CSC - 321 FINAL

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

Which of the following is NOT a consideration when selecting recommended best practices?

Same certification and accreditation agency or standard

Which of the following specifies the authorization classification of information asset an individual user is permitted to access, subject to the need-to-know principle?

Security clearances

Data classification schemes should categorize information assets based on which of the following?

Sensitivity and security needs

Which of the following biometric authentication systems is the most accepted by users?

Signature recognition

In which contingency plan testing strategy do individuals participate in a role-playing exercise in which the CP team is presented with a scenario of an actual incident or disaster and expected to react as if it had occurred?

Simulation

Which of the following functions needed to implement the information security program evaluates patches used to close software vulnerabilities and acceptance testing of new systems to assure compliance with policy and effectiveness?

Systems testing

Which security architecture model is part of a larger series of standards collectively referred to as the "Rainbow Series"?

TCSEC

Which of the following is NOT one of the three types of performance measures used by organizations?

Those that evaluate the compliance of non-security personnel in adhering to InfoSec policy

The basic outcomes of InfoSec governance should include all but which of the following?

Time management by aligning resources with personnel schedules and organizational objectives

A(n) polymorphic threat is one that over time changes the way it appears to antivirus software programs, making it undetectable by techniques that look for pre-configured signatures.

True

Due care and due diligence occur when an organization adopts a certain minimum level of security—that is, what any prudent organization would do in similar circumstances. ____________

True

If an organization deals successfully with change and has created procedures and systems that can be adjusted to the environment, the existing security improvement program will probably continue to work well.

True

Risks can be avoided by countering the threats facing an asset or by eliminating the exposure of an asset.

True

Which of the following is a possible indicator of an actual incident?

Unusual consumption of computing resources

Which of the following is a definite indicator of an actual incident?

Use of dormant accounts

Which of the following is NOT among the three types of InfoSec policies based on NIST's Special Publication 800-14?

User-specific security policies

Which of the following is true about symmetric encryption?

Uses a secret key to encrypt and decrypt

Which of the following sections of the ISSP should provide instructions on how to report observed or suspected policy infractions?

Violations of Policy

Which of the following is a mathematical tool that can be useful in assessing relative importance while resolving the issue of what business function is the most critical?

Weighted analysis

When dealing with an incident, the incident response team must conduct a(n) ____________________, which entails a detailed examination of the events that occurred from first detection to final recovery.

after action review

Common vulnerability assessment processes include:

all of these

In which phase of the SecSDLC does the risk management task occur?

analysis

In addition to specifying the penalties for unacceptable behavior, what else must a policy specify?

appeals process

According to the C.I.A. triad, which of the following is a desirable characteristic for computer security?

availability

A practice related to benchmarking is ____________, which is a measurement against a prior assessment or an internal goal.

baseline

To evaluate the performance of a security system, administrators must establish system performance _____________________.

baselines

The purpose of SETA is to enhance security in all but which of the following ways?

by adding barriers

Which of the following is a disadvantage of the individual policy approach to creating and managing ISSPs?

can suffer from poor policy dissemintation, enforcement, and review

Which of the following is NOT among the functions typically performed within the InfoSec department as a compliance enforcement obligation?

centralized authentication

​The individual responsible for the assessment, management, and implementation of information-protection activities in the organization is known as a(n) ____________.

chief information security officer

In which form of access control is access to a specific set of information contingent on its subject matter?

content-dependent access controls

Which of the following describes the financial savings from using the defense risk control strategy to implement a control and eliminate the financial ramifications of an incident?

cost avoidance

What is the result of subtracting the post-control annualized loss expectancy and the ACS from the pre-control annualized loss expectancy?

cost-benefit analysis

​Individuals who control, and are therefore responsible for, the security and use of a particular set of information are known as ____________.

data owners

Internal and external stakeholders such as customers, suppliers, or employees who interact with the information in support of their organization's planning and operations are known as ____________.

data users

Application of training and education is a common method of which risk control strategy?

defense

Which control category discourages an incipient incident?

deterrent

What should each information asset-threat pair have at a minimum that clearly identifies any residual risk that remains after the proposed strategy has been executed?

documented control strategy

____________________ encompasses a requirement that the implemented standards continue to provide the required level of protection.

due diligence

Human error or failure often can be prevented with training, ongoing awareness activities, and ____________________.

education

Ethics carry the sanction of a governing authority.

false

ISACA is a professional association with a focus on authorization, control, and security. ___________

false

Strategies to limit losses before and during a realized adverse event is covered by which of the following plans in the mitigation control approach?

