MIS 415 TEST 2
Many organizations are moving to virtualized infrastructures because (select all that apply):
- It reduces physical server counts - It reduces power & HVAC consumption - It reduces downtimes
Why do attackers find opportunities to fulfill their motives? Select all that apply.
- Poor infrastructure management - Install and forget dilemma - Poor account administration - Inadequate awareness
When a threat becomes a valid attack, it is classified as an information security incident if: (check all that apply):
-It is directed against information assets -It threatens the confidentiality, integrity, or availability of information assets -It has a realistic chance of success
New countermeasures have reduced a company's 40% vulnerability risk BY 30%. What is the new percentage of this company's remaining residual risk for the vulnerability?
28%
Given the address 128.196.35.40, which part of the address represents a host number on the subnet?
40
A multi-component threat that uses a variety of access points to penetrate or glean information is:
A Multi-vector threats
Which of the following is NOT true of Asymmetric encryption?
A receiver can use either of the two keys, used by the sender, to decrypt a message
The process of mutual authentication involves:
A user authenticating to a system and the system authenticating to the user
A vulnerability is:
A weakness in design, procedure or defenses
Disaster Recovery and Business Continuity are really the same thing. That is why many combine them into a Business Resumption Plan.
FALSE
Employees are not as much of a security problem as technology.
FALSE
For log files derived from high impact systems, encrypting rotated and archived log files is not recommended because it would increase the access difficulty for analysts.
FALSE
IPSec has two modes: Tunnel Mode and Connectionless Mode.
FALSE
If you use a Message Digest function on a 5 page document, the resulting signature will be 5 pages of cipher text.
FALSE
In business continuity, a cold site offers faster recovery time than a hot site.
FALSE
In cryptology, the smaller the size of the key space, the stronger the encryption and the more difficult it to break.
FALSE
In encryption, if one loses the key, the data can always be de-crypted by other means.
FALSE
In general, configuration management of a database management system is not a point of vulnerability because the default settings from the vendor are always set for the most secure scenario.
FALSE
In the second phase of the 6-phase planning approach cycle, risks are identified and ranked.
FALSE
Information Security policies only exist to avoid litigation.
FALSE
It is not a good idea to include components of information security in performance reviews.
FALSE
It is not possible to eavesdrop on modern smartphone conversations.
FALSE
MD5 and SHA-1 are examples of block encryption algorithms.
FALSE
Mandatory Access Controls are standard in all database managemetn systems.
FALSE
Metrics are really only useful to the CEO and top managers.
FALSE
Mobile applications are not susceptible to malware and virus problems.
FALSE
Most database encryption mechanisms solve the problem of securing data-at-reset as well as data-in-motion.
FALSE
Most planning approaches have 3 basic levels: strategic, tactical and disaster planning.
FALSE
Most technical vulnerabilities exist in hardware and firmware.
FALSE
NoSQL database use Structured Query Language.
FALSE
OSI is a set of rules that describes how security devices stop attacks.
FALSE
Oversimplification of a security metric, for the sake of clarity, is advisable.
FALSE
PCI DSS is a law applying to all federal, state, and local government agencies.
FALSE
PKI is a special encryption system.
FALSE
Risk assessment is the actual treatment of risk.
FALSE
SETA is a program that derives long-term benefits not short-term benefits.
FALSE
Security Information and Event Management (SIEM) systems are based on a single standard and most are non-proprietary.
FALSE
Strategic planning is "what are we going to do?" and "how are we going to do it?"
FALSE
The SQL statement "DROP TABLE employee" only removes the index associated with the employee table.
FALSE
The certificate revocation list (CRL) is an element of the registration portion of the PKI chain of trust.
FALSE
The majority of cyber attacks are shifting from financial gain motives to more ego and political motives.
FALSE
Today's threat trends show attackers having high knowledge and skill backgrounds regarding exploits.
FALSE
Transparent Data Encryption protects data-in-motion to and from the application and database system.
FALSE
Using a Message Digest is a good way to encrypt a document.
