CIS471 Final

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

right behind your first Internet firewall

A DMZ is located: right in front of your first Internet firewall right behind your first Internet firewall right behind your first network active firewall right behind your first network passive Internet http firewall

An area between a friendly and unfriendly network

A demilitarized zone is: An area between a friendly and unfriendly network Is a synonym for the work firewall An area behind your edge router not accessible from the Internet An area behind your firewall, accessible from the Internet

Spike

A momentary high voltage is a: Blackout Spike Surge Fault

a. Vulnerability

A weakness or lack of a safeguard, which may be exploited by a threat, causing harm to the information systems or networks is called a: a. Vulnerability b. Risk c. Threat d. Overflow

Identified

All risks must be: Transferred Eliminated Identified Insured

d. Role-based policy

An access control policy for a bank teller is an example of the implementation of which of the following? a. Rule-based policy b. Identity-based policy c. User-based policy d. Role-based policy

tunnel

Another name for a VPN is a: tunnel one-time password pipeline bypass

OSI protocol Layer seven, the Application Layer.

Application Layer Firewalls operate at the: OSI protocol Layer seven, the Application Layer OSI protocol Layer six, the Presentation Layer OSI protocol Layer five, the Session Layer OSI protocol Layer four, the Transport Layer

UPS

Electrical systems are the lifeblood of computer operations. The continued supply of clean, steady power is required to maintain the proper personnel environment as well as to sustain data operations. Which of the following is not an element that can threaten power systems? Humidity UPS Brownouts Transients Noise

passwords

Examples of types of physical access controls include all except which of the following? passwords locks guards badges

Application

FTP, TFTP, SNMP, and SMTP are provided at what level of the Open System Interconnect (OSI) Reference Model? Application Network Presentation Transport

confidentiality

Goals of attackers include all of the following except confidentiality disclosure alteration denial

of a defense in depth

Good security is built on the concept: of a pass-through device that only allows certain traffic in and out of a defense in depth of preventative controls of management ownership of information security

Be lead by a Chief Security Officer and report directly to the CEO

In an organization, an Information Technology security function should: Be a function within the information systems function of an organization. Report directly to a specialized business unit such as legal, corporate security or insurance Be lead by a Chief Security Officer and report directly to the CEO Be independent but report to the Information Systems function

type 1 errors

In biometric identification systems, false reject rate is associated with: type 2 errors type 1 and type 2 errors type 3 errors type 1 errors

The confinement property

In the Bell-LaPadula model, the star property is also called: The simple security property The confidentiality property The confinement property The tranquility property

Sandbox

Java follows which security model: Least privilege Sandbox CIA OSI

Internet protocols

Like an Intranet, an extranet is a private network that uses which of the following? Internet packets Internet protocols Internet patents Internet ports

password guessing

Like the Kerberos protocol, SESAME is also subject to which of the following? timeslot replay password guessing symmetric key guessing asymmetric key guessing

files, directories, and print queue

Mandatory Access requires that sensitivity labels be attached to all objects. Which of the following would be designated as objects on a MAC system? files,directories, processes, and sockets devices, processes, I/O pipe, and sockets users, windows, and programs files, directories, and print queue

Files, directories and devices

Mandatory Access requires that sensitivity labels to be attached to all objects. Which of the following would be designated as objects on a MAC system? Files, directories, processes and sockets Devices, processes, I/O pipe, and sockets Users, windows, and programs Files, directories and devices

ever-evolving process

Network security is a(n): Product protocols ever-evolving process quick-fix solution

destruction

Related to information security, availability is the opposite of which of the following? delegation distribution documentation destruction

softening their networks

Security pros are not interested in which of the following? dealing quickly and economically with incidents detecting intrusions softening their networks hardening their networks

Key agreement

The Diffie-Hellman algorithm is used for: Encryption Digital signature Non-repudiation Key agreement

Physical Layer, Data Link Layer, Network Layer, Transport Layer, Session Layer, Presentation Layer, Application Layer

The International Standards Organization / Open Systems Interconnection (ISO/OSI) Layers are in which of the following order (1 to 7) ? Physical Layer, Network Layer, Data Link Layer Transport Layer, Session Layer, Presentation Layer, Application Layer Physical Layer, Data Link Layer, Network Layer, Transport Layer, Session Layer, Presentation Layer, Application Layer Physical Layer, Data Link Layer Transport Layer, Session Layer, Presentation Layer, Network Layer, Application Layer Physical Layer, Data Link Layer, Network Layer, Session Layer, Transport Layer, Presentation Layer, Application Layer

