CS 175 Review For Final

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

A subject or object's ability to use, manipulate, modify, or affect another subject or object is known as ___________.

access

The sworn testimony that certain facts are in the possession of an investigating officer and that they warrant the examination of specific items located at a specific place is called a(n) _____.

affidavit

The date for sending the final RFP to vendors is considered a milestone because it signals that __________.

all RFP preparation work is complete

Risk _____ is a determination of the extent to which an organization's information assets are exposed to risk.

analysis

The _____ methodology has been used by many organizations and requires that issues be addressed from the general to the specific, and that the focus be on systematic solutions instead of individual problems.

bull's-eye

The detailed documentation of the collection, storage, transfer, and ownership of evidentiary material from the crime scene through its presentation in court and its eventual disposition. is called a(n) _____.

chain of evidence

Ideally, the _____, systems administrators, the chief information security officer (CISO), and key IT and business managers should be actively involved during the creation and development of all CP components

chief information officer (CIO)

Intrusion _____ activities finalize the restoration of operations to a normal state and seek to identify the source and method of the intrusion in order to ensure that the same type of attack cannot occur again.

correction

______ is the premeditated, politically motivated attacks against information, computer systems, computer programs, and data that result in violence against noncombatant targets by subnational groups or clandestine agents.

cyberterrorism

A(n) _____ scheme is a formal access control methodology used to assign a level of confidentiality to an information asset and thus restrict the number of people who can access it.

data classification

Which of the following is NOT a described IDPS control strategy?

decentralized

An X.509 v3 certificate binds a _____, which uniquely identifies a certificate entity, to a user's public key.

distinguished name

A ______ is an attack in which a coordinated stream of requests is launched against a target from many locations at the same time.

distributed denial-of-service

A technique used to compromise a system is known as a(n) ___________.

exploit

Activities that scan networks for active systems and then identify the network services offered by the host systems are known as _____.

fingerprinting

By managing the _____, the organization can reduce unintended consequences by having a process to resolve the potential conflict and disruption that uncoordinated change can introduce.

process of change

Using a database of precomputed hashes from sequentially calculated passwords called a(n) _____, an attacker can simply look up a hashed password and read out the text version.

rainbow table

The maximum amount of time that a system resource can remain unavailable before there is an unacceptable impact on other system resources is ____.

recovery time objective (RTO)

Many public organizations must spend all budgeted funds within the fiscal year—otherwise, the subsequent year's budget is _____.

reduced by the unspent amount

The first phase of the risk management process is _____.

risk identification

The dominant architecture used to secure network access today is the _____ firewall.

screened subnet

Digital _____ are encrypted messages that can be mathematically proven to be authentic.

signatures

Advance-Fee fraud is an example of a ______ attack.

social engineering

The process of hiding messages within the digital encoding of a picture or graphic is called _____.

steganography

A(n) _____ plan is a plan for the organization's intended efforts over the next several years (long-term).

strategic

A methodology and formal development strategy for the design and implementation of an information system is referred to as a _____.

systems development life cycle

The actions taken by management to specify the intermediate goals and objectives of the organization are _____.

tactical planning

The _____ protocol provides system-to-system authentication and data integrity verification, but does not provide secrecy for the content of a network communication.

AH

_____ is simply how often you expect a specific type of attack to occur.

ARO

A fundamental difference between a BIA and risk management is that risk management focuses on identifying threats, vulnerabilities, and attacks to determine which controls can protect information, while the BIA assumes _____.

All of the above

Redundancy can be implemented at a number of points throughout the security architecture, such as in _____.

All of the above

Which of the following is a valid type of role when it comes to data ownership?

All of the above

Laws, policies, and their associated penalties only provide deterrence if which of the following conditions is present?

All of the other answers are correct

The restrictions most commonly implemented in packet-filtering firewalls are based on _____.

All of these answers are correct

The CPMT conducts the BIA in three stages. Which of the following is NOT one of those stages?

All of these are BIA stages

A standard is a written instruction provided by management that informs employees and others in the workplace about proper behavior.

False

All organizations should designate a champion from the general management community of interest to supervise the implementation of an information security project plan.

False

Among the considerations in evaluating an IDPS are the product's scalability, testing, support provisions, and ability to provide information on the source of attacks.

False

Crisis response is an organization's set of planning and preparation efforts for dealing with potential human injury, emotional trauma, or loss of life as a result of a disaster.

False

Firewalls can only filter packets by port number.