FALSE
While SQL injection can be used to gain unintended access, it can never be used to escalate privileges.
FALSE
Which of the following would not be an Applications Log File category? Select the best answer.
Firewall logs
Which of the following is not an advantage of a centralized access control administration?
Flexibility
COBOL Top-Down
Helps planners identify and prioritize critical unit functions
Why are business unit analysis important in the BIA process?
Helps planners identify and prioritize critical unit functions
An access control model should be applied in a _________ manner.
Preventive
Which of the following is not true regarding IPSec?
In Transport Mode, the entire IP packet is encrypted
A user with read-only view privileges is able to modify a value in a database field. This is an example of which primary database threat?
Integrity
What is the reason for enforcing the separation of duties?
No one person can complete all the steps of a critical activity
A company is considering two expensive countermeasures to reduce a risk. The impact of this particular attack type, on the company, is estimated at $1,500,000 in losses. The company feels there is a 40% chance of the incident occurring. Option-A would cost $100,000 and reduces the chance of the occurrence from 40% to 25%Option-B would cost $120,000 and reduces the chance of occurrence from 40% to 20%What is the Return on Security Investment (ROSI) for both options?
Option-A = $125,000 and Option-B = $180,000
A company is considering two expensive countermeasures to reduce a risk. The impact of this particular attack type, on the company, is estimated at $1,500,000 in losses. The company feels there is a 40% chance of the incident occurring.Option-A would cost $100,000 and reduces the chance of the occurrence from 40% to 25%Option-B would cost $120,000 and reduces the chance of occurrence from 40% to 20%What is the Return on Security Investment (ROSI) for both options?
Option-A = $125,000 and Option-B = $180,000
In discretionary access control security, who has delegation authority to grant access to data?
Owner
Which of the following is the industry standard for securing credit card data?
Payment Card Industry Data Security Standard
Which of the following roles in Log Management Planning is typically responsible for managing and monitoring the log management infrastructure?
Security Administrators
Which of the following would be an example of the awareness training aspect discussed in the NIST model?
Security awareness posters in staff lounges
What determines if an organization is going to operate under a discretionary, mandatory, or non-discretionary access control model?
Security policy
Log compression and reduction is a feature of which Log Management Infrastructure Function? Select the best answer.
Storage
What does SQL stand for?
Structured Query Language
Match each security policy type with its best match.
System-specific = Managerial and technical guidance Enterprise = Link to vision and mission statements Issue-specific = An overall policy regarding document storage
Which of the following protocols is considered connection oriented?
TCP
A Business Continuity Plan ensures that critical business functions can continue in the case of a disaster.
TRUE
A Business Continuity Plan is typically invoked or executed after a devastating attack or disaster that cripples an organization's primary site of business.
TRUE
A Key Performance Indicator (KPI) is a measure of how well something is being done.
TRUE
A Media Access Control address uniquely identifies a network interface card.
TRUE
A TCP handshake exchange is often used by hackers to gather information on which systems are reachable in a network.
TRUE
A layer 3 switch can also serve as a router.
TRUE
A major challenge for log file collection is that systems use different formats and date/time markings for log entries.
TRUE
A packet filtering firewall looks at the destination and source addresses, ports, and services.
TRUE
A single countermeasure may eliminate multiple threats beyond what the countermeasure was originally intended.
TRUE
A transaction Manager is a function of the database management software.
TRUE
After the creation of a formal policy to establish business continuity plans, a BIA is the first major phase in the business contingency planning cycle.
TRUE
An Intrusion Prevention System (IPS) monitors suspicious network traffic and can react to block traffic in real-time.
TRUE
An RFID tag is an electronic device that holds data.
TRUE
An organization's risk appetite defines the level of acceptance as it evaluates security control trade-offs.
TRUE
Awareness training is informational and attempts to provide recognition. It serves to answer the "what" questions of security.
TRUE
Because the attention span of people is short, awareness training must be repeated and refreshed frequently.
