FINAL Mgnt. of InfoSec

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

True

A method to prove the authenticity of a digital evidence is to compare its hash digest with the hash digest that was calculated when the evidence was first collected. TRUE OR FALSE?

md5sum

A program that calculates and verifies the hash digest of a file is called _______________.

RootkitRevealer

A program that is used to check for worms and malwares on a computer is called ___________.

Autoruns

A program that lists all the applications that will start up automatically when a computer boots up is called __________________.

Technician

A security ____________________ may have technical responsibilities but his or her role is the typical information security entry-level position.

False

A slack space is the area between the start of a file and the end of the last cluster used by that file. TRUE OR FALSE?

Password

A(n) ____________________ is a secret word or combination of characters known only by the user.

Firewall

A(n) ____________________ is any device that prevents a specific type of information from moving between an untrusted network and a trusted network.

Asynchronous

A(n) ____________________ token uses a challenge-response system in which the server challenges the user with a number, that when entered into the token provides a response that provides access.

Background Check

Before hiring security personnel, which of the following should be conducted before the organization extends an offer to any candidate, regardless of job level?

False

Volatile information or data need to be collected as early as possible to prevent them from spreading like a virus. TRUE OR FALSE?

Keystroke Pattern Recognition

What biometric authentication systems is the most accepted by users?

GIAC

What certification program has certifications that require the applicant to complete a written practical assignment that tests the applicant's ability to apply skills and knowledge.

Political Activism

What is NOT a common type of background check that may be performed on a potential employee?

Server Hardware Construction and Theory

What is NOT among the areas covered as part of the Certified Computer Examiner (CCE) certification process?

Social Engineering

What is a nontechnical type of attack that is usually subtle?

CD/DVD

What is considered non volatile?

Digital Signature

What is most commonly used for the goal of nonrepudiation in cryptography?

Packet Sniffer

What tool would you use if you want to collect information as it is being transmitted on the network and analyze the contents for the purpose of solving network problems?

False

Computer vendors use the Host Protected Area (HPA) to keep a copy of the disk metadata. TRUE OR FALSE?

False

Data on a USB drive are more volatile than those on main memory (RAM). TRUE OR FALSE?

False

Deleted files in a computer can never be recovered. TRUE OR FALSE?

True

Digital forensics include the collection of evidence found in cell phones. TRUE OR FALSE?

Builders

Employees who create and install security solutions fall under which classification of InfoSec positions?

DMZ

You might put a proxy server in the __________________, which is exposed to the outside world, neither in the trusted nor untrusted network.

False

Ethics carry the sanction of a governing authority. TRUE OR FALSE?

Cultural mores

Ethics,are based on ___________________, which are the relatively fixed moral attitudes or customs of a societal group.

Security Manager

Ideally, a candidate for the CISO position should have experience in what other InfoSec position?

True

In digital forensics, a slack space must be examined because it can be used to hide some information. TRUE OR FALSE?

Identify relevant items of evidentiary value

In digital forensics, all investigations follow the same basic methodology. What should be performed first in a digital forensics investigation?

True

In digital forensics, string search is made on a data image to uncover valuable information such as file system type and file names. TRUE OR FALSE?

Define

In the classification of information security positions, senior people with a lot of broad knowledge, but often not a lot of depth, fall under the category of those that ____________________.

True

Steganography is the process of hiding information or files within a carrier medium such as an audio file, an image file, or a video file. TRUE OR FALSE?

False

Technical controls alone, when properly configured, can secure an IT environment. TRUE OR FALSE?

False

The "something you have" authentication mechanism takes advantage of something inherent in the user that is evaluated using biometrics. TRUE OR FALSE?

Security+

The CompTIA ____________________ certification tests an individual's security knowledge mastery and requires two years on-the-job networking experience, with emphasis on security.

True

The SSCP certification is more applicable to the security manager than the security technician.

True

The Secret Service is charged with the detection and arrest of any person committing a U.S. federal offense relating to computer fraud, as well as false identification crimes. TRUE OR FALSE?

Wired Equivalent Privacy (WEP)

The ___________ wireless security protocol was replaced by stronger protocols due to several vulnerabilities found in the early 2000s.

True

The ability to restrict specific services is a common practice in most modern routers, and is invisible to the user. TRUE OR FALSE?

False

The current law regarding nationwide search warrants for e-mail requires the government to use a search warrant to compel a provider to disclose unopened e-mail that is more than six months old. TRUE OR FALSE?

Evaluation

The digital forensic stage that involves the correlating of data with logs and the process of determining the relevance of the collected information is called __________________.

Acquisition

The digital forensic stage that involves the preservation of disks, the collection of volatile data, and the process of securing the crime scene is called __________________.

Indexing

The first component of the analysis phase is ___________, which allows the investigator to quickly and easily search for a specific type of file.

Demilitarized Zone

The intermediate area between trusted and untrusted networks is referred to as _______________________________.

True

The most common qualification for a CISO includes the CISSP and CISM certifications. TRUE OR FALSE?

For Political Advantage

The penalties for offenses related to the National Information Infrastructure Protection Act of 1996 depend on whether the offense is judged to have been committed for one of the following reasons except which of the following?

False

The presentation stage in digital forensic investigation is that stage where activity logs and timeline are correlated. TRUE OR FALSE?

True

The tracking of web browsing activities is one of the results of digital forensics. TRUE OR FALSE?

Protocol Bending

The use of network packets to hide and transmit information is called_________________________________.

Dedicated Acquisition System

To ensure that the collected digital evidence will be free of contamination, an investigator must provide a __________.

insist all mid-level and upper-level management take introductory InfoSec courses

To move the InfoSec discipline forward, organizations should take all but what?

