MIST 5785 All Quizzes for Midterm
CIA Triad Includes _______. -Availability -Accountability -Integrity - Confidentiality
- Availability -Integrity - Confidentiality
The seven domains of a typical IT infrastructure include ___________________________. -System/Application domain -router domain -workstation domain -LAN-to-WAN domain
-System/Application domain -workstation domain -LAN-to-WAN domain
Juan's web server was down for an entire day last September. It experienced no other downtime during that month. Which one of the following represents the web server's availability factor for that month? 3.33% 96.67% 0.04% 99.96%
96.67%
Alan is evaluating different biometric systems and is concerned that users might not want to subject themselves to retinal scans due to privacy concerns. Which characteristic of a biometric system is he considering?
Acceptability
What policy, provide by a typical ISP, should be read and understood before performing any port scanning outside of your private network? -Acceptable Use Policy -ISP Security Policy -Hacking Policy -Port Scanning Policy
Acceptable use Policy
Ed wants to make sure that his system is designed in a manner that allows tracing actions to an individual. Which phase of access control is Ed concerned about? Authorization Identification Authentication Accountability
Accountability
Which of the following is a form of OS fingerprinting that involves actively requesting information from a target system? Active fingerprinting Banner fingerprinting Network fingerprinting
Active fingerprinting
In what type of attack does the attacker take over an established session between two parties and then interacts with the remaining party as if the attacker were the party that has been disconnected? -Passive session hijacking -Passive sniffing -Active session hijacking -Active sniffing
Active session hijacking
What type of sniffing takes place on networks that have connectivity hardware that is "smarter" or more advanced, such as those with a switch? Passive sniffing Promiscuous sniffing Hub sniffing Active sniffing
Active sniffing
Alice would like to send a message to Bob using a digital signature. What cryptographic key does Alice use to create the digital signature?
Alice's private key
Bob received a message from Alice that contains a digital signature. What cryptographic key does Bob use to verify the digital signature?
Alice's public key
During which phase of the access control process does the system answer the question,"What can the requestor access?" Authorization Identification Accountability Authentication
Authorization
Alice would like to send a message to Bob securely and wishes to encrypt the contents of the message. What key does she use to encrypt this message? Alice's private key Alice's public key Bob's public key Bob's private key
Bob's public key
Which type of password attack attempts all possible combinations of a password in an attempt to guess the correct value? Rainbow table attack Brute-force attack Dictionary attack Social engineering attack
Brute-force attack
Which of the following statements is NOT true regarding passive sniffing?
Passive sniffing works only when the traffic you wish to observe and the station that will do the sniffing are in different collision domains (*should be in same collision domains*)
Which one of the following is an example of a logical access control? Key for a lock Fence Password Access card
Password
Which of the following is NOT an advantage of biometric systems? -Biometrics are hard to fake. -Physical characteristics may change. -Users do not need to remember anything. -Biometrics require physical presence.
Physical characteristics may change
Which of the following is a distributed denial of service (DDoS) attack in which the attacker sends a large number of ping packets with the intent of overwhelming a victim? SYN flood Reflected attack Teardrop attack Ping flood
Ping flood
Which element of the security policy framework requires approval from upper management and applies to the entire organization? Policy Standard Guideline Procedure
Policy
Chris is writing a document that provides step-by-step instructions for end users seeking to update the security software on their computers. Performing these updates is mandatory. Which type of document is Chris writing? Procedure Standard Policy Guideline
Procedure
If you work for a company as a security professional, you will most likely be placed on a special team that will conduct penetration tests. What is the standard name for a team made up of security professionals? Red team Pen team Blue team Security team
Red team
Which of the following statements is true when using SSH to remotely access a Cisco router? -SSH encrypts the data transmission between the SSH client and the SSH host to maintain confidentiality. -The rest of the SSH conversation is unencrypted, making the username and password visible. -None of the packets related to the SSH session can be viewed. -Wireshark is unable to capture the password in clear text.
SSH encrypts the data transmission between the SSH client and the SSH host to maintain confidentiality.
