#1 - #10 Combo - CIS 525 - CyberSecurity - McMurtrey - Study for Final Exam
Which OSI Reference Model layer is responsible for the coding of data? A. Presentation Layer B. Session Layer C. Data Link Layer D. Transport Layer
...
The ___________ framework defines the scope and contents of three levels of audit reports. A. Service Organization Control (SOC) B. permission-level C. real-time monitoring D. zone transfer
A
___________ refers to the amount of harm a threat can cause by exploiting a vulnerability. A. Impact B. Threat C. Risk D. Incident
A
system infector
A ________ enables the virus to take control and execute before the computer can load most protective measures.
file infector
A ________ is a type of virus that primarily infects executable programs.
What is meant by digital subscriber line (DSL)?
A high-speed digital broadband service that uses copper cabling for Internet access.
Which of the following is the definition of network address translation ?
A method of IP address assignment that uses an alternate, public IP address to hide a system's real IP address.
Which of the following is the definition of hub?
A network device that connects network segments, echoing all received traffic to all other ports.
Vulnerability
A weakness in the system that can be exploited to cause harm.
________ is the process of managing changes to computer/device configuration or application software.
Change conrol
The cryptanalyst can encrypt any information and observe the output.
Chosen-plaintext attack
The cryptanalyst has access only to a segment of encrypted data, and has no choice as to what that data may be.
Ciphertext-only attack (COA)
____________ is the practice of hiding data and keeping it away from unauthorized users.
Cryptography
___________ is the duty of every government that wants to ensure its national security.
Cybersecurity
________ is the act of unscrambling ciphertext into plaintext.
Decryption
________ allows the computer to get its configuration information from the network instead of the network administrator providing the configuration information to the computer. It provides a computer with an IP address, subnet mask, and other essential communication information, simplifying the network administrator's job.
Dynamic Host Configuration Protocol (DHCP)
T/F The weakest link in the security of an IT infrastructure is the server.
False
T/F Until the mid-1980s, personal and business communications involved three primary tools: telephone, answering machines and voicemail, and the Internet.
False
Unlike other organizations that specifically focus on engineering or technical aspects of computing and communication, the __________ primarily addresses standards that support software development and computer system operation.
ISO
Which of the following is the definition of false negative?
Incorrectly identifying abnormal activity as normal.
Which of the following adequately defines continuous authentication?
An authentication method in which a user is authenticated at multiple times or event intervals.
Black-hat Hacker
An individual who tries to break IT security and gain access to systems without authorization.
Wire Tapping: Active ~ Between-The-Lines
An unauthorized user that does not alter the original messages but inserting additional messages in between lines.
attacks against productivity and performance
Another way that malicious code can threaten businesses is by using mass bulk e-mail (spam), spyware, persistence cookies, and the like,consuming computing resources and reducing user productivity. These are known as ________.
It's essential to match your organization's required __________ with its security structure. A. monitoring B. permission level C. operating system D. recommendations
B
Which of the following is the definition of anomaly-based IDS? A. An intrusion detection system that compares current activity with stored profiles of normal (expected) activity. B. The state of a computer or device in which you have turned off or disabled unnecessary services and protected the ones that are still running. C. An intrusion detection system that uses pattern matching and stateful matching to compare current traffic with activity patterns (signatures) of known network intruders. D. Using tools to determine the layout and services running on an organization's systems and networks.
B
Gives priorities to the functions an organization needs to keep going
Businees Continuity Plan
What is meant by certification? A. The formal acceptance by the authorizing official of the risk of implementing the system. B. A strategy to minimize risk by rotating employees between various systems or duties. C. The technical evaluation of a system to provide assurance that you have implemented the system correctly. D. A group that is responsible for protecting sensitive data in the event of a natural disaster or equipment failure, among other potential emergencies.
C
What name is given to a method of developing software that is based on small project iterations, or sprints, instead of long project schedules? A. baseline B. waterfall model C. agile development D. sprint
C
Connecting your computers or devices to the ________ immediately exposes them to attack.
Internet
Procedure
Mechanisms that implement the policy (One for each policy).
Obtaining the coveted CAE/IAE or CAE/R designation means the curriculum and research institutions meet or exceed the standards defined by the _______.
NSA
_______________ enables you to prevent a party from denying a previous statement or action.
Nonrepudiation
________ provides information on what is happening as it happens.
Real-time monitoring
________ is the difference between the security controls you have in place and the controls youneed to have in place in order to address all vulnerabilities.
Security gap
False
The National Institute of Standards and Technology (NIST) is the main United Nations agency responsible for managing and promoting information and technology issues.
True
The main purpose of security training courses is to rapidly train students in one or more skills, or to cover essential knowledge in one or more specific areas.
four-year
The standard bachelor's degree is a __________ program.
A compliance liaison works with each department to ensure that it understands, implements, and monitors compliance in accordance with the organization's policies.
True
T/F The term security kernel database describes a database made up of rules that determine individual users' access rights.
True
T/F Voice and data traffic should be segmented on different backbone links to optimize performance, segment voice, and data traffic on separate GigE or 10GigEfiber-optic trunks.
True
Policy
Written formal statements that outline the rules (do/don't s) to secure a system.
A botnet consists of a network of compromised computers that attackers use to launch attacks and spread malware.
a botnet
Which of the following describes the Family Educational Rights and Private ACT?
a law that protects the private data of students
An intrusion detection system that uses pattern matching and stateful matching to compare current traffic with activity patterns (signatures) of known network intruders.
anomaly-based IDS?
A ___________ gives priorities to the functions an organization needs to keep going.
business continuity plan (BCP)
A___________ primarily addresses the processes, resources, equipment,and devices needed to continue conducting critical business activities when an interruption occurs that affects the business's viability.
business continuity plan (BCP)
A ___________ is a formal analysis of an organization's functions and activities that classifies them as critical or noncritical.
business impact analysis (BIA)
What term is used to describe streamlining processes with automation or simplified steps?
business process engineering
The software in a phone system that performs the call switching from an inboundtrunk to a phone extension
call control
The technical evaluation of a system to provide assurance that you have implemented the system correctly
certification
What or who is the individual or team responsible for performing the security test and evaluation for the system and for preparing the report for the AO on the risk of operating the system?
certifier
The purpose of ________ is to provide formal training courses that lead to a certificate or professional certification and not a degree.
continueing education
An educational program that is generally associated with a college or university that provides formal courses that do not lead to degrees is the definition of ________.
continuing education
_______ means only authorized users can change information and deals with the validity and accuracy of data.
integrety
Connecting your computers or devices to the ---- immediately exposes them to attack
internet
The physical part of the LAN Domain includes a __________, which is an interface between the computer and the LAN physical media.
network interface card (NIC)
________ uses various controls to reduce identified risks. These controls might be administrative, technical, or physical.
risk mitigation
The process of managing risks starts by identifying __________.
risks
_____________ is the process of dividing a task into a series of unique activities performed by different people, each of whom is allowed to execute only one part of the overall task.
separation of duties
Backdoor
A direct and easy access to a system.
E-commerce changed how businesses sell, and the --- change how they market
...
The number of possible keys to a cipher is a ___________. A. checksum B. cryptosystem C. keyspace D. key directory
...
Which OSI Reference Model layer uses Media Access Control (MAC) addresses? Device manufacturers assign each hardware device a unique MAC address. A. Data Link Layer B. Presentation Layer C. Transport Layer D. Session Layer
...
________ is a suite of protocols designed to connect sites securely using IP networks. A. Dynamic Host Configuration Protocol (DHCP) B. Network access control (NAC) C. Point-to-Point Tunneling Protocol (PPTP) D. Internet Protocol Security (IPSec)
...
Threat Model
1. Asset 2. Vulnerability 3. Threat 4. Risk
A countermeasure, without a corresponding __________, is a solution seeking a problem; you can never justify the cost. A. risk B. control C. event D. response
A
7 billion
As of 2013, Cisco estimated that there were more than________ devices connected to the Internet.
________ attack countermeasures such as antivirus signature files or integrity databases.
Retro viruses
In a ________, the attacker sends a large number of packets requesting connections to the victim computer.
SYNflood
The tunnel can be created between a remote workstation using the public Internet and a VPN router or a secure browser and ________ Web site.
Secure Sockets Layer virtual private network (SSL-VPN)
Threat
Something or someone that can cause harm.