TRUE
Business Resumption focuses on the remaining unrestored functions of an organization after a disaster.
TRUE
Collecting logs from Tier-1 hosts onto multiple intermediate servers and subsequently transmitting the logs centrally is a valid configuration for Tier-2 architecture.
TRUE
Crisis Management is a series of focused steps that deal with the safety and state of employees and their families during and after a disaster.
TRUE
Cryptanalysis is a process of deciphering the original message from an encrypted message without knowing the algorithm and keys.
TRUE
DES is a less desirable encryption cipher than AES because of the size of its key space.
TRUE
Data can be easily transferred to a mobile device just like a USB thumb drive.
TRUE
Database Shadowing options for BC is essentially the same as combining capabilities of Electronic Vaulting and Remote Journaling.
TRUE
Digital signatures are used to verify the authorship or origin of digital data.
TRUE
Due to a lack of quality Business Continuity planning, over half of the businesses, forced to close their doors because of a disaster, never reopen.
TRUE
Encapsulation is a term that describes the addition of headers and trailers onto a data payload as it is makes its way from layer 7 to layer 1 of the OSI model.
TRUE
Encryption key management is often seen as a risk associated with database encryption.
TRUE
Ensuring a critical business partner has proper countermeasures in place is, in itself, a form of countermeasure for an organization.
TRUE
Full interruption testing of business continuity plans are not frequently (if at all) done by most organizations because they are expensive and disruptive to operations.
TRUE
HTTP is an example of a protocol handled at the Application layer of the OSI model.
TRUE
If a VPN connection is established from home with a device within a corporate network, any potentially harmful packets will go undetected by the corporate Intrusion Detection System.
TRUE
If a disaster is bad enough, a Business Continuity Plan could be executed prior to or concurrent with a Disaster Recovery Plan.
TRUE
If an ethical hacker hacks into a site, without explicit authorization, with the intend to notify the owner of a vulnerability, it is a crime.
TRUE
If an organization does not have a vulnerability for a known threat vector then an immediate threat does not exist.
TRUE
If countermeasures are adequate to stop an attack, then the attack does not become an incident.
TRUE
In DR Planning, the purpose of examining existing countermeasures is to identify how well an organization is prepared for a disaster or if new or updated controls are necessary.
TRUE
In SQL, system level privileges of CREATE, ALTER and DROP allow actions on database tables, indexes and views.
TRUE
In the Crisis Management phase of the 6-phase approach protocols are established to assess and limit damage.
TRUE
Incident Response Planning uses the BIA to focus in on what countermeasures, if any, exist and if they are adequate to mitigate an end-case scenario threat.
TRUE
Information Security training is oriented towards skills and practical knowledge and attempts to answer the "how" questions.
TRUE
It is possible to infect an RFID tag and have the malware transfer to back-end databases when the tag is scanned.
TRUE
Kerberos is a client/server authentication mechanism.
TRUE
Logs are necessary for regulatory compliance areas like FISMA and SOX.
TRUE
Man-in-the-Middle attacks are accomplished by ARP cache poisoning and becoming the "router" between two network nodes.
TRUE
Metrics enable an understanding of security controls and allow an organization to focus limited resources on that which most needs fixing.
TRUE
Most information security frameworks are initiated out of an organization's risk assessment and the need to mitigate risk.
TRUE
Operational planning is short term in nature.
TRUE
Oreck's disaster recovery plan was to use their New Orleans site in the case of a disaster at Long Beach and visa-versa.
TRUE
PCI DSS applies to public and private sectors where an organization accepts, processes, stores, and transmits credit or debit card data.
TRUE
PCI DSS focuses on merchants and merchant service providers.
TRUE
Planning is a process that creates and implements strategies oriented towards the accomplishment of organizational objectives.
TRUE
Policies must have enforced consequences to be effective.
TRUE
Qualitative metrics are subjective in nature.
TRUE
Quantitative metrics are actual number values that are tracked over time.