What type of testing procedure involves the tester(s) analyzing the company's security policy and procedures, and reporting any vulnerabilities to management? Security test Hacking test Ethical hacking test Penetration test
Security test
Tomahawk Industries develops weapons control systems for the military. The company designed a system that requires two different officers to enter their access codes before allowing the system to engage. Which principle of security is this following -Separation of duties -Security through obscurity -Least privilege -Need to know
Separation of duties
Which one of the following is a better example of two-factor authentication? -Password and security questions -Smart card and personal identification number (PIN) -Personal identification number (PIN) and password -Token and smart card
Smart card and personal identification number (PIN)
Yolanda discovered that a botnet infected several systems on her network. Which of the following activities is not a likely use of the botnet? -Information theft -Denial of service attacks -Social engineering -Click fraud
Social engineering
Which element of the IT security policy framework provides detailed written definitions for hardware and software and how they are to be used? Standard Policy Procedure Guideline
Standard
Which type of TCP scan is the most reliable but also the easiest to detect? TCP SYN scan TCP connect scan TCP NULL scan TCP FIN scan
TCP connect scan
Which of the following statements is NOT true regarding distributed denial of service (DDoS) attacks?
The attack is easily tracked back to its true source (*not easily tracked back to its true source because of the number of systems and devices involved*)
Which of the following statements is true regarding asymmetrical encryption? -The receiver obtains the needed key from the sender or through a trusted third party, such as a certificate server. -The sender encrypts with his/her public key and the receiver decrypts using the sender's private key. -It is quite fast and generally easier to implement than symmetric cryptography. -It does not guarantee the authenticity of the sender.
The receiver obtains the needed key from the sender or through a trusted third party, such as a certificate server.
Which term describes any action that could damage an asset?
Threat
Which classification level is the highest level used by the US federal government?
Top Secret
Which type of cipher works by rearranging the characters in a message? Steganographic Substitution Asymmetric Transposition
Transposition
Single sign-on (SSO) can provide for stronger passwords because with only one password to remember, users are generally willing to use stronger passwords.
True
T/F: A substitution cipher replaces bits, characters, or blocks of information with other bits, characters, or blocks.
True
T/F: An algorithm is a repeatable process that produces the same result when it receives the same input.
True
T/F: Content addressable memory (CAM) is the memory present on a switch, which is used to build a lookup table.
True
T/F: Digital signatures require asymmetric key cryptography.
True
T/F: For businesses and organizations under recent compliance laws, data classification standards typically include private, confidential, internal use only, and public domain categories.
True
T/F: Log files are records that detail who logged on to a system, when they logged on, and what information or resources they used.
True
T/F: Promiscuous mode is a special mode that a network card can be switched to that will allow the card to observe all traffic that passes by on the network segment.
True
What is NOT an effective key distribution method for plaintext encryption keys? Unencrypted email Smart card CD Paper
Unencrypted email
Which one of the following is NOT a commonly accepted best practice for password security? -Include a mixture of uppercase characters, lowercase characters, and numbers in passwords. -Do not include usernames in passwords. -Include a special character in passwords. -Use at most six alphanumeric characters.
Use at most six alphanumeric characters.
What is the process of locating wireless access points and gaining information about the configuration of each? Wardriving Port scanning Wardialing Pinging
Wardriving
If you and another person want to encrypt messages, what should you provide that person with?
Your public key
What do others need to decrypt files that you have encrypted with your private key?
