Final Review - CIST1601-Information Security Fund

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

The filtering component of a content filter is like a set of firewall rules for Web sites, and is common in residential content filters. _________________________ A) True B) False

B) False

The first step in the work breakdown structure (WBS) approach encompasses activities, but not deliverables. A) True B) False

B) False

The fundamental difference between symmetric and asymmetric encryption is that the symmetric encryption uses two keys (private/public) and the asymmetric encryption uses only one key. A) True B) False

B) False

The general management community of interest must plan for the proper staffing for the information security function. _________________________ A) True B) False

B) False

The general management community of interest must plan for the proper staffing for the information security function. _________________________ A) True B) False

B) False

The information security function cannot be placed within protective services. A) True B) False

B) False

The most common credential for a CISO-level position is the Security+ certification. _________________________ A) True B) False

B) False

The networks layer of the bull's-eye is the outermost ring of the bull's eye. A) True B) False

B) False

The number of horizontal and vertical pixels captured and recorded is known as the image's contrast. _________________________ A) True B) False

B) False

Which one of the following is NOT a component of Lewin change model? A) Refreezing B) Freezing C) Moving D) Unfreezing

B) Freezing

__________ testing is a straightforward testing technique that looks for vulnerabilities in a program or protocol by feeding random input to the program or a network running the protocol. A) Buzz B) Fuzz C) Spike D) Black

B) Fuzz

___________________ is NOT an information security position. A) Physical Security Manager B) Information Security Planner C) Information Security Administrator D) Information Security Technician

B) Information Security Planner

What is a project plan? A) It is used to resolve any pending issues, critique the overall project effort, and draw conclusions about how to improve the process for the future. B) It instruct the individuals who are executing the implementation phase C) It involves running the new methods alonside the old methods. D) None of the above

B) It instruct the individuals who are executing the implementation phase

The service within Kerberos that generates and issues session keys is known as __________. A) VPN B) KDC C) AS D) TGS

B) KDC

__________ was developed by Phil Zimmermann and uses the IDEA Cipher for message encoding. A) PEM B) PGP C) S/MIME D) SSL

B) PGP

__________ is an integrated system of software, encryption methodologies, protocols, legal agreements, and third-party services that enables users to communicate securely. A) MAC B) PKI C) DES D) AES

B) PKI

The __________ algorithm, developed in 1977, was the first public key encryption algorithm published for commercial use. A) DES B) RSA C) MAC D) AES

B) RSA

Most guards have clear __________ that help them to act decisively in unfamiliar situations. A) MACs B) SOPs C) POSs D) OPSs

B) SOPs

SecSDLC stands for ____________________. A) Security Systems development Life Change B) Security Systems Development Life Cycle C) Security Systems Deployment Life Cycle D) Security Systems Deployment Life Change

B) Security Systems Development Life Cycle

Each of the following protects remote connections except ________________. A) VPN B) Sniffer C) Kerberos D) Diameter

B) Sniffer

__________ filtering requires that the filtering rules governing how the firewall decides which packets are allowed and which are denied be developed and installed with the firewall. A) Dynamic B) Static C) Stateful D) Stateless

B) Static

Kerberos __________ provides tickets to clients who request services. A) KDS B) TGS C) AS D) VPN

B) TGS

__________ occurs when an authorized person opens a door, and other people, who may or may not be authorized, also enter. A) Crowdsurfing B) Tailgating C) Freeloading D) Hitchhiking

B) Tailgating

Known as the ping service, ICMP is a(n) __________ and should be ___________. A) essential feature, turned on to save money B) common method for hacker reconnaissance, turned off to prevent snooping C) infrequently used hacker tool, turned off to prevent snooping D) common method for hacker reconnaissance, turned on to save money

B) common method for hacker reconnaissance, turned off to prevent snooping

Each of the following is a plannning parameter for the task being corrected except _________. A) quality or quantity of the deliverable B) cybernetic loop C) elapsed time or scheduling impact D) effort and money allocated

B) cybernetic loop

Some cases of __________ are simple, such as requiring employees to begin using a new password on an announced date. A) phased implementation B) direct changeover C) pilot implementation D) wrap-up

B) direct changeover

Keycard readers based on smart cards are often used to secure computer rooms, communications closets, and other restricted areas. A) True B) False

A) True

Keycard readers based on smart cards are often used to secure computer rooms, communications closets, and other restricted areas. A) True B) False

A) True

Least privilege is the requirement that employee is provided with minimal amount of information for minimal amount of time necessary for them to perform their duties. A) True B) False

A) True

Manual fire detection systems, include human responses, such as calling the fire department and manually activated alarms. _________________________ A) True B) False

A) True

Minutiae are unique points of reference that are digitzed and stored in an encrypted format when the user's system access credentials are created. A) True B) False

A) True

Most firewalls use packet header information to determine whether a specific packet should be allowed to pass through or should be dropped. _________________________ A) True B) False

A) True

Nonrepudiation means that customers or partners can be held accountable for transactions, such as online purchases, which they cannot later deny. A) True B) False

A) True

Once a project is underway, it is managed using a process known as gap analysis, which ensures that progress is measured periodically. _________________________ A) True B) False

A) True

Once the OS is known, all of the vulnerabilities to which a system is susceptible can easily be determined. A) True B) False

A) True

One encryption method made popular by spy movies involves using the text in a book as the key to decrypt a message. A) True B) False

A) True

PKI systems are based on public key cryptosystems and include digital certificates and certificate authorities. A) True B) False

A) True

Packet filtering firewalls scan network data packets looking for compliance with or violation of the rules of the firewall's database. A) True B) False

A) True

Packet-filtering firewalls scan network data packets looking for compliance with the rules of the firewall's database or violations of those rules. A) True B) False

A) True

Physical security is just as important as logical security to an information security program. _________________________ A) True B) False

A) True

Popular cryptosystems use a hybrid combination of symmetric and asymmetric algorithms. A) True B) False

A) True

Port scanners are used to fingerprint the computers that are active on the network. A) True B) False

A) True

Pretty Good Privacy (PGP) is a hybrid cryptosystem. A) True B) False

A) True

Pretty Good Privacy (PGP) uses the freeware ZIP algorithm to compress the message after it has been digitally signed but before it is encrypted. _________________________ A) True B) False

A) True

SOCKS ​is a de facto standard for circuit-level gateways. _________________________ A) True B) False

A) True

Secure Multipurpose Internet Mail Extensions builds on the encoding format of the MIME protocol and uses digital signatures based on public key cryptosystems to secure e-mail. _________________________ A) True B) False

A) True

Security managers accomplish objectives identified by the CISO and resolve issues identified by technicians. _________________________ A) True B) False

A) True

Security tools that go beyond routine intrusion detection include honeypots, honeynets and padded cell systems. A) True B) False

A) True

Smoke detection systems are perhaps the most common means of detecting a potentially dangerous fire, and they are required by building codes in most residential dwellings and commercial buildings. _________________________ A) True B) False

A) True

Some firewalls can filter packets by protocol name. A) True B) False

A) True

Static electricity is caused by a process called triboelectrification. A) True B) False

A) True

Steganography is a data hiding method that involves embedding information within other files, such as digital pictures or other images. A) True B) False

A) True

Steganography is used to hide messages within digital encoding of a picture or graphic. A) True B) False

A) True

TEMPEST is a program developed by the U.S. government to reduce the risk of EMR monitoring. A) True B) False

A) True

Technology governance is a complexe process that organizations use to manage the effects and costs of technology implementation, innovation, and obsolescence. A) True B) False

A) True

Telecommuters should use a securable operating system that requires password authentication. A) True B) False

A) True

Water-based systems are inexpensive, nontoxic, and can often be created by using an existing sprinkler system that may have been present in earlier construction. A) True B) False

A) True

Weak management support, with overly delegated responsibility and no champion, sentences a project to almost-certain failure. A) True B) False

A) True

When Web services are offered outside the firewall, HTTP traffic should be blocked from internal networks through the use of some form of proxy access or DMZ architecture. A) True B) False

A) True

When a collection of honeypots connects several honeypot systems on a subnet, it may be called a(n) honeynet. _________________________ A) True B) False

A) True

When an asymmetric cryptographic process uses the sender's private key to encrypt a message, the sender's public key must be used to decrypt the message. A) True B) False