Asset
Something that needs to be protected.
What is meant by annual rate of occurrence (ARO)?
The annual probability that a stated threat will be realized.
T/F System owners are in control of data classification.
False
What name is given to a U.S. federal law that requires U.S. government agencies to protect citizens private data and have proper security controls in place?
Federal Information Security Management Act
What name is given to a U.S. federal law that requires U.S. government agencies to protect citizens' private data and have proper security controls in place?
Federal Information Security Management Act (FISMA) Encryption
smurf attack
In a _________, attackers direct forged Internet Control Message Protocol (ICMP) echo-request packets to IP broadcast addresses from remote locations to generate denial of service attacks.
T/F A physically constrained user interface isa user interface that does not provide a physical means of entering unauthorized information.
True
T/F A way to protect your organization from personnel-related security violationsis to use job rotation. This minimizes risk by rotating employees among various systems or duties, which prevents collusion.
True
T/F An attacker will use exploit software when performing vulnerability assessments and intrusive penetration testing.
True
T/F AnSOC 1 report is commonly implemented for organizations that must comply with Sarbanes-Oxley (SOX) or the Gramm-Leach-Bliley Act (GLBA).
True
T/F Even though 3G networks provided mobile devices with connection capabilities similar to those of wired networks, they still did not use true IP network addressing.
True
T/F Having too many risks in the risk register is much better than overlooking any severe risk that does occur.
True
T/F In 2011, the United States ranked second globally as a source of network attacks and highest as a source of attacks in North America, even if they originate outside the United States.
True
T/F The process of managing the baseline settings of a system device is the definition of configuration control.
True
A type of virus that infects other files and spreads in multiple ways.
What is meant by multiparite virus
no standard time frame
With university doctoral programs, completing the degree requirements takes ________.
________is a one-way calculation of information that yields a result usually much smaller than the original message.
Checksum
An organization's facilities manager is often responsible for ---
Physical Access Control
In a ________, the cryptanalyst can encrypt any information and observe the output. This is best for the cryptanalyst.
Chosen-plaintext attack
The total number of errors divided by the total number of bits transmitted is the definition of
bit error rate
Industry Data Classifications
1. Private Data 2. Confidential Data 3. Internal Data 4. Public Data
U.S. Dept. of Defense Data Classifications
1. Top Secret 2. Secret 3. Confidential 4. Unclassified
Which of the following is the definition of net cat?
A network utility program that reads from and writes to network connections.
Which of the following is the definition of guideline?
A recommendation to purchase or how to used a product or system
________ is a document produced by the IETF thatcontains standards as well as other specifications or descriptive contents.
A request for comments (RFC)
Which of the following best describes quantitative risk analysis?
A risk-analysis method that uses mathematical formulas and numbers to assist in ranking risk severity.
OS Fingerprint Scanner
A software program that allows an attacker to send logon packets to a IP host device.
Protocol Analyzer
A software program that enables a computer to monitor and capture network traffic.
Vulnerability Scanner
A software program that identifies and detects what operating system and software is installed on an IP host device.
Which of the following is the definition of continuing professional education (CPE)?
A standard unit of credit that equals 50 minutes of instruction.
______ is a method that black-hat hackers use to attempt to compromise logon and password access controls, usually following a specific attack plan, including the use of social engineering to obtain user information.
Brute-force password atack
________ is a method that black-hat hackers use to attempt to compromise logon and password access controls, usually following a specific attack plan, including the use of social engineering to obtain user information.
Brute-force password attack
A threat source can be a situation or method that might accidentally trigger a(n) ____________. A. event B. incident C. vulnerability D. control
C
Audits also often look at the current configuration of a system as a snapshot in time to verify that it complies with ________. A. controls B. management C. standards D. plan
C
Cryptography accomplishes four security goals: confidentiality, integrity, authentication, and ________________. A. security B. privacy C. nonrepudiation D. reliability
C
It is necessary to create and/or maintain a plan that makes sure your company continues to operate in the face of disaster. This is known as a ________. A. critical business function B. disaster plan C. business continuity plan D. risk management plan
C
Security audits help ensure that your rules and __________ are up to date, documented, and subject to change control procedures. A. applications B. mitigation activities C. configurations D. recommendations
C
The process of managing the baseline settings of a system device is called ________. A. guideline B. baseline C. configuration control D. sprint
C
A U.S. standards organization whose goal is to empower its members and constituents to strengthen the U.S. marketplace position in the global economy, while helping to ensure the safety and health of consumers and the protection of the environment.
ANSI
Wire Tapping: Active ~ Piggyback-Entry
Actual communication is changed and routed through a different server.
A security awareness program includes
All: teaching employees about security objectives motivating users to comply with security policies informing users about trends and threats in society
The ________ is aU.S. standards organization whose goal is to empower its members and constituents to strengthen the U.S. marketplace position in the global economy, while helping to ensure the safety and health of consumers and the protection of the environment.
American National Standards Institute
Exploit Software
An application that incorporates known software vulnerabilities to "exploit" a weakness of an IP host device or computer system.
________gives you the opportunity to review your risk-management program and toconfirm that the program has correctly identified and reduced (or otherwise addressed)the risks to your organization.
An audit
Which of the following describes an asynchronous token?
An authentication token used to process challenge-response authentication with a server. It takes the server's challenge value and calculates a response. The user enters the response to authenticate a connection.
White-hat Hacker
An authorized professional who identify vulnerabilities and perform penetration testing.
Which of the following is the definition of Vigenerecipher?
An encryption cipher that uses multiple encrytpion cschemes in succession.
Grey-hat Hacker
An intermediate-skilled hacker who could become a black-hat hacker or white-hat hacker.
Which of the following is the definition of anomaly-based IDS?
An intrusion detection system that compares current activity with stored profilesof normal (expected) activity.
Which of the following is the definition of pattern-based IDS?
An intrusion detection system that uses pattern matching and state full matching to compare current traffic with activity patterns (signatures) of known network intruders.
Wire Tapping: Passive
An unauthorized user listening to communication without changing the data.
Security Breach
Any event that results in a violation of any of the C-I-A security tenants.
Which OSI Reference Model layer includes all programs on a computer that interact with the network?
Application Layer
The process of issuing keys to valid users of a cryptosystem so they can communicate.
key distribution
The number of possible keys to a cipher is a
keyspace
A ________ is a collection of computers connected to one another or to a common connection medium.
local area network (LAN)
Loss of financial assets due to ________ is a worst-case scenario for all organizations.
malicious attacks
When you accept a --- you take no further steps to resolve
negative risk
What is the process of using tools to determine the layout and services running on an organization's systems and networks?
network mapping
Distributed Denial of Service (DDoS) Attack
Attackers hijack Internet computers to plant automated attack agents to bombard a site with forged messages by each computer.
What is necessary because of potential liability, negligence, mandatory regulatory complicance?
Audits
---- is an authorization method in which access to resources is decided by the user's formal status.
Authority - level policy
________ is an authorization method in which access to resources is decided by the user's formal status.
Authority-level policy
A(n) ________ is a measurable occurrence that has an impact on the business. A. corrective control B. event C. cost D. critical business function
B
An attacker or event that might exploit a vulnerability is a(n) ____________. A. incident B. threat source C. cost D. Hacker
B
As your organization evolves and as threats mature, it is important to make sure your __________ still meet(s) the risks you face today. A. configuration B. controls C. monitoring D. settings
B
How your organization responds to risk reflects the value it puts on its ___________. A. environment B. assets C. technology D. vulnerability
B
What is meant by authorizing official (AO)? A. An individual to enact changes in response to reported problems. B. The process of managing changes to computer/device configuration or application software. C. A senior manager who reviews a certification report and makes the decision to approve the system for implementation. D. A mandated requirement for a hardware or software solution that is used to deal with a security risk throughout the organization
C
A ___________ is a software program that performs one of two functions: brute-forcepassword attack to gain unauthorized access to a system,or recovery of passwords stored in a computer system.
password cracker
It's essential to match your organization's required __________ withits security structure.
permission level
If VoIP traffic needs to traverse through a WAN with congestion, you need
quality of service (QOS)
If VoIP traffic needs to traverse through a WAN with congestion, you need
quality of service (QoS)
The goal of --- is to quantify possible outcomes of risks, determine probabilities of outcomes, identify high impact risks and develop plans based on risks
quantitative risk analysis
The goal of ____________ is to quantify possible outcomes of risks, determine probabilities of outcomes, identify high-impact risks, and develop plans based on risks.