The ISO/OSI Data Link Layer

The Logical Link Control sub-layer is a part of which of the following? The ISO/OSI Data Link Layer The Reference monitor The Transport layer of the TCP/IP stack model Change management control

Asymmetric key

The RSA algorithm is an example of what type of cryptography? Asymmetric key Symmetric key Secret key Private key

any system on the DMZ can be compromised because it's accessible from the Internet

The general philosophy for DMZ's is that: any system on the DMZ can be compromised because it's accessible from the Internet any system on the DMZ cannot be compromised because it's not accessible from the Internet Some systems on the DMZ can be compromised because they are accessible from the Internet any system on the DMZ cannot be compromised because it's by definition 100 percent safe and not accessible from the internet.

in parallel with every phase throughout the project

The information security staff's participation in which of the following system development life cycle phases provides maximum benefit to the organization? in parallel with every phase throughout the project development and documentation phase system design specifications phase project initiation and planning phase

in parallel with every phase throughout the project

The information security staff's participation in which of the following system development life cycle phases provides maximum benefit to the organization? in parallel with every phase throughout the project project initiation and planning phase system design specifications phase development and documentation phase

Electrical distribution systems

The most prevalent cause of computer center fires is which of the following? Electrical distribution systems Heating systems AC equipment Natural causes

Establish a security audit function

The preliminary steps to security planning include all of the following EXCEPT which of the following? Establish objectives List planning assumptions Establish a security audit function Determine alternate course of action

Detective control

The recording or viewing of events after the fact using a closed-circuit TV camera is considered a: Preventive control Detective control Compensating control Corrective control

you are

The three classic ways of authenticating yourself to the computer security software are by something you know, by something you have, and by something: you need non-trivial you are you can get

you are

The three classic ways of authentication yourself to the computer security software are: something you know, something you have, and something: you need you read you are you do

Physical

There are three primary attributes, or responsibiliies, of an access control system. They include all of the following except Physical Identity Authority Accountability

no one

Unrestricted access to production programs should be given to which of the following? maintenance programmers only system owner, on request no one auditors

setting allowable thresholds on a reported activity

Using clipping levels refers to: setting allowable thresholds on a reported activity limiting access to top management staff setting personnel authority limits based on need-to-know basis encryption of data so that it cannot be stolen

The reference monitor

What can be best described as an abstract machine which must mediate all access to subjects to objects? A security domain The reference monitor The security level The security perimeter

The security risk that remains after controls have been implemented

What does "residual risk" mean? The security risk that remains after controls have been implemented Weakness of an asset which can be exploited by a threat Risk that remains after risk assessment has been performed A security risk intrinsic to an asset being audited, where no mitigation has taken place

Risk

What is called the probability that at threat to an information system will materialize? Threat Risk Vulnerability Hole

Authentication

What is called the verification that the user's claimed identity is valid and is usually implemented through a user password at log-on time? Authentication Identification Integrity Confidentiality

Type II Error

What is considered the most important error for a biometric access control system? Type I Error Type II Error Combined Error Rate Crossover Error Rate

Wireless Network communications

What is the 802.11 standard related to? Public Key infrastructure (PKI) Wireless Network communications Packet-switching technology The OSI/ISO model

Contain and repair any damage caused by an event

What is the PRIMARY GOAL of incident handling? Successfully retrieve all evidence that can be used to prosecute Improve the company's ability to be prepared for threats and disasters Improve the company's disaster recovery plan Contain and repair any damage caused by an event

Identification

What is the act of a user professing to an identity, usually in the form of a log-in ID? Confidentiality Identification Authentication Integrity

$60000

What is the highest amount a company should spend annually on countermeasures for protecting an asset valued at $1,000,000 from a threat that has an annualized rate of occurrence (ARO) of once every five years and an exposure factor (EF) of 30%? $300,000 $150,000 $60,000 $1,500

Network layer

What layer of the ISO/OSI model do routers normally operate at? Network layer Session layer Data link layer Transport layer

Disclosure of residual data

What security problem is most likely to exist if an operating system permits objects to be used sequentially by multiple users without forcing a refresh of the objects? Disclosure of residual data Unauthorized obtaining of a privileged execution state Denial of service through a deadly embrace Data leakage through convert channels

The process of reducing risk to an acceptable level

What would BEST define risk management? The process of eliminating the risk The process of assessing the risk The process of reducing risk to an acceptable level The process of transferring risk

Network layer

Which OSI/ISO layer is responsible for determining the best route for data to be transferred? Session layer Physical layer Network layer Transport layer