A) True

While a network-based IDPS(NIDPS) resides on a network segment and monitors activities accross that segment, a host-based IDPS(HIDPS)resides on a prticular computer or server, and monitors activity only on that system. A) True B) False

A) True

A(n) intranet ​is a segment of the DMZ where additional authentication and authorization controls are put into place to provide services that are not available to the general public. _________________________ A) True B) False

B) False

A(n) monitoring vulnerability scanner is one that listens in on the network and determines vulnerable versions of both server and client software. _________________________ A) True B) False

B) False

Accountability is the matching of an authenticated entity to a list of information assets and corresponding access levels. A) True B) False

B) False

Administrators who are wary of using the same tools that attackers use should remember that most organizations prohibit use of open source or freeware software tools. A) True B) False

B) False

Adopted by NIST in 1976 as a federal standard, DES uses a 64-bit block size and key. A) True B) False

B) False

All IDPS vendors target users with the same levels of technical and security expertise. A) True B) False

B) False

All organizations should designate a champion from the general management community of interest to supervise the implementation of an information security project plan. A) True B) False

B) False

All organizations with a router at the boundary between the organization's internal networks and the external service provider will experience improved network performance due to the complexity of the ACLs used to filter the packets. A) True B) False

B) False

An IDPS can be configured to dial a phone number and produce an alphanumeric page or other type of signal or message. A) True B) False

B) False

As DES became known as being too weak for highly classified communications, Double DES was created to provide a level of security far beyond that of DES. _________________________ A) True B) False

B) False

Authentication is a mechanism whereby unverified entities or supplicants who seek access to a resource provide a label by which they are known to the system.. _________________________ A) True B) False

B) False

Bluetooth is a defacto industry standard for long-range wireless communication between devices. A) True B) False

B) False

Certification is what authorized an IT system to process, store, or transmit information A) True B) False

B) False

Circuit-level gateways usually look at data traffic flowing between networks rather than preventing direct connections between networks. A) True B) False

B) False

CompTIA offers a vendor-specific certification program called the Security+ certification. A) True B) False

B) False

Dogs should be used for physical security when sense of smell and feeling can detect intrusion. A) True B) False

B) False

Each for-profit organization determines its capital budget and the rules for managing capital spending and expenses the same way. A) True B) False

B) False

Encryption is the process of converting the ciphertext message back into plaintext so that it can be readily understood. _________________________ A) True B) False

B) False

Enticement is the action of luring an individual into committing a crime to get a conviction. _________________________ A) True B) False

B) False

Even if Kerberos servers are subjected to denial-of-service attacks, a client can still request additional services. A) True B) False

B) False

Every organization needs to develop an information security department or program of its own. A) True B) False

B) False

Existing information security-related certifications are typically well understood by those responsible for hiring in the organizations. A) True B) False

B) False

Fail-safe lock is when the door lock fails and the door remains lock. A) True B) False

B) False

False positive is the failure of an IDPS to react to an actual attack event.This is the most grievious failure. A) True B) False

B) False

Fingerprinting is the organized research of the Internet addresses owned or controlled by a target organization. _________________________ A) True B) False

B) False

Fire suppression systems typically work by denying an environment one of the three requirements for a fire to burn: a spark, fuel, and oxygen. A) True B) False

B) False

Friendly departures include resignation, retirement, termination, or relocation A) True B) False

B) False

Friendly departures include termination for cause, permanent downsizing, temporary lay-off, or some instances of quitting. _________________________ A) True B) False

B) False

GIAC stands for Global Information Architecture Certification. _________________________ A) True B) False

B) False

Hashing functions require the use of keys. A) True B) False

B) False

IPSec uses only one cryptosystem: Diffie-Hellman A) True B) False

B) False

ISACA touts the CISA certification as being appropriate for accounting, networking, and security professionals. _________________________ A) True B) False

B) False

ISSMP stands for Information Systems Security Monitoring Professional. _________________________ A) True B) False

B) False

In 1953, Giovan Batista Bellaso introduced the idea of the passphrase (password) as a key for encryption. A) True B) False

B) False

In a book cipher, the key consists of a list of codes representing the page number, line number, and word number of the plaintext word._________________________ A) True B) False

B) False

In a(n) double conversion offline UPS, the primary power source is the inverter, and the power feed from the utility is constantly recharging the battery, which in turn powers the output inverter.. _________________________ A) True B) False

B) False

In general, the design phase is accomplished by changing the configuration and operation of the organization's information systems to make them more secure. A) True B) False

B) False

In project planning, the tasks or action steps that come before the specific task at hand are commonly referred to as prerequisites. _________________________ A) True B) False

B) False

In the early stages of planning, the project planner should attempt to specify completion dates only for major employees within the project. _________________________ A) True B) False

B) False

In transport mode the entire IP packet is encrypted and is then placed as the content portion of another IP packet. _________________________ A) True B) False

B) False

In tunnel mode, the data within an IP packet is encrypted, but not the header information. A) True B) False

B) False

Intrusion detection and prevention systems can deal effectively with switched networks. A) True B) False

B) False

Intrusion detection consists of procedures and systems that identify system intrusions and take action when an intrusion is detected. A) True B) False

B) False

Kerberos uses asymmetric key encryption to validate an individual user to various network resources. _________________________ A) True B) False

B) False

Many hiring managers in information security prefer to recruit a security professional who already has proven HR skills and professional experience, since qualified candidates with information security experience are scarce. _________________________ A) True B) False

B) False

Mechanical locks can accept a variety of inputs as keys, including magnetic strips on ID cards, radio signals from name badges, personal identification numbers (PINs) typed into a keypad, or some combination of these to activate an electrically powered servo to unlock the mechanism. _________________________ A) True B) False

B) False

Most current operating systems require specialized software to connect to VPN servers, as support for VPN services is no longer built into the clients. A) True B) False

B) False

Most information security projects require a trained project developer. _________________________ A) True B) False

B) False

One of the biggest challenges in the use of the trusted computer base (TCB) is the existence of explicit channels._________________________ A) True B) False

B) False

Organizations are not required by law to protect employee information that is sensitive or personal. A) True B) False

B) False

Passive scanners are advantageous in that they require vulnerability analysts to get approval prior to testing. A) True B) False

B) False

Planning for the implementation phase requires the creation of a detailed request for proposal, which is often assigned either to a project manager or the project champion. _________________________ A) True B) False

B) False

Port Address Translation assigns non-routing local addresses to the computer systems in the local area network and uses ISP-assigned addresses to communicate with the Internet, on a one-to-one basis. _________________________ A) True B) False

B) False

Port explorers ​are tools used by both attackers and defenders to identify (or fingerprint) the computers that are active on a network, as well as the ports and services active on those computers, the functions and roles the machines are fulfilling, anAn IDPS can be configured to dial a phone number and produce an alphanumeric page or other type of signal or message. A) True B) False other useful information. _________________________ A) True B) False

B) False

Port explorers ​are tools used by both attackers and defenders to identify (or fingerprint) the computers that are active on a network, as well as the ports and services active on those computers, the functions and roles the machines are fulfilling, and other useful information. _________________________ A) True B) False

B) False

SESAME, as described in RFC 4120, keeps a database containing the private keys of clients and servers—in the case of a client, this key is simply the client's encrypted password.. _________________________ A) True B) False

B) False

SSL builds on the encoding format of the Multipurpose Internet Mail Extensions protocol and uses digital signatures based on public key cryptosystems to secure e-mail. A) True B) False

B) False

Sequence encryption is a series of encryptions and decryptions between a number of systems, wherein each system in a network decrypts the message sent to it and then reencrypts it using different keys and sends it to the next neighbor, and this process continues until the message reaches the final destination. A) True B) False

B) False

Services using the TCP/IP protocol can run only on their commonly used port number as specified in their original Internet standard. A) True B) False

B) False

Standby power supply (SPS) UPSs provide power conditioning. A) True B) False

B) False

Symmetric encryption uses two different but related keys, and either key can be used to encrypt or decrypt the message. _________________________ A) True B) False

B) False

Syntax errors in firewall policies are usually extremely difficult to identify. A) True B) False

B) False

Task rotation is the requirement that two individuals review and approve each other's work before the task is categorized as finished. A) True B) False

B) False

Task-based controls are associated with the assigned role a user performs in an organization, such as a position or temporary assignment like project manager. A) True B) False

