Pre-Test

¡Supera tus tareas y exámenes ahora con Quizwiz!

If Susan's organization requires her to log in with her username, a PIN, a password, and a retina scan, how many distinct authentication factor types has she used?

Two

Alejandro is an incident response analyst for a large corporation. He is on the midnight shift when an intrusion detection system alerts him to a potential brute-force password attack against one of the company's critical information systems. He performs an initial triage of the event before taking any additional action. If Alejandro's initial investigation determines that a security incident is likely taking place, what should be his next step?

Activate the incident response team

Which of the following is verification that a process has been completed according to the policy or plan?

Auditing

You are conducting a qualitative risk assessment for your organization. The two important risk elements that should weigh most heavily in your analysis of risk are probability and ...

impact

Which of the following cryptographic goals protects against the risks posed when a device is lost or stolen?

Confidentiality

Which of the following come under the CIA Triad?

Confidentiality, Integrity, Availability

What type of access control is intended to discover unwanted or unauthorized activity by providing information after the event has occurred?

Detective

Fred's company wants to ensure the integrity of email messages sent via their central email servers. If the confidentiality of the messages is not critical, what solution should Fred suggest?

Digitally sign but don't encrypt all messages

Alex's job requires him to see protected health information to ensure the proper treatment of patients. His access to thier medical records does not provide access to patient addresses or billing information. What access control concept best describes this control?

Need to know

Renee is using encryption to safeguard sensitive business secrets when in transit over the Internet. What risk metric is she attempting to lower?

Likelihood

What are the forms of the layers of an organization's function?

Logical elements Physical systems of elements Administrative elements

Which of the following are the key characteristics of informatoin?

- Privacy - Integrity - Confidentiality

In an organization, a dashboard provides which of the following aspects of a critical information infrastructure's security situation?

- Real-time and near-real-time incident information - Real-time and near-real-time indicators and warnings - Systems health information

You have identified the risks and then you need to mitigate those risks as you find it unacceptable. Once you treat the risks, you won't completely eliminate all the risks because it is simply not possible and therefore, some risks will remain at a certain level. This is a description of which of the following?

Residual risk

Elaine is developing a business continuity plan for her organization. What value should she seek to minimize?

RTO

Which one of the following metrics specifies the amount of time that business continuity planners find acceptable for the restoration of services after a disaster?

RTO

During a penetration test, Chris recovers a file containing hashed passwords for the system he is attempting to access. What type of attack is likely to succeed against the hashed passwords?

Rainbow table attack

Derek sets up a series of virtual machines that are automatically created in a completely isolated environment. Once created, the systems are used to run potentially malicious software and files. The actions taken by those files and programs are recorded and then reported. What technique is Derek using?

Sandboxing

Theresa is implementing a new access control system and wants to ensure that developers do not have the ability to move code from development systems into the production environment. What information security principle is she most directly enforcing?

Separation of duties

The preamble of the (ISC)2 Code of Ethics reminds us of which of the following?

All of these

Which of the following are the datacenter's logging and monitoring system activities that are worth raising alarm for any incident that might occur?

All of these

NIST, in its special publication 800-61r2, refines the mitigation phase by breaking it down into which of the following steps?

- Eradication - Containment

Which of the following come under the guidelines for use during computer forensic investigation?

- Identifying evidence - Examining or analyzing evidence - Collecting or acquiring evidence

How many nodes or hosts per network does a Class C address support?

256

Kay is selecting an application management approach for her organization. Employees need the flexibility to install software on their systems, but Kay wants to prevent them from installing certain prohibited packages. What type of approach should she use?

Blacklist

Ann is a security professional for a mid-sized business and typically handles log analysis and security monitoring tasks for her organization. One of her roles is to monitor alerts originating from the organization's intrusion detection system. The system typically generates several dozen alerts each day, and many of those alerts turn out to be false alarms after her investigation. This morning, the intrusion detection system alerted because the network began to receive an unusually high volume of inbound traffic. Ann received this alert and began looking into the origin of the traffic. Ann continues her investigation and realizes that the traffic generating the alert is abnormally high volumes of inbound UDP traffic on port 53. What service typically uses this port?

DNS

During troubleshooting, Chris uses the nslookup command to check the IP address of a host he is attempting to connect to. The IP he sees in the response is not the IP that should resolve when the lookup is done. What type of attack has likely been conducted?

DNS poisoning

Norm would like to conduct a disaster recovery test for his organization and wants to choose the most thorough type of test, recognizing that it may be quite disruptive. What type of test should Norm choose?