TRUE
Residual Risk is an uncovered element of a vulnerability (known or unknown) resulting from the level and effectiveness of safeguards.
TRUE
SQL injection is one of the most prominent forms of web hacking.
TRUE
Security awareness training must be taken to the employees and be consistent, to the point and repeated frequently.
TRUE
Security planning is the best first step towards effective countermeasures.
TRUE
Security reviews are a less formal means of auditing and are typically done to checkpoint the effectiveness of security measures.
TRUE
TDE allows for transparent data encryption for authorized access users.
TRUE
The DBA role has all database administration privileges.
TRUE
The OSI session layer handles connections between applications while the transport layer handles connections between systems.
TRUE
The bottom-up approach to metrics yields the most easily obtainable metrics however many metrics collected in this approach may not be suitable for top-management.
TRUE
The goal of SecSDLC is to ensure information security is addressed throughout a project's life cycle.
TRUE
The network database type is a modification of the Hierarchical type which added more flexibility and many-to-many relationship ability.
TRUE
Top-down approaches to metric formation is often easier when identifying the metrics that Should be in place.
TRUE
Transparent Data Encryption, whether column or table level, is a two-tiered based encryption architecture.
TRUE
WPA is preferred over WEP for use in wireless encryption.
TRUE
Wireless LANs are susceptible to the same protocol-based attacks that plague wired LANs.
TRUE
With TDE, individual columns in a table can be encrypted if they have sensitive information.
TRUE
Why did Oreck's disaster recovery plan fail?
The disaster recovery site was too close and was also rendered unusable
You run the phrase "I love fruit" through a message digest function. Then you change the phrase to "I love fruet" and run it through the message digest function again. What would you notice?
The signature or fingerprint of the message would change
A window of vulnerability is (select the best answer):
The time-frame within which defense measures are reduced, compromised or lacking
Which of the following statements correctly describes passwords?
They are the least expensive and least secure
Which of the following statements correctly describes biometric methods?
They are the most expensive and provide the most protection
DES and 3DES are examples of:
cipher algorithm
Which of the following information assurance areas is the main benefactor of encryption?
confidentiality
If a table has many columns that contain sensitive information, which TDE approach would be more applicable?
tablespace encryption
Which of the following are points of the threat vector model?
Agents Motive Means Opportunity
Which of the following would not be a security precaution for a mobile device? Select the best answer.
All of above are valid - VPN for connections - Screenlock password - File encryption -Disallow rogue Wi-Fi connections
Which of the following is true with respect to SETA programs? Select the best answer.
All of the above
Which of the following is true with respect to SETA programs? Select the best answer.
All of the above - Encourages desirable behavior from employees - Strengthens organizational defensive layers - Helps employees see their role in security - Reduces an organization's risk
From a media perspective, why is it important to consider log retention times?
All of the above -Media shelf-life -Media readability - Environmental requirements
Which of the following would be considered a Security Auditing tool? Select the best answer.
All of the above are Security Auditing tools - Social Engineering - Security Checklists - Web application testers - Vulnerability scanners
Which of the following would not be an element of a security program? Select the best answer.
All of the above are elements
Which of the following would not be considered a valid countermeasure (select the best answer)?
All of the above are valid countermeasures -- Anti-Spyware software Awareness training Spare hard drives for systems Encryption of data in transit Policy and procedures on account retirement
What is the major difference between security auditing and security monitoring? Select the best answer.
Audits are generally periodic evaluations while monitoring is an ongoing or constant activity to ensure compliance
A password is mainly used for what function?
Authentication
What role does biometrics play in access control?
Authentication
What type of attack attempts all possible solutions?
Brute force
A company's past year Annual Loss Expectancy (ALE) for a particular vulnerability was $50,000. New security measures were put in place which brought the current year's ALE down to $30,000. IF the annual cost of the security measure is $10,000, what is the current Cost Benefit Analysis (CBA) figure associated with this measure?