B) False

Tasks or action steps that come before the specific task at hand are called successors. A) True B) False

B) False

The AES algorithm was the first public key encryption algorithm to use a 256 bit key length. A) True B) False

B) False

The CISA credential is geared toward experienced information security managers and others who may have similar management responsibilities. _________________________ A) True B) False

B) False

The CISSP-ISSEP concentration focuses on the knowledge areas that are part of enterprise security management. A) True B) False

B) False

The RADIUS system decentralizes the responsibility for authenticating each user, by validating the user's credentials on the NAS server. A) True B) False

B) False

The RFP determines the impact that a specific technology or approach can have on the organization's information assets and what it may cost. _________________________ A) True B) False

B) False

The S-HTTP security solution provides six services: authentication by digital signatures, message encryption, compression, e-mail compatibility, segmentation, and key management. A) True B) False

B) False

The SSCP examination is much more rigorous that the CISSP examination. A) True B) False

B) False

The Virtual Private Network Consortium (VPNC) defines three VPN technologies: trusted VPN, secure VPN, and mixed VPN. A) True B) False

B) False

The ability of a router to restrict traffic to a specific service is an advanced capability and not considered a standard feature for most routers. A) True B) False

B) False

The activities that gather information about the organization and its network activities and assets is called fingerprinting. _________________________ A) True B) False

B) False

The application header (AH) protocol provides secrecy for the contents of network communications as well as system-to-system authentication and data integrity verification. _________________________ A) True B) False

B) False

The disadvantages of using the honeypot or padded cell approach include the fact that the technical ​implications of using such devices are not well understood. _________________________ A) True B) False

B) False

__________ is the information used in conjunction with an algorithm to create the ciphertext from the plaintext or derive the plaintext from the ciphertext. A) Password B) Cipher C) Key D) Passphrase

C) Key

Which one of the following is NOT an IDPS Control Strategy? A) Partially Distributed Control Strategy B) Centralized Control Strategy C) Localized Control Strategy D) Fully Distributed Control Strategy

C) Localized Control Strategy

Which security protocols are used to protect e-mails? A) S/MIME and SET B) SSL and PEM C) PGP and PEM D) PGP and S-HTTP

C) PGP and PEM

The CompTIA's Security+ exam objectives focus on the following except ___________. A) System security B) Organization security C) Personel security D) Cryptography

C) Personel security

Which one of the following is NOT a symmetric encryption cryptosystem? A) Advanced Encryption Standard (AES) B) Triple DES (3DES) C) Rivest-Shamir-Adleman (RSA) D) Data Encryption Standard (DES)

C) Rivest-Shamir-Adleman (RSA)

System Administration, Networking, and Security Organization is better known as __________. A) SANO B) SAN C) SANS D) SANSO

C) SANS

__________ is a cornerstone in the protection of information assets and in the prevention of financial loss. A) Fire suppression B) Business separation C) Separation of duties D) Collusion

C) Separation of duties

__________ is a cornerstone in the protection of information assets and in the prevention of financial loss. A) Fire suppression B) Business separation C) Separation of duties D) Collusion

C) Separation of duties

The __________ layer of the bull's-eye model includes computers used as servers, desktop computers, and systems used for process control and manufacturing systems. A) Policies B) Networks C) Systems D) Applications

C) Systems

Which of the following version of TACACS is still in use? A) TACACS B) Extended TACACS C) TACACS+ D) All of the above

C) TACACS+

Free Response %100 Read the SonicWall Firewall document.What are the technologies utilized in the firewall to protect an organization?

packet inspection, content filtering, built in anti-virus, clean VPN, portshield security and built in anti-spam

A padded cell is a hardened honeynet. _________________________ A) True B) False

B) False

Evasion is the process by which attackers change the format and/or timing of their activities to avoid being detected by the IDPS. A) True B) False

A) True

Firewalls can be categorized by processing mode, development era, or structure. A) True B) False

A) True

For laptops, there are theft alarms made up of a PC card or other device that contains a motion detector. A) True B) False

A) True

For laptops, there are theft alarms made up of a PC card or other device that contains a motion detector. A) True B) False

A) True

Gaseous emission systems can be used in the suppression of fires. _________________________ A) True B) False

A) True

Grounding ensures that the returning flow of current is properly discharged to the ground. _________________________ A) True B) False

A) True

Guards can evaluate each situation as it arises and make reasoned responses. _________________________ A) True B) False

A) True

Hash algorithms are public functions that create a message digest by converting variable-length messages into a single fixed-length value. _________________________ A) True B) False

A) True

Hash functions are used to confirm message identity and integrity. A) True B) False

A) True

Honeypots are decoy systems designed to lure potential attackers away from critical systems. A) True B) False

A) True

IDPS responses can be classified as active or passive. A) True B) False

A) True

In DNS cache poisoning, valid packets exploit poorly configured DNS servers to inject false information to corrupt the servers' answers to routine DNS queries from other systems on the network. A) True B) False

A) True

In addition to being credited with inventing a substitution cipher, Julius Caesar was associated with an early version of the transposition cipher. A) True B) False

A) True

In many organizations, information security teams lacks established roles and responsibilities. A) True B) False

A) True

In order to determine which IDPS best meets an organization's needs, first consider the organizational environment in technical, physical, and political terms. A) True B) False

A) True

In static ​filtering, configuration rules must be manually created, sequenced, and modified within the firewall.. _________________________ A) True B) False

A) True

Internet Protocol Security (IPSec) is an open-source protocol framework for security development within the TCP/IP family of protocol. A) True B) False

A) True

Internet Protocol Security is designed to protect data integrity, user confidentiality, and authenticity at the IP packet level. _________________________ A) True B) False

A) True

Free Response %100 What is a VPN? Why is it becoming more widely used?

A Virtual Private Network is a private network that uses the public infrastructure and maintains privacy by using tunneling protocols. They are becoming more widely used because they can be used to set up tunneling points across the internet to encrypt data and create a secure line of communication

It is important that e-mail traffic reach your e-mail server and only your e-mail server. A) True B) False

A) True

Kerberos uses symmetric key encryption to validate an individual user to various network resources. A) True B) False

A) True

Free Response %100 What is the typical relationship among the untrusted network, the firewall, and the trusted network?

A firewall program is similar to a fire wall in a building. A fire wall is made to protect the separate parts of a building from the other parts so that, if there is a fire, only one section is destroyed. A firewall helps to make sure that only specific types of information move between untrusted networks (the internet) and trusted networks

According to Schwartz, Erwin, Weafer, and Briney "__________" are the real techies who create and install security solutions. A) Builders B) Administrators C) Engineers D) Definers

A) Builders

The __________ position is typically considered the top information security officer in the organization. A) CISO B) CFO C) CTO D) CEO

A) CISO

The CA periodically distributes a(n) _________ to all users that identifies all revoked certificates. A) CRL B) RA C) MAC D) RDL

A) CRL

Which one of the following is not a class of fire? A) Class F B) Class A C) Class C D) Class D

A) Class F

Digital signatures should be created using processes and products that are based on the __________. A) DSS B) NIST C) SSL D) HTTPS

A) DSS

__________ are encrypted messages that can be mathematically proven to be authentic. A) Digital signatures B) MAC C) Message certificates D) Message digests

A) Digital signatures

Which one of the following is NOT a method of data interception? A) Electromechanic interception B) Interception of data transmission C) Direct observation D) Electromagnetic interception

A) Electromechanic interception

__________ is the process of converting an original message into a form that is unreadable to unauthorized individuals. A) Encryption B) Decryption C) Cryptology D) Cryptography

A) Encryption

Each of the following is a conversion strategy except _________________. A) Enterprise Resource Planning (ERP) B) phased implementation C) cold turkey D) pilot implementation

A) Enterprise Resource Planning (ERP)

__________ is the action of luring an individual into committing a crime to get a conviction. A) Entrapment B) Enticement C) Intrusion D) Padding

A) Entrapment

__________ are decoy systems designed to lure potential attackers away from critical systems. A) Honeypots B) Bastion Hosts C) Wasp Nests D) Designated Targets

A) Honeypots

A(n) __________ works like a burglar alarm in that it detects a violation (some system activities analogous to an opened or broken window) and activates an alarm. A) IDPS B) WiFi C) UDP D) DoS

