CIS 2337 Final Fill in the Blank and Questions
Which of the following is a joint set of security processes and standards used by approved laboratories to award an Evaluation Assurance Level (EAL) from EAL1 to EAL7? A) Common Criteria B) FIPS C) ISO 17700 D) IEEE X.509
A) Common Criteria
XKMS allows certificates to be all of the following except: A) Created B) Registered C) Managed D) Revoked
A) Created
Transport Layer Security consists of which two protocols? A) The TLS Record Protocol and TLS Handshake Protocol B) The TLS Record Protocol and TLS Certificate Protocol C) The TLS Certificate Protocol and TLS Handshake Protocol D) The TLS Key Protocol and TLS Handshake Protocol
A) The TLS Record Protocol and TLS Handshake Protocol
Once an organization's security policies have been established, what is the single most effective method of countering potential social engineering attacks? A. An active security awareness program B. A separate physical access control mechanism for each department in the organization C. Frequent testing of both the organization's physical security procedures and employee telephone practices D. Implementing access control cards and the wearing of security identification badges
A. An active security awareness program
The process of going through a target's trash in hopes of finding valuable information that might be used in a penetration attempt is known as what? A. Dumpster diving B. Trash trolling C. Garbage gathering D. Refuse rolling
A. Dumpster diving
Which of the following individuals have the ability to not only write scripts that exploit vulnerabilities but also discover new vulnerabilities? A. Elite hackers B. Script kiddies C. Hacktivists D. Insiders
A. Elite Hackers
The concept of blocking an action unless it is specifically authorized is: A. Implicit deny B. Least privilege C. Simple Security Rule D. Hierarchical defense model
A. Implicit deny
Hiding information to prevent disclosure is an example of: A. Security through obscurity B. Certificate-based security C. Discretionary data security D. Defense in depth
A. Security through obscurity
The security principle used in the Bell-LaPadula security model that states that no subject can read from an object with a higher security classification is the: A. Simple Security Rule B. Ring policy C. Mandatory access control D. *-property
A. Simple Security Rule
In which of the following is an attacker looking for any organization vulnerable to a specific exploit rather than attempting to gain access to a specific organization? A. Target of opportunity attack B. Targeted attack C. Vulnerability scan attack D. Information warfare attack
A. Target of Opportunity Attack
What is the most common problem/threat an organization faces? A. Viruses/worms B. Script kiddies C. Hackers D. Hacktivists
A. Viruses/Worms
Actors who deliberately access computer systems and networks without authorization are called _______________ .
Hackers
The act of deliberately accessing computer systems and networks without authorization is generally referred to as _______________.
Hacking
A hacker whose activities are motivated by a personal cause or position is known as a ________________.
Hackitivist
A physical device that safeguards cryptographic keys is called a ____________________.
Hardware security module
A(n) _______________ is characterized by a much longer period of preparation (years is not uncommon), tremendous financial backing, and a large and organized group of attackers.
Highly Structured Threat
_______ is a protocol used to secure IP packets during transmission across a network. It offers authentication, integrity, and confidentiality services. It uses Authentication Headers (AHs) and Encapsulating Security Payload (ESP) to accomplish this functionality.
IPsec
If a message has a hash, how does the hash protect the message in transit?
If the message is edited, the hash will no longer match.
_______________ is conducted against the information and information processing equipment used by an adversary.
Information Warfare
The ________ is a protocol framework that defines the mechanics of implementing a key exchange protocol and negotiation of a security policy.
Internet Security Association and Key Management Protocol (ISAKMP)
What is the biggest drawback to symmetric encryption?
It requires a key to be securely shared.
How is 3DES an improvement over normal DES?
It uses three keys and multiple encryption and/or decryption sets.
How is 3DES different from many other types of encryption listed here?
It uses three keys and multiple encryption and/or decryption sets.
________ is required for symmetric encryption.
Key management
_____ refers to every possible value for a cryptographic key.
Keyspace
The architecture in which multiple methods of security defense are applied to prevent realization of threat-based risks is called _______________.