$10,000
The estimated annual impact cost of a particular security incident is $10,000. The probability of the incident occurring is estimated at 30%. If a security device is purchased (costing $5,000) the current probability of the incident occurring is reduced by (not reduced to) 5%. What is the Modified Annual Loss Expectancy (mALE)?
$2,850
Which of the following is the correct risk evaluation formula (L=likelihood, A=asset value, C=control mitigation, U=uncertainty):
(L x A) - C + U
Risk estimates for a particular vulnerability are calculated as
(Likelihood x Asset Value) -percentage of current controls + percentage of uncertainty
Risk estimates for a particular vulnerability are calculated as:
(Likelihood x Asset Value) -percentage of current controls + percentage of uncertainty
Which of the following are points of the threat vector model?
- Agents - Motive - Means - Opportunity
Place the risk assessment steps in the proper order.
1 - System Characterization 2 - Threat Identification 3 - Vulnerability Identification 4 - Control Analysis 5 - Likelihood Determination 6 - Impact Analysis 7 - Risk Determination 8 - Control Recommendation 9 - Results Documentation
Place the risk assessment steps in the proper order.
1 System Characterization 2 Threat Identification 3 Vulnerability Identification 4 Control Analysis 5 Likelihood Determination 6 Impact Analysis 7 Risk Determination 8 Control Recommendation 9 Results Documentation
Place the following SecSDLC phases in proper order.
1. Investigation 2. Analysis 3. Logical Design 4. Physical Design 5. Implementation 6. Maintenance
Place the following planning events in their most proper order.
1. Organizational Strategy 2. Information Technology Strategy 3. Information Security Strategy 4. Information Security Tactical Planning 5. Information Security Operational Planning
Place the following Information Security Program Life Cycles in their proper order.
1. Plan & Organize 2. Implement 3. Operate & Manage 4. Monitor & Evaluate
A company's past year Annual Loss Expectancy (ALE) for a particular vulnerability was $50,000. New security measures were put in place which brought the current year's ALE down to $30,000. IF the annual cost of the security measure is $10,000, what is the current Cost Benefit Analysis (CBA) figure associated with this measure?
10,000
Asset A has been assigned a value of 50, a vulnerability likelihood of 0.5, and a current control that addresses 50% of the risk. What would be its determined risk rating factor value (assume uncertainty of 20%)?
17.5
If an asset has a value of 30 and a vulnerability with a 0.75 likelihood, what is the risk factor?
22.5
What is the difference between a Recovery Time Objective and a Recovery Point Objective? Select the best answer.
An RTO deal with the amount of time until an operation or service is made available after a disaster while an RPO deals with how current data backups are.
A countermeasure is: (select the best answer)
An action, process, device, or system that prevents or mitigates threats
How is a challenge/response protocol utilized with token device implementations?
An authentication service generates a challenge, and the smart token generates a response based on the challenge
Match the following business continuity plans with their respective purpose or scope.
CMP = Addresses human issues and communication with personnel and public DRP = Procedures to recover from a disaster IRP = Focus is on immediate responses to incidents affecting systems and/or networks BCP = Procedures for the relocation of business functions to an alternate site
Match the following frameworks with the phrase that best describes each.
COBIT = Framework for IT Governance COSO = Used by many organizations with Sarbanes-Oxley requirements ISO 17799 = Plan, Do, Check, Act SABSA = Focuses on Business processes and slices organizations up into process layers ISO 27001 = Considered best practices for controls and improving Information Security Management Systems
Which of the following would not be considered an information security related planning framework?
COBOL Top-Down
What do the following SQL statements do? CREATE ROLE committee; GRANT SELECT ON invite-table TO committee; GRANT committee to Mary;
Creates a role called "committee" and grants the role the select privilege on the invite-table. Then it grants the role to Mary.
What is the difference between disaster recovery (DR) and business continuity (BC)? Select the best answer.
DR focuses on resuming at the primary site. BC focuses on an alternate site
Documentation on the structure of database tables, the fields in the tables and key linkage between tables is typically known as:
Database Schema
Match the following BC storage options.