A) IDPS

Using __________, the system reviews the log files generated by servers, network devices, and even other IDPSs. A) LFM B) stat IDPS C) AppIDPS D) HIDPS

A) LFM

__________ firewalls are designed to operate at the media access control sublayer of the data link layer of the OSI network model. A) MAC layer B) Circuit gateway C) Application gateways D) Packet filtering

A) MAC layer

__________ are usually passive devices and can be deployed into existing networks with little or no disruption to normal network operations. A) NIDPSs B) HIDPSs C) AppIDPSs D) SIDPSs

A) NIDPSs

_________ is a hybrid cryptosystem that combines some of the best available cryptographic algorithms and has become the open-source de facto standard for encryption and authentication of e-mail and file storage applications. A) PGP B) DES C) AH D) ESP

A) PGP

__________ firewalls examine every incoming packet header and can selectively filter packets based on header information such as destination address, source address, packet type, and other key information. A) Packet-filtering B) Application gateways C) Circuit gateways D) MAC layer firewalls

A) Packet-filtering

__________ sensors project and detect an infrared beam across an area. A) Photoelectric B) Smoke C) Air-aspirating D) Thermal

A) Photoelectric

The __________ level of the bull's-eye model establishes the ground rules for the use of all systems and describes what is appropriate and what is inappropriate; it enables all other information security components to function correctly. A) Policies B) Networks C) Systems D) Applications

A) Policies

__________ locks can be changed after they are put in service, allowing for combination or key changes without a locksmith and even allowing the owner to change to another access method (key or combination) to upgrade security. A) Programmable B) Manual C) Biometric D) Electronic

A) Programmable

__________ and TACACS are systems that authenticate the credentials of users who are trying to access an organization's network via a dial-up connection. A) RADIUS B) RADIAL C) TUNMAN D) IPSEC

A) RADIUS

__________ involves a wide variety of computing sites outside the organization's primary facility and includes all forms of telecommuting. A) Remote site computing B) Telecommuting C) Remote working D) Hot site computing

A) Remote site computing

__________ are hired by the organization to serve in a temporary position or to supplement the existing workforce. A) Temporary employees B) Consultants C) Contractors D) Self-employees

A) Temporary employees

Corrective action decisions are usually expressed in terms of trade-offs. _________________________ A) True B) False

A) True

Electronic locks can be integrated into alarm systems and combined with other building management systems. A) True B) False

A) True

What is the typical relationship among the untrusted network, firewal, and the trusted network? Choose the best answer. A) The firewall prevents specific types of information from moving between untrusted network and the trusted network. B) The firewall prevents specific types of information from moving from the untrusted network to the trusted network. C) The firewall prevents specific types of information from moving from the trusted network to the untrusted network. D) None of the above

A) The firewall prevents specific types of information from moving between untrusted network and the trusted network.

Which one of the following is NOT a compelling reason to use an IDPS?Choose the best possible answer. A) To protect all the computers at once on the network B) To document the existing threat to an organization C) To act as quality control for security design and administration. D) To detect attacks and other security violations that are not prevented by other security measures.

A) To protect all the computers at once on the network

"Separation of duties" control stipulates that the completion of a significant task that involves sensitive information should require at least two people. A) True B) False

A) True

A HIDPS can monitor systems logs for predefined events. A) True B) False

A) True

A VPN, used properly, allows a user to use the Internet as if it were a private network. A) True B) False

A) True

A background check must always be conducted to determine the level of trust the business can place in a candidate for an information security position. A) True B) False

A) True

A background check should be conducted before an organization extends a job offer to a candidate. A) True B) False

A) True

A behavior-based IDPS collects statistical summaries by observing traffic that is known to be normal. A) True B) False

A) True

A content filter, also known as a reverse firewall, is a network device that allows administrators to restrict access to external content from within a network. A) True B) False

A) True

A deliverable is a completed document or program module that can either serve as the beginning point for a later task or become an element in the finished project. A) True B) False

A) True

A fully distributed IDPS control strategy is an IDPS implementation approach in which all control functions are applied at the physical location of each IDPS component.. A) True B) False

A) True

A milestone is a specific point in the project plan when a task that has a noticeable impact on the progress of the project is complete. A) True B) False

A) True

A passive vulnerability scanner is one that listens in network and determines vulnerable versions of both server and client software. A) True B) False

A) True

A phased implementation is the most common conversion strategy and involves a measured rollout of the planned system. A) True B) False

A) True

A proven method for prioritizing a program of complex change is the bull's-eye method. _________________________ A) True B) False

A) True

A strategy based on the concept of defense in depth is likely to include intrusion detection systems, active vulnerability scanners, passive vulnerability scanners, automated log analyzers, and protocol analyzers. A) True B) False

A) True

A(n) distinguished name uniquely identifies a certificate entity, to a user's public key. _________________________ A) True B) False

A) True

A(n) known vulnerability is a published weakness or fault in an information asset or its protective systems that may be exploited and result in loss. _________________________ A) True B) False

A) True

A(n) log file monitor is similar to a NIDPS. _________________________ A) True B) False

A) True

A(n) partially distributed IDPS control strategy combines the best of the other two strategies. _________________________ A) True B) False

A) True

AES implements a block cipher called the Rijndael ​Block Cipher. _________________________ A) True B) False

A) True

Access control is achieved by means of a combination of policies, programs, and technologies. _________________________ A) True B) False

A) True

Alarm events that are accurate and noteworthy but do not pose significant threats to information security are called noise. _________________________ A) True B) False

A) True

Alarm filtering is the process of classifying IDPS alerts so that they can be more effectively managed. A) True B) False

A) True

An HIDPS can detect local events on host systems and also detect attacks that may elude a network-based IDPS. A) True B) False

A) True

An IDPS can be configured to dial a phone number and produce an alphanumeric page or other type of signal or message. A) True B) False

A) True

Authentication is the process of validating a supplicant's purported identity.​ A) True B) False

A) True

Best practices in firewall rule set configuration state that the firewall device never allows administrative access directly from the public network. _________________________ A) True B) False

A) True

Bluetooth is a de facto industry standard for short-range wireless communications between devices. A) True B) False

A) True

Carbon dioxide systems remove a fire's supply of oxygen. A) True B) False

A) True

Ciphertext or cryptogram is the encoded message, or a message that has been successfully encrypted. _________________________ A) True B) False

A) True

Contract employees are typically hired to perform specific services for the organization. A) True B) False

A) True

The CISSP certification requires both the successful complition of the examination and an endorsement by a qualified third party, typically another CISSP-certified professional, the candidate's employer, or a licensed , certified, or commissioned professional. A) True B) False

A) True

The Diameter protocol defines the minimum requirements for a system that provides authentication, authorization, and accounting (AAA) services. A) True B) False

A) True

The International Society of Forensic Computer Examiners (ISFCE) offers two levels of certification, the Certified Computer Examiner (CCE) and the Master ​​Certified Computer Examiner (MCCE). _________________________ A) True B) False

A) True

The anomaly-based IDPS collects statistical summaries by observing traffic that is known to be normal. A) True B) False

A) True

The application layer firewall is firewall type capable of performing filtering at the application layer of the OSI model, most commonly based on the type of service. A) True B) False

A) True

The budgets of public organizations are usually the product of legislation or public meetings. A) True B) False

A) True

The bull's-eye model can be used to evaluate the sequence of steps taken to integrate parts of the information security blueprint into a project plan. A) True B) False

A) True

The difference between digital certificates and digital signatures is that digital signatures help authenticate the origin of a message and digital certificates authenticate the cryptographic key that is embedded in the certificate. A) True B) False

A) True

The dynamic packet-filtering firewall is perceived to offer improved security over static packet filtering. A) True B) False

A) True

The effective use of a DMZ is one of the primary methods of securing an organization's networks. A) True B) False

A) True

The encapsulating security payload protocol provides secrecy for the contents of network communications as well as system-to-system authentication and data integrity verification. A) True B) False

A) True

The false reject rate describes the number of legitimate users who are denied access because of a failure in the biometric device._________________________ A) True B) False

A) True

The general management community of interest must work with the information security professionals to integrate solid information security concepts into the personnel management practices of the organization. A) True B) False

A) True

The most common hybrid system is based on the Diffie-Hellman key exchange, which is a method for exchanging private keys using public key encryption. A) True B) False