False

__________ was the first operating system to integrate security as one of its core functions.

MULTICS

The Digital _____ Copyright Act is the American contribution to an international effort by the World Intellectual Properties Organization (WIPO) to reduce the impact of copyright, trademark, and privacy infringement.

Millennium

_____ are usually passive devices, but cannot analyze encrypted packets, making some traffic invisible to the process.

NIDPSs

__________ has become a widely accepted evaluation standard for training and education related to the security of information systems and is hosted by CNSS.

NSTISSI No. 4011

The EISP component of _____ provides information on the importance of information security in the organization and the legal and ethical obligation to protect critical information about customers, employees, and markets.

Need for Information Security

_____ controls address personnel security, physical security, and the protection of production inputs and outputs.

Operational

____ is any technology that aids in gathering information about a person or organization without their knowledge.

Spyware

_____ inspection firewalls keep track of each network connection between internal and external systems.

Stateful

_____ filtering requires that the firewall's filtering rules for allowing and denying packets are manually developed and installed with the firewall.

Static

_____often function as standards or procedures to be used when configuring or maintaining systems.

SysSPs

Which of the following versions of TACACS is still in use?

TACACS+

The ______ hijacking attack uses IP spoofing to enable an attacker to impersonate another entity on the network.

TCP

Kerberos _____ provides tickets to clients who request services.

TGS

__________ occurs when an authorized person opens a door, and other people, who may or may not be authorized, also enter.

Tailgating

_____ is the requirement that every employee be able to perform the work of another employee.

Task rotation

_____ are hired by the organization to serve in a temporary position or to supplement the existing workforce.

Temporary employees

Due care and due diligence require that an organization make a valid effort to protect others and continually maintain this level of effort, ensuring these actions are effective.

True

Intelligence for external monitoring can come from a number of sources: vendors, CERT organizations, public network sources, and membership sites.

True

Internet Protocol Security (IPSec) is an open-source protocol framework for security development within the TCP/IP family of protocols.

True

Laws, policies, and their associated penalties only provide deterrence if offenders fear the penalty, expect to be caught, and expect the penalty to be applied if they are caught.

True

Managerial controls set the direction and scope of the security process and provide detailed instructions for its conduct.

True

Packet-filtering firewalls scan network data packets looking for compliance with the rules of the firewall's database or violations of those rules.

True

The false reject rate describes the number of legitimate users who are denied access because of a failure in the biometric device. _____

True

The primary drawback to the direct changeover approach is that if the new system fails or needs modification, users may be without services while the system's bugs are worked out. _____

True

To determine if the risk to an information asset is acceptable or not, you estimate the expected loss the organization will incur if the risk is exploited.

True

When determining the relative importance of each asset, refer to the organization's mission statement or statement of objectives to determine which elements are essential, which are supportive, and which are merely adjuncts.

True

A device that assures the delivery of electric power without interruption is a(n) __________.

UPS

The InfoSec measurement development process recommended by NIST is divided into major activities that include all of the following EXCEPT _____.

Usage of the selected metrics.

A(n) _____ is a private data network that makes use of the public telecommunication infrastructure, maintaining privacy through the use of a tunneling protocol and security procedures.

VPN

A(n) _____ is a simple project management planning tool used to break the project plan into smaller and smaller steps.

WBS

______ are compromised systems that are directed remotely (usually by a transmitted command) by the attacker to participate in an attack.

Zombies

DES uses a(n) _____-bit block size.

64

_____ is the entire range of values that can possibly be used to construct an individual key.

Keyspace

A primary mailing list for new vulnerabilities, called simply _____, provides time-sensitive coverage of emerging vulnerabilities, documenting how they are exploited and reporting on how to remediate them. Individuals can register for the flagship mailing list or any one of the entire family of its mailing lists.

Bugtraq

A(n) _____ determines the impact that a specific technology or approach can have on the organization's information assets and what it may cost.

CBA

The ______ is the individual primarily responsible for the assessment, management, and implementation of information security in the organization.

CISO

The breadth and depth covered in each of the domains makes the _____ one of the most difficult-to-attain certifications on the market.

CISSP

In some organizations, the CISO's position may be combined with physical security responsibilities or may evenreport to a security manager who is responsible for both logical (information) security and physical security and such aposition is generally referred to as a _____.

CSO

The National Information Infrastructure Protection Act of 1996 modified which act?

Computer Fraud and Abuse Act

Which of the following acts defines and formalizes laws to counter threats from computer-related acts and offenses?

Computer Fraud and Abuse Act of 1986

The _____ is an intermediate area between a trusted network and an untrusted network.