Database Shadowing: Remote storage of database and transactions in real time Electronic Vaulting: bulk batch transfer of data to off-site location Remote Journaling: Remote storage of transactions only
Which access control method is user-directed?
Discretionary
Which model implements access control matrices to control how subjects interact with objects?
Discretionary
Disaster Recovery and Business Continuity are never executed concurrently.
FALSE
Which of the following would not be a goal of Disaster Recovery Planning?
Ensure an alternate site as adequate resources to facilitate operations
Which of the following would not be considered attacker motivation?
Errors and omissions
Which of the following would not be a step in log management planning? Select the best answer.
Establish operational backup procedures
A Business Continuity Plan focuses on recovering operations at an organization's primary site.
FALSE
A Key Risk Indicator (KRI) is a measurement of how well something is doing.
FALSE
A SETA program is geared towards implementing technology countermeasures.
FALSE
A metric is a point-in-time view of specific factors generated from raw data whereas a measurement is the comparison of predetermined baselines of two or more factors taken over time.
FALSE
AES is a stronger block encryption cipher than DES because it uses variable block sizes and a key length of up to 256 bits.
FALSE
After Hurricane Katrina, it took Oreck Corporation over 6 months until they were able to get business functioning.
FALSE
Application data encryption and compression requirements are a function of OSI layer 1.
FALSE
As a sound security practice, wireless networks should always broadcast the SSID so that user can see it and connect to it.
FALSE
As contingency measures become more highly available, the cost and degree of complexity tend to decrease.
FALSE
Awareness training is an insight level of increasing one's understanding regarding why something happens.
FALSE
Business continuity planning is that done for dealing with daily technology and security incidents.
FALSE
Business drivers are high-level concerns based on tactical goals and objectives of the organization.
FALSE
Match the following continuity site strategies with their respective descriptions.
Hot Site = Fully configured computer facility with all services Service Bureaus = Agencies that provide physical facilities Mutual Agreement = Contract of assist between two organizations Warm site = Functional site but without applications and not kept fully prepared. Cold site = Rudimentary services and facilities
Match the terms with their corresponding definitions.
Hot site: fully configured computer facility with all services, communication links, and physical plant operations Warm Site: fully functional site without up-to-date configurations and applications Time-Share: a site leased in conjunction with a business partner or sister organization Mutual Agreement: contract between two organizations for each to assist the other in the event of a disaster Cold Site: provides only rudimentary services and facilities
A policy describing the protection of privacy would be which type of policy?
Issue-Specific Security Policy
Why is an alert roster important in incident response? (select the best answer)
It allows the organization to alert the right people in the correct order.
Which of the following is NOT true of Symmetric encryption?
It is not as efficient as Asymmetric encryption
Why is a Business Impact Analysis important to contingency planning? Select the best answer.
It provides an assessment of the impact of various attacks on operations and ability to recovery from such attacks
What does the SQL statement "REVOKE ALL ON invite-table FROM Mary;" do?
It takes all privileges away from Mary on the invite-table
The specifications for Category 5E wire would be a concern at what layer of the OSI model?
Layer 1
Which of the following categories is not one considered in establishing log management policies? Select the best answer.
Log Retro-scheduling
Verifying the log frequency settings on a host generating required logs is part of which Log Source operational task?
Log generation
In what phase of the 6-phase planning cycle are countermeasures and controls deployed?
Phase 4
Which of the following is not a phase of the 6-phase planning approach?
Physical Site
Which of the following is not a characteristic of block ciphers?
Plain text is transformed one digit at a time
Which of the following would not be a typical duty of operational log management? Select the best response.
Plan log collections
Which of the following best represents the order regarding security policy formation?
Policy, standards, (practices, guidelines, procedures)
Which two of the following best describes the difference between CP and Risk Management? Select the best two answers.
Risk management encompasses the broad range of activities to identify, control, and mitigate risk & CP assumes that controls have failed and seeks to recover from such failures
Which access control policy is enforced when an environment uses a non-discretionary model?