CISO

Ultimately, the _______________________ is the spokesperson for the security team and is responsible for the overall InfoSec program.

Voice

________ recognition authentication captures the analog waveforms of human speech.

Tort Law

___________________ is a subset of civil law that allows individuals to seek redress in the event of personal, physical, or financial injury.

NAT

____________________ converts external IP addresses to internal IP addresses on a one-to-one basis.

Authorization

____________________ is the determination of actions that an entity can perform in a physical or logical area.

DD

A Unix tool that performs a bit-image copy of a disk is called _______________.

True

A file extension is used for identifying the type of the file and the application that created the file. TRUE OR FALSE?

Spreadsheet

An example of an information that belongs to the produced class is ____________________________.

True

An item does not become evidence until it is formally admitted to evidence by a judge or other ruling official. TRUE OR FALSE?

Liability

An organization increases its _____________ if it refuses to take measures—due care—to make sure that every employee knows what is acceptable and what is not, and the consequences of illegal or unethical actions.

Jurisdiction

Any court can impose its authority over an individual or organization if it can establish which of the following?

Technical Excellence

CISO's should follow six key principles to shape their careers. Which of the following is NOT among those six principles?

Stored

Files that are stored on CD are classified to be in the information class called ____________.

security manager

It is the responsibility of a _______________________ to develop appropriate InfoSec policies, standards, guidelines, and procedures.

False

Most hiring organizations are aware of the precise value of information security certifications because these programs have been in existence for a long time. TRUE OR FALSE?

Digital Camera

One of the most essential tools used in cataloging digital evidence is _______________.

True

Preservation of digital evidence includes the gathering of hash digests of the collected data. TRUE OR FALSE?

False

Protocol bending is another name for steganography. TRUE OR FALSE?

Exculpatory Evidence

Showing that someone may not have committed the digital crime is called _______________.

True

Social engineering uses persuasive techniques to gain an individual's confidence in an effort to obtain information. TRUE OR FALSE?

Fourth

Which Amendment to the U.S. Constitution starts with: The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated?

The Electronic Communications Privacy Act of 1986

Which act is a collection of statutes that regulates the interception of wire, electronic, and oral communications?

HIPPA

Which act requires organizations that retain health care information to use InfoSec mechanisms to protect this information, as well as policies and procedures to maintain them?

Monitoring

Which activity is not a part of the digital forensic process?

Descriptive Ethics

Which ethical frameworks is the study of the choices that have been made by individuals in the past; attempting to answer the question, what do others think is right?

HITECH

Which law addresses privacy and security concerns associated with the electronic transmission of PHI?

U.S. Copyright Law

Which law extends protection to intellectual property, which includes words published in electronic formats?

The Computer Security Act

Which law requires mandatory periodic training in computer security awareness and accepted computer security practice for all employees who are involved with the management, use, or operation of each federal computer system?

Security Manager

Which of the following InfoSec positions is responsible for the day-to-day operation of the InfoSec program?

Authentication

Which of the following access control processes confirms the identity of the entity seeking access to a logical or physical area?

Face Representation

Which of the following characteristics currently used today for authentication purposes is NOT considered truly unique?

False Reject Rate

Which of the following is a criteria used to compare and evaluate biometric technologies?

Cryptography

Which of the following is a domain of the CISSP certification?

Restitution

Which of the following is compensation for a wrong committed by an employee acting with or without authorization?

Deterrence

Which of the following is the best method for preventing an illegal or unethical activity? Examples include laws, policies and technical controls.

Deontological Ethics

Which of the following is the study of the rightness or wrongness of intentions and motives as opposed to the rightness or wrongness of the consequences and is also known as duty- or obligation-based ethics?

Firewalls deal strictly with defined patterns of measured observation

Which of the following is true about firewalls and their ability to adapt in a network?

Uses a secret key to encrypt and decrypt

Which of the following is true about symmetric encryption?

Business managers first and technologists second

Which of the following is typically true about the CISO position?

Key

Which of the following is used in conjunction with an algorithm to make computer data secure from anybody except the intended recipient of the data?

ISC 2

Which of the following organizations put forth a code of ethics designed primarily for InfoSec professionals who have earned their certifications? The code includes the canon: Provide diligent and competent service to principals.

Separation of Duties

Which of the following policies makes it difficult for an individual to violate InfoSec and is quite useful in monitoring financial affairs?

Job rotation

Which of the following policies requires that every employee be able to perform the work of at least one other staff member?

Two-person control

Which of the following policies requires that two individuals review and approve each other's work before the task is considered complete?

Tap and monitor telephone lines

Which one, among the following, can not be done by digital forensics?

80

Which port number is commonly used for the Hypertext Transfer Protocol service.

CISSP

Which security certification is considered the most prestigious for security managers and CISOs?

Port Scanner

Which tool can identify active computers on a network?

Protect and forget; Apprehend and prosecute

Which two approaches are available to an organization when employing digital forensics?

Anomaly-Based

Which type of IDPS is also known as a behavior-based intrusion detection system?

Dynamic Packet FIltering Firewalls

Which type of device allows only specific packets with a particular source, destination, and port address to pass through it.

Search Warrant

Which type of document grants formal permission for an investigation to occur?

Private

Which type of law regulates the relationships among individuals and among individuals and organizations?


Kaugnay na mga set ng pag-aaral

Comm 145 Chapter 2 Gender and Culture

View Set

Discuter en français - Expressions fréquemment utilisées dans une discussion

View Set

227 Anatomy and Physiology Chapter 27

View Set

POLISCI 110C: America and the World Economy Final Readings

View Set

LS7C - Chapter 9 Cell Signalling

View Set

Chapter 1A Homework: Intro- structural organization, anatomical position, and directional terminology

View Set