CISS 3360 FINAL
8. Bob is using a port scanner to identify open ports on a server in his environment. He is scanning a web server that uses Hypertext Transfer Protocol (HTTP). Which port should Bob expect to be open to support this service?
80
1. Which password attack is typically used specifically against password files that contain cryptographic hashes?
Birthday attacks
6. Ron is the IT director at a medium-sized company and is constantly bombarded by requests from users who want to select customized mobile devices. He decides to allow users to purchase their own devices. Which type of policy should Ron implement to include the requirements and security controls for this arrangement?
Bring Your Own Device (BYOD)
12. Which type of password attack attempts all possible combinations of a password in an attempt to guess the correct value?
Brute-force attack
10. Which formula is typically used to describe the components of information security risks?
Correct Risk = Threat X Vulnerability
16. In Mobile IP, what term describes a device that would like to communicate with a mobile node (MN)?
Correspondent node (CN)
7. What is the first step in a disaster recovery effort?
Ensure that everyone is safe.
6. What mathematical problem forms the basis of most modern cryptographic algorithms?
Factoring large primes
1. You must always use the same algorithm to encrypt information and decrypt the same information.
False
11. A smurf attack tricks users into providing logon information on what appears to be a legitimate website but is in fact a website set up by an attacker to obtain this information.
False
11. The four central components of access control are users, resources, actions, and features.
False
12. A phishing attack "poisons" a domain name on a domain name server.
False
12. The Transport Layer of the OSI Reference Model creates, maintains, and disconnects communications that take place between processes over the network.
False
13. Another name for a border firewall is a DMZ firewall.
False
14. Mandatory vacations minimize risk by rotating employees among various systems or duties.
False
14. Removable storage is a software application that allows an organization to monitor and control business data on a personally owned device.
False
15. Regarding the Internet of Things (IoT), a business involved in utilities, critical infrastructure, or environmental services can benefit from traffic-monitoring applications.
False
15. The term risk methodology refers to a list of identified risks that results from the risk-identification process.
False
16. The weakest link in the security of an IT infrastructure is the server.
False
18. A remediation liaison makes sure all personnel are aware of and comply with an organization's policies.
False
18. Passphrases are less secure than passwords.
False
2. A packet-filtering firewall remembers information about the status of a network communication.
False
2. A private key cipher is also called an asymmetric key cipher.
False
20. Bricks-and-mortar stores are completely obsolete now.
False
3. Procedures do NOT reduce mistakes in a crisis.
False
3. Regarding data center alternatives for disaster recovery, a mobile site is the least expensive option but at the cost of the longest switchover time.
False
5. The anti-malware utility is one of the most popular backdoor tools in use today.
False
6. The four primary types of malicious code attacks are unplanned attacks, planned attacks, direct attacks, and indirect attacks.
False
6. Voice pattern biometrics are accurate for authentication because voices can't easily be replicated by computer software.
False
9. A physical courier delivering an asymmetric key is an example of in-band key exchange.
False
9. IP addresses are eight-byte addresses that uniquely identify every device on the network.
False
12. What type of function generates the unique value that corresponds to the contents of a message and is used to create a digital signature?
Hash
13. Which one of the following is an example of a business-to-consumer (B2C) application of the Internet of Things (IoT)?
Health monitoring
14. Terry is troubleshooting a network that is experiencing high traffic congestion issues. Which device, if present on the network, should be replaced to alleviate these issues?
Hub
3. Yolanda would like to prevent attackers from using her network as a relay point for a smurf attack. What protocol should she block?
Internet Control Message Protocol (ICMP)
4. Which of the following would NOT be considered in the scope of organizational compliance efforts?
Laws
2. Which type of denial of service attack exploits the existence of software flaws to disrupt a service?
Logic attack
16. Which of the following is NOT a benefit of cloud computing to organizations?
Lower dependence on outside vendors
11. What is NOT one of the three tenets of information security?
Safety
12. Which of the following is NOT one of the four fundamental principles outlined by the Internet Society that will drive the success of Internet of Things (IoT) innovation?
Secure
1. What is an XML-based open standard for exchanging authentication and authorization information and is commonly used for web applications?
Security Assertion Markup Language (SAML)
10. From a security perspective, what should organizations expect will occur as they become more dependent upon the Internet of Things (IoT)?
Security risks will increase.
16. In which type of attack does the attacker attempt to take over an existing connection between two systems?
Session hijacking
13. As a follow-up to her annual testing, Holly would like to conduct quarterly disaster recovery tests that introduce as much realism as possible but do not require the use of technology resources. What type of test should Holly conduct?
