Security+ Unit4-Chapter 10-12
what major organization monitors and tracks viruses and provides regular reports on their website
CERT one of the more helpful sites to visit to get the status of the latest viruses is that one of the CERT organization. CERT monitors and track viruses and provides regular reports on this site. The CERT is an organization that track and reports on computer and network security threats
which U.S regulation dictates that educational institutions may not release information to unauthorized parties without the express permission of the student
FERPA The Family Education Right and Privacy Act (FERPA) dictates that educational institutions may not release information to unauthorized parties without the express permission of the student or in the case of a minor
which specification is a fairly accurate estimation of how long a component will last
MTBF mean time between failures is the average length of time a component will last, given average use. Usually, this number is given in hours or days
what wireless technology can you use keep track of equipment or inventory?
RFID radio frequency identification refers to a wireless system comprised of two components tags and readers. the reader is a device that has one or more antennas that emit radio waves and receive signal back from the RFID tag.tags, which use radio waves to communicate their identity and other information to nearby reader, can be passive or active.
What is the process of preventing electronic emissions from your computer system from being used to gather intelligence and preventing outside electronic emissions from disrupting your information processing abilities
Shielding
what is the process of securing evidence and keeping track of where it is stored and who has access to it
Chain of custody chain of custody cover how evidence is secured, where it is stored and who has access to it
A____is a facility that isn't immediately ready to use so the organization using it must bring along its equipment and network
Cold site
why are SCADA systems susceptible to attacks if not properly protected
SCADA systems were traditionally on dedicated isolated networks and relied on physical security for access control SCADA (supervisory control and data acquisition) refers to equipment often used to manage automated factory equipment, dams ,power generatiors, and similar equipment.
which of the following types of interoperability agreements defines the level of service to be provided
SLA
which of the following types of interoperability agreements defines the level of service to be provided
SLA SlA: the Service level agreement the SLA defines the level of service to be provided
which of the following is an example of encouraging someone to click on a link to receive a limited number of new tablets
Scarcity scarcity is convincing the person who is being tricked that there is a limited supply of something can often be effective if carefully done. Ex, convincing them that there are only one hundred vaction requrests that will be honored for the entire year and that they need to go to a fictitiou website now and fill out their informtion
what contains a complete and accurate list of all devices assigned to each user
asset tracking it can be as simple as a serial number etched in the device or as complex as GPS locator. Related to this is inventory control. A complete and accurate list of all devices is an integral part of mobile device management
reasons that social engineering attacks can be successful
autheority intimidation familiarity
what do you call a security device that uses some biological characteristic of human being to uniquely identify a person for authentication
biometric biometric security device use the unique identifying characteristics of the human body like fingerprints
types testing that penetration tester use
black box gray box white box
what type of tester has absolutely no knowledge of the system and is functioning in the same manner as an outside attacker
black box testing black box the tester has absolutely no knowledge of the system and is functioning in the same manner as an outside attacker
what works well when an extended outage is anticipated
cold site a cold site is a facility that isn't immediately ready to use. the organization using it must bring along its equipment and network; the site provided a place for operations to resume, but it doesn't provide the infrastructure to support those operations. cold sites work well when an extended outage is anticipated
what is the process for establishing boundaries for information sharing known as
compartmentalization compartmentalization is the process of establishing information sharing boundaries for use in protecting information
which security goal prevents the unauthorized disclosure of information across a network
confidentiality confidentiality may be intended to prevent the unauthorized disclosure of information in a local network or to prevent the unauthorized disclosure of information across a network
which backup backs up any files that have been altered since the last full backup
differential a differential back up is similar in function to an incremental backup but it back up any files that have been altered since the last full backup; it makes duplicate copies of files that haven't changed since the last differential backup
what type of policies are designed to protect client records and information
due care due care policies are designed to protect client records and information. Ex, because you did not exercise due care over a clients records and information their information could be compromised
which of the following are necessary to back up
email files registry databases
what refers to the process of reconstructing a system or switching over to other systems when a failure is detected