quantitative risk analysis
Enacting changes in response to reported problems is called
reactive change managment
Voice and unified communications are ________ applications that use 64-byte IP packets.
real-time
What name is given to any risk that exists but has a defined response?
residual risk
________ attack countermeasures such as antivirus signature files or integrity databases.
retro virus
________ is arisk management phase that includes assessment of various types of controls to mitigate the identified risks, selection of a control strategy, and justification of choice of controls.
risk assessment
SOC 2 and SOC 3 reports both address primarily ________-related controls.
security
Today, people working in cyberspace must deal with new and constantly evolving ________.
threats
Today, people working in cyberspace must deal with new and constantlyevolving ________.
threats
RTO identifies the maximum allowable ________ to recover the function.
time
Network devices can implement ___________ to better support VoIP and SIP IP packets and reduce dropped calls and delays.
traffic prioritization
Because personnel are so important to solid security, one of the best security controls you can develop is a strong security --- and awareness program
training
Because personnel are so important to solid security, one of the best security controls you can develop is a strong security ___________ and awareness program.
training
Initiating changes to avoid expected problems is the definition of proactive change managment
true
Mandatory access control (MAC) isa means of restricting access to an object based on the object's classification and the user's security clearance.
true
One of the OSI Reference Model layers, the Network Layer, is responsible for the logical implementation of the network.
true
One of the most important parts of a FISMA information security program is that agencies test and evaluate it.
true
The ANSI produces standards that affect nearly all aspects of IT.
true
The traceroute command displays the path that a particular packet follows so you can identify the source of potential network problems.
true
As users upgrade LANs to GigE or 10GigE, switches must support ________ and data IP traffic.
voice
procrastination
"There are so many demands on your time, it is often difficult to justify setting aside time to study. Also, you may find that self-study takes more time than you planned."This is a disadvantage to choosing the self-study option that can be labeled ________.
This appliance examines IP data streams for common attack and malicious intent patterns
(IDS)
Systems Security Certified Practitioner
(ISC)2 offers the ________ credential, which is ideal for those who are working toward or already hold positions as senior network security engineers, senior security systems analysts, or senior security administrators. It covers the seven domains of best practices for information security.
Certified Secure Software Lifecycle Professional
(ISC)2 offers the ________________ credential, which is one of the few credentials that address developing secure software. It evaluates professionals for the knowledge and skills necessary to develop and deploy secure applications.
The tunnel can be created between a remote workstation using the public internet and VPN router and a --- web site
(SSL - VPN)
What term is used to describe a type of cryptography that uses a cipher with two separate keys, one for encryption and one for decryption, so that correspondents do not first have to exchange secret information to communicate securely? A. hash B. key distribution C. asymmetric key cryptography D. symmetric key cryptography
...
Which OSI Reference Model layer creates, maintains, and disconnects communications that take place between processes over the network? A. Presentation Layer B. Session Layer C. Data Link Layer D. Transport Layer
...
Which OSI Reference Model layer includes all programs on a computer that interact with the network? A. Presentation Layer B. Session Layer C. Network Layer D. Application Layer
...
Which OSI Reference Model layer is responsible for transmitting information on computers connected to the same local area network (LAN)? A. Presentation Layer B. Session Layer C. Data Link Layer D. Transport Layer
...
Which OSI Reference Model layer must translate the binary ones and zeros of computer language into the language of the transport medium? A. Data Link Layer B. Transport Layer C. Session Layer D. Physical Layer
...
Which of the following is not a type of authentication?
...
Which of the following is the definition of hub? A. A device that connects two or more networks and selectively interchanges packets of data between them. B. A network device that connects network segments, echoing all received traffic to all other ports. C. A firewall device that examines the state of a connection as well as simple address, port, and protocol rules to determine how to process a packet. D. A suite of protocols designed to connect sites securely using IP networks.
...
Without any knowledge of the key, an attacker with access to an encrypted message and the decryption cipher could try every possible key to decode the message. This is referred to as ________. A. decryption B. breaking codes C. brute-force attack D. cryptanalysis
...
________ allows the computer to get its configuration information from the network instead of the network administrator providing the configuration information to the computer. It provides a computer with an IP address, subnet mask, and other essential communication information, simplifying the network administrator's job. A. Internet Protocol Security (IPSec) B. Dynamic Host Configuration Protocol (DHCP) C. Point-to-Point Tunneling Protocol (PPTP) D. Internet Control Message Protocol (ICMP)
...
________ is a one-way calculation of information that yields a result usually much smaller than the original message. A. Caesar cipher B. Checksum C. Hash D. Symmetric key
...
_________ was developed for organizations such as insurance and medical claims processors, telecommunication service providers, managed services providers, and credit card transaction processing companies. A. Real-time monitoring B. Gray-box testing C. SAS 70 D. White-box testing
...
_______________ enables you to prevent a party from denying a previous statement or action. A. Authentication B. Integrity C. Nonrepudiation D. Confidentiality
...
The name given to a group that is responsible for protecting sensitive data in the event of a natural disaster or equipment failure, among other potential emergencies, is ________. A. emergency operations group B. security event team C. guideline control D. security administration
A
file infector
A ________ is a virus that attacks and modifies executable programs (like COM, EXE, SYS, and DLL files).
firewall
A ___________ controls the flow of traffic by preventing unauthorized network traffic from entering or leaving a particular portion of the network.
logic bomb
A ___________ is a program that executes a malicious function of some kind when it detects certain conditions.
phishing attack
A ____________ tricks users into providing log-on information on what appears to be a legitimate Web site but is in fact a Web site set up by an attacker to obtain this information.
firewall
A _____________ contains rules that define the types of traffic that can come and go through a network.
Which of the following is the definition of botnet?
A botnet consists of a network of compromised computers that attackers use to launch attacks and spread malware.
What is the project Management Body of Knowledge ?
A collection of the knowledge and best practices of the project management profession
What is the Project Management Body of Knowledge (PMBOK)?
A collection of the knowledge and best practices of the project management profession.
Denial of Service (DoS) Attack
A coordinated attempt to deny service by causing a computer to perform an unproductive task.
What is meant by multi-tenancy?
A database feature that allows different groups of users to access the database without being able to access each other's data.
packet-filtering firewall
A firewall that examines each packet it receives and compares the packet to a list of rules configured by the network administrator is the definition of ________.
Downtime -> Unintentional ->
1. Human Error 2. System Failure 3. Attack (DoS)
What assets do we need to protect?
1. IT infrastructure 2. Intellectual property 3. Financial information 4. Service availability and productivity 5. Reputation
network access control (NAC)
A method to restrict access to a network based on identity or other rules is the definition of ________.
What term is used to describe a benchmark used to make sure that a system provides a minimum level of security across multiple applications and across different products? A. configuration control B. functional policy C. baseline D. authorizing official (AO)
C
Which of the following is the definition of guideline? A. A method of developing software that is based on small project iterations, or sprints, instead of long project schedules. B. Recorded information from system events that describes security-related activity. C. A recommendation to purchase or how to use a product or system. D. A senior manager who reviews a certification report and makes the decision to approve the system for implementation.
C
________ gives you the opportunity to review your risk-management program and to confirm that the program has correctly identified and reduced (or otherwise addressed) the risks to your organization. A. Penetration testing B. Real-time monitoring C. An audit D. Vulnerability testing
C
________ is the process of managing changes to computer/device configuration or application software. A. Sprint B. Procedure control C. Change control D. Proactive change management
C
________ states that users must never leave sensitive information in plain view on an unattended desk or workstation. A. Procedure management B. Emergency operations policy C. Clean desk/clear screen policy D. Security administration policy
C
___________ is the likelihood that a particular threat exposes a vulnerability that could damage your organization. A. Backup B. Incident C. Risk D. Preventive control
C
Which OSI Reference Model layer uses Media Access Control (MAC) addresses?Device manufacturers assign each hardware device a unique MAC address.
Data Link Layer
What name is given to an encryption cipher that is a product cipher with a 56-bit key consisting of 16 iterations of substitution and transformation?