Simulation test
7. Kaira's company recently switched to a new calendaring system provided by a vendor. Kaira and other users connect to the system, hosted at the vendor's site, using a web browser. Which service delivery model is Kaira's company using?
Software as a Service (SaaS)
13. Users throughout Alison's organization have been receiving unwanted commercial messages over the organization's instant messaging program. What type of attack is taking place?
Spim
15. Which element of the IT security policy framework provides detailed written definitions for hardware and software and how they are to be used?
Standard
9. Which one of the following principles is NOT a component of the Biba integrity model?
Subjects cannot change objects that have a lower integrity level.
5. Which type of virus targets computer hardware and software startup functions?
System infector
11. Which term describes any action that could damage an asset?
Threat
13. Which classification level is the highest level used by the U.S. federal government?
Top Secret
10. A man-in-the-middle attack takes advantage of the multihop process used by many types of networks.
True
10. An electronic mail bomb is a form of malicious macro attack that typically involves an email attachment that contains macros designed to inflict maximum damage.
True
10. In the Remote Access Domain, if private data or confidential data is compromised remotely, you should set automatic blocking for attempted logon retries.
True
10. Network access control (NAC) works on wired and wireless networks.
True
10. One advantage of using a security management firm for security monitoring is that it has a high level of expertise.
True
11. Metadata of Internet of Things (IoT) devices can be sold to companies seeking demographic marketing data about users and their spending habits.
True
14. A smart card is a token shaped like a credit card that contains one or more microprocessor chips that accept, store, and send information through a reader.
True
14. An alteration threat violates information integrity.
True
14. Cryptography is the process of transforming data from cleartext into ciphertext.
True
15. Backdoor programs are typically more dangerous than computer viruses.
True
15. Rootkits are malicious software programs designed to be hidden from normal methods of detection.
True
15. TCP/IP is a suite of protocols that operates at both the Network and Transport layers of the OSI Reference Model.
True
17. The term "web defacement" refers to someone gaining unauthorized access to a web server and altering the index page of a site on the server.
True
18. A network protocol governs how networking equipment interacts to deliver data across the network.
True
18. A substitution cipher replaces bits, characters, or blocks of information with other bits, characters, or blocks.
True
18. The Government Information Security Reform Act (Security Reform Act) of 2000 focuses on management and evaluation of the security of unclassified and national security systems.
True
18. Using a secure logon and authentication process is one of the six steps used to prevent malware.
True
19. Internet Small Computer System Interface (iSCSI) is a storage networking standard used to link data storage devices to networks using IP for its transport layer.
True
19. The goal of a command injection is to execute commands on a host operating system.
True
2. In e-business, secure web applications are one of the critical security controls that each organization must implement to reduce risk.
True
2. Networks, routers, and equipment require continuous monitoring and management to keep wide area network (WAN) service available.
True
2. The recovery point objective (RPO) is the maximum amount of data loss that is acceptable.
True
20. A degausser creates a magnetic field that erases data from magnetic storage media.
True
3. Devices that combine the capabilities of mobile phones and personal digital assistants (PDAs) are commonly called smartphones.
True
4. A salt value is a set of random characters you can combine with an actual input key to create the encryption key.
True
4. The System/Application Domain holds all the mission-critical systems, applications, and data.
True
4. Unified messaging allows you to download both voice and email messages to a smartphone or tablet.
True
5. A firewall is a basic network security defense tool.
True
5. Content-dependent access control requires the access control mechanism to look at the data to decide who should get to see it.
True
5. For businesses and organizations under recent compliance laws, data classification standards typically include private, confidential, internal use only, and public domain categories.
True
5. IoT technology has a significant impact on developing economies, given that it can transform countries into e-commerce-ready nations.
True
5. Screen locks are a form of endpoint device security control.
True
5. The Diffie-Hellman (DHE) algorithm is the basis for several common key exchange protocols, including Diffie-Hellman in Ephemeral mode (DHE) and Elliptic Curve DHE (ECDHE).
True
6. A phishing email is a fake or bogus email intended to trick the recipient into clicking on an embedded URL link or opening an email attachment.
True
6. The tools for conducting a risk analysis can include the documents that define, categorize, and rank risks.
True
7. A Chinese wall security policy defines a barrier and develops a set of rules that makes sure no subject gets to objects on the other side.
True
7. The Physical Layer of the OSI Reference Model must translate the binary ones and zeros of computer language into the language of the transport medium.
True
8. Social engineering is deceiving or using people to get around security controls.
True
8. The term "router" describes a device that connects two or more networks and selectively interchanges packets of data between them.
True
9. Application service providers (ASPs) are software companies that build applications hosted in the cloud and on the Internet.
True
9. Hypertext Transfer Protocol (HTTP) is the communications protocol between web browsers and websites with data in cleartext.