Layered Security
The principle that states a subject has only the necessary rights and privileges to perform its task, with no additional permissions, is called _______________.
Least Privilege
What is the best kind of key to have?
Long and random
Processing through an algorithm more than once with different keys is called
Multiple encryption
_______________ is a term used to describe the condition where a user cannot deny that an event has occurred.
Nonrepudiation
The ________________ is a method of determining whether a certificate has been revoked that does not require local machine storage of CRLs.
Online Certificate Status Protocol
What algorithm can be used to provide for key stretching?
PBKDF2
Which of the following is a type of social engineering attack in which an attacker attempts to obtain sensitive information from a user by masquerading as a trusted entity in an e-mail? A. Spam B. Spim C. Phishing D. Vishing
Phishing
_______________ is the simple tactic of following closely behind a person who has just used their access card or PIN to gain physical access to a room or building.
Piggybacking
________ is a popular encryption program that has the ability to encrypt and digitally sign email and files.
Pretty Good Privacy (PGP)
_______________ is the principle that protection mechanisms should minimize user-level impact.
Psychological Acceptability
Infrastructure for binding a public key to a known user through a trusted intermediary, typically a certificate authority, is called the ________.
Public Key Infrastructure (PKI)
In _______________, the attacker hopes to convince the target to initiate contact.
Reverse social Engineering
A(n) _______________ is an individual who does not have the technical expertise to develop scripts or discover new vulnerabilities in software but who has just enough understanding of computer systems to be able to download and run scripts that others have developed.
Script Kiddies
An encryption capability designed to encrypt above the transport layer, enabling secure sessions between hosts, is called ______.
Secure Sockets Layer (SSL)
The basis for symmetric cryptography is the principle of a
Shared secret
A simple way to hide information, the ______ moves letters a set number of places down the alphabet.
Shift cipher
_______________ is a procedure in which attackers position themselves in such a way as to be able to observe an authorized user entering the correct access code.
Shoulder-surfing
The security principle used in the Bell-LaPadula security model that states that no subject can read from an object with a higher security classification is called the _______________.
Simple Security Rule
A(n) _______________ is characterized by a greater amount of planning, a longer period of time to conduct the activity, more financial backing to accomplish it, and the possible corruption of, or collusion with, insiders.
Structured Threat
What is Diffie-Hellman most commonly used for?
Symmetric encryption key exchange
Actionable information about malicious actors as well as their tools, infrastructure, and methods is called _______________.
Threat Intelligence
When a message is sent, no matter what its format, why do we care about its integrity?
To show that the message has not been edited in transit
A(n) _______________ generally is short-term in nature, does not involve a large group of individuals, does not have large financial backing, and does not include collusion with insiders.
Unstructured Threat
_______________ is a variation of _______________ that uses voice communication technology to obtain the information the attacker is seeking.
Vishing & phishing
A protocol for transmitting data to small handheld devices like cell phones is the ________.
Wireless Application Protocol (WAP)
The encryption protocol that is used on Wireless Application Protocol (WAP) networks is called _______.
Wireless Transport Layer Security (WTLS)
_______ is a format that has been adopted to standardize digital certificates.
X.509
______ is the function most commonly seen in cryptography, a "bitwise exclusive" or.
XOR The measure of randomness in a data stream is called Entropy
What is public key cryptography a more common name for?