failover failover refers to the process of reconstructing a system or switching over to other systems when a failure is detected
at which system level should a snapshot be taken to retain the most information
file level taking a snapshot at the file level will yield the most infromation
which of the following is not an internal threat
flood burglar fire
what can be implemented by applying physical security modifications to secure the system
hardware locks hardware security involves applying physical security modification to secure the system an preventing them from leaving the facility. don't spend all of your time worrying about intruders coming through the network wire while overlooking the obvious need for physical security
type of policy that includes background searches
hiring policy hiring policies determine what is done during the hiring of an individual, including background searches
in the incident response phase, what is the first step in determining what has occurred in your organization
identification incident response policies define how an organization will respond to an incident. these policies may involve third parties, and they need to be comprehensive
what is the first step in the incident response cycle
incident identification in the incident response cycle, the first step is to identify the incident and determine if it is an incident, or just a false positive
what technique should you incorporate to combat vulnerabilities in a critical industrial system while supporting availability
incorporating diversity into redundant design
type of policy determines if information is secret, top-secret, or public
information classification policies information classification involves determining whether information is for internal use only or for public distribution or anywhere in between
which type of social engineering attack uses guilt as a means to obtaining information
intimidation intimidation although authority can be a source of intimidation it is possible for intimidation to occur in its absence as well. this can be done with threats, with shouting or even with guilt
why should companies be concerned with users connecting their personal devices to a company network
lack of control in place to ensure that the devices have the latest system patches and signature files BYOD (Being Your Own Device) refers to employees bringing their personal devices into the corporate network environment.
what are examples of physical security
locking a door security camera
which of the following training metrics can be used to confirm the success of a new security program recently implemented
metrics you must follow up and gather training metrics to validate compliance and security posture. by training metrics, we mean some quantifiable method for determining the efficacy of training.
which of the following two options is used to identifiy an attacker beyond reasonable doubt through the digital signature in the malware used in an attack
non repudiation hashing
what is the worst thing that can happen when company employees are allowed access to popular social media sites
password breaches to the social media site affect the company application as well many companies allow full use of social media in the workplace, believing that the marketing opportunities it hold outweigh any loss in productivity.
which type of testing will use the same techniques a hacker would use to find any flaws in your system security
penetration penetration testing and vulnerability testing are very similar. one difference between the two is that while penetration testing tries a lot of things, vulnerability testing traditionally tries only one program-vulnerability scanner
what does a key aspect of access control involve
physical barriers a key aspect of access control involves physical barriers. he objective of a physical barrier is to prevent access to computers and network systems. the most effective physical barrier implementation require that more than one physical barrier be crossed to gain access.
what provides rules for expected behaviors to people in a organization
policies policies provide rules for expected behaviors within an organization
which phase of the incident response process is used to define and implement the general step to be taken against spam attacks
preparation
goals of information security
prevention detection response
what does auditing ensure so that these items are carried out in a manner consistent with organizational standards
regulations policies procedures
what are two ways that private information can be classified
restricted internal use
what is the term for an area in a building where access is individually monitored and controlled
security zone a security zone is a area within a building where access is monitored and controlled
what specifiles the level of service a service provider (like an ISP) is willing to agree to, for a price
service level agreement service level agreements specify what level of service a service provider is willing to agree to for a price
what is the process of hiding a message in a medium such as a digital image, audio file, or other file?
steganography steganography is the process of hiding a message in a medium such as a digital image, audio file, or other file. the steganography process prevents typical users from detecting the hidden message
a disgruntled employee broke the card reader for the business unit. after this occurred, the electronic locks on the business unit room released. what caused this to occur
system was designed to fail open for life safety
which fire extinguisher type is the best to be used on flammable metals
type d use flammable metal
when a rogue employee has significant knowledge of your system, what type of testing is this
white box with a white box tester - the tester has significant knowledge of your system. this simulates an attack from and insider-a rogue employee