Role based
Regarding an organization's manner of credit card processing. An organization uses a standalone dial-out terminal unit (which is not connected to other systems or the Internet), does not store card holder information, and keeps paper reports or receipts only. What Self Assessment Question (SAQ) and Scan Levels would it be required to comply with?
SAQ B and No Scan
Regarding an organization's manner of credit card processing. An organization uses a standalone dial-out terminal unit (which is not connected to other systems or the Internet), does not store card holder information, and keeps paper reports or receipts only.What Self Assessment Question (SAQ) and Scan Levels would it be required to comply with?
SAQ B and No Scan
Which of the following is a TCP handshake to open a connection?
SYN - SYN/ACK - ACK
Match the OSI layers with their descriptions.
Session = Application-to-Application connections Transport = Host-to-Host connections Physical = Electronic signals Data Link = Packet Framing Network = IP Routing Presentation = Compression, encryption, reformatting from applications Application = Service to applications
A LAN Attack does which of the following:
Sets the source and destination address of an IP packet to the same address
Which of the following is not true regarding the role of security planning?
Should be a bottom-up approach
Which of the following would not be an important consideration when designing a log management infrastructure? Select the best answer.
Size of Incident Response Team
If you wanted to hide a message, or digital image, within another image, what technique would you use?
Steganography
Match the Contingency Planning Steps with their descriptions.
Step 1 = Develop Contingency Planning Process Step 2 = Conduct BIA Step 3 = Identify Preventive Controls Step 4 = Develop Recovery Strategies Step 5 = Develop Contingency Plan Step 6 = Plan Testing and Training Step 7 = Plan Maintenance
Match the terms with their definitions.
Threat vector - the channel or mechanism used for attack Attack - exploit or circumvent control Vulnerability - exploitable weakness Threat - the possibility of an attack
Which architecture tier of log management infrastructures collects and aggregates log files? Select the best response.
Tier-2 Log Analysis and Storage
What is the primary role of the OSI network layer?
To ensure a network-bound data packet contains routable information
Match the risk strategies with the appropriate description.
Transference - purchasing insurance Acceptance - Do nothing Avoidance - Implementing Controls or Countermeasures Mitigation - Reduces impact of damage through planning
Match the following OSI layers with their data types.
Transport: Segments Network: Packets Data Link: Frames Physical: Bits Application: Data
What is derived from a passphrase?
Virtual password
Match the following planning precursors with their definitions.
Vision Statement: Articulates what the organization wants to look like. Value Statement: Statement of qualities and principles matched with benchmarks. Mission Statement: More explicit in declaring the business of the organization and intended operations.
Which of the following would not be considered software that would assist in managing logs?
Visual Studios Debugger
Which of the following would not be considered a log file category? Select the best answer.
Vulnerability scans
Asset A has a value of 50 and two vulnerabilities. Vulnerability 1 has a likelihood of 0.8 and no controls. Vulnerability 2 has a likelihood of 0.3 and a control that mitigates 40% of the vulnerability. Assuming an uncertainty level of 10%, what would the risk factor be for both vulnerabilities?
Vulnerability-1: 44 Vulnerability-2: 10.5
Which provides the best authentication?
What a person has and knows
A hacker gains access to an application that works with data in the database. The hacker is able to view and modify sensitive information. Before leaving, the hacker was able to elevate privileges and remove an index on a database table. the table became inaccessible. Which of the following best represents the database threats seen in this scenario?
confidentiality, integrity and availability
An error in a database stored procedure, used by the database administrator, accidentally dropped a system table. Within seconds the database was inaccessible. Which of the following bests represents the database threats seen in this scenario?
integrity and availability
What does the SQL statement "GRANT SELECT ON employee TO Tom;" do?
it allows Tom to view records in the employee table
Database flow control mechanisms primarily:
regulate the distribution of information between database objects
In cryptographic systems, the key space is:
the entire range of values that can possibly be used to construct and individual key