Vargas Final Ch.8-15
Which of the following best describes a dual-homed ISP connection? A) An ISP connection using two firewalls. B) Connecting two LANs to the Internet using a single ISP connection. C) A network that maintains two ISP connections. D) Using two routers to split a single ISP connection into two subnets.
A network that maintains two ISP connections.
Background Check
A process to uncover any evidence of past behavior that might indicate a prospect is a security risk.
What does it mean when there are differences between the last security configuration baseline and the current security configuration settings? A) Unauthorized changes have occurred. B) Authorized changes have occurred. C) Changes have occurred (either authorized or unauthorized). D) Unapproved changes are awaiting deployment.
Changes have occurred (either authorized or unauthorized)
Business Drivers
Components including people, information, and conditions, that support enterprise objectives.
Which type of agreement can protect the ability to file a patent application? A) Relinquish Ownership Agreement B) Security Clearance Waiver C) Background Check Agreement D) Confidentiality Agreement
Confidentiality Agreement
Which type of control only reports that a violation has occurred? A) Preventative B) Detective C) Corrective D) Restorative
Detective
RACI Matrix
Documents tasks and personnel responsible for the assignments. R- Responsible A- Accountable C- Consulted I- Informed
________ cabling provides excellent protection from interference but can be expensive.
Fiber optic
Which type of network devices is most commonly used to filter network traffic? A) Router B) Firewall C) Switch D) IDS
Firewall
The __________ property of the C-I-A triad provides the assurance the information cannot be changed by unauthorized users.
Integrity
Which security-related act requires organizations to protect all personal medical information? A) HIPAA B) GLBA C) SOX D) SCM
HIPAA
Which of the following is the process of verifying credentials of a specific user? A) Authorization B) Identification C) Authentication D) Revocation
Identification
Which of the following best describes the purpose of auditing? A) It finds the root causes of violation issues. B) It assists investigators in identifying blame for violations. C) It verifies that systems are operating in compliance. D) It searches for hidden unacceptable use of IT resources.
It verifies that systems are operating in compliance
Detective Controls
Mechanisms such as motion detectors or usage log analysis tools, recognize when an undesired action has occurred.
Which of the following controls would comply with the directive to limit access to payroll data to computers in the HR department? A) User-Based authorization B) Group-based authorization C) Media Access Control-based authorization D) Smartcard-based authorization
Media Access Control-based authorization
Which of the following describes a common LAN protocol deployed to a network the size of a city? A) IPSec Man B) Urban Ethernet C) TCP MAN D) Metro Ethernet
Metro Ethernet
The _________ feature speeds up routing network packets by adding a label to each packet with routing information.
Multi-Protocol Label Switching (MPLS)
Which of the following is a solution that defines and implements a policy that describes the requirements to access your network? A) NAC B) NAT C) NIC D) NOP
NAC
When using a DAC, a subject must possess sufficient clearance as well as ________ to access an object.
Need to Know
A(n) _________ is a dedicated computer on a LAN that runs network management software.
Network Monitoring Platform (NMP)
Which of the following is a series of individual tasks that users accomplish to comply with one or more goals? A) Policy B) Standard C) Procedure D) Guideline
Procedure
What are the types of malware? (Select two) A) Programs that actively spread or infect B) Programs that slow down data transfer C) Programs that cause damage D) Programs that hide
Programs that actively spread or infect Programs that hide
A(n) ________ makes requests for remote services on behalf of local clients.
Proxy server
Which access control method is based on granting permissions? A) DAC B) MAC C) RBAC D) OAC
RBAC
Security Procedure
Refers to individual tasks users must complete to comply with one or more security standards.
Separation of Duties
Requires that users from at least two distinct riles be required to accomplish any business-critical task.
Using a RACI matrix, which attribute refers to the party that actually carries out the work? A) Responsible B) Accountable C) Consulted D) Informed
Responsible
Which of the following terms ensures at least two people must perform a series of actions to complete a task? A) Separation of Duties B) Least Privilege C) Need to Know D) User Clearance
Separation of Duties
The ________ contains the guaranteed availability for your WAN connection.
Service Level Agreement (SLA)
If you only have one connection to the Internet and that connection fails, your organization loses its Internet connection. This is an example of a(n) _________ .
