-know". True False
False That's Mandatory Access Control (MAC) - MAC
What must you turn off in dual homed firewalls? Automatic Updates DNS Services IP Forwarding Packet Sniffing
IP Forwarding
There are four common VPN protocols. Which group of the four below contains all of the common VPN protocols? PPTP, LTP, L2TP, and IPSec TLS, IPSec, PPTP, L2TP PPP, PPTP, L2TP, and IPSec IPSec, PPTP, L2F, L2TP
IPSec, PPTP, L2F, L2TP
Unfortunately, MS-CHAP and MS-CHAP v-2, suffer from vulnerabilities. Instead of using MS-CHAP, many people have migrated to _____ or ______ or some other type of secure VPN communication. IPSec or LDAP L2TP or RDP L2TP or IPSec Putty or L1TP
L2TP or IPSec
The ________ file holds information on all of the domain users and their credentials, why is the information in this file not very easy to steal or download? Because it is stored in memory. It is also hashed. NTDS.dit Active Directory Domain Control NTSC.secure
NTDS.dit
The Sarbanes-Oxley Act of 2002 is an example of regulation regarding what? Privacy Documentation Service-level agreements Compliance
Privacy Also HIPAA, FERPA, Gram-Leach-Bliley Act, PCI-DSS and GDPR have Privacy requirements.
This level of commercial business sector classification is used for all data that does not fit in one of the higher classifications and its disclosure does not have a serious negative impact on the organization. Unclassified Public Sensitive For Office Use Only
Public
What is the name of a program that is used to remote into machines that have a different OS from which you are using? Virtual Machine Remote Desktop Protocol Putty Remote Connect
Putty
If a company has a high turn-over rate, which access control structure is best? Role-based Decentalized Rule-based Discretionary
Role-based A role-based ... It is easier on the administrator if she only has to create one role, assign all of the necessary rights and permissions to that role, and plug a user into that role when needed. Otherwise, she would need to assign and extract permissions and rights on all systems as each individual came and left the company.
Which of the following types of memory might retain information after being removed from a computer, thus representing a security risk? Static RAM SDRAM Secondary Memory Real Memory
Secondary Memory
What are the two main types of email encryption standards discussed during our lecture? MIME and RC4 Pretty Good Privacy and SHA-32 Secure MIME and Pretty Good Privacy MIME and GNU Privacy Guard
Secure MIME and Pretty Good Privacy
What is the collection of practices related to supporting, defining, and directing the security efforts of an organization? Security policy top-down approach Change management Security governance
Security governance
______ is a centralized authentication database that administers access to multiple resources. Active Directory Multi-factor authentication Kerberos Single Sign On
Single Sign On
If a company uses and outside organization to handle some business functions and for security governance it is called: Risk transference Documentation review Third-party governance Authorization to operate
Third-party governance
Which of the following statements about Crossover Error Rate (CER) is true: This is the point where the False Accept Rate falls below 50% This is the point where False Reject Rate and False Accept Rate add to 100% This is the point where the False Reject Rate falls below 50% This is the point where False Rejection Rate and False Acceptance Rate are equal
This is the point where False Rejection Rate and False Acceptance Rate are equal
The ____________ service creates a back up snapshot of content stored on a Windows workstation or server at predefined intervals. Password Hash Volume Shadow Shadow Banning RegEdit
Volume Shadow
It is recommended that employees be terminated during which day of the week: Friday Saturday Wednesday Monday
Wednesday The book says end of shift midweek