A) True

The most popular modern version of steganography involves hiding information within files that contain digital pictures or other images. _________________________ A) True B) False

A) True

The online UPS can deliver a constant, smooth, conditioned power stream to computing systems. A) True B) False

A) True

The optimal time frame for training is usually one to three weeks before the new policies and technologies come online. _________________________ A) True B) False

A) True

The organization should integrate the security awareness education into a new hire's ongoing job orientation and make it a part of every employee's on-the-job security training. A) True B) False

A) True

The permutation cipher simply rearranges the values within a block to create the ciphertext. A) True B) False

A) True

The presence of external requests for Telnet services can indicate a potential attack. _________________________ A) True B) False

A) True

The primary disadvantage of Stateful Packet Inspection firewalls is the additional processing required to manage and verify packets against the state table. _________________________ A) True B) False

A) True

The primary drawback to the direct changeover approach is that if the new system fails or needs modification, users may be without services while the system's bugs are worked out. A) True B) False

A) True

The process of integrating information security perspectives into the hiring process begins with reviewing and updating all job descriptions. A) True B) False

A) True

The size of the organization and the normal conduct of business may preclude a large training program on new security procedures or technologies. A) True B) False

A) True

The use of standard job descriptions can increase the degree of professionalism in the information security field. A) True B) False

A) True

Though not used as much in Windows environments, terminal emulation is still useful to systems administrators on Unix/Linux systems. A) True B) False

A) True

To assist in the footprint intelligence collection process, attackers may use an enhanced Web scanner that, among other things, can scan entire Web sites for valuable pieces of information, such as server names and e-mail addresses. A) True B) False

A) True

To use a packet sniffer legally, an administrator only needs permission of the organization's top computing executive. A) True B) False

A) True

True attack stimulus is an event that triggers alarms and causes an IDPS to react as if a real attack is in progress. A) True B) False

A) True

Unfreezing in the Lewin change model involves thawing hard-and-fast habits and established procedures. A) True B) False

A) True

Upper management should learn more about the budgetary needs of the information security function and the positions within it. _________________________ A) True B) False

A) True

Which one of the following is NOT a question that must be addressed when selecting a firewall? A) Where was the firewall manufactured? B) Which type of firewall technology offers the right balance between protection and cost? C) How easy it is to set up and configure a firewall? D) Is the firewall scalable?

A) Where was the firewall manufactured?

The CISA credential is touted by ISACA as the certification that is appropriate for all but which type of professionals? A) accounting B) security C) networking D) auditing

A) accounting

Which of the following is NOT used to secure wireless network? A) bluetooth B) WEP C) WPA D) TKIP

A) bluetooth

Which one of the following is NOT a control of physical security? A) cats B) dogs C) Locks and keys D) Fencing

A) cats

Each of the following is an internal control strategy except ______________. A) firewall control B) Separation of duties C) Least privilege D) Task rotatio

A) firewall control

Network Behavior Analysis system __________ sensors are typically intended for network perimeter use, so they would be deployed in close proximity to the perimeter firewalls, often between the firewall and the Internet border router to limit incoming attacks that could overwhelm the firewall. A) inline B) offline C) passive D) bypass

A) inline

In the __________ UPS, the internal components of the standby models are replaced with a pair of inverters and converters. A) line-interactive B) ferroresonant C) true online D) offline

A) line-interactive

Each of the following is a type of fire detection systems except _______________. A) motion detector systems B) flame detector systems C) smoke detection systems D) thermal detection systems

A) motion detector systems

n the __________ process, measured results are compared against expected results. A) negative feedback loop B) wrap-up C) direct changeover D) turnover

A) negative feedback loop

A(n) __________ IDPS is focused on protecting network information assets. A) network-based B) host-based C) application-based D) server-based

A) network-based

A __________ vulnerability scanner listens in on the network and identifies vulnerable versions of both server and client software. A) passive B) aggressive C) active D) secret

A) passive

A key or cryptovariable is _________________________. A) the information used in conjunction with an algorithm to cipher or decipher a message. B) the entire range of values that can be used to contruct an individual encryption. C) the amount of effort to perform cryptanalysis to decode an encrypted message when the key or algorithm are unknown. D) the programmatic steps used to convert an unencrypted message into an encrypted sequence of bits that represent the message.

A) the information used in conjunction with an algorithm to cipher or decipher a message.

A ferrosonant standy UPS is an offline battery backup that detects the interruption of power to the equipment and activates a transfer switch that provides power to batteries. A) True B) False

B) False

A firewall cannot be deployed as a separate network containing a number of supporting devices. A) True B) False

B) False

A mandatory furlough provides the organization with the ability to audit the work of an individual. _________________________ A) True B) False

B) False

A mantrap is a small enclosure that has combine entry and exit points. A) True B) False

B) False

A padded cell is a honeynet that has been protected so that it cannot be easily compropmised. A) True B) False

B) False

A passive IDPS response is a definitive action automatically initiated when certain types of alerts are triggered. A) True B) False

B) False

A routing table tracks the state and context of each packet in the conversation by recording which station sent what packet and when. _________________________ A) True B) False

B) False

A wet-pipe system is usually considered appropriate in computer rooms. A) True B) False

B) False

A(n) NIDPS functions on the host system, where encrypted traffic will have been decrypted and is available for processing. _________________________ A) True B) False

B) False

A(n) event is an indication that a system has just been attacked or is under attack. _________________________ A) True B) False

B) False

A multipart authentication code (MAC) is a key-dependent, one-way hash function that allows only specific recipients (symmetric key holders) to access the message digest. _________________________ A) True B) False

B) False

A packet sniffer is a network tool that scan networks for highly detailed information. A) True B) False

B) False

A HIDPS is optimized to detect multihost scanning, and it is able to detect the scanning of non-host network devices, such as routers or switches. A) True B) False

B) False

A broadcast vulnerability scanner is one that initiates traffic on the network in order to determine security holes. A) True B) False

B) False

A brute force function is a mathematical algorithms that generate a message summary or digest (sometimes called a fingerprint) to confirm message identity and integrity. A) True B) False

B) False

A cryptovariable is a value representing the application of a hash algorithm on a message. A) True B) False

B) False

A direct changeover is also known as going "fast turnkey." _________________________ A) True B) False

B) False

A false positive is the failure of an IDPS system to react to an actual attack event. A) True B) False

B) False

The __________ protocol provides system-to-system authentication and data integrity verification, but does not provide secrecy for the content of a network communication. A) ESP B) AH C) HA D) SEP

B) AH

Class __________ fires are extinguished by agents that remove oxygen from the fire. A) A B) B C) C D) D

B) B

At the World Championships in Athletics in Helsinki in August of 2005, a virus called Cabir infected dozens of __________, the first time this occurred in a public setting. A) Ipad tablets B) Bluetooth mobile phones C) WiFi routers D) laptop Macintosh computers

B) Bluetooth mobile phones

Each of the following is a CISO's function except _______________. A) Drafting or approving information security policies. B) Creating efficiency in the processing and accessing of an organization's information. C) Acting as the spokesperson for the information security team. D) Developing information security budgets based on available funding

B) Creating efficiency in the processing and accessing of an organization's information

The __________ is an intermediate area between a trusted network and an untrusted network. A) perimeter B) DMZ C) domain D) firewall

B) DMZ

"Administrators" provide the policies, guidelines and standards in the Schwartz, Erwin,Weafer, and Briney classification. _________________________ A) True B) False

B) False

3DES was created to offer the same strength as the DES algorithm but ran three times as fast, thus saving time. A) True B) False

B) False

A Cost Benefit Analysis (CBA) determines the impact of a specific business or approach can have on the organization's information assets and what it may cost. A) True B) False

B) False

The parallel operations strategy works well when an isolated group can serve as a test area, which prevents any problems with the new system from dramatically interfering with the performance of the organization as a whole. _________________________ A) True B) False

B) False

The popular use for tunnel mode VPNs is the end-to-end transport of encrypted data. _________________________ A) True B) False

B) False

The primary advantages of a a centralized IDPS control strategy are cost and ease-of-use. _________________________ A) True B) False

B) False

The process by which attackers change the format and/or timing of their activities to avoid being detected by the IDPS is known as a false attack stimulus. A) True B) False

B) False

The process of entrapment is when an attacker changes the format and/or timing of their activities to avoid being detected by an IDPS. _________________________ A) True B) False