Asymmetric encryption
______________ is the process used to ensure that an individual is who they claim to be.
Authentication
A relationship where two or more entities define how they will communicate securely is known as what? A) A three-way handshake B) A security association C) A three-way agreement D) A security agreement
B) A security association
Which of the following provides a method for implementing a key exchange protocol? A) EISA B) ISAKMP C) ISA D) ISAKEY
B) ISAKMP
Which of the following is a detailed standard for creating and implementing security policies? A) PKIX B) ISO/IEC 27002 C) FIPS D) X.509
B) ISO/IEC 27002
Which security model separates users based on conflict-of-interest issues? A. Bell-LaPadula B. Brewer-Nash C. Biba D. Clark-Wilson
B. Brewer-Nash
The CIA of security includes: A. Confidentiality, integrity, authentication B. Confidentiality, integrity, availability C. Certificates, integrity, availability D. Confidentiality, inspection, authentication
B. Confidentiality, integrity, availability
The problem with the Low-Water-Mark policy is that it: A. Is aimed at ensuring confidentiality and not integrity B. Could ultimately result in all subjects having the integrity level of the least-trusted object on the system C. Could result in the unauthorized modification of data D. Does not adequately prevent users from viewing files they are not entitled to view
B. Could ultimately result in all subjects having the integrity level of the least-trusted object on the system
An attacker who feels that using animals to make fur coats is unethical and thus defaces the web site of a company that sells fur coats is an example of: A. Information warfare B. Hacktivisim C. Cyber crusading D. Elite hacking
B. Hacktivism
The rise of which of the following has greatly increased the number of individuals who probe organizations looking for vulnerabilities to exploit? A. Virus writers B. Script kiddies C. Hackers D. Elite hackers
B. Script Kiddies
Which of the following types of attacks utilizes instant messaging services? A. Spam B. Spim C. Phishing D. Vishing
B. Spim
The password dilemma refers to the fact that: A.Passwords that are easy for users to remember are also easy for attackers to guess. B.The more difficult we make it for attackers to guess our passwords, and the more frequently we force password changes, the more difficult the passwords are for authorized users to remember and the more likely they are to write them down. C.Users will invariably attempt to select passwords that are words they can remember. This means they may select things closely associated with them, such as their spouse's or child's name, a beloved sports team, or a favorite model of car. D.Passwords assigned by administrators are usually better and more secure, but are often harder for users to remember.
B. The more difficult we make it for attackers to guess our passwords, and the more frequently we force password changes, the more difficult the passwords are for authorized users to remember and the more likely they are to write them down.
Which of the following is a reason for not allowing users to install new hardware or software without the knowledge of security administrators? A. They might not complete the installation correctly, and the administrator will have to do more work, taking them away from more important security tasks. B. They might inadvertently install more than just the hardware or software, they could accidentally install a backdoor into the network. C. They may not have paid for it and thus could be exposing the organization to civil penalties. D. Unauthorized hardware and software are usually for leisure purposes and will distract employees from the job they were hired to perform.
B. They might inadvertently install more than just the hardware or software they could accidentally install a backdoor into the network.
A _______________ is an avenue that can be used to access a system while circumventing normal security mechanisms.
Backdoor
Which of the following is used to grant permissions using rule-based, role-based, and rank-based access controls? A) A Qualified Certificate B) A Control Certificate C) An Attribute Certificate D) An Optional Certificate
C) An Attribute Certificate
What is the purpose of XKMS? A) Extends session associations over many transport protocols B) Encapsulates session associations over TCP/IP C) Defines services to manage heterogeneous PKI operations via XML D) Designed to replace SSL
C) Defines services to manage heterogeneous PKI operations via XML
Which threats are characterized by possibly long periods of preparation (years is not uncommon), tremendous financial backing, a large and organized group of attackers, and attempts to subvert insiders or to plant individuals inside a potential target in advance of a planned attack? A. Unstructured threats B. Structured threats C. Highly structured threats D. Nation-state information warfare threats
C. Highly Structured
Warfare conducted against the information and information processing equipment used by an adversary is known as: A. Hacking B. Cyberterrorism C. Information warfare D. Network warfare
C. Information Warfare
The simple tactic of following closely behind a person who has just used their own access card or PIN to gain physical access to a room or building is called what? A. Shoulder surfing B. Tagging-along C. Piggybacking D. Access drafting
C. Piggybacking
Which of the following is not a principle of security? A. Principle of least privilege B. Principle of economy of mechanism C. Principle of efficient access D. Principle of open access
C. Principle of efficient access
The term used to describe the requirement that different portions of a critical process must be performed by different people is: A. Least privilege B. Defense in depth C. Separation of duties D. Job rotation
C. Separation of duties
The Bell-LaPadula security model is an example of a security model that is based on: A. The integrity of the data B. The availability of the data C. The confidentiality of the data D. The authenticity of the data
C. The confidentiality of the data
The _________________ is the trusted authority for certifying individuals' identities and creating an electronic document indicating that individuals are who they say they are.