Discretionary Access Control

Which access control model enables the OWNER of the resources to specify what subjects can access specific resources based on their identity? Discretionary Access Control Mandatory Access Control Sensitive Access Control Role-based Access Control

Twisted Pair cables

Which cable technology refers to the CAT3 and CAT5 categories? Coaxial cables Fiber Optic cables Axial cables Twisted Pair cables

Class A fires

Which fire class can water be most appropriate for? Class C fires Class B fires Class A fires Class D fires

An organization that coordinates and supports the response to security incidents

Which of the following best defines a Computer Security Incident Response Team (CSIRT)? An organization that provides a secure channel for receiving reports about suspected security incidents An organization that ensures that security incidents are reported to the authorities An organization that coordinates and supports the response to security incidents An organization that disseminates incident-related information to its constituency and other involved parties

A risk

Which of the following could be BEST defined as the likelihood of a threat agent taking advantage of a vulnerability? A risk A residual risk An exposure A countermeasure

Procedures

Which of the following embodies all the detailed actions that personnel are required to follow? Standards Guidelines Procedures Baselines

employees

Which of the following groups represents the leading source of computer crime losses? hackers industrial saboteurs foreign intelligence officers employees

Rjindael

Which of the following identifies the encryption algorithm selected by NIST for the new Advanced Encryption Standard? Rjindael DC6 Serpent Twofish

Response

Which of the following is NOT a fundamental component of an alarm in an Intrusion Detection System? Communications Enunciator Sensor Response

Develop an information security policy

Which of the following is NOT a task normally performed by a Computer Incident Response Team (CIRT)? Coordinate the distribution of information pertaining to the incident to the appropriates parties Mitigate risk to the enterprise Assemble teams to investigate the potential vulnerabilities Develop an information security policy

Logical access control mechanism

Which of the following is NOT an administrative control? Logical access control mechanism Screening of personnel Development of policies, standards, procedures and guidelines Change control procedures

Data Encryption System (DES)

Which of the following is NOT an asymmetric key algorithm? El Garnal Data Encryption System (DES) Elliptic Curve Cryptosystem (ECC) RSA

TCP is connection-oriented, UDP is not

Which of the following is TRUE regarding Transmission Control Protocol (TCP) and User Datagram Protocol (UDP)? TCP is connection-oriented, UDP is not UDP provides for Error Correction, TCP does not UDP is useful for longer messages, rather than TCP TCP does not guarantee delivery of data, UDP does guarantee data delivery

TCP is connection-oriented, UDP is not

Which of the following is TRUE regarding Transmission Control Protocol (TCP) and User Datagram Protocol (UDP)? TCP is connection-oriented, UDP is not UDP provides for error correction, TCP does not UDP is useful for longer messages, rather than TCP TCP does not guarantee delivery of data, UDP does not guarantee data delivery

Common combustible

Which of the following is a class A fire? Electrical Common combustible Liquid Halon

Audit trails

Which of the following is a detective control? Segregation of duties Back-up procedures Audit trails Physical access control

Guard dogs

Which of the following is a preventive control? Motion detectors Guard dogs Audit logs Intrusion detection system

UDP

Which of the following is an example of a connectionless communication? UDP X.25 Packet switching TCP

The Software Capability Maturity Model (CMM)

Which of the following is based on the premise that the quality of a software product is a direct function of the quality of its associated software development and maintenance processes? The Software Capability Maturity Model (CMM) Expert Systems Model The Waterfall Model The Spiral Model

Audit trails

Which of the following is most likely to be useful in detecting intrusions? Access control lists Security labels Audit trails Information security policies

Session layer

Which of the following is not a defined layer in the TCP/IP protocol model? Application layer Session layer Internet layer Network access layer

Prevention of the modification of information by authorized users

Which of the following is not a goal of integrity? Prevention of the modification of information by unauthorized users Prevention of the unauthorized or unintentional modification of information by authorized users Preservation of the internal and external consistency Prevention of the modification of information by authorized users

Automated login for remote users

Which of the following is not a security goal for remote access? Reliable authentication of users and systems Protection of confidential data Easy to manage access control to systems and network resources Automated login for remote users

Identify which information is sensitive

Which of the following is the FIRST step in protecting data's confidentially? Install a firewall Implement encryption Identify which information is sensitive Review all user access rights

People

Which of the following is the weakest link in a security system? People Software Communications Hardware

It minimizes chances of accidental discharge of water

Which of the following is true about a "dry pipe" sprinkler system? It minimizes chances of accidental discharge of water It is a substitute of carbon dioxide systems It maximizes chance of accidental discharge of water It uses less water than "wet pipe" systems.