Data encryption standard
Which OSI Reference Model layer uses Media Access Control (MAC) addresses?Device manufacturers assign each hardware device a unique MAC address.
DataLink Layer
True
Employers do use certifications to help assess prospects, but the best assessment is the prospect's actual performance.
___________ is the process of transforming data from cleartext into ciphertext.
Encryption
Software vendors must protect themselves from liabilities of their own vulnerabilities with a
End-User License Agreement (
Software vendors must protect themselves from the liabilities of their own vulnerabilities with a(n) ____________.
End-User License Agreement (EULA)
_______ is the proportion of value of a particular asset likely to be destroyed by a given risk,expressed as a percentage.
Exposure factor (EF)
________represents the percentage of the asset value that will be lost if an incident were to occur.
Exposure factor (EF)
Which regulating agency has oversight for the Children's Internet Protection ACt?
FCC
Most educational institutions offer accelerated programs to complete PhD degree requirements in less than one year.
False
Students who have had their FERPA rights violated are allowed to sue a school for that violation.
False
T/F A time-based synchronization system is a mechanism that limits access to computer systems and network resources.
False
T/F An organization can choose to plan for any interruption time frame, but in many BIAs, restoration plans assume that access to primary resources will not be possible for at least 60 days.
False
T/F Annual loss expectancy (ALE) means the process of identifying, assessing, prioritizing, and addressing risks.
False
T/F Authority-level policy is adatabase feature that allows different groups of users to access the database without being able to access each other's data.
False
T/F Role-based access control (RBAC) means limiting users' access to database views, as opposed to allowing users to access data in database tables directly.
False
T/F Successfully connecting to a computer using a modem makes it impossible to access the rest of the organization's network.
False
T/F The Delphi method is the estimated loss due to a specific realized threat. The formula to calculate this loss is =SLE × ARO.
False
T/F The audit itself sets new policies.
False
T/F The difference between black-hat hackers and white-hat hackers is that black-hat hackers are mainly concerned with finding weaknesses for the purpose of fixing them, and white-hat hackers want to find weaknesses just for the fun of it or to exploit them.
False
T/F The network security group is responsible for the Internet-to-WAN Domain.
False
T/F The up-to-date Common Vulnerabilities & Exposure list is maintained and managed by the U.S. Department of Finance.
False
__________ tests interrupt the primary data center and transfer processing capability to an alternate site.
Full-interruption
Keystroke Logger
Hardware or software that can record every keystroke a user makes on a keyboard into a log file.
SYN flood attack
In a __________, the attacker uses IP spoofing to send a large number of packets requesting connections to the victim computer. These appear to be legitimate but in fact reference a client system that is unable to respond.
The ________ is the main United Nations agency responsible for managing and promoting information and technology issues.
Internation Telecommunication Union
The _____________ is the preeminent organization for developing and publishing international standards for technologies related to electrical and electronic devices and processes.
International Electrotechnical Commission
E-commerce changed how businesses sell, and the ________ changed how they market.
Internet
A standards organization that develops and promotes Internet standards.
Internet Engineering Task Force
________ is asuite of protocols designed to connect sites securely using IP networks.
Internet Protocol Security (IPSec)
In a --- , the cryptanalyst possesses certain pieces of information before and after encryption
Known plaintext attack
The cryptanalyst processes certain pieces of information before and after encryption.
Known-plaintext attack (KPA)
This represents the fourth layer of defense for a typical IT infrastructure
LAN - to - WAN Domain
The ____________ represents the fourth layer of defense for a typical IT infrastructure.
LAN-to-WANDomain
A ________ examines the network layer address and routes packets based on routing protocol path determination decisions.
Layer 3 switch
availability
Malicious code attacks all three information security properties. Malware can erase or overwrite files or inflict considerable damage to storage media. This property is ________.
In a _____, cryptanalysts submit data coded with the same cipher and key they are trying to break to the decryption device to see either the plaintext output or the effect the decrypted message has on some system
Chosen-ciphertext attack
In a ________, cryptanalysts submit data coded with the same cipher and key they are trying to break to the decryption device to see either the plaintext output or the effect the decrypted message has on some system.
Chosen-ciphertext attack
_____ is a special case, It is relevant in asymmetric key system and has functions.
Chosen-ciphertext attack
There are four basic forms of a cryptographic attack. In a ________, the cryptanalyst has access only to a segment of encrypted data, and has no choice as to what that data mightbe.
Ciphertext-only attack (COA)
________ states that users must never leave sensitive information in plain view on an unattended desk or workstation.
Clean desk/clear screen policy
Information Security
Collection of activities that protect information systems and the data stored in it.
entry-level information security certification of choice for IT professionals
Comp TIA's Security+ certification provides ________.
A federal agency within the U.S. Department of Commerce whose mission is to "promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life."
NIST
A _____________ is a flaw or weakness in a system's security procedures, design, implementation, or internal controls. A. threat B. impact C. risk D. vulnerability
D
Audits are necessary because of ________. A. potential liability B. negligence C. mandatory regulatory compliance D. all of the above
D
What or who is the individual or team responsible for performing the security test and evaluation for the system and for preparing the report for the AO on the risk of operating the system? A. remediation B. certifier C. compliance liaison D. system owners
D
________ allows the computer to get its configuration information from the network instead of the network administrator providing the configuration information to the computer. It provides a computer with an IP address, subnet mask, and other essential communication information, simplifying the network administrator's job.
DHCP
Which OSI Reference Model layer is responsible for transmitting information on computers connected to the same local area network (LAN)?
Data Link Layer
What term is used to describe a type of virus that includes a separate encryption engine that stores the virus body in encrypted format while duplicating the main body of the virus?
polymorphic virus
A --- is a tool used to scan IP host devices for open ports that have been enabled
port scanner
A ___________ is a tool used to scan IP host devices for open ports that have been enabled.
port scanner
What term is used to describe a strategy that uses a device to provide electrical power for IP phones from the RJ-45 8-pin jacks directly to the workstation outlet?
power over Ethernet (Poe)
____________ is a person's right to control the use and disclosure of his or her own personal information.
privacy
Risks apply to specific assets. If you multiply the risk __________ by the cost of the asset, the result is the exposure to a specific risk.
probability
What term is used to describe a set of step-by-step actions to be performed to accomplish a security requirement, process, or objective?
procedure
The four main areas in NIST SP 800-50 are awareness, training, education, and __________________.
profesisonal development
The mode in which sniffers operate; it is nonintrusive and does not generate network traffic. This means that every data packet is captured and can be seen by the sniffer.
promiscuous mode
A countermeasure, without a corresponding __________, is a solution seeking a problem; you can never justify the cost.
risk
___________ is the likelihood that a particular threat exposes a vulnerability that could damage your organization.
risk
Anorganization knows that arisk exists and has decided that the cost of reducing it is higher than the loss would be. This can include self-insuring or using a deductible. This is categorized as ________.
risk acceptance
________ allows anorganization to transfer risk to another entity. Insurance is a common way to reduce risk.
risk assignment
A company can discontinue or decide not to enter a line of business if the risk level is too high. This is categorized as ________.
risk avoidance
What name is given to an access control method that bases access control approvals on the jobs the user is assigned?
role-based access control
A type of malware that modifies or replaces one or more existing programs to hide the fact that a computer has been compormised
rootkit
What name is given to random characters that you can combine with an actual input key to create the encryption key?
salt key
An encrypted channel used for remote access to a server or system, commonly used in Linux and UNIX servers and applications, is the definition of __________.
secure shell (SSH)
The world needs people who understand computer-systems ________ and who can protect computers and networks from criminals and terrorists.
security
The world needs people who understand computer-systems ________ and who can protect computers and networksfrom criminals and terrorists.
security
The--- team's responsibilities include handling events that affect your computers and networks and ultimately can respond rapidly and effectively to any event.
security administration
E-commerce systems and applications demand strict C-I-A ________.
security controls
________ is the difference between the security controls you have in place and the controls you'd to have in place in order to address all vulnerabilities.
security gap
The --- is the central part of a computing environment's hardware, software, and firmware that enforces access control for computer systems
security kernel
SIP is a ___________ protocol used to support real-time communications.
signaling
What name is given to an encryption cipher that uniquely maps any letter to any other letter?
simple substitution cipher
An organization's facilities manager might give you a security card programmed with your employee ID number, also known as a ________.