True
9. The term risk management describes the process of identifying, assessing, prioritizing, and addressing risks.
True
3. Yuri is a skilled computer security expert who attempts to break into the systems belonging to his clients. He has permission from the clients to perform this testing as part of a paid contract. What type of person is Yuri?
White-hat hacker
4. Gary is configuring a Smartphone and is selecting a wireless connectivity method. Which approach will provide him with the highest speed wireless connectivity?
Wi-Fi
3. What type of network connects systems over the largest geographic area?
Wide area network (WAN)
1. What file type is least likely to be impacted by a file infector virus?
.docx
4. The Children's Online Privacy Protection Act (COPPA) restricts the collection of information online from children. What is the cutoff age for COPPA regulation?
13
1. Matthew captures traffic on his network and notices connections using ports 20, 22, 23, and 80. Which port normally hosts a protocol that uses secure, encrypted connections?
22
2. What ISO security standard can help guide the creation of an organization's security policy?
27002
20. Henry would like to create a different firewall rule that allows encrypted web traffic to reach a web server. What port is used for that communication?
443
1. Which one of the following is the best example of an authorization control?
Access control lists
11. Mark is considering outsourcing security functions to a third-party service provider. What benefit is he most likely to achieve?
Access to a high level of expertise
2. Ed wants to make sure that his system is designed in a manner that allows tracing actions to an individual. Which phase of access control is Ed concerned about?
Accountability
9. Brian notices an attack taking place on his network. When he digs deeper, he realizes that the attacker has a physical presence on the local network and is forging Media Access Control (MAC) addresses. Which type of attack is most likely taking place?
Address Resolution Protocol (ARP) poisoning
13. Bob received a message from Alice that contains a digital signature. What cryptographic key does Bob use to verify the digital signature?
Alice's public key
1. Norm recently joined a new organization. He noticed that the firewall technology used by his new firm opens separate connections between the devices on both sides of the firewall. What type of technology is being used?
Application proxying
8. Which action is the best step to protect Internet of Things (IoT) devices from becoming the entry point for security vulnerabilities into a network while still meeting business requirements?
Applying security updates promptly
15. Janet is identifying the set of privileges that should be assigned to a new employee in her organization. Which phase of the access control process is she performing?
Authorization
5. In an accreditation process, who has the authority to approve a system for implementation?
Authorizing official (AO)
3. Which security model does NOT protect the integrity of information?
Bell-LaPadula
18. Jody would like to find a solution that allows real-time document sharing and editing between teams. Which technology would best suit her needs?
Collaboration
13. Alison discovers that a system under her control has been infected with malware, which is using a key logger to report user keystrokes to a third party. What information security property is this malware attacking?
Confidentiality
18. What is NOT one of the four main purposes of an attack?
Data import
14. Which technology can be used to protect the privacy rights of individuals and simultaneously allow organizations to analyze data in aggregate?
Deidentification
7. Which risk is most effectively mitigated by an upstream Internet service provider (ISP)?
Distributed denial of service (DDoS)
6. What protocol is responsible for assigning IP addresses to hosts on most networks?
Dynamic Host Configuration Protocol (DHCP)
20. Which one of the following is an example of a direct cost that might result from a business disruption?
Facility repair
6. Hypertext Transfer Protocol (HTTP) encrypts data transfers between secure browsers and secure web pages.
False
7. Retro viruses counter the ability of antivirus programs to detect changes in infected files.
False
4. What is NOT a common motivation for attackers?
Fear
11. David would like to connect a fibre channel storage device to systems over a standard data network. What protocol can he use?
Fibre Channel over Ethernet (FCoE)
7. Which control is not designed to combat malware?
Firewalls
8. Betsy recently assumed an information security role for a hospital located in the United States. What compliance regulation applies specifically to healthcare providers?
HIPAA
3. Gary is sending a message to Patricia. He wants to ensure that nobody tampers with the message while it is in transit. What goal of cryptography is Gary attempting to achieve?
Integrity
8. Which of the following is an example of a hardware security control?
MAC filtering
8. Which one of the following measures the average amount of time that it takes to repair a system, application, or component?
Mean time to repair (MTTR)
9. Which agreement type is typically less formal than other agreements and expresses areas of common interest?
Memorandum of understanding (MOU)
12. Which one of the following is an example of a reactive disaster recovery control?
Moving to a warm site
16. What is NOT a commonly used endpoint security technique?
Network firewall
12. Brian would like to conduct a port scan against his systems to determine how they look from an attacker's viewpoint. What tool can he use for this purpose?