a. Sniffers allow an attacker to monitor data passing across a network

Which of the following is true related to network sniffing? a. Sniffers allow an attacker to monitor data passing across a network b. Sniffers alter the source address of a computer to disguise and exploit weak authentication methods c. Sniffers take over network connections d. Sniffers send IP fragments to a system that overlap with each other

Polyinstantiation

Which of the following is used in database information security to hide information? Polyinstantiation Inheritance Polymorphism Delegation

fiber optic

Which of the following media is MOST resistant to tapping? microwave twisted pair coaxial cable fiber optic

TCP/IP

Which of the following protocols does the Internet use? SNA DECnet TCP/IP MAP

High cohesion, low coupling

Which of the following represents the best programming? High cohesion, low coupling High cohesion, high coupling Low cohesion, low coupling Low cohesion, high coupling

Employee bonding to protect against losses due to the theft.

Which of the following should NOT be addressed by employee termination practices? Removal of the employee from active payroll files Return of access badges Employee bonding to protect against losses due to the theft. Deletion of assigned login-ID and passwords to prohibit system access

Installing system software

Which of the following should be performed by an operator? Changing profiles Approving changes Adding and removal of users Installing system software

Business unit manager

Which of the following staff member would be best suited to provide information during a review. In this case the review is focused on the controls in place related to the process of defining IT service levels? Systems programmer Legal staff Business unit manager Programmer

It requires careful key management

Which of the following statements is true about data encryption as a method of protecting data? It verifies the accuracy of the data It is usually easily administered It makes few demands on system resources It requires careful key management

User can be authenticated by what he knows

Which of the following statements pertaining to biometrics is FALSE? User can be authenticated by what he does User can be authenticated by what he is User can be authenticated by what he knows A biometric system's accuracy is determined by its crossover rate (CER)

Testing should be performed with live data to cover all possible solutions

Which of the following statements pertaining to software testing is incorrect? Test data generators can be used to systematically generate random test data that can be used to test programs Test data should be part of the specifications Testing should be performed with live data to cover all possible solutions Unit testing should be addressed when the modules are being designed

Fiber optic cables

Which of the following transmission media would NOT be affected by cross talk or interference? Coaxial cables Shielded twisted pairs (STP) Satellite radiolink systems Fiber optic cables

Behavior-based ID Systems

Which of the following types of Intrusion Detection Systems uses deviations from the learned patterns of behavior and triggers an alarm when an activity is considered intrusive (outside of normal system use) occurs? Behavior-based ID Systems Host-based ID systems Knowledge-based ID systems Network-based ID systems

The project will fail to meet business and user needs

Which of the following would be MOST serious risk where a systems development life cycle methodology is inadequate? The project will be incompatible with existing systems The project will fail to meet business and user needs The project will be completed late The project will exceed the cost estimates

T1ime4g01F

Which of the following would be an example of the best password? golf001 Elizabeth T1ime4g01F password

Confidentiality

Which property ensures that only those who are supposed to access the data can get access to it? Confidentiality Capability Integrity Availability

Preventive controls

Which type of control is concerned with avoiding occurrences of risks? Deterrent controls Detective controls Preventive controls Compensating controls

Type C

Which type of fire extinguisher is most appropriate for an information processing facility? Type A Type C Type B Type D

Data or information owner

Who can best determine if technical security controls are adequate in a computer-based application system in regards to the protection of the data being used and it's sensitivity? Data or information user System auditor Data or information owner System manager

Senior management

Who should DECIDE how a company should approach security and what security measures should be implemented? Senior management Data owner Auditor The information security specialist

Because input data is not checked for appropriate length at time of input

Why do buffer overflows happen? Because buffers can only hold so much data Because input data is not checked for appropriate length at time of input Because they are an easy weakness to exploit Because of insufficient system meory

To detect improper or illegal acts by the employees

Why do many organizations require every employee to take a mandatory vacation of a week or more? To detect improper or illegal acts by the employees To lead to greater productivity through a better quality of life for the employee To provide proper cross training for another employee To allow more employees to have a better understanding of the overall system


Kaugnay na mga set ng pag-aaral

Ch 15 - Growth Motivation & Positive Motivation

View Set

DNR biosintezės bendrieji bruožai

View Set

Intro to Financial Accounting Chapter 1 (Introduction to Financial Statements)

View Set

Chapter 23 Care of Patients with Brain Disorders

View Set

Packard AP Chemistry Final Exam Semester 2

View Set

OB Chapter 21 - Nursing Management of Labor and Birth at Risk

View Set