smart card
A mandated requirement for a hardware or software solution that is used to deal with a security risk throughout the organization
standard
What is the technique of matching network traffic with rules or signatures based on the apprearance of the traffic and its relationship to other packets?
stateful matching
What name is given to a type of virus that uses a number of techniques to conceal itself from the user or detection software?
stealth virus
What term is used to describe communication that doesn't happen in real time but rather consists of messages (voice or e-mail) that are stored on a server and downloaded to endpoint devices?
store-and-forward communications
What term is used to describe communication that doesn't happen in real time but rather consists of messages that are stored on a server and downloaded to endpoint devices?
store-and-forward communications
What term is used to describe a device used as a log on authenticator for remote users of a network?
synchronous token
A ________ enables the virus to take control and execute before the computer can load most protective measures.
system infector
A control that is carried out or managed by a computer system is the definition of ________.
technical control
A method of restricting resource access to specific periods of time is called ---
temporal isolation
A method of restricting resource access to specific periods of time is called ________.
temporal isolation
A --- is any action that could damage an asset that can be natural and or human iduced
threat
A --- is an intent and method to exploit a vulnerability
threat source
An attacker or event that mightexploit a vulnerability is a(n) ____________.
threat source
What name is given to an encryption cipher that rearranges characters or bits of data?
transposition cipher
Unrecognized new processes running, startup messages indicating that new software has been (or is being) installed (registry updating), unresponsiveness of applications to normal commands, and unusual redirection of normal Web requests to unknown sites are all telltale symptoms of a ________.
trojan
A DoS attack is a coordinated attempt to deny service by causing a computer to perform an unproductive task.
true
A certificate of completion is a document that is given to a student upon completion of the program and is signed by the instructor.
true
A way to protect your organization from personnel - related security violations is to use job rotation.
true
An auditing bechmark is the standard by which asystem is compared to determine whether it is securely configured
true
An information security safeguard is also called in informaiton security control
true
An organization must comply with rules on two levels. regulatory compliance and organizational compliance.
true
An organization seeks a balance between an acceptable level of a risk and the cost of reducing it.
true
AnSOC 1 report is commonly implemented for organizations that must complywith Sarbanes-Oxley (SOX) or the Gramm-Leach-Bliley Act (GLBA).
true
Anomaly detection involves developing a network baseline profile of normal or acceptable activity, such as services or traffic patterns, and then measuring actual network traffic againstthis baseline.
true
Border firewalls simply seperate the protected network from the internet
true
Certifications that require additional education generally specity the number of credits each certificate requires
true
Defense in depth combines the capabilities of people, operations, and security technologies to establish multiple layers of protection, eliminating single lines of defense and effectively raising the cost of an attack.
true
ISO 17799 is an international security standard.
true
Information systems security is about ensuring the confidentiality, integrity, and availability of IT infrastructures and the systems they comprise.
true
Ininformation technology, perhaps the best-known ISO standard is the Open Systems Interconnection (OSI) Reference Model. This internationally accepted framework of standards governs how separate computer systems communicate using networks.
true
Residual risk is the risk that remains after you have installed countermeasures and controls.
true
Singe loss expectancy(SLE) means the expected loss for a single threat occurrence. The formula to calculate SLE is SLE = Resource Value x EF
true
Symmetric key cryptography is a type of cryptography that cannot secure correspondence until after the two parties exchange keys.
true
Telephony denial of service (TDoS) is a variation of a denial of service (DoS) attack, but is launched against traditional and packet-based telephone systems. A TDoS attack disrupts an organization's use of its telephone system through a variety of methods.
true
The FTC Safeguards Rule requires a financial institution to create a written information security program that must state how the institution collects and uses customer data. It also must describe the controls used to protect that data.
true
The Family Educational Rights and Privacy Act (FERPA) is the main federal law protecting the privacy of student information.
true
The Internet Architecture Board (IAB) is a subcommittee of the IETF composed of independent researchers and professionals who have a technical interest the overall well-being of the Internet.
true
The Office of Personnel Management (OPM) requires that federal agencies provide the training suggested by the NIST guidelines.
true
The Payment Card Industry Data Security Standard (PCI DSS) is an international standard for handling transactions involving payment cards.
true
The best-known standard that relates to information security is the IEEE 802 LAN/MAN standard family.
true
The current term for online study is distance learning
true
The following are al methods of collecting data: questionnaires, interviews, observation, and checklists.
true
The main purpose of security training courses is to rapidly train students in one or more skills, or to cover essential knowledge in one or more specific areas.
true
The primary characteristic of a virus is that it replicates and generally involves user action of some type
true
The term Bring Your Own Device (BYOD) refers to an organizational policy of allowing or even encouraging employees, contractors, and others to connect their own personal equipment to the corporate network; this offers cost savings and other benefits but also presents security risks.
true
The term detective control refers to a control that determines that a threat has landed in your system.
true
The term remediation refers to fixing something before it is broken, defective, of vulnerable.
true
The term risk management describes the process of identifying, assessing, prioritizing and addressing risks
true
Under CIPA, a technology protection measure is any technology that can block or filter the objectionable content.
true
Unlike viruses, worms do not require a host program in order to survive and replicate.
true
Whereas MS programs prepare students to perform information security work, MBA programs prepare students to manage and maintain the people and environment of information security.
true
spoofing means a type of attack in which one person, program, or computer disguises itself as another person, program, or computer to gain access to some resource.
true
As users upgrade LANs to GigE or 10GigE, switches must support ________and data IP traffic.
voice
A --- is a weakness that allows a threat to be realized
vulnerability
A _____________ is a flaw or weakness in asystem's security procedures, design, implementation, or internal controls.
vulnerability
A threat source can be a situation or method that might accidentally trigger a(n) ____________.
vulnerability
A threate source can be a situation or a method that might accidentally trigger a
vulnerability
Security testing that is based on knowledge of the application's design and source code.
white box testing
Unexplained increases in bandwidth consumption, high volumes of inbound and outbound e-mail during normal activity periods, a sudden increase in e-mail server storage utilization (this may trigger alarmthresholds set to monitor and manage disk/user partition space), and an unexplained decrease in available disk space are all telltale symptoms of a ________.
worm
Social Security numbers, financial account numbers, credit card numbers, and date of birthare examples of __________ as stipulated under GLBA.
NPI
________ is used to describe a property that indicates that a specific subject needs access to a specific object. This is necessary to access the object in addition to possessing the proper clearance for the object's classification.
Need-to-know
reconnaissance
Network ________ is gathering information about a network for use in a future attack.
NSA
Obtaining the coveted CAE/IAE or CAE/R designation means the curriculum and research institutions meet or exceed the standards defined by the _______.
Confidentiality
Only authorized users can view information.
________ is an authentication credential that is generally longer and more complex than a password.
Passphrase
Information Security Procedure
Protect, Detect, and React (Only a problem for integrity)
________ attempts to describe risk in financial terms and put a dollar value on all the elements of a risk.
Quantitative risk analysis
____________ is the amount of time it takes to recover and make a system, application, and data available for use after an outage.
Recover time objective
____________ is the amount of time it takes to recover and make a system, application, and data available for use after an outage.
Recovery time objective (RTO)
the likelyhood that something bad happens to an asset is
Risk
What is ment by constrained user interface?
Software that allows users to enter only specific information.
A ________ enables the virus to take control and execute before the computer can load most protective measures.
System infector
________are viruses that target computer hardware and software startup functions.
System infectors
In a __________, the attacker uses IP spoofing to send a large number of packets requesting connections to the victim computer. These appear to be legitimate but in fact reference a client system that is unable to respond.
SYN Flood attack
In a ________, the attacker sends a large number of packets requesting connections to the victim computer
SYN flood
The regulating agency for the Sarbanes-Oxley Act is the ________.
Securities and Exchange Commission
What fills security gaps and software weaknesses?
Testing and quality assurance
True
The Gauss is a measurement of a magnetic field.
True
The Info tech Security Certified Program (SCP) certification programs apply mainly to network security topics and are most appropriate for professionals involved in securing network components within the IT infrastructure.
American National Standards Institute (ANSI)
The ________ is a U.S. standards organization whose goal is to empower its members and constituents to strengthen the U.S. marketplace position in the global economy, while helping to ensure the safety and health of consumers and the protection of the environment.