Your public key
Betty receives a cipher text message from her colleague Tim. What type of function does Betty need to use to read the plaintext message? -Decryption -Validation -Hashing -Encryption
Decryption
Gary would like to choose an access control model in which the owner of a resource decides who may modify permissions on that resource. Which model fits that scenario? Role-based access control (RBAC) Mandatory access control (MAC) Rule-based access control Discretionary access control (DAC)
Discretionary access control (DAC)
Harold is performing a penetration test and would like to force a switch to fall back to forwarding mode. Which of the following attacks would be most helpful to Harold in meeting his goal? Active sniffing ARP spoofing Passive sniffing MAC flooding
MAC flooding
Which one of the following measures the average amount of time that it takes to repair a system, application, or component? -Mean time to repair (MTTR) -Recovery time objective (RTO) -Mean time to failure (MTTF) -Uptime
Mean time to Repair (MTTR)
Media Access Control (MAC) flooding and Address Resolution Protocol (ARP) poisoning are _______. -types of promiscuous modes -methods of placing stations in separate collision domains -forms of passive sniffing -methods of active sniffing
Methods of active sniffing
When Patricia receives a message from Gary, she wants to be able to demonstrate to Sue that the message actually came from Gary. What goal of cryptography is Patricia attempting to achieve? Nonrepudiation Integrity Availability Confidentiality
Nonrepudiation
Which type of authentication includes smart cards? -Ownership -Action -Knowledge -Location
Ownership
Countermeasures to thwart footprinting of an organization's website include all of the following except ________. -making mentions of applications, programs, and protocols used by the company nondescript. -removing email addresses, phone numbers, and employee names. -removing potentially sensitive or restricted information. -adding unnecessary information to the website to throw attackers off the trail.
adding unnecessary information to the website to throw attackers off the trail.
Consumption of bandwidth, consumption of resources, and exploitation of programming defects are the three broad categories of ________. botnets denial of service (DoS) attacks session hijacking sniffing
denial of service (DoS) attacks
All of the following actions can be helpful in thwarting session hijacking attacks except ________. -employing operating systems that create predictable sets of sequence numbers -using an intrusion detection system (IDS) that can watch for suspicious activity -using encryption to make it difficult for attackers to see what is being transmitted -configuring routers to block spoofed traffic from outside the protected network
employing operating systems that create predictable sets of sequence numbers
Bits that are set in the header of a packet, each describing a specific behavior, are called _______" id="question_36352963">Bits that are set in the header of a packet, each describing a specific behavior, are called _______ pings flags banners probes
flags
Denial of service (DoS) and distributed denial of service (DDoS) attacks have the same effect. However, a DDoS attack ________. -involves accessing a system of computers without authorization -involves intentional deception designed to produce illegal financial gain or to damage another party -is launched from large numbers of hosts that have been compromised -is software written with a deliberate purpose to cause damage, destruction, or disruption
is launched from large numbers of hosts that have been compromised
Shoulder surfing, keyboard sniffing, and social engineering are considered ________. -dictionary attacks -hybrid password attacks -technical password attacks -nontechnical password attacks
nontechnical password attacks
Botnets are used to perform all of the following attacks except ________. -stealing information -distributed denial of service (DDoS) attacks -passive session hijacking -transmitting spam and other bogus information on behalf of their owner
passive session hijacking
T/F: Content-dependent access control requires the access control mechanism to look at the data to decide who should get to see it.
true
T/F: A brute-force attack tries passwords that are pulled from a predefined list of words.
False
T/F: A private key cipher is also called an asymmetric key cipher.
False
T/F: Cryptographic key distribution is typically done by phone.
False
T/F: Most networks and protocols are inherently secure, making them difficult to sniff
False
T/F: Passphrases are less secure than passwords.
False
T/F: The four central components of access control are users, resources, actions, and features.
False
T/F: You must always use the same algorithm to encrypt information and decrypt the same information.
False
Which element of the security policy framework offers suggestions rather than mandatory actions? Policy Standard Guideline Procedure
Guideline
What type of function generates the unique value that corresponds to the contents of a message and is used to create a digital signature? Encryption Decryption Elliptic curve Hash
Hash
Bob recently accepted a position as the information security and compliance manager for a medical practice. Which regulation is likely to most directly apply to Bob's employer? -Children's Internet Protection Act (CIPA) -Gramm-Leach-Bliley Act (GLBA) -Health Insurance Portability and Accountability Act (HIPAA) -Federal Information Security Management Act (FISMA)
Health Insurance Portability and Accountability Act (HIPAA)
Gary is sending a message to Patricia. He wants to ensure that nobody tampers with the message while it is in transit. What goal of cryptography is Gary attempting to achieve?
Integrity
Rachel is investigating an information security incident that took place at the high school where she works. She suspects that students may have broken into the student records system and altered their grades. If correct, which one of the tenets of information security did this attack violate? Accountability Integrity Availability Nonrepudiation
Integrity