Single point of failure
Which of the following is a collection of requirements the users must meet? A) Policy B) Standard C) Procedure D) Guideline
Standard
What condition must exist for a background check to be governed by FCRA? A) The investigation includes credit history. B) The investigation is performed by a third party. C) The investigation is performed by the prospective employer. D) The investigation includes criminal history.
The investigation is performed by the prospective employer.
Matrix (R)aci:
The person who actually performs the work to accomplish the task. May be multiple people.
Matrix rac(I):
The person who desires to be kept up to date on a task's progress. May be multiple people.
Matrix r(A)ci:
The person who is accountable for the proper completion of the task. Likely the R's manager.
How can some smart routers attempt to stop a DoS attack in progress? A) They can alert an attack responder. B) They can log all traffic coming from the source of the attack. C) They can terminate any connections with the source of the attack. D) They can reset all connections.
They can terminate any connections with the source of the attack.
Which of the following would be the best use for a packet sniffer? A) To approve or deny traffic based on the destination address. B) To encrypt confidential data. C) To analyze packet contents for known inappropriate traffic. D) To track configuration changes to specific LAN devices.
To analyze packet contents for known inappropriate traffic.
A distributed application is one in which the components that make up the application reside on different computers. True or False
True
Descretionary access control is based on roles and granted permissions. True or False
True
Even the newest wireless protocols are slower than using high-quality physical cable. True or False
True
You should back up LAN device configuration settings as part of a LAN backup. True or False
True
A _________ makes it easy to establish what appears to be a dedicated connection over a WAN.
Virtual Private Network (VPN)
Many organizations use a(n) ________ to allow remote users to connect to internal network resources.
Virtual Private Network (VPN)
Some attackers use the process of ________ to find modems that may be used to attack a computer.
War dialing
Mandatory Access Control (MAC)
When the operating system makes the decision to grant or deny access to any data object by matching the object's classification on the user's clearance.
Discretionary Access Control (DAC)
When you define permissions based on roles, or groups, you allow object owners and administrators to grant access rights.
A ________ is a type of malware that is a self-contained program that replicates and sends copies of itself to other computers.
Worm
Contractors
A group within the user domain. This group may bring specialized skills to an organization, but they also pose potential risks. (Some trust is neccesary/ Parital Access)
Guests/ Third Parties
A group within the user domain. This group may have no duties related to sensitive information, but might still have access to an organization's network. (Least trusted/ Limited Access)
Security Policy
A high-level statement that defines an organization's commitment to security and the definition of a secure system.
Which of the following best describes the term honeypot? A) A server that is deliberately set up in an unsecure manner to attract attackers. B) A server that contains extremely sensitive data. C) A collection of computers that are vlunerable to attack and could allow your network to be compromised. D) Vulnerable servers in your network that would not be dangerous if compromised.
A server that is deliberately set up in an unsecure manner to attract attackers.
Acceptable Use Policy (AUP)
A statement for each type of user that serves as a training guide and direction document for other controls.
Human Resources (HR) Manuals
A type of documentation within the user domain. Includes security awareness, education, and documentation of an organization's policies and procedures. Provides information on how people within an organization should conduct themselves in any situation.
Email AUPs
A type of documentation within the user domain. Provides guidance and defines proper/improper use of an organization's email.
Internet AUPs
A type of documentation within the user domain. Provides guidance and defines proper/improper use of an organization's internet.
IT asset AUPs
A type of documentation within the user domain. Provides guidance for personnel on proper use of resources.
Which of the following is the process of providing additional private credentials that match the user ID or username? A) Authroization B) Identification C) Authentication D) Revocation
Authentication
Preventative Controls
Mechanisms such as locked doors or computer access controls, keep an undesired action from happening.
Which of the following is commonly the primary security control for data entering LAN-to-WAN Domain? A) Filtering B) NAT C) Encryption D) Address Validation
Filtering
Corrective Controls
Mechanisms such as the procedure to remove viruses or a firewall to block an attacking system, repair damage caused by an undesired action and limit further damage.