B) False

The screened subnet protects the DMZ systems and information from outside threats by providing a network with intermediate security, which means the network is less secure as the general public networks but more secure than the internal network. A) True B) False

B) False

The security systems implementation life cycle involves collecting information about an organization's objectives, its technical architecture, and its information security environment. _________________________ A) True B) False

B) False

The static packet filtering allows only a particular packet with a particular source, destination, and port address to enter. A) True B) False

B) False

The static packet filtering firewall can react to an emergent event and update or create rules to deal with that event. _________________________ A) True B) False

B) False

There are very few qualified and professional agencies that provide physical security consulting and services. A) True B) False

B) False

Thermal detectors detect movement within a confined space and are either active or passive. A) True B) False

B) False

Third generation firewalls are stateful inspection firewall, which monitor network connections between internal and external systems using state tables. A) True B) False

B) False

To encipher means to decrypt, decode, or convert, ciphertext into the equivalent plaintext. _________________________ A) True B) False

B) False

To perform the Caesar cipher encryption operation, the pad values are added to numeric values that represent the plaintext that needs to be encrypted. A) True B) False

B) False

To use a packet sniffer legally, an administrator only needs permission of the organization's top computing executive. A) True B) False

B) False

To use a packet sniffer legally, an administrator only needs permission of the organization's top computing executive. A) True B) False

B) False

Traceroute, formally known as ICMP Echo request, is used by internal systems administrators to ensure that clients and servers can communicate. _________________________ A) True B) False

B) False

UltraViolet wireless (UVW) is a de facto industry standard for short-range wireless communications between devices. _________________________ A) True B) False

B) False

Usually, as the length of a crytpovariable increases, the number of random guesses that have to be made in order to break the code is reduced. A) True B) False

B) False

Vibration detectors measure rates of change in the ambient temperature in the room. _________________________ A) True B) False

B) False

Vibration sensors fall into the motion sensor category. A) True B) False

B) False

Videoconferencing is off site computing that uses Internet connections, dialup connections, connections over leased point-to-point links between offices, and other mechanisms. _________________________ A) True B) False

B) False

Water damage is considered less dangerous to computer systems than hazardous chemicals like Halon. A) True B) False

B) False

When a bastion host approach is used, the host contains two NICs, forcing all traffic to go through the device. _________________________ A) True B) False

B) False

When the lock of a door fails and causes the the door become unlocked, it is classified as a fail-secure lock. A) True B) False

B) False

When using trap-and-trace, the trace usually consists of a honeypot or padded cell and an alarm. _________________________ A) True B) False

B) False

Within a PKI, a(n) registration authority issues, manages, authenticates, signs, and revokes users' digital certificates, which typically contain the user name, public key, and other identifying information. _________________________ A) True B) False

B) False

You cannot combine the XOR operation with a block cipher operation. A) True B) False

B) False

Your organization's operational goals, constraints, and culture should not affect the selection of the IDPS and other security tools and technologies to protect your systems. A) True B) False

B) False

​"Know more than you say, and be more skillful than you let on" advise for information security professionals indicates the actions taken to protect information should not interfere with users' actions. A) True B) False

B) False

​Discretionary access control is an access control approach whereby the organization specifies use of resources based on the assignment of data classification schemes to resources and clearance levels to users. ​ A) True B) False

B) False

Which one of the following is not a benefit of Job Rotaion? A) ensures that no one employee is performing actions that cannot be physically audited by another employee. B) ensures that no unnecessary access to data exists and that only those individuals who must access the data do so. C) the organization can survive the loss of any employee. D) increases the chance to detect an information system misuse or abuse.

B) ensures that no unnecessary access to data exists and that only those individuals who must access the data do so.

Negative feedback loop or cybernetic loop ___________________________. A) involves stopping the old method and beginning the new. B) ensures that progress is measured periodically C) is usually handled as procedural task and assigned a mid-level IT or information security manager. D) involves a measured rollout of the planned system

B) ensures that progress is measured periodically

Which one is a mode that locks use when they fail? A) fail-over lock B) fail-secure lock C) fail-in lock D) fail-out lock

B) fail-secure lock

A(n) __________ is an event that triggers an alarm when no actual attack is in progress. A) false neutral B) false attack stimulus C) false negative D) noise

B) false attack stimulus

Burglar alarm systems rely on the following types of detectors except ___________. A) contact sensor B) flame detector C) weight sensor D) motion detector

B) flame detector

Technology __________ guides how frequently technical systems are updated, and how technical updates are approved and funded. A) wrap-up B) governance C) turnover D) changeover

B) governance

Each of the following is an attack on Cryptosystems except ____________ attack. A) dictionary B) hoax C) timing D) man-in-the-middle

B) hoax

The model commonly used by large organizations places the information security department within the __________ department. A) management B) information technology C) financial D) production

B) information technology

The false reject rate is _________________________. A) is the percentage of identification instances in which unauthorized users are allowed access to systems or areas as a result of a failure in the biometric device. B) is the percentage of identification instances in which authorized users are denied access as a result of a failure in the biometric device C) is the level at which the number of false rejections equals the false acceptances. D) none of the above

B) is the percentage of identification instances in which authorized users are denied access as a result of a failure in the biometric device

Cryptanalysis is the process of ___________________. A) making and using codes to secure the transmission of information. B) obtaining the original message called plaintext from an encrypted message called ciphertext without knowing the algorightms and keys used to perform the encryption. C) converting the ciphertext message back into plaintext so that it can be readily understood. D) converting an original message into a form that is unreadable to unauthorized individuals.

B) obtaining the original message called plaintext from an encrypted message called ciphertext without knowing the algorightms and keys used to perform the encryption.

The ability to detect a target computer's __________ is very valuable to an attacker. A) manufacturer B) operating system C) peripherals D) BIOS

B) operating system

A __________ is usually the best approach to security project implementation. A) direct changeover B) phased implementation C) pilot implementation D) parallel operation

B) phased implementation

Hostile depatures include the following except ________________. A) termination B) relocation C) temporary lay-off, D) permanent downsizing

B) relocation

Tasks or action steps that come after the task at hand are called __________. A) predecessors B) successors C) children D) parents

B) successors

Fire __________ systems are devices installed and maintained to detect and respond to a fire, potential fire, or combustion danger situation. A) detection B) suppression C) protection D) prevention

B) suppression

A method of encryption that requires the same secret key to encipher and decipher the message is known as __________ encryption. A) asymmetric B) symmetric C) public D) private

B) symmetric

In __________ mode, the data within an IP packet is encrypted, but the header information is not. A) tunnel B) transport C) public D) symmetric

B) transport

The Circuit Gateway firewall operates at the ________________ layer of the OSI. A) data link B) transport C) application D) physical

B) transport

The primary benefit of a VPN that uses _________ is that an intercepted packet reveals nothing about the true destination system. A) intermediate mode B) tunnel mode C) reversion mode D) transport mode

B) tunnel mode

Which of the following is not one of the categories of positions as defined by Schwartz, Erwin, Weafer, and Briney? A) definer B) user C) builder D) administrator

B) user

The goal of the __________ is to resolve any pending project-related issues, critique the overall effort of the project, and draw conclusions about how to improve the project management process for the future. A) direct changeover B) wrap-up C) phased implementation D) pilot implementation

B) wrap-up

Computing and other electrical equipment used in areas where water can accumulate must be uniquely grounded, using __________ equipment. A) UPS B) HVAC C) GFCI D) ESD

C) GFCI

What does HVAC stand for? A) Heating, Ventilation, And Conditioning B) Heating, Vent, and Air Conditioning C) Heating, Ventilation, and Air Conditioning D) Heat, Ventilation, and Air Conditioning

C) Heating, Ventilation, and Air Conditioning

__________ is a protocol that can be used to secure communications across any IP-based network such as LANs, WANs, and the Internet. A) PEM B) SSH C) IPSec D) SET

C) IPSec

The ISSEP allows CISSP certificate holders to demonstrate expert knowledge of all of these except __________. A) Systems security engineering B) Technical management C) International laws D) Certification and accreditation/risk management framework

C) International laws

SHA-1 produces a(n) ___________-bit message digest, which can then be used as an input to a digital signature algorithm. A) 48 B) 56 C) 160 D) 256

C) 160

__________ is the current federal information processing standard that specifies a cryptographic algorithm used within the U.S. government to protect information in federal agencies that are not a part of the national defense infrastructure. A) DES B) 2DES C) AES D) 3DES

C) AES

Class __________ fires are safely extinguished with non-conducting agents only. A) A B) B C) C D) D

C) C

The breadth and depth covered in each of the domains makes the __________ one of the most difficult-to-attain certifications on the market. A) NSA B) CISO C) CISSP D) ISEP

C) CISSP

The breadth and depth covered in each of the domains makes the __________ one of the most difficult-to-attain certifications on the market. A) NSA B) CISO C) CISSP D) ISEP

C) CISSP

Which one of the following is NOT a hybrid firewall? A) Combination of packet filering firewall and circuit gateway firewall. B) Combination of packet filtering firewall and a proxy server C) Combination of Proxy server and an application gateway firewall. D) Combination of stateful inspection firewall and a MAC layer Firewall

C) Combination of Proxy server and an application gateway firewall.

