ITSY 1300 Chapter 5-8 Test
False
A SOC 1 report primarily focuses on security.
True
A functional policy declares an organization's management direction for security in such specific functional areas as email, remote access, and Internet surfing.
True
A successful change control program should include the following elements to ensure the quality of the change control process: peer review, documentation and back-out plans.
Baseline
Ann is creating a template for the configuration of Windows servers in her organization. It includes the basic security settings that should apply to all systems. What type of document should she create?
Inherit the permissions of the parent folder so that all subfolders will have the same permissions as the parent.
By default, Windows will:
False
Certification is the formal agreement by an authorizing official to accept the risk of implementing a system.
True
Classification scope determines what data you should classify; classification process determines how you handle classified data.
True
Company-related classifications are not standard, therefore, there may be some differences between the terms "private" and "confidential" in different companies.
False
During the secure phase of a security review, you review and measure all controls to capture actions and changes on the system.
SOC 3
Emily is the information security director for a large company that handles sensitive personal information. She is hiring an auditor to conduct an assessment demonstrating that her firm is satisfying requirements regarding customer private data. What type of assessment should she request?
Black-box test
Fran is conducting a security test of a new application. She does not have any access to the source code or other details of the application she is testing. What type of test is Fran conducting?
Secure Sockets Layer (SSL)
Gina is preparing to monitor network activity using packet sniffing. Which technology is most likely to interfere with this effort if used on the network?
Specific areas of access should be determined and they should be as restrictive as possible.
If it is impractical to place guest users in a secure network, isolated from the production network by firewall barriers, then:
Display filters
In Wireshark, which of the following enable you to find only the traffic you wish to analyze?
Authorizing official (AO)
In an accreditation process, who has the authority to approve a system for implementation?
SQL injection
In what type of attack does the attacker send unauthorized commands directly to a database?
Active Directory
Makes the process of accessing machines that are not on the domain much easier.
Project initiation and planning
Marguerite is creating a budget for a software development project. What phase of the system lifecycle is she undertaking?
Builtin (built-in)
Members of the ____________ group called Remote Desktop Users are allowed to use the remote desktop services to connect to remote machines.
The roles of Confidentiality and Integrity most frequently
Microsoft Windows Active Directory provides capabilities in all three of the CIA areas, and the domain administrator will be called upon to implement:
False
Often an extension of a memorandum of understanding (MOU) , the blanket purchase agreement (BPA) serves as an agreement that documents the technical requirements of interconnected assets.
Modify
On a Windows network share, if the user can add, edit and delete files and folders within the LabFiles folder, what type of access controls and permissions are probably configured?
Read and execute
On a Windows network share, if the user can view the folder's contents as well as execute scripts, what type of access controls and permissions are probably configured?
True
Regarding an intrusion detection system (IDS), stateful matching looks for specific sequences appearing across several packets in a traffic stream rather than just in individual packets.
Details on major issues
What information should an auditor share with the client during an exit interview?
on either a local or domain level
Windows Group Policy can be used _____________ to control access to many local computer and network resources such as drives, Internet access, kiosk mode, etc.
Threat
Aditya is attempting to classify information regarding a new project that his organization will undertake in secret. Which characteristic is NOT normally used to make these type of classification decisions?
Access Control Lists
By creating users, assigning those users to groups, and then applying groups to resources in the domain, the administrator sets up both authentication using the Active Directory Domain authentication policies, and builds a series of nested ___________ to control the access to domain resources.
Prudent
Christopher is designing a security policy for his organization. He would like to use an approach that allows a reasonable list of activities but does not allow other activities. Which permission level is he planning to use?
Does the firewall properly block unsolicited network connection attempts?
Curtis is conducting an audit of an identity management system. Which question is NOT likely to be in the scope of his audit?
Disable inheritance
From the LabFiles Properties dialog box, which of the following options is necessary to enable you to specify permissions for each subfolder?
Waterfall
In what software development model does activity progress in a lock-step sequential process where no phase begins until the previous phase is complete?