World Wide Web Consortium (W3C)
The ________ is an organization formed in 1994 to develop and publish standards for the World Wide Web.
IAB
The ________ provides oversight for architecture for Internet protocols and procedures, processes used to create standards, editorial and publication procedures for RFCs, and confirmation of IETF chair and technical area directors. It also provides much of the high-level management and validation of the processes of conducting IETF business.
CISSP-ISSMP®
The ____________ concentration from (ISC)2 contains deeper managerial elements such as project management, risk management, setting up and delivering a security awareness program, and managing a business continuity planning program.
CISSP-ISSEP®
The ____________ concentration from (ISC)2 is the road map for incorporating security into projects, applications, business processes, and all information systems.
Hollings Manufacturing Extension Partnership
The ____________ is a network of centers around the United States that offers technical and business assistance to small- and medium-sized manufacturers.
SYN Flood
The attacker sends a large number of packets requesting connections to the victim computer, filling up their connections table and denying service to legitimate users.
Certified Authorization Professional
The best fits for (ISC)2's_____________ are personnel responsible for developing and implementing processes used to assess risk and for establishing security requirements.
True
The best-known standard that relates to information security is the IEEE 802 LAN/MAN standard family.
What is meant by promiscuous mode?
The mode in which sniffers operate; it is nonintrusive and does not generate network traffic. This means that every data packet is captured and can be seen by the sniffer.
Which of the following is the definition of cipher text?
The opposite of clear text. Data sent as cipher text is not visible and not decipherable.
What is meant by checksum?
The output of a one-way algorithm; a mathematically derived numerical representation of some input.
Which of the following is the definition of system owner?
The person responsible for the daily operation of a system and for ensuring that the system continues to operate in compliance with the conditions set out by the AO.
Cryptography
The practice of hiding the data and keeping it away from unauthorized users.
Which of the following is an accurate description of cloud computing?
The practice of using computing services that are delivered over a network.
Risk
The probability of damage to an asset. (Risk = Vulnerability * Threat)
Which of the following is the definition of access control?
The process of protecting a resource so that it is used only by those allowed to use it; a particular method used to restrict or allow access to resources.
Password Cracker
The process of recovering a password that can be performed by a brute-force attack or dictionary attack.
Encryption
The process of transforming data from clear-text into ciphertext.
True
The purpose of DoD Directive 8570.01 is to reduce the possibility that unqualified personnel can gain access to secure information.
When an information security breach occurs in your organization, a --- helps determine what happened to the system and when.
Security event log
---- is the process of dividing up tasks into a series of unique activities
Separation of duties
What is meant by call control?
The software in a phone system that performs the call switching from an inboundtrunk to a phone extension.
What is meant by certification?
The technical evaluation of a system to provide assurance that you have implemented the system correctly.
The primary difference between SOC 2 and SOC 3 reports is ________.
Their audience
Certain security objectives add value to information systems. _________ provides an exact time when a producer creates or sends information.
Timestamping
Most certifications require certification holders to pursue additional education each year to keep their certifications current.
True
T/F Sprint means one of the small project iterations used in the "agile" method of developing software, in contrast with the usual long project schedules of other ways of developing software.
True
T/F A DoS attack is a coordinated attempt to deny service by causing a computer to perform an unproductive task.
True
T/F A benchmark is the standard by which a system is compared to determine whether it is securely configured. One technique in an audit is to compare the current setting of a computer or device with a benchmark to help identify differences.
True
T/F A physically constrained user interface is a user interface that does not provide a physical means of entering unauthorized information.
True
T/F Initiating changes to avoid expected problems is the definition of proactive change management.
True
T/F Mandatory access control (MAC) isa means of restricting access to an object based on the object's classification and the user's security clearance.
True
T/F Many jurisdictions require audits by law.
True
T/F Resources are protected objects in a computing system, such as files, computers, or printers.
True
T/F SOC 3 reports are intended for public consumption.
True
T/F Single loss expectancy (SLE) means the expected loss for a single threat occurrence. The formula to calculate SLE is SLE= Resource Value × EF.
True
T/F Synchronous token means a device used as a logon authenticator for remote users of a network.
True
T/F The International Information Systems Security Certification Consortium (ISC)2, has two certifications: Systems Security Certified Practitioner (SSCP®) and Certified Information Systems Security Professional (CISSP®). CISSP candidates must pass a difficult and comprehensive exam and have at least 5 years of professional information security experience.
True
T/F The term Bring Your Own Device (BYOD) refers to an organizational policy of allowing or even encouraging employees, contractors, and others to connect their own personal equipment to the corporate network; this offers cost savings and other benefits but also presents security risks.
True
T/F The term clipping level refers to a value used in security monitoring that tells controls to ignore activity that falls below a stated value.
True
The weakest link in the security of an IT infrastructure is the user
True
The regulating agency for the Family Educational Rights and Privacy Act is the ________.
U.S. department of eduacation
Malicious software can be hidden in a ________.
URL link PDF file ZIP file all of the above
This device uses public key infrastructure (PKI) technology—for example, a certificate signed by a trusted certification authority—and doesn't provide one-time passwords.
USBtoken
ANSI
Unlike other organizations that specifically focus on engineering or technical aspects of computing and communication, the __________ primarily addresses standards that support software development and computer system operation.
A communication protocol that is connectionless and is popular for exchanging small amounts of data or messages is called ---
User Datagram Protocol (UDP)
Point-to-Point Tunneling Protocol (PPTP)
What name is given to a protocol to implement a VPN connection between two computers?
National Centers of Academic Excellence in Information Assurance Education (CAE/IAE)
What name is given to educational institutions that meet specific federal information assurance educational guidelines?
Network address translation (NAT)
What term is used to describe a method of IP address assignment that uses an alternate, public IP address to hide a system's real IP address?
Wi-Fi Protected Access (WPA)
What term is used to describe the current encryption standard for wireless networks?
True
Whereas MS programs prepare students to perform information security work, MBA programs prepare students to manage and maintain the people and environment of information security.
Architect
Which is Cisco's highest level of certification?
The --- framework defines the scope and content of threelevels of audit reports.
Service Organizaiton Control (SOC)
The ___________ framework defines the scope and contents of three levels of audit reports.
Service Organization Control (SOC)
________ is the basis for unified communications and is the protocol used by real-timeapplications such as IM chat, conferencing, and collaboration.
Session Initiation Protocal (SIP)
--- is the basis for unified communication and is the protocol used by real-time applications such as IM chat, conferencing and collaboration
Session Initiation Protocol (SIP)
Voice an unified communications are --- applications that use 64 byte IP packets
Session Initiation Protocol (SIP)
Voice and unified communications are ________ applications that use 64-byte IP packets.
Session Initiation Protocol (SIP)
________ is the basis for unified communications and is the protocol used by real-time applications such as IM chat, conferencing, and collaboration.
Session Initiation Protocol (SIP)
________ is the basis for unified communications and is the protocol used by real-timeapplications such as IM chat, conferencing, and collaboration.
Session Initiation Protocol (SIP)
Which OSI Reference Model layer creates, maintains, and disconnects communications that take place between processes over the network?
Session Layer
one of the most popular types of attacks on computer systems involves--- . These attack deceive or use people to get around security controls.
Social engineering
What is a Security Information and Event Management (SIEM) system?
Software and devices that assist in collecting, storing, and analyzing the contents of log files.
The process of protecting a resource so that it is used only by those allowed to use it; a particular method used to restrict or allow access to resources.
Which of the following is the definition of access control?
A standard unit of credit that equals 50 minutes of instruction.
Which of the following is the definition of continuing professional education (CPE)?
A network device that connects network segments, echoing all received traffic to all other ports.
Which of the following is the definition of hub?
What term is used to describe the current encryption standard for wireless networks?