incident response plan

Which type of security policy is intended to provide a common understanding of the purposes for which an employee can and cannot use a resource?

issue-specific

Which of the following is true about a company's InfoSec awareness Web site?

it should be tested with multiple browsers

Which of the following set the direction and scope of the security process and provide detailed instruction for its conduct?

managerial controls

Which of the following describes an organization's efforts to reduce damage caused by a realized incident or disaster?

mitigation

Which access control principle limits a user's access to the specific information required to perform the currently assigned task?

need-to-know

Which type of access controls can be role-based or task-based?

nondiscretionary

The three levels of planning are strategic planning, tactical planning, and ____________________ planning.

operational

Which of the following is the principle of management dedicated to the structuring of resources to support the accomplishment of objectives?

organization

Which function of InfoSec Management encompasses security personnel as well as aspects of the SETA program?

people

Which function needed to implement the information security program includes researching, creating, maintaining, and promoting information security plans?

planning

Which of the following is the principle of management that develops, creates, and implements strategies for the accomplishment of objectives?

planning

The set of organizational guidelines that dictates certain behavior within the organization is called ____________________.

policy

Which of the following functions of Information Security Management seeks to dictate certain behavior within the organization through a set of organizational guidelines?

policy

Which of the following is NOT one of the basic rules that must be followed when shaping a policy?

policy should be agreed upon by all employees and management

What is the SETA program designed to do?

reduce the occurence of accidental security breaches

Which piece of the Trusted Computing Base's security system manages access controls?

reference monitor

Which of the following is compensation for a wrong committed by an employee acting with or without authorization?

restitution

By multiplying the asset value by the exposure factor, you can calculate which of the following?

single loss expectancy

Which type of document is a more detailed statement of what must be done to comply with a policy?

standard

Advanced technical training can be selected or developed based on which of the following?

technology product

A time-release safe is an example of which type of access control?

temporal isolation

A process called __________ examines the traffic that flows through a system and its associated devices to identify the most frequently used devices.

traffic analysis

InfraGard began as a cooperative effort between the FBI's Cleveland field office and local intelligence ​professionals.​ ___________

true

The Gramm-Leach-Bliley (GLB) Act (also known as the Financial Services Modernization Act of 1999) contains a number of provisions that affect banks, securities firms, and insurance companies. ___________

true

The Secret Service is charged with the detection and arrest of any person committing a U.S. federal offense relating to computer fraud, as well as false identification crimes.

true

Which of the following is a key advantage of the bottom-up approach to security implementation?

utilizes the technical expertise of the individual administrators

A __________ is the recorded condition of a particular revision of a software or hardware configuration item.

version

​ISO 27014:2013 is the ISO 27000 series standard for ____________.

​Governance of Information Security

A set of security tests and evaluations that simulate attacks by a malicious external source is known as ____________.

​penetration testing

The process of identifying and documenting specific and provable flaws in the organization's information asset environment is known as ____________.

​vulnerability assessment

Which of the following organizations put forth a code of ethics designed primarily for InfoSec professionals who have earned their certifications? The code includes the canon: Provide diligent and competent service to principals.

(ISC)2

What is the range of the well-known ports used by TCP and UDP?

0-1023

__________ are a component of the "security triple."

All of the above

Which type of IDPS is also known as a behavior-based intrusion detection system?

Anomaly-based

Which of the following is the last phase in the NIST process for performance measures implementation?

Apply corrective actions

Two of the activities involved in risk management include identifying risks and assessing risks. Which of the following activities is part of the risk identification process?

Assigning a value to each information asset

Problems with benchmarking include all but which of the following?

Benchmarking doesn't help in determining the desired outcome of the security process

Which security architecture model is based on the premise that higher levels of integrity are more worthy of trust than lower ones.

Biba

Which of the following is a policy implementation model that addresses issues by moving from the general to the specific and is a proven mechanism for prioritizing complex changes?

Bull's-eye model

When a disaster renders the current business location unusable, which plan is put into action?

Business continuity

The __________ is a center of Internet security expertise and is located at the Software Engineering Institute, a federally funded research and development center operated by Carnegie Mellon University.

CERT/CC

According to NIST SP 800-37, which of the following is the first step in the security controls selection process?

Categorize the information system and the information processed

Which document must be changed when evidence changes hands or is stored?

Chain of custody

Which of the following is a C.I.A. characteristic that ensures that only those with sufficient privileges and a demonstrated need may access certain information?

Confidentiality

Which of the following has the main goal of restoring normal modes of operation with minimal cost and disruption to normal business activities after an adverse event?

Contingency planning

Determining the cost of recovery from an attack is one calculation that must be made to identify risk, what is another?