Full interuption

Kim wants to place a device on the outward-facing areas of the organization's network that may be broken into by an attacker so that she can evaluate the strategies that hackers are using on his systems. Which of the following would she use?

Honeypot

Javier is verifying that only IT system administrators have the ability to log on to servers used for administrative purposes. What principle of information security is he enforcing?

Least privilege

Lauren starts at her new job and finds that she has access to a variety of systems that she does not need to accomplish her job. This is a violation of which of the following?

Least privilege

During what phase of the incident response process would security professionals analyze the process itself to determine whether any improvements are warranted?

Lessons learned

Which of the following is special-purpose software that bridges functional and interface gaps between different systems, applications, or platforms?

Middleware

What are the four correct steps of the OODA loop?

Observe, Orient, Decide, and Act

Rick is an application developer who works primarily in Python. He recently decided to evaluate a new service where he provides his Python code to a vendor who then executes it on their server environment. What type of cloud computing environment is this service?

PaaS

What type of disaster recover test activates the alternate processing facility and uses it to conduct transactions but leaves the primary site up and running?

Parallel

Which of the following steps of the PDCA cycle is the process of laying out the step-by-step path we need to take to go from "where we are" to "where we want to be"?

Planning

Juniper Content is a web content development company with 40 employees located in two offices: one in New York and a smaller office in the San Francisco Bay Area. You are the newly appointed IT manager for Juniper Content, and you are working to augment existing security controls to improve the organization's security. You are concerned about the availability of data stored on each office's server. You would like to add technology that would enable continued access to files located on the server even if a hard drive in a server fails. Which of the following will help in accomplishing the task?

RAID

Ben needs to verify that the most recent patch for this organization's critical application did not introduce issues elsewhere. What type of testing does Ben need to conduct to ensure this?

Regression testing

The common vulnerabilities and exposures (CVE) data and your own vulnerability assessments indicate that many of your end-user systems do not include recent security patches released by the software vendors. You decide to bring these systems up to date by applying these patches. This is an example of which of the following?

Remediating or mitigating a risk

Which formula is used to determine risk?

Risk = Threat * Vulnerability

Tom is conducting a business continuity planning effort for Orange Blossoms, a fruit orchard located in Central Florida. During the assessment process, the committee determined that there is a small risk of snow in the region but that the cost of implementing controls to reduce the impact of that risk is not warranted. They elect to not take any specific action in response to the risk. What risk management strategy is Orange Blossoms pursuing?

Risk acceptance

Tamara recently decided to purchase cyber-liability insurance to cover her company's costs in the event of a data breach. What risk management strategy is she pursuing?

Risk transferance

Ann is a security professional for a mid-sized business and typically handles log analysis and security monitoring tasks for her organization. One of her roles is to monitor alerts originating from the organization's intrusion detection system. The system typically generates several dozen alerts each day, and many of those alerts turn out to be false alarms after her investigation. This morning, the intrusion detection system alerted because the network began to receive an unusually high volume of inbound traffic. Ann received this alert and began looking into the origin of the traffic. At this point in the incident response process, what term best describes what has occurred in Ann's organization?

Security event

What type of attack would the following precautions help prevent? - Requesting proof of identity - Requiring callback authorizations on voice-only requests - Not changing passwords via voice communications

Social engineering

During which of the following disaster recovery tests does the team sit together and discuss the response to a scenario but not actually activate any disaster recovery controls?

Structured walk-through

Andrew believes that a digital certificate belonging to his organization was compromised and would like to add it to a Certificate Revocation List. Who must add the certificate to the CRL?

The certificate authority that issued the certificate.

What type of alternate processing facility contains the hardware necessary to restore operations but does not have a current copy of data?

Warm site

Stella is using a phishing attack to masquerade a senior player of an organization and directly targeting other important individuals of the organization with the aim of stealing money or sensitive information. Which type of phishing attack is she using?

Whaling

Which of the following is an exploitation of a newly discovered vulnerability before that vulnerability is discovered by or reported to the developers, vendors, or users of the affected system?

Zero-day


Conjuntos de estudio relacionados

OSHA: Recommended Procedures and Control Measures

View Set

Chapter One/Two Social Work Research

View Set

NCLEX-PN: Nutritional Components of Care questions

View Set

Respiratory Disorders - Pharmacology

View Set

A Level Biology- The effects of CF on the airways and other body systems, Topic 2

View Set

Questions parentales Textbook Votre père est très curieux. Trouvez les questions qu'il pose. Utilisez le verbe aller et suivez (follow) le modèle.

View Set

Palo Alto All Post Exams Questions

View Set