Ch 1-4

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

What is the best example of an authorization control?

Access control lists

Brian notices an attack taking place on his network. When he digs deeper, he realizes that the attacker has a physical presence on the local network and is forging Media Access Control (MAX) addresses. Which type of attack is most likely taking place?

Address Resolution Protocol (ARP) poisoning

The CVE listing is a database of:

known software vulnerabilities and exposures as well as how to mitigate them with software patches and updates.

Which security control is most helpful in protecting against eavesdropping on wireless LAN (WLAN) data transmissions that would jeopardize confidentiality?

Applying strong encryption

During what phase of a remote access connection does the end user prove their claim of identity?

Authentication

Which password attack is typically used specifically against password files that contain cryptographic hashes?

Birthday attacks

Tom is the IT manager for an organization that experienced a server failure that affected a server failure that affected a single business function. What type of plan should guide the organization's recovery effort?

Business continuity plan (BCP)

What is NOT a common endpoint for a virtual private network (VPN) connection used for remote network access?

Content filter

Which item in a Bring Your Own Device (BYOD) policy helps resolve intellectual property issues that may arise as the result of business use of personal devices?

Data ownership

Which technology can be used to protect the privacy rights of individuals and simultaneously allow organizations to analyze data in aggregate?

Deidentification

Which one of the following is an example of a disclosure threat?

Espionage

Barry discovers that an attacker is running an access point in a building adjacent to his company. The access point is broadcasting the security set identifier (SSID) of an open network owned by the coffee shop in his lobby. Which type of attack is likely taking place?

Evil twin

A security policy is a comparison of the security controls you have in place and the controls you need in order to address all identified threats.

False

Cryptography is the process of transforming data from cleartext into ciphertext

False

The weakest link in the security of an IT infrastructure is the server.

False, user.

Which compliance obligation includes security requirements that apply specifically to federal government agencies in the US?

Federal Information Security Management Act (FISMA)

What program is used to transfer files using the File Transfer Protocol (FTP) to and from the vWorkstation?

FileZilla

What control is not designed to combat malware?

Firewalls

What is an example of a business-to-consumer (B2C) application of the Internet of Things (IoT)?

Health monitoring

Rachel is investigating an information security incident that took place at the high school where she works. She suspects that students may have broken into the student records system and altered their grades. If correct, which one of the tenets of information security did this attack violate?

Integrity

Which organization pursues standards for Internet of Things (IoT) devices and is widely recognized as the authority for creating standards on the Internet?

Internet Engineering Task Force (IETF)

Which Internet of Things (IoT) challenge involves the difficulty of developing and implementing protocols that allow devices to communicate in a standard fashion?

Interoperability

Which network device is capable of blocking network connections that are identified as potentially malicious/

Intrusion protection system (IPS)

Which type of denial of service attack exploits the existence of software flaws to disrupt a service?

Logic attack

What measures the average amount of time that it takes to repair a system, application, or component?

Mean time to repair (MTTR)

During the vulnerability assessment, any known vulnerabilities or bugs will be flagged and identified by:

Nessus

The _____ report summary includes both a bar chart and a pie chart showing the distribution of vulnerability findings for each host.

Nessus

Which of the following interfaces enables you to scan several IP addresses at once or type in an IP address to create a simple scan of any machine?

Nessus

Which program performs remote scans and audits of UNIX, Windows, and network infrastructures and can perform a network discovery of devices, operating systems, applications databases, and services running on those devices?

Nessus

What program allows analysts to view and analyze network packet traces?

NetWitness Investigator

What is not a commonly used endpoint security technique?

Network firewall

Which of the following work together to complete the scanning and vulnerability assessment phase of the ethical hacking process?

Nmap (Zenmap) and Nessus

What level of technology infrastructure should you expect to find in a cold site alternative data center facility?

No technology infrastructure

Maria's company recently experienced a major system outage due to the failure of a critical component. During that time period, the company did not register any sales through its online site. Which type of loss did the company experience as a result of lost sales?

Opportunity cost

Holly would like to run an annual major disaster recovery test that is as thorough and realistic as possible. She also wants to ensure that there is no disruption of activity at the primary site. What option is best in this scenario?