Cost of prevention

Which of the following is the study of the rightness or wrongness of intentions and motives as opposed to the rightness or wrongness of the consequences and is also known as duty- or obligation-based ethics?

Deontological ethics

Which of the following ethical frameworks is the study of the choices that have been made by individuals in the past; attempting to answer the question, what do others think is right?

Descriptive ethics

What is most commonly used for the goal of nonrepudiation in cryptography?

Digital signature

Which policy is the highest level of policy and is usually created first?

EISP

Having an established risk management program means that an organization's assets are completely protected.

False

The defense risk control strategy may be accomplished by outsourcing to other organizations.

False

Using a practice called baselining, you are able to develop policy based on the typical practices of the industry in which you are working.

False

What is the next phase of the preattack data gathering process after an attacker has collected all of an organization's Internet addresses?

Fingerprinting

Which of the following is true about firewalls and their ability to adapt in a network?

Firewalls deal strictly with defined patterns of measured observation

Which act requires organizations that retain health care information to use InfoSec mechanisms to protect this information, as well as policies and procedures to maintain them?

HIPAA

Which technology has two modes of operation: transport and tunnel?

IP Security

Which of the following is the first step in the process of implementing training?

Identify program scope, goals, and objectives

What is the final stage of the business impact analysis when using the NIST SP 800-34 approach?

Identify recovery priorities for system resources

In digital forensics, all investigations follow the same basic methodology. Which of the following should be performed first in a digital forensics investigation?

Identify relevant items of evidentiary value (EM)

Each manager in the organization should focus on reducing risk. This is often done within the context of one of the three communities of interest, which includes all but which of the following?

Legal management must develop corporate-wide standards

What is the final step in the risk identification process?

Listing assets in order of importance

Which of the following distinctly identifies an asset and can be vital in later analysis of threats directed to specific models of certain devices or software components?

Manufacturer's model or part number

InfoSec measurements collected from production statistics depend greatly on which of the following factors?

Number of systems and users of those systems

Which of the following variables is the most influential in determining how to structure an information security program?

Organizational culture

Which of the following is an example of a technological obsolescence threat?

Outdated servers

The __________ process is designed to find and document vulnerabilities that may be present because there are misconfigured systems in use within the organization.

PSV

The __________ commercial site focuses on current security tool resources.

Packet Storm

Which section of an ISSP should outline a specific methodology for the review and modification of the ISSP?

Policy Review and Modification

Which tool can best identify active computers on a network?

Port scanner

__________ allows for major security control components to be reviewed on a periodic basis to ensure that they are current, accurate, and appropriate.

Program review

Under the Common Criteria, which term describes the user-generated specifications for security requirements?

Protection Profile (PP)

The identification and assessment of levels of risk in an organization describes which of the following?

Risk analysis

Which of the following functions includes identifying the sources of risk and may include offering advice on controls that can reduce risk?

Risk assessment

The likelihood of the occurrence of a vulnerability multiplied by the value of the information asset minus the percentage of risk mitigated by current controls plus the uncertainty of current knowledge of the vulnerability are each examples of _____.

Risk assessment estimate factors

__4__A comprehensive assessment of a system's technical and nontechnical protection strategies, as specified by a particular set of requirements. __8__A legal standard that requires an organization and its employees to act as a reasonable and prudent individual or organization would under similar circumstances. __6__Those security efforts that are considered among the best in the industry. __9__The data or the trends in data that may indicate the effectiveness of security countermeasures or controls—technical and managerial—implemented in the organization. __2__An assessment of the performance of some action or process against which future performance is assessed. __5__The actions that demonstrate that an organization has made a valid effort to protect others a requirement and that the implemented standards continue to provide the required level of protection. __7__Those procedures that provide a superior level of security for an organization's information. __10__A common approach to a Risk Management Framework (RMF) for InfoSec practice. __1__The authorization of an IT system to process, store, or transmit information. __3__An attempt to improve information security practices by comparing an organization's efforts against practices of a similar organization or an industry-developed standard to produce results it would like to duplicate.

1.accreditation 2.baseline 3.benchmarking 4.certification 5.due diligence 6.best security practices 7.recommended business practices 8.standard of due care 9.performance measurements 10.NIST SP 800-37

Which port number is commonly used for the Simple Mail Transfer Protocol service?

25


Kaugnay na mga set ng pag-aaral

Work Place Learning Chapter 3 Review Your Knowledge Test

View Set

A-Level Edexcel History - Paupers and Pauperism

View Set

Operations with Complex Numbers / Quiz

View Set

prep u antineoplastic drugs and targeted therapies

View Set