Wi- Fi protected access
Biometrics is another --- method for identifying subjects
access control
________refers to an educational institution that has successfully undergone evaluation by an external body to determine whether the institution meets applicable standards.
accredited
A control involved in the process of developing and ensuring compliance with policy and procedures is the definition of ________.
administrative control
What name is given to a method of developing software that is based on small project iterations, or sprints, instead of long project schedules?
agile development
During the late 1980s into the early 1990s, service providers converted the core switches at their central offices from ______________ to digital central office (CO) switches.
analog
The formal process of monitoring and controlling risk focuses on --- new risks.
analyzing
Malware developers often use _____________ to write boot record infectors.
assembly language
How your organization responds to risk reflects the value it puts on its ___________.
assests
How your organization responds to risk reflects the value it puts on its ___________.
assets
The first step in risk analysis is to determine what and where the organizations --- are located
assets
. A common DSL service is ________, where the bandwidth is different for downstream and upstream traffic.
asymmetric digital subscriber line (ADSL)
A common DSL service is ________, where the bandwidth is different for downstream and upstream traffic.
asymmetric digital subscriber line (ADSL)
A common DSL service is ________,where the bandwidth is different for downstream and upstream traffic.
asymmetric digital subscriber line (ADSL)
What term is used to describe a type of cryptography that uses a cipher with two separate keys, one for encryption and one for decryption, so that correspondents do not first have to exchange secret information to communicate securely?
asymmetric key cryptography
An authentication token used to process challenge-response authentication with a server. It takes the server's challenge value and calculates a response. The user enters the response to authenticate a connection.
asynchronous token?
What name is given to a high-speed broadband networking technology that uses a 53-byte cell to support real-time voice, video , or data communications?
asynchronous transfer mode (ATM)
What name is given to a high-speed broadband networking technology that uses a 53-byte cell to support real-time voice, video, or data communications?
asynchronous transfer mode (ATM)
The primary differnece between SOC 2 and SOC 3 reports is thier...
audience
Malicious code attacks all three information security properties. Malware can erase or overwrite files or inflict considerable damage to storage media. This property is ________.
availability
When an attacker discovers a __________, he or she can use it to bypass existing security controls such as passwords, encryption, and so on.
backdoor
What term is used to describe a benchmark used to make sure that a system provides a minimum level of security across multiple applications and across different products?
baseline
In digital communications, the __________ is one error for every 1,000,000 bits sent.
bit error rate
The ________ in analog communications is one error for every 1,000 bits sent.
bit error rate
The ________ in analog communications is one error for every 1,000 bits sent; in digital communications, the __________ is one error for every 1,000,000 bits sent.
bit error rate
The total number of errors divided by the total number of bits transmitted is the definition of __________.
bit error rate
A __________ tries to break IT security and gain access to systems with no authorization, in order to prove technical prowess.
black- hat -hacker
A method of security testing that isn't based directly on knowledge of a programs architecture is the definition of ...
black-box testing
A __________ tries to break IT security and gain access to systems with no authorization, in order to prove technical prowess.
black-hat hacker
_______________ is another symmetric algorithm that organizations currently use. It is a 64-bit block cipher that has a variable key length from 32 to 448 bits. It is much faster than DES or IDEA and is a strong algorithm that has been included in more than 150 products, as well as v2.5.47 of the Linux kernel. Its author, Bruce Schneier, placed it in the public domain.
blowfish
_____________ are the main source of distributed denial of service (DDoS) attacks and spam.
botnets
Without any knowledge of the key, an attacker with access to an encrypted message and the decryption cipher could try every possible key to decode the message. This is referred to as ________.
brute-force attack
It is necessary to create and/or maintain a plan that makes sure your company continues to operate in the face of disaster. This is known as a ________.
buisness continuity plan
It is necessary to create and/or maintain a plan that makes sure your company continues to operate in the face of disaster. This is known as a ________.
business continuity plan
The output of a one-way algorithm; a mathematically derived numerical representation of some input.
check-sum
What name is given to a software-based application like WebEx that supports audio conferencing and sharing of documents (text, spreadsheets, presentations, etc.) for real-time discussions with team members or colleagues?
collaboration
Information security activities directly support several common businessdrivers, including ________ and efforts to protect intellectual property.
compliance
What do the letters of the C - I - A triad stand for?
confidential , integrety, availabilty
What term is used to describe guarding information from everyone except those who have rights to it?
confidentiality
The Bell-La Padula access control model focuses primarily on ---
confidentiality of data and control of access to classified information
Security audits help ensure that your rules and __________ are up to date, documented, and subject to change control procedures.
configurations
Information regulated under the GRamm Leach Bliey Act is
consumer financial information
What name is given to educational institueitons that meet specifif federal information assurance educational guidelines
continuing education centers
As your organization evolves and as threats mature, it is important to make sure your ... stil meets the risks you face today
controls
As your organization evolves and as threats mature, it is important to make sure your __________ still meet(s) the risks you face today.
controls
Information regulated under the sarbanes oxley act is
corporate financial information
Forensics and incident response are examples of ___________ controls.
corrective
A measure installed to counter or address a specific threat is the definition of ________.
countermeasure
A _________ has a hostile intent, possesses sophisticated skills, and may be interested in financial gain. They represent the greatest threat to networks and information resources.
cracker
The goal and objective of a --- is to provide a consistent definition for how an organization should handle and secure different types of data
data classification standard
The goal and objective of a __________ is to provide a consistent definition for how an organization should handle and secure different types of data.
data classification standard
The recover point objective (RPO) identifies the amount of ---- that is acceptable
data loss
The recovery point objective (RPO) identifies the amount of _________ that is acceptable.
data loss
A system that puts access control into the hands of people such as department managers who are closest to system users; there is no one centralized entity to process access requests in this system.
decentralized access control
What name is given to an exterior network that acts as a buffer zone between the public internet and the organizations IT?
demilitarized zone
What name is given to an attack that uses ping or ICMP echo-request, echo-reply messages to bring down the availability of a server or system?
denial of service
What name is given to an attack that uses ping or ICMP echo-request, echo-reply messages to bring down the availability of a server or system?
denial of service (DoS)
What name is given to a high-speed broadband networking technology that uses a 53-byte cell to support real-time voice, video, or data communications?
dense wavelength division multiplexing (DWDM)
What name is given to an object that uses asymmetric encryption to bind a message or data to a specific entity
digital signature
--- is rapidly becoming an increasingly important aspect of enterprisecomputing
disaster recovery
A ___________ defines how a business gets back on its feet after a major disaster like a fire or hurricane.
disaster recovery plan (DRP)
What name is given to patient health information that is computerbased?
electronic protected health information
The name given to a group that is responsible for protecting sensitive data in the event of a natural disaster or equipment failure, among other potential emergencies, is ...
emergency operations group
The name given to a group that is responsible for protecting sensitive data in the event of a natural disaster or equipment failure, among other potential emergencies, is ________.
emergency operations group
The act of transforming clear text data into undecipherable cipher text is the definition of __________.
encryption
A professional certification states that you have taken the course and completed the tasks and assignments.
false
Annual loss expectancy (ALE) means the process of identifying, assessing, prioritizing, and addressing risks.
false
GLBA distinguishes between customers and consumers for its notice requirements. A customer is any person who gets a consumer financial product or service from a financial institution.
false
In an asymmetric key system, where everyone shares the same secret, compromising one copy of the key compromises all copies.
false
In general, security training programs are identical to security education programs with respect to their focus on skills and in their duration.
false
One of the OSI Reference Model layers,the Transport Layer, is responsible for maintaining communication sessions between computers.
false
SOX doesn't apply to publicly traded companies
false
Security controls do not need to be implemented to secure VoIP and SIP on LANs andWANs.
false
The National Institute of Standards and Technology (NIST) is the main United Nations agency responsible for managing and promoting information and technology issues.
false
The goal of risk amangement is to eliminate risk.
false
The most difficult and slowest option for IT security training is studying materials yourself.
false
The standard bachelor's designation is a four-year diploma program.
false
The term certificate authority refers to a trusted repository of all public keys.
false
War dialers are becoming more frequently used given the rise of digital telephony and now IP telephony or Voice over IP (VoIP).
false
Wiretapping is an application incorporating known software vulnerabilities, data, and scripted commands to exploit a weakness in a computer system or IP host device.
false
Incorrectly identifying abnormal activity as normal
false negative
internet control message protocol is a method of IP address assignment that uses an alternate, public IP address to hide a systems real IP address
fasle
A ________ is a virus that attacks and modifies executable programs (like COM, EXE, SYS, and DLL files).
file infector
A _____________ contains rules that define the types of traffic that can come and go through a network.
firewall
A program or dedicated hardware device that inspects network traffic passing though it
firewall
A stateful inspection firewall compares received traffic with a set of rules that define which traffic it will permit to pass through the firewall.