Nmap
16. When Patricia receives a message from Gary, she wants to be able to demonstrate to Sue that the message actually came from Gary. What goal of cryptography is Patricia attempting to achieve?
Nonrepudiation
15. Which of the following allows a certificate authority (CA) to revoke a compromised digital certificate in real time?
Online Certificate Status Protocol (OCSP)
19. Holly would like to run an annual major disaster recovery test that is as thorough and realistic as possible. She also wants to ensure that there is no disruption of activity at the primary site. What option is best in this scenario?
Parallel test
15. Which one of the following is an example of a logical access control?
Password
3. Which mitigation plan is most appropriate to limit the risk of unauthorized access to workstations?
Password protection
19. Which one of the following is NOT an advantage of biometric systems?
Physical characteristics may change.
16. Adam discovers a virus on his system that is using encryption to modify itself. The virus escapes detection by signature-based antivirus software. What type of virus has he discovered?
Polymorphic virus
19. Marguerite is creating a budget for a software development project. What phase of the system lifecycle is she undertaking?
Project initiation and planning
17. Which tool can capture the packets transmitted between systems over a network?
Protocol analyzer
11. Which approach to cryptography provides the strongest theoretical protection?
Quantum cryptography
13. Which of the following does NOT offer authentication, authorization, and accounting (AAA) services?
Redundant Array of Independent Disks (RAID)
8. What is NOT a symmetric encryption algorithm?
Rivest-Shamir-Adelman (RSA)
14. Bob is developing a web application that depends upon a database backend. What type of attack could a malicious individual use to send commands through his web application to the database?
SQL injection
16. In what type of attack does the attacker send unauthorized commands directly to a database?
SQL injection
7. Biyu is making arrangements to use a third-party service provider for security services. She wants to document a requirement for timely notification of security breaches. What type of agreement is most likely to contain formal requirements of this type?
Service level agreement (SLA)
10. Which type of cipher works by rearranging the characters in a message?
Transposition
1. One of the first industries to adopt and widely use mobile applications was the healthcare industry.
True
14. What is NOT an effective key distribution method for plaintext encryption keys?
Unencrypted email
8. What is NOT a typical sign of virus activity on a system?
Unexpected power failures
10. Which one of the following is NOT a commonly accepted best practice for password security?
Use at least six alphanumeric characters.
20. In what software development model does activity progress in a lock-step sequential process where no phase begins until the previous phase is complete?
Waterfall
20. Which type of attack against a web application uses a newly discovered vulnerability that is not patchable?
Zero-day attack
4. The ___________ is the central part of a computing environment's hardware, software, and firmware that enforces access control.
security kernel
12. Which activity manages the baseline settings for a system or device?
Configuration control
17. Certification is the formal agreement by an authorizing official to accept the risk of implementing a system.
False
17. The auto industry has not yet implemented the Internet of Things (IoT).
False
17. You should use easy-to-remember personal information to create secure passwords.
False
1. A successful change control program should include the following elements to ensure the quality of the change control process: peer review, documentation, and back-out plans.
True
11. Spyware gathers information about a user through an Internet connection, without his or her knowledge.
True
12. The most critical aspect of a WAN services contract is how the service provider supplies troubleshooting, network management, and security management services.
True
13. Classification scope determines what data you should classify; classification process determines how you handle classified data.
True
17. A disaster recovery plan (DRP) directs the actions necessary to recover resources after a disaster.
True
17. A person demonstrates anonymity when posting information to a web discussion site without authorities knowing who he or she is.
True
17. A subnet mask is a partition of a network based on IP addresses.
True
19. A DoS attack is a coordinated attempt to deny service by occupying a computer to perform large amounts of unnecessary tasks.
True
19. Bring Your Own Device (BYOD) opens the door to considerable security issues.
True
19. In a chosen-ciphertext attack, cryptanalysts submit data coded with the same cipher and key they are trying to break to the decryption device to see either the plaintext output or the effect the decrypted message has on some system.
True
2. The idea that users should be granted only the levels of permissions they need in order to perform their duties is called the principle of least privilege.
True
4. When servers need operating system upgrades or patches, administrators take them offline intentionally, so they can perform the necessary work without risking malicious attacks.
True
6. Company-related classifications are not standard, therefore, there may be some differences between the terms "private" and "confidential" in different companies.
True
7. The financial industry created the ANSI X9.17 standard to define key management procedures.
True
9. A computer virus is an executable program that attaches to, or infects, other executable programs.
True
20. What is the only unbreakable cipher when it is used properly?
Vernam
20. What tool might be used by an attacker during the reconnaissance phase of an attack to glean information about domain registrations?
Whois
16. What wireless security technology contains significant flaws and should never be used?
Wired Equivalent Privacy (WEP)