One of the leading causes of damage to sensitive circuitry is __________. A) CPU B) EPA C) ESD D) HVAC

C) ESD

Which of the following is NOT a difference between an application layer firewall and a packet-filtering firewall? A) The packet-filtering firewall is installed at the perimeter of the network while the application layer firewall is installed on a dedicated computer. B) The packet filtering firewall examines the header information of the data packets while the application layer firewall inspects the body of the packet. C) The application layer firewall and the packet filtering firewall are each hybrid firewall. D) The application layer firewall functions at the application layer of the OSI model while the packet filtering firewall functions at the network layer of the OSI (Open SystemsInterconnect) model.

C) The application layer firewall and the packet filtering firewall are each hybrid firewall.

Project scope describes the amount of ___________________ needed to deliver the planned features and quality level of the project deliverables. A) time B) effort-hours C) a) and b) D) space

C) a) and b)

The International Society of Forensic Computer Examiners (ISFCE) offers which certifications? A) Certified Computer Examiner (CCE) B) Master Certified Computer Examiner (MCCE) C) both a & b D) neither a nor b

C) both a & b

The __________ methodology has been used by many organizations and requires that issues be addressed from the general to the specific, and that the focus be on systematic solutions instead of individual problems. A) parallel B) direct changeover C) bull's-eye D) wrap-up

C) bull's-eye

Which one of the following is an advantage of cache server.choose the best possible answer. A) Can operate at the Media Access Control layer B) can prevent direct connection between one network and another C) can store the most recently accessed pages in their internal cache D) Can check for connection state table

C) can store the most recently accessed pages in their internal cache

Some vulnerability scanners feature a class of attacks called _________, that are so dangerous they should only be used in a lab environment. A) aggressive B) divisive C) destructive D) disruptive

C) destructive

Many organizations use a(n) __________ interview to remind the employee of contractual obligations, such as nondisclosure agreements, and to obtain feedback on the employee's tenure in the organization. A) hostile B) departure C) exit D) termination

C) exit

Each of the following is a threat to physical security except _____________. A) Extreme temperature B) Energy anomalies C) malicious programs D) Liquids

C) malicious programs

The date for sending the final RFP to vendors is considered a(n) __________, because it signals that all RFP preparation work is complete. A) intermediate step B) resource C) milestone D) deliverable

C) milestone

Interior walls only partially reach to the next floor, which leaves a space above the ceiling. This space is called a(n) __________. A) kneespace B) attic C) plenum D) padding

C) plenum

More advanced substitution ciphers use two or more alphabets, and are referred to as __________ substitutions. A) multialphabetic B) monoalphabetic C) polyalphabetic D) polynomic

C) polyalphabetic

By managing the __________, the organization can reduce unintended consequences by having a process to resolve potential conflict and disruption that uncoordinated change can introduce. A) conversion process B) wrap-up C) process of change D) governanc

C) process of change

Using a database of precomputed hashes from sequentially calculated passwords called a(n) __________, an attacker can simply look up a hashed password and read out the text version. A) timing matrix B) agile scrum C) rainbow table D) smurf list

C) rainbow table

A(n) __________ is a software program or hardware appliance that can intercept, copy, and interpret network traffic. A) packet scanner B) packet sniffer C) honey pot D) honey packet

C) signatures

To determine whether an attack has occurred or is underway, NIDPSs compare measured activity to known __________ in their knowledge base. A) vulnerabilities B) fingerprints C) signatures D) footprints

C) signatures

To use a packet sniffer legally, the administrator must __________. A) be on a network that the organization owns B) be under direct authorization of the network's owners C) have knowledge and consent of the content's creators D) all of the above

C) signatures

The information security function can be placed within the __________. A) insurance and risk management function B) administrative services function C) legal department D) All of the above

D) All of the above

The restrictions most commonly implemented in packet-filtering firewalls are based on __________. A) IP source and destination address B) Direction (inbound or outbound) C) TCP or UDP source and destination port requests D) All of the above

D) All of the above

What does a vulnerability scanner do? A) Shows open network shares B) Scans networks for highly detailed information. C) Identifies exposed usernames and groups D) All of the above

D) All of the above

What is a DMZ? A) Can be a dedicated port on the firewall device linking a single bastion host. B) Can be connected to a screened subnet. C) Can contain servers providing services through an untrusted network D) All of the above

D) All of the above

Security technicians are the technically qualified individuals tasked to _____________. A) diagnose and troubleshoot problems B) implement security software C) deploy IDPS D) All of the above

D) All of the above

The Lewin change model includes __________. A) unfreezing B) moving C) refreezing D) All of the above

D) All of the above

The information security function can be placed within the __________. A) insurance and risk management function B) administrative services function C) legal department D) All of the above

D) All of the above

Telnet protocol packets usually go to TCP port __________ whereas SMTP packets go to port __________. A) 23, 52 B) 80, 52 C) 80, 25 D) 23, 25

D) 23, 25

A content filter is used ________________. A) to protect against misuse and unintentional denial-of-service issues B) to restrict access to content from within a network C) to restrict internal access to external material( as reverse firewalls) D) All of above

D) All of above

What are honeypots designed to do? A) Encourage the stay on the systemlong enough for administrator to document the event. B) Divert an attacker from critical systems C) Collect information about the attacker's activity D) All of above

D) All of above

A chemical designated as clean agent does not _________________________. A) interfere with the operation of electrical equipment B) leave any residue after use C) interfere with the operation of electronic equipment D) All of the above

D) All of the above

A project plan can accomplish the following: A) improve security B) describes how to acquire and implement the needed security controls C) describe how to acquire and create a setting in which those controls achieve the desired outcomes D) All of the above

D) All of the above

What is true about a Signature-Based IDPS? A) Examines network traffic in search of patterns that match known signatures. B) Sometime called a knowledge-based IDPS C) A slow and methodical attack might escape detection if the relevant IDPS attack signature has a shorter time frame. D) All of the above

D) All of the above

Which one of the following is a major step executing a project plan? A) planning the project B) Wrapping up C) Supervising tasks and action steps D) All of the above

D) All of the above

A VPN that proposes to offer a secure and reliable capability while relying on public networks must accomplish the following except ________________. A) Encapsulation B) Authorization C) Encryption D) Authentication

D) Authentication

A(n) __________, used to justify the project is typically prepared in the analysis phase of the SecSDLC, must be reviewed and verified prior to the development of the project plan. A) RFP B) WBS C) SDLC D) CBA

D) CBA

In recent years, the __________ certification program has added a set of concentration exams. A) ISSEP B) ISSMP C) ISSAP D) CISSP

D) CISSP

What is crytography? A) Crytography is the process of converting an original message into a form that is unreadable to unauthorized individuals. B) Crytography is the process of obtening the original message called plaintext from an encrypted message called ciphertext without knowing the algorithms and keys used to perform the encryption. C) Crytography encompasses encryption and decryption. D) Crytography is the process of making and using codes to secure the transmission of information.

D) Crytography is the process of making and using codes to secure the transmission of information.

Which one of the following is NOT a function of a Security Manager? A) Performing assigned duties in the area of incident response management and disaster recovery response. B) Representing the information security organization in the organization's change management process. C) Developing and managing information security programs and control systems under the supervision of a CISO. D) Making decisions or recommendations on the recruiting, hiring, and firing of security staff.

D) Making decisions or recommendations on the recruiting, hiring, and firing of security staff.