Parallel test

Tony is working with a law enforcement agency to place a wiretap pursuant to a legitimate court order. The wiretap will monitor communications without making any modifications. What type of wiretap is Tony placing?

Passive wiretap

Which element of the security policy framework requires approval from upper management and applies to the entire organization?

Policy

Chris is writing a document that provides step-by-step instructions for end users seeking to update the security software on their computers. Performing these updates is mandatory. Which type of document is Chris writing?

Procedure

Which of the following allows Wireshark to capture packets destined to any host on the same subnet of virtual LAN (VLAN)?

Promiscuous mode

During which phase of a hacker's five-step approach does the hacker scan a network to identify IP hosts, open ports, and services enabled on servers and workstations?

Reconnaissance

Alan is developing a business impact assessment for his organization. He is working with business units to determine the maximum allowable time to recover a particular function. What value is Alan determining?

Recovery time objective (RTO)

Which formula is typically used to describe the components of information security risks?

Risk = Threat X Vulnerability

Earl is preparing a risk register for his organization's risk management program. Which data element is LEAST likely to be included in a risk register?

Risk survey results

A successful _____ assessment of a network is all about using the right tools to map the network and identify any vulnerabilities that can be the opening for a future attack.

Scanning and vulnerability

In which type of attack does the attacker attempt to take over an existing connection between two systems?

Session hijacking

As a follow-up to her annual testing, Holly would like to conduct quarterly disaster recovery tests that introduce as much realism as possible but do not require the use of technology resources. What type of test should Holly conduct?

Simulation test

Kaira's company recently switched to a new calendaring system provided by a vendor. Kaira and other users connect to the system, hosted at the vendor's site, using a web browser. Which service delivery model is Kaira's company using?

Software as a Service (SAAS)

Who is responsible for hosting the CVE database listing website, under contract with the Department of Homeland Security and the US National Cyber Security Division?

The Mitre Corporation

To be effective, hackers and cybercriminals...

only need to know one vulnerability, or how to use one automated tool that attacks that vulnerability

Which term describes any action that could damage an asset?

Threat

A DOS attack is a coordinated attempt to deny service by occupying a computer to perform large amounts of unnecessary tasks.

True

Access control lists (ACLs) are used to permit and deny traffic in an IP router.

True

An alteration threat violates information integrity.

True

For businesses and organizations under recent compliance laws, data classification standards typically include private, confidential, internal use only and public domain categories.

True

Metadata of Internet of Things (IoT) devices can be sold to companies seeking demographic marketing data about users and their spending habits.

True

Rootkits are malicious software programs designed to be hidden from normal methods of detection.

True

The business impact analysis (BIA) identifies the resources for which a business continuity plan (BCP) is necessary.

True

The recovery point objective (RPO) is the maximum amount of data loss that is acceptable.

True

Florian recently purchased a set of domain names that are similar to those of legitimate websites and used the newly purchased sites to host malware. Which type of attack is Florian using?

Typosquatting

Dawn is selecting an alternative processing facility for her organization's primary data center. She would like to have a facility that balances cost and switchover time. What would be the best option in this situation?

Warm site

You can limit the breadth and scope of a vulnerability scan by:

using a text file, which lists only the hosts you want to scan

Most Linux interactions take place:

from the command line

What is a protocol analyzer tool (sometimes called a "packet sniffer") that is used to capture IP traffic from a variety of sources?

Wireshark

Ethical hackers must obtain _____ prior to performing a scanning and vulnerability assessment on a live production network

Written authorization from the client

Which of the following is a graphical interface for Nmap that is typically used during the scanning phase of the ethical hacking process?

Zenmap

Which of the following is used to perform a scan of the network and create a network topology chart?

Zenmap

Conducting a vulnerability scan on entire subnets:

is time consuming and noisy (making them easily detected)


Kaugnay na mga set ng pag-aaral

NUR 117 Pharmacology Test 2 study set

View Set

Week 4 Child w/ Neurolgical Disorder

View Set

Chapter 40: Fluid, Electrolyte, and Acid-Base

View Set

Business Law for Accountants - C241 100118

View Set

Chapter 16: Electrochemistry (TEST 3)

View Set