ITM 350 Quiz Chapter 1
You have configured a firewall in your network to block ICMP traffic. You want to verify that it is blocking this traffic. Which of the following commands would you use? -arp -ipconfig -netstat - ping
- ping
Your organization wants to reduce the amount of money it is losing due to thefts. Which of the following is the BEST example of an equipment theft deterrent? -Snapshots -Cable locks -Strong passwords -Persistent VDI
-Cable locks
Which type of virtualization allows a computer's operating system kernel to run multiple isolated instances of a guest virtual machine, with each guest sharing the kernel? -Container virtualization -Type I hypervisor virtualization -Type II hypervisor virtualization -VDE
-Container virtualization
You need to transmit PII via email and you want to maintain its confidentiality. Which of the following choices is the BEST solution? -Use hashes. -Encrypt it before sending. -Protect it with a digital signature. -Use RAID.
-Encrypt it before sending.
As the CTO, Marge is implementing a security program. She has included security controls to address confidentiality and availability. Of the following choices, what else should she include? -Ensure critical systems provide uninterrupted service. -Protect data-in-transit from unauthorized disclosure. -Ensure systems are not susceptible to unauthorized changes. -Secure data to prevent unauthorized disclosure.
-Ensure systems are not susceptible to unauthorized changes.
Your organization is considering virtualization solutions. Management wants to ensure that any solution provides the best ROI. Which of the following situations indicates that virtualization would provide the best ROI? -Most physical servers within the organization are currently utilized at close to 100 percent. -The organization has many servers that do not require failover services. -Most desktop PCs require fast processors and a high amount of memory. -Most physical servers within the organization are currently underutilized.
-Most physical servers within the organization are currently underutilized.
Your organization has implemented a VDI for most users. When a user logs off, the desktop reverts to its original state without saving any changes made by the user. Which of the following BEST describes this behavior? -Container virtualization -VM escape -Non-persistence -Elasticity
-Non-persistence
Apu manages network devices in his store and maintains copies of the configuration files for all the managed routers and switches. On a weekly basis, he creates hashes for these files and compares them with hashes he created on the same files the previous week. Which of the following use cases is he MOST likely using? -Supporting confidentiality -Supporting integrity -Supporting encryption -Supporting availability
-Supporting integrity
Management has mandated the use of digital signatures by all personnel within your organization. Which of the following use cases does this primarily support? -Supporting confidentiality -Supporting availability -Supporting obfuscation -Supporting non-repudiation
-Supporting non-repudiation
You are preparing to deploy a new application on a virtual server. The virtual server hosts another server application that employees routinely access. Which of the following is the BEST method to use when deploying the new application? -Take a snapshot of the VM before deploying the new application. -Take a snapshot of the VM after deploying the new application. -Ensure the server is configured for non-persistence. -Back up the server after installing the new application.
-Take a snapshot of the VM before deploying the new application.
Louie hid several plaintext documents within an image file. He then sent the image file to Tony. Which of the following BEST describes the purpose of his actions? -To support steganography -To support integrity -To support availability -To support obfuscation
-To support obfuscation
Users within your organization access virtual desktops hosted on remote servers. This describes which of the following? -VDE -Snapshots for non-persistence -Type I hypervisors -VM sprawl
-VDE
Administrators frequently create VMs for testing. They sometimes leave these running without using them again after they complete their tests. Which of the following does this describe? -VM escape -VDI snapshot -VM sprawl -Type II hypervisor
-VM sprawl
Ned is not able to access any network resources from his Linux-based computer. Which of the following commands would he use to view the network configuration of his system? -ifconfig -ipconfig -netstat -tracert
-ifconfig
You are considering rebooting a database server and want to identify if it has any active network connections. Which of the following commands will list active network connections? -arp -ipconfig -ping -netstat
-netstat
What are factors that must be considered during Resource vs. Security Constraints discussions?
Organizations frequently need to balance resource availability. Consider using encryption to maintain the confidentiality of data. Encryption consumes resources.
Persistent vs. non-persistent VMs
Persistent: when you shut down everything is still there None-persistent: when you shut down everything is reset, saved things won't be there after reset
Integrity
Provides assurance that data has not changed
What are methods to ensure availability?
Redundancy and Fault Tolerance Patching Resource verse Security Constraints
What is application cell or container virtualization?
Sandboxing, ex. If a website crashes the whole web browser won't crash
Confidentiality
prevents the unauthorized disclosure of data.
Define risk mitigation
reduces the chances that a threat will exploit a vulnerability.
ARP
resolves IP addresses to MAC addresses and stores the result in the ARP cache.
Application Cell/Container Virtualization
runs services or applications within isolated application cells (or containers).
ipconfig
show the network settings on a Windows computer, but it doesn't identify failed routers.
netstat
shows active connections and other network statistics on a local system, but it doesn't identify network paths.
What is a digital signature?
A signature is mathematically generated from a hash of something to be signed, plus the private key for each address. Self explanatory
Define vulnerability
A weakness like, in the hardware, the software, the configuration, or even the users operating the system.
What is the goal of combining controls?
Create defense in depth
What are two common types of Command Line?
DOS and Bash Shell
Common methods to ensure confidentiality
Encryption Access Controls Steganography and Obfuscation
Primary means to enforce Integrity
Hasing Digital Signatures
ifconfig
It is for Linux-based systems instead of ipconfig. A benefit of it is that it has more capabilities than ipconfig, allowing you to use it to configure the NIC in addition to listing the properties of the NIC.
What are three risks associated with virtualization?
VM escape - we don't like it, it is bad VM sprawl - losing track of your VMs Loss of Confidentiality
Types of hypervisors
Type I hypervisors run directly on the system hardware. They are often called bare-metal hypervisors because they don't need to run within an operating system. Type II hypervisors run as software within a host operating system.
What is a hash?
a number created by executing a hashing algorithm against data, such as a file or message.
What is virtualization?
a popular technology used within large data centers and can also be used on a regular personal computer.
Snapshot
a view of data at a particular moment in time or backup data
Define security incident
an adverse event or series of events that can negatively affect the confidentiality, integrity, or availability of an organization's information technology (IT) systems and data.
Define threat
any circumstance or event that has the potential to compromise confidentiality, integrity, or availability.
ping
basic command used to test connectivity for remote systems.
Use Case
describes a goal that an organization wants to achieve.
Define Availability
indicates that data and services are available when needed.
tracert
lists the routers between two systems. identifies the IP address and sometimes the host name of each hop in addition to the round-trip times (RTTs) for each hop.
What is non-repudiation?
the assurance that someone cannot deny the validity of something.
Define risk
the possibility or likelihood of a threat exploiting a vulnerability resulting in a loss.
List the three core security goals: CIA
· Confidentiality · Integrity · Availability
Five goals of security controls. Examples
•Deterrent: attempt to discourage individuals from causing an incident. •Preventive: attempt to prevent an incident from occurring. •Detective: attempt to detect incidents after they have occurred. •Corrective: attempt to reverse the impact of an incident. •Compensating: alternative controls used when a primary control is not feasible.
Elements of Virtual Machines (VMs).
•Hypervisor - Type I or Type II •Host •Guest
What are the three types of security controls? Examples.
•Technical: Encryption •Administrative: Risk Assessments •Physical: Something you can touch like lighting, signs, fences
What are 3 common VM platforms?
•VMware •Hyper-V •Oracle Virtual Box