If the task is to write firewall specifications for the preparation of a(n) __________, the planner would note that the deliverable is a specification document suitable for distribution to vendors. A) WBS B) CBA C) SDLC D) RFP

D) RFP

The __________ is responsible for the fragmentation, compression, encryption, and attachment of an SSL header to the cleartext prior to transmission. A) Standard HTTP B) SFTP C) S-HTTP D) SSL Record Protocol

D) SSL Record Protocol

__________ are the technically qualified individuals tasked to configure firewalls, deploy IDSs, implement security software, diagnose and troubleshoot problems, and coordinate with systems and network administrators to ensure that an organization's security technology is properly implemented. A) CSOs B) CISOs C) Security managers D) Security technicians

D) Security technicians

__________ are the technically qualified individuals tasked to configure firewalls, deploy IDSs, implement security software, diagnose and troubleshoot problems, and coordinate with systems and network administrators to ensure that an organization's security technology is properly implemented. A) CSOs B) CISOs C) Security managers D) Security technicians

D) Security technicians

__________ is the requirement that every employee be able to perform the work of another employee. A) Two-man control B) Collusion C) Duty exchange D) Task rotation

D) Task rotation

What are the two mode of IP Security? A) ESP and AH B) Tunnel and Ecapsulating Security Payload (ESP) C) Transport and Application Hearder (AH) D) Transport and Tunnel

D) Transport and Tunnel

A device that assures the delivery of electric power without interruption is a(n) __________. A) GFCI B) HVAC C) GPS D) UPS

D) UPS

__________ is the amount of effort (usually in hours) required to perform cryptanalysis to decode an encrypted message when the key or algorithm (or both) are unknown. A) Code B) Algorithm C) Key D) Work factor

D) Work factor

A wireless security toolkit should include the ability to ____________________. A) sniff wireless traffic B) assess the level of privacy or confidenciality afforded on the wireless network C) scan wireless hosts D) all of the above

D) all of the above

Physical security encompasses the ______________of countermeasures that protect the physical resources of an organization. A) implementation B) design C) maintenance D) all of the above

D) all of the above

The most sophisticated locks are __________ locks. A) manual B) programmable C) electronic D) biometric

D) biometric

Electronic monitoring includes __________ systems. A) blocked video B) local video C) open-circuit television D) closed-circuit television

D) closed-circuit television

Intrusion __________ activities finalize the restoration of operations to a normal state and seek to identify the source and method of the intrusion in order to ensure that the same type of attack cannot occur again. A) prevention B) reaction C) detection D) correction

D) correction

Which of the following is NOT a described IDPS control strategy? A) centralized B) fully distributed C) partially distributed D) decentralized

D) decentralized

The PGP security solution provides the following services except____________. A) compression B) segmentation C) key management D) digital certificates

D) digital certificates

Activities that scan network locales for active systems and then identify the network services offered by the host systems is known as __________. A) port knocking B) doorknob rattling C) footprinting D) fingerprinting

D) fingerprinting

A stateful inspection __________________________.Choose the best possible answer. A) functions at the application layer of the Open System Interconnect (OSI) model B) does not inspect the information in the header of the packet C) examines the content of the packet D) keeps track of each network connection between internal and external systems.

D) keeps track of each network connection between internal and external systems.

In a __________ implementation, the entire security system is put in place in a single office, department, or division before expanding to the rest of the organization. A) loop B) direct C) parallel D) pilot

D) pilot

In most common implementation models, the content filter has two components: __________. A) encryption and decryption B) filtering and encoding C) rating and decryption D) rating and filtering

D) rating and filtering

Many public organizations must spend all budgeted funds within the fiscal year - otherwise, the subsequent year's budget is __________. A) increased by the unspent amount B) not affected unless the deficit is repeated C) automatically audited for questionable expenditures D) reduced by the unspent amount

D) reduced by the unspent amount

Since the bastion host stands as a sole defender on the network perimeter, it is commonly referred to as the __________ host. A) trusted B) domain C) DMZ D) sacrificial

D) sacrificial

The dominant architecture used to secure network access today is the __________ firewall. A) static B) bastion C) unlimited D) screened subnet

D) screened subnet

The SecSDLC involves which of the following activities? A) ​collecting information about an organization's objectives B) ​​collecting information about an organization's information security environment C) ​​collecting information about an organization's technical architecture D) ​all of the above

D) ​all of the above

Which of the following is a category of locks? A) Biometric lock B) programmable lock C) Electronic lock D) Manual lock E) All of above

E) All of above

A background check may consist of : _________________________. A) identity check B) motor vehicle record C) criminal court history D) drug history E) All of the above

E) All of the above

By managing the process of change, organization can do the following: ________________. A) Enhance coordination between groups within the organization as change is scheduled and completed B) improve communication about change across the organization C) improve quality of service as potential failures are eliminated and groups work together D) Reduced unintended consequences by having a process to resolve conflict and disruption that change can introduce E) All of the above

E) All of the above

How do you prepare for Security Certification? A) Self-study guides B) Work experience C) Formal training program D) Mentors and study partners E) All of the above

E) All of the above

Projectisis is when the project manager spends more time______________ than accomplishing meaningful project work. A) recording project task information B) updating project complition forecasts C) documenting project tasks D) Collecting performance measurements E) All of the above

E) All of the above

When hiring information security professionals, organizations frequently look for individuals who understand the following:__________________ A) How an organization operates at all levels. B) The terminology of IT and information security. C) The threat facing an organization and how these threats can become attacks. D) How to protect an organization's asset from information security attacks. E) All of the above

E) All of the above

Which security protocols are predominantly used in Web-based electronic commerce? A) Secure Sockets Layer (SSL) B) Secure Electronic Transactions (SET) C) Secure Shell (SSH-2) D) IP Security (IPSec) E) All of the above

E) All of the above

__________________ is a layer of the Bull's-Eye Model. A) Networks B) Application C) Systems D) Policies E) All of the above

E) All of the above

______________________ UPS is a basic configuration of UPS. A) A ferroresonant standby B) The line-interactive C) An Offline D) A true online E) All of the above

E) All of the above

Biometric authentication includes the following except _____________. A) facial recognition B) fingerprint comparison C) Retinal print comparison D) Iris pattern comparison E) None of the above

E) None of the above

Each of the following is a component of Public-Key Infrastructure (PKI) except _________. A) Management protocols. B) Certificate authority (CA). C) Registration Authority (RA). D) Policies and procedures. E) None of the above

E) None of the above

The following protocols are hybrid cryptosystems except ______________. A) IPSec B) SET C) PGP D) PEM E) None of the above

E) None of the above

To make information systems more secure the following items need to be changed except _____________. A) People B) Software C) Data D) procedures E) None of the above

E) None of the above

Which one of the following is NOT a basic operation of cryptography? A) Exclusive OR B) Permutation C) Transposition D) Substitution E) None of the above

E) None of the above

Which one of the following organizational functions is NOT an option available for the location of information security function within an organization? A) Insurance and risk management B) Legal department C) IT function D) Physical security E) None of the above

E) None of the above

When an employee prepares to leave an organizatio, the following tasks must be performed:________________. A) removable media must be returned B) hard drives must be secured C) office door locks must be changed D) keycard access must be revoked E) all of the above

E) all of the above

Free Response %100 How does the Tunnel Mode in a VPN works?

In tunnel mode, the information from the sender is encrypted and added as the data portion of a packet. Then it travels from one tunneling server to another where it is decrypted and sent to the final point.

Which one of the following is NOT a component of Kerberos three interacting services? A) Key Distribution Center(KDC) B) Authentication server (AS) C) SESAME D) Kerberos Ticket Granting Service (TGS)

SESAME

Free Response %100 What is a DMZ?

The Demilitarized Zone is an intermediate area between two networks designed to provide services and firewall filtering between a trusted internal network and the outside, untrusted network.

A Bastion host is a dedicated server that receives screened network traffic. A) True B) False

True


Kaugnay na mga set ng pag-aaral

Module 1.01: Natural Rights - Quiz

View Set

Adult Health Final Exam (EXAMS 2-5)

View Set

Chapter 26: Disorders of Blood Flow and Blood Pressure Regulation Patho Prep U

View Set

Pathology-Chapter 3, Musculoskeletal System Conditions

View Set

Google Analytics Advanced Assessment 3

View Set