Certificate Authority
A(n) ________ is an entity that is responsible for issuing and revoking certificates. This term is also applied to server software that provides these services.
Certificate Authority (CA)
A digitally signed object that lists all of the current but revoked certificates issued by a given certificate authority is called the ________. It allows users to verify whether a certificate is currently valid even if the expiration date hasn't passed.
Certificate Revocation List (CRL)
A _____________________ is the actual service that issues certificates based on the data provided during the initial registration process.
Certificate server
A ___________________ is the actual request to a CA containing a public key and the requisite information needed to generate a certificate.
Certificate signing request
The _______________ is an integrity-based security model that bases its security on control of the processes that are allowed to modify critical data, referred to as constrained data items.
Clark-Wilson security model
A good has function is resistant to what?
Collisions
A(n) _______________ is one whose loss would have a severe detrimental impact on the nation.
Critical Infrastructure
_______ is the evaluation of a crypto-system to test its security.
Cryptanalysis
Transport Layer Security for HTTP uses what port to communicate? A) 53 B) 80 C) 143 D) 443
D) 443
Which of the following is a secure e-mail standard? A) POP3 B) IMAP C) SMTP D) S/MIME
D) S/MIME
Which of the following are psychological tools used by social engineers to create false trust with users? A. Impersonation B. Familiarity C. Creating a sense of scarcity or urgency D. All of the above
D. All of the above
Which of the following is considered a good practice for password security? A. Using a combination of upper- and lowercase characters, a number, and a special character in the password itself B. Not writing the password down C. Changing the password on a regular basis D. All of the above
D. All of the above
Reverse social engineering involves: A. Contacting the target, eliciting some sensitive information, and convincing them that nothing out of the ordinary has occurred B. Contacting the target in an attempt to obtain information that can be used in a second attempt with a different individual C. An individual lower in the chain of command convincing somebody at a higher level to divulge information that the attacker is not authorized to have D. An attacker attempting to somehow convince the target to initiate contact in order to avoid questions about authenticity
D. An attacker attempting to somehow convince the target to initiate contact in order to avoid questions about authenticity
For what reason(s) do some security professionals consider insiders more dangerous than outside intruders? A. Employees (insiders) are easily corrupted by criminal and other organizations. B. Insiders have the access and knowledge necessary to cause immediate damage to the organization. C. Insiders have knowledge of the security systems in place and are better able to avoid detection. D. Both B and C
D. Both B and C
Which of the following concepts requires users and system processes to use the minimal amount of permission necessary to function? A. Layer defense B. Diversified defense C. Simple Security Rule D. Least privilege
D. Least privilege
_______________ is the process of combining seemingly unimportant information with other pieces of information to divulge potentially sensitive information.
Data aggregation Implicit deny is an operationalization of the principle of _______________. Fail-Safe Defaults
The process of going through a target's trash searching for information that can be used in an attack, or to gain knowledge about a system or network, is known as _______________.
Dumpster diving
_______________ is the principle in security where protection mechanisms should be kept as simple and as small as possible.
Economy of mechanisms
A(n) _______________ is a highly technically competent individual who conducts intrusive activity on the Internet and is capable of not only exploiting known vulnerabilities but also finding new vulnerabilities.
Elite Hacker
To provide for perfect forward security, one should use
Ephemeral Keys
Social engineers will use psychological tools to mislead users into trusting them. Examples of these techniques include _____________, ____________, and __________.
authority, familiarity, impersonation
Criminal organizations would normally be classified as what type of threat? A. Unstructured B. Unstructured but hostile C. Structured D. Highly structured
c. Structured
Making two inputs result in the exact same cryptographic hash is called a_____.
collision attack