DMZ

_____ is a strategy for the protection of information assets that uses multiple layers and different types of controls (managerial, operational, and technical) to provide optimal protection.

Defense in depth

_____ are encrypted message components that can be mathematically proven to be authentic.

Digital signatures

The _____ attempts to prevent trade secrets from being illegally shared.

Economic Espionage Act

_____ is the process of converting an original message into a form that is unreadable to unauthorized individuals.

Encryption

A(n) _____ is an authorization issued by an organization for the repair, modification, or update of a piece of equipment.

FCO

A _____ is a key-dependent, one-way hash function that allows only specific recipients (symmetric key holders) to access the message digest.

MAC

Information security's primary mission is to ensure that systems and their contents retain their confidentiality at any cost.

False

Knowing yourself means identifying, examining, and understanding the threats facing the organization's information assets.

False

Most current operating systems require specialized software to connect to VPN servers, as support for VPN services is no longer built into the clients.

False

Risk mitigation is the risk treatment strategy that attempts to eliminate or reduce any remaining uncontrolled risk through the application of additional controls and safeguards, but it is not the preferred approach to controlling risk.

False

SSL builds on the encoding format of the digital encryption standard (DES) protocol and uses digital signatures based on public-key cryptosystems to secure e-mail.

False

Standard HTTP (S-HTTP) is an extended version of the Hypertext Transfer Protocol that provides for the encryption of individual messages transmitted via the Internet between a client and server using AES over HTTP.

False

The ability of a router to restrict traffic to a specific service is an advanced capability and not considered a standard feature for most routers.

False

The continuity planning management team (CPMT) is the group of senior managers and project members organized to conduct and lead all contingency planning efforts.

False

You cannot combine the XOR operation with a block cipher operation.

False

​An attack, breach of policy, or other incident always constitutes a violation of law, requiring notification of law enforcement.

False

_____ addresses are sometimes called electronic serial numbers or hardware addresses.

MAC

The Computer _____ and Abuse Act of 1986 is the cornerstone of many computer-related federal laws and enforcement efforts.

Fraud

_____ functions are mathematical algorithms that generate a message summary or digest to confirm the identity of a specific message and to confirm that there have not been any changes to the content.

Hash

Known as the ping service, _____is a common method for hacker reconnaissance and should be turned off to prevent snooping.

ICMP

_____ is a professional association that focuses on auditing, control, and security. The membership comprises both technical and managerial professionals.

ISACA

In 2001, the Council of Europe drafted the European Council Cybercrime Convention, which empowers an international task force to oversee a range of security functions associated with _____ activities.

Internet

Project managers can reduce resistance to change by involving employees in the project plan. In the systems development parts of a project, this is referred to as _____.

JAD

The Health Insurance Portability and Accountability Act of 1996, also known as the _____ Act, protects the confidentiality and security of health-care data by establishing and enforcing standards and by standardizing electronic data interchange.

Kennedy-Kessebaum

Which type of organizations should prepare for the unexpected?

Organizations of every size and purpose should also prepare for the unexpected.

In SESAME, the user is first authenticated to an authentication server and receives a token. The token is then presented to a privilege attribute server as proof of identity to gain a(n) _____.

PAC

The _____ commercial site focuses on current security tool resources.

Packet Storm

_____ firewalls examine every incoming packet header and can selectively filter packets based on header information such as destination address, source address, packet type, and other key information.

Packet-filtering

The _____ level of the bull's-eye model establishes the ground rules for the use of all systems and describes what is appropriate and what is inappropriate; it enables all other information security components to function correctly.

Policies

_____ allows for major security control components to be reviewed on a periodic basis to ensure that they are current, accurate, and appropriate.

Program review

_____ law regulates the structure and administration of government agencies and their relationships with citizens, employees, and other governments.

Public

____ uses a number of hard drives to store information across multiple drive units.

RAID

If the task is to write firewall specifications for the preparation of a(n) _____, the planner would note that the deliverable is a specification document suitable for distribution to vendors.

RFP

Which of the following is not a major processing mode category for firewalls?

Router Passthrough

The ______ data file contains the hashed representation of the user's password.

SAM

A(n) _____ port, also known as a monitoring port, is a specially configured connection on a network device that is capable of viewing all of the traffic that moves through the entire device.

SPAN

The _____ is responsible for the fragmentation, compression, encryption, and attachment of an SSL header to the cleartext prior to transmission.

SSL Record Protocol

The _____ of 1999 provides guidance on the use of encryption and provides protection from government intervention.