Security information and event management (SIEM)
Isaac is responsible for performing log reviews for his organization in an attempt to identify security issues. He has a massive amount of data to review. What type of tool would best assist him with this work?
Authorization
Janet is identifying the set of privileges that should be assigned to a new employee in her organization. Which phase of the access control process is she performing?
Separation of duties
Karen is designing a process for issuing checks and decides that one group of users will have the authority to create new payees in the system while a separate group of users will have the authority to issue checks to those payees. The intent of this control is to prevent fraud. Which principle is Karen enforcing?
List folder contents
On a Windows network share, if the user can browse a file but cannot copy or modify it, what type of access controls and permissions are probably configured?
False
The four main types of logs that you need to keep to support security auditing include event, access, user and security.
Configuration control
Which activity manages the baseline settings for a system or device?
Frame summary
Which of the following refers to the top pane of the Wireshark window that contains all of the packets that Wireshark has captured, in time order and provides a summary of the contents of the packet in a format close to English?
Laws
Which of the following would NOT be considered in the scope of organizational compliance efforts?
Packet capture file
Before analyzing packets in NetWitness Investigator, you must first create a collection and then import a(n):
Service level agreement (SLA)
Biyu is making arrangements to use a third-party service provider for security services. She wants to document a requirement for timely notification of security breaches. What type of agreement is most likely to contain formal requirements of this type.
An organization should share its information.
What is NOT a principle for privacy created by the Organization for Economic Cooperation and Development (OECD)?
IT Infrastructure Library (ITIL)
What is a set of concepts and policies for managing IT infrastructure, development and operations?
Request, impact assessment, approval, build/test, implement, monitor
What is the correct order of steps in the change control process?
System integrity monitoring
What type of security monitoring tool would be most likely to identify an unauthorized change to a computer system?
4 echo replies
When the 172.30.0.10 IP host responded to the ICMP echo-requests, how many ICMP echo-reply packets were sent back tot he vWorkstation?
Memorandum of understanding (MOU)
Which agreement type is typically less formal than other agreements and expresses areas of common interest?
Signature detection
Which intrusion detection system strategy relies upon pattern matching?
Two-factor authentication
Which of the following combines something you know (e.g. password) with something you are (e.g. fingerprint) or something you possess (e.g. USB stick) and can also employ a certificate system that adds a distinct third layer to the authentication process?
Wireshark
Which of the following is a freeware tool providing basic packet capture and protocol decoding capabilities?
Active Directory
Which of the following is the database that provides a centrally controlled and managed access and security management system for an organization's Windows computer systems?
Windows Group Policy
Which of the following is the mechanism on a Windows server where you can administer granular policies and permissions on a Windows network using role-based access?
NetWitness Investigator
Which of the following provides security practitioners with a deep packet inspection tool used for examining everything from the data link layer up to the application layer?
Hex pane
Which of the following refers to the bottom pane of the Wireshark window where all of the information in the packet is displayed in hexadecimal on the left and in decimal, in characters when possible, on the left?
Frame detail
Which of the following refers to the middle pane of the Wireshark window that is used to display the packet structure and contents of fields within the packet?
These guest users can be issued local, self-signed certificates that expire on a specific date and limit the guest's access.
Which of the following statements is true regarding guest users who require a higher degree of access?
Change your passwords frequently
Which of the following statements is true regarding the rules for password selection?
SSH encrypts the data transmission between the SSH client and the SSH host to maintain confidentiality.
Which of the following statements is true when using SSH to remotely access a Cisco router?
The Group Policy Object Editor
Which of the following tools is used to modify permissions on the TargetWindowsDC01 server to allow new users to use the remote desktop services?
The Tftpd64 application
Which of the following uses the TFTP (Trivial File Transfer Protocol) to send (put) or receive (get) files between computers?
Integrity
Which part of the CIA triad refers to maintaining and assuring the accuracy of data over its life-cycle?
Availability
Which part of the CIA triad refers to making sure information is obtainable when needed?
Confidentiality
Which part of the CIA triad refers to preventing the disclosure of secure information to unauthorized individuals or systems?
Network mapping
Which security testing activity uses tools that scan for services running on systems?