flase
What term is used to describe a packet- based WAN service capable of supporting one-to-many and many-to-many WAN connections?
frame relay
What term is used to describe a packet-based WAN service capable of supporting one-to-many and many-to-many WAN connections?
frame relay
What is security testing that is based on limited knowledge of an application's design?
gray-box testing
The state of a computer or device in which you have turned off or disabled unnecessary services and protected the ones that are still running.
hardend configuration
Among common recovery location options, this is one that can take over operations quickly. It has all the equipment and data already staged at the location, though you may need to refresh or update the data.
hot site
For all the technical solutions you can devise to secure your systems, the --- remains your greatest challenge.
human element
For all the technical solutions you can devise to secure your systems, the __________ remains your greatest challenge.
human element
Whether software or hardwarebased, a ____________ captures keystrokes, or user entries, and then forwards that information to the attacker.
keystroke logger
A ___________ is a program that executes a malicious function of some kind when it detects certain conditions.
logic bomb
A program that executes a malicious function of some kind when it detects certain conditions.
logic bomb
A mechanism that limits access to computer systems and network resources is ________,
logical access control
You can use quantitative risk analysis for all risks on the risk register;however, the amount of effort required may be overkill for _____________ risks.
low probability low impact
What term is used to describe an attack in which the attacker gets between two parties and intercepts messages before transferring them on to their intended destination?
man-in-the-middle attack
The ________ is aregulation that covered entities may disclose only the amount of protected health information absolutely necessary to carry out a particular function.
minimum necessary rule
Medical practices and hospitals realized early on that ________ provide(s) the ability toprovide access to the necessary information without having to invest in many computersand network infrastructure
mobile devices
When you accept a __________, you take no further steps to resolve.
negative risk
A network utility program that reads from and writes to network connections.
netcat
A method to restrict access to a network based on identity or other rules is the definition of ________.
network access control
A method to restrict access to a network based on identity or other rules is the definition of ________.
network access control (NAC)
_______________ enables you to prevent a party from denying a previous statement or action.
non-repudiation
Cryptography accomplishes four security goals: confidentiality, integrity, authentication, and ________________.
nonrepudiation
If knowing about an audit changes user behavior, an audit will
not be accurate
If knowing about an audit changes user behavior, anaudit will ____________.
not be accurate
A(n) ___________ fingerprint scanner is a software program that allows an attackerto send logon packets to an IP host device.
operating system (OS)
What term is used to describe a reconnaissance technique that enables an attacker to use port mapping to learn which operating system and version arerunning on a computer?
operating system fingerprinting
a reconnaissance technique that enables an attacker to use port mapping to learn which operating system and version are running on a computer?
operating system fingerprinting
A protocol analyzer or --- is a software program that enables a computer to monitor and capture network traffic
packet sniffer
A protocol analyzer or ____________ is a software program that enablesa computer to monitor and capture network traffic.
packet sniffer
A firewall that examines each packet it receives and compares the packet to a list of rules configured by the network administrator.
packet-filtering firewall
a ---- is an authentication credential that is generally longer and more complex than a password
passphrase
A ___________ is a software program that performs one of two functions: brute-force password attack to gain unauthorized access to a system,or recovery of passwords stored in a computer system.
password cracker
An intrusion detection system that uses pattern matching and stateful matching to compare current traffic with activity patterns (signatures) of known network intruders.
pattern-based IDS
its essential to match your organizations required ... with its security structure
permission level
An attack that seeks to obtain personal or private financial information through domain spoofing
pharming
A ____________ tricks users into providing logon information on what appears to be a legitimate Web site but is in fact a Web site set up by an attacker to obtain this information.
phishing attack
A ________ is one of the simplest substitution ciphers. It shifts each letter in the English alphabet a fixed number of positions, with Z wrapping back to A. A. Caesar cipher B. Vigenère cipher C. transposition cipher D. product cipher
...
A risk-analysis method that uses relative ranking to provide further definition of the identified risks in order to determine responses to them.
...
A security awareness program includes
...
A(n) ________ is an intent and method to exploit a vulnerability. A. impact B. incident C. threat source D. safeguard
...
A___________ primarily addresses the processes, resources, equipment,and devices needed to continue conducting critical business activities when an interruption occurs that affects the business's viability.
...
What is meant by risk register?
A list of identified risks that results from the risk-identification process
What is meant by risk register?
A list of identified risks that results from the risk-identification process.
two
A master's degree program goes beyond the level of a bachelor's degree program and generally consists of ___________ year(s) of study beyond a bachelor's degree.
A parallel test evaluates the effectiveness of the ________ by enabling full processing capability at an alternate data center without interrupting the primary data center.
DRP
This defines how a business gets back on its feet after a major disaster like a hurricane
Disaster Recovery Pla (DRP)
____ is type of attack in which the attacker takes control of a session between two machines and masquerades as one of them.
Hijacking
True
The ANSI produces standards that affect nearly all aspects of IT.
Integrity
Only authorized users can change information.
Which OSI Reference Model layer is responsible for the coding of data?
Presentation layer
What is the difference between a BCP and a DRP?
...
Certain security objectives add value to information systems. _________ provides an exact time when a producer creates or sends information. A. Ownership B. Timestamping C. Revocation D. Message authentication
...
Malicious software can be hidden in a
...
Network ________ is gathering information about a network for use in a future attack. A. reconnaissance B. eavesdropping C. denial of service D. surveying
...
One of the best ways to avoid wasting your organization's resources is to ensure that you follow the ________ review cycle. A. audit B. security C. benchmark D. monitoring
...
The most scrutinized cipher in history is the ________. A. Data Encryption Standard (DES) B. keyword mixed alphabet cipher C. transposition cipher D. Vigenère cipher
...
The requirement to keep information private or secret is the definition of
...
Port Scanner
A tool that scans IP host devices for open ports that are enabled.
What is meant by rootkit?
A type of malware that modifies or replaces one or more existing programs to hide the fact that a computer has been compromised.
What name is given to a document that verifies that a student has completed courses and earned a sufficient score on an assessment?
Certificate of completion
The regulating agency for the Gramm Leach Bliley act is the
FTC
Availability
Information is accessible to authorized users any time they request that information.
True
Information technology, perhaps the best-known ISO standard is the Open Systems Interconnection (OSI) Reference Model. This internationally accepted framework of standards governs how separate computer systems communicate using networks.
Generically, this is data that can be used to individually identify a person, including Social Security number, driver's license number, financial account data, and health data.
Personally identifiable information
Which OSI Reference Model layer must translate the binary ones and zeros of computer language into the language of the transport medium?
Physical Layer
What name is given to a protocol to implement a VPN connection between two computers?
Point to Point tunneling protocol
_________ was developed for organizations such as insurance and medical claims processors, telecommunication service providers, managed services providers, and credit card transaction processing companies.
SAS 70
_________ was developed for organizations such as insurance and medicalclaims processors, telecommunication service providers, managed services providers, and credit card transaction processing companies.
SAS 70
A process that creates the first secure communications session between a client and a server is the definition of ________.
SSL handshake
Which of the following is the definition of business drivers?
The collection of components, including people, information, and conditions, that support business objectives.
professional development
The four main areas in NIST SP 800-50 are awareness, training, education, and __________________.
What is ment by application convergence?
The integration of applications to enhance productivity
What is meant by application convergence?
The integration of applications to enhance productivity. Unified communications is an example of application convergence. Unified communications integrates recorded voice messages into e-mail so that voice messages are retrievable via e-mail.
What is meant by application convergence?
The integration of applications to enhance productivity. Unified communications is an example of application convergence. Unified communications integratesrecorded voice messages into e-mail so that voice messages are retrievable via e-mail.
Which of the following defines network mapping?
Using tools to determine the layout and services running on an organization's systems and networks.
A ________ is oneof the simplest substitution ciphers. It shifts each letter in the English alphabet a fixed number of positions, with Z wrapping back to A.
Vigenere cipher
Audio conferencing is a software-based, real-time audio conference solution for ________ callers.
VoIP
The ________ is an organization formed in 1994 to develop and publish standards for the World Wide Web.
W3C
Malicious code attacks all three information security properties.Malware can modify database records either immediately or over a period of time. This property is ________.
integrety
Malicious code attacks all three information security properties.Malware can modify database records either immediately or over a period of time. This property is ________.
integrity