Security and Freedom through Encryption Act

Which if these is the primary reason contingency response teams should not have overlapping membership with one person on multiple teams?

So individuals don't find themselves with different responsibilities in different locations at the same time.

______ are malware programs that hide their true nature and reveal their designed behavior only when activated.

Trojan horses

AES implements a block cipher called the Rijndael Block Cipher with a variable block length and a key length of 128, 192 or 256 bits. _____

True

An affidavit is a sworn testimony that certain facts are in the possession of an investigating officer and that they warrant the examination of specific items located at a specific place.

True

Criminal laws address activities and conduct harmful to society and are categorized as public law.

True

An information security _____ is a specification of a model to be followed during the design, selection, and initial and ongoing implementation of all subsequent security controls, including information security policies, security education, and training.

framework

The risk management (RM) _____ is the overall structure of the strategic planning and design for the entirety of the organization's RM efforts.

framework

Nonmandatory recommendations the employee may use as a reference is known as a _____.

guideline

In file hashing, a file is read by a special algorithm that uses the value of the bits in the file to compute a single number called the __________ value.

hash

When information gatherers employ techniques that cross a legal or ethical threshold, they are conducting ______.

industrial espionage

Network behavior analysis system _____ sensors are typically intended for network perimeter use, so they are deployed in close proximity to the perimeter firewalls, often between the firewall and the Internet border router to limit incoming attacks that could overwhelm the firewall.

inline

Criminal or unethical _____ goes to the state of mind of the individual performing the act.

intent

Understanding the _____ context means understanding elements that could impact or influence the RM process such as the organization's governance structure (or lack thereof), the organization's internal stakeholders, as well as the organization's culture.

internal

Which of the following phases is often considered the longest and most expensive phase of the systems development life cycle?

maintenance and change

The total amount of time the system owner or authorizing official is willing to accept for a business process outage or disruption is _____.

maximum tolerable downtime (MTD)

The average amount of time between hardware failures, calculated as the total amount of operation time for a specified number of units divided by the total number of failures, is known as ______.

mean time between failure (MTBF)

The _____ risk treatment strategy attempts to eliminate or reduce any remaining uncontrolled risk through the application of additional controls and safeguards.

mitigation

A potential disadvantage of a timeshare site-resumption strategy is:

more than one organization might need the facility

A(n) _____ IDPS is focused on protecting network information assets.

network-based

Hackers can be generalized into two skill groups: expert and ______.

novice

Security managers accomplish _____ identified by the CISO and resolve issues identified by technicians

objectives

The actions taken by management to specify the short-term goals and objectives of the organization are _____.

operational planning

A _____ is usually the best approach to security project implementation.

phased implementation

In a _____ implementation, the entire security system is put in place in a single office, department, or division before expanding to the rest of the organization.

pilot

According to the National Information Infrastructure Protection Act of 1996, the severity of the penalty for computer crimes depends on the value of the information obtained and whether the offense is judged to have been committed for each of the following except _____.

to harass

Risk _____ is the assessment of the amount of risk an organization is willing to accept for a particular information asset, typically synthesized into the organization's overall risk appetite.

tolerance

The _____ risk treatment strategy attempts to shift risk to other assets, other processes, or other organizations.

transference

In _____ mode, the data within an IP packet is encrypted, but the header information is not.

transport

In a _____, assets or threats can be prioritized by identifying criteria with differing levels of importance, assigning a score for each of the criteria, and then summing and ranking those scores.

weighted table analysis

​Security _____ are the areas of trust within which users can freely communicate.

​domains

The protection of tangible items, objects, or areas from unauthorized access and misuse is known as ___________.

​physical security


Kaugnay na mga set ng pag-aaral

Blood Vessels, Fetal Circulation, and Lymphatic System: Part A-The Circulatory Plan

View Set

Cladogram Worksheet - Social Studies

View Set

What's the coverage? (Antibiotics)

View Set

Chapter 22 Nursing care of patients with hypertension

View Set

Ch.17 Project Management - OP MGMT

View Set

Political Parties Chapter 8 Quiz review

View Set

Quadratic Equations Test Part 1, ALGEBRA 1 SECTION 6: QUADRATIC EQUATIONS AND FUNCTIONS PART2, Math, Quadratic Equations

View Set

Week 1 - Historical Perspective of Infectious Diseases and Medical Microbiology

View Set

Property, Real and Personal Ch. 7

View Set

Poetry Foundation Glossary Terms

View Set