Which of the following devices repeats input received to all ports? A) Switch B) Hub C) Gateway D) Router
Hub
Which department should take lead in User Domain compliance accountability? A) Information Technology B) Information Security C) Human Resources D) Security
Human Resources
Which of the following devices detect potential intrusions? (Select two) A) Firewall B) IPS C) IDS D) Load Balancer
IPS and IDS
Which of the following terms defines a strategy in which you grant access that allows a suer to complete assigned tasks and nothing else? A) Separation of Duties B) Least Privilege C) Need to Know D) User Clearance
Least Privilege
Which WAN technology is a cost effective solution for connecting multiple locations? A) MPLS B) ISDN C) MAN D) L2TP
MPLS
Which LAN device commonly has the ability to filter packets and deny traffic based on the destination address? A) Router B) Gateway C) Hub D) Switch
Router
Which of the following is an internal control report for the services provided by a service provider? A) SLA B) WAN C) SOC D) MPLS
SOC
Need to Know
Simply means you have a need to access an object to do your job. Supports least privilege.
Why is mapping a LAN a productive exercise? A) Visual maps help to identify unnecessary controls. B) Visual maps help in understanding your LAN design. C) A LAN map is required before physically installing any hardware or connection media. D) A visual map is the only way to define paths between devices.
Visual maps help in understanding your LAN design.
A(n) __________ can exclude unnecessary traffic from the WAN.
WAN optimizer
Who writes SLAs? A) Subscribing organization B) Telecom Company C) WAN service provider D) SOC
WAN service provider
Which entity is responsible for controlling access to network traffic in the WAN? A) WAN optimizer B) Your organization C) WAN service provider D) Network management platform
Your organization
A successful DoS attack violates the ________ property of C-I-A.
Availability
The term ________ defines the components, including people, information, and conditions that support business objectives.
Business Drivers
Most WAN protocols operate at which level in the OSI reference model? A) 7 B) 3 C) 2 D) 1
2
Security Guideline
A collection of best practices or suggestions that help users comply with procedures and standards.
Security Standard
A collection of requirements the users must meet, typically within a specific system or environment.
Confidentiality Agreement
A document that that communicates your organization's security policy. Also known as a Non-Disclosure Agreement (NDA).
Employees
A group within the user domain. This group has the greatest stake in the organization. (Most Trusted/ Full Access)
Which of the following types of policies defines prohibited actions? A) Access Control Policy B) Password Usage Policy C) Acceptable Use Policy D) Violation Action Policy
Acceptable Use Policy
You only need written authorization prior to conducting a penetration test that accesses resources outside your organization. True or False
False
Why is LAN device configuration control important? A) Configuration control helps to detect violations of LAN resource access controls. B) Configuration control can detect changes an attacker might have made to allow harmful traffic in a LAN. C) It reduces the frequency of changes because they are more difficult to implement with configuration control. D) Configuration control ensures LAN devices are set up once and never changed.
Configuration control can detect changes an attacker might have made to allow harmful traffic in a LAN.
A(n) _________ is an isolated part of a network that is connected both to the internet and your internal secure network and is a common home for internet-facing web servers.
DMZ
Which type of WAN generally has the highest speed and is most secure? A) Dedicated Line B) Circuit Switching C) Packet Switching D) MPLS network
Dedicated line
Fair Credit Reporting Act (FCRA)
Defines national standards for all consumer reports, and how to conduct background checks.
Which of the following choices protect your system from users transferring private data files from a server to a workstation? (Select two) A) Increase the frequency of object access audits. B) Deliver current security policy training. C) Place access control to prohibit innappropriate actions. D) Enable access auditing for all private data files.
Deliver current security policy training. Place access control to prohibit innappropriate actions.
Which of the following is the primary type of control employed in the WAN domain? A) Firewalls B) Encryption C) Hashing D) Compression
Encryption
A LAN is a network that generally spans several city blocks. True or False
False
A confidentiality agreement sets the expectations of each employee and sets job performance standards. True or False
False
A local resource is any resource connected to the local LAN. True or False
False
By definition, VPN traffic is encrypted. True or False
False
PCI DSS allows merchants to store the CVV number. True or False
False
The WAN Domain commonly contains a DMZ. True or False
False
The primary concern for remote access is availability. True or False
False
WAN subscription cost tends to decrease as availability increases. True or False
False
__________ means the ongoing attention and care an organization places on security and compliance.
Due Dilligence
Where must sensitive information be encrypted to ensure its confidentiality? (Select two.) A) While in use on a workstation B) During transmission over the network C) As it is stored on disk D) In memory
During transmission over the network As it is stored on disk
Matrix ra(C)i:
The person who provides input that is helpful in completing a task. May be multiple people.
NAT is helpful to hide internal IP Addresses from the outside world. True or False
True
One of the most important concerns when sending data across a WAN is confidentiality. True or False
True
