IFT 302 - Foundations of Information and Computer System Security

Which type of surveillance camera can be viewed from virtually anywhere in the world?

A digital IP camera

Which of the following options represent physical barriers? (Select all that apply)

A locked door, A receptionist

This technical access control manages and documents accounts (authorizing, establishing, activating, modifying, reviewing, disabling, and removing).

Account management

The OODA loop and Deming Cycle (PDCA) have a similar structure and objective. They also share one term. Which one is it?

Act

A 419 scam is also known as this type of scam:

Advanced fee

Possible infection symptoms include:

Alerts from security software, Contact by law enforcement, Bounces of forged emails

A mathematical process or series of structured steps for performing some function.

Algorithm

Which of the following best describes the meaning of lux rating as it applies to surveillance cameras?

Amount of light required for an acceptable image

A type of cryptography that uses a cipher with two separate keys, one public and one private, to encrypt and decrypt messages.

Asymmetric

The security goal that seeks continuous operation is:

Availability

The easiest and most logical way to combat malware.

Behavior Avoidance

Trying all possible keys until finding the right key

Brute Force Attack

_____ is a type of image sensor used in cameras designed to produce the highest quality images.

Charged coupled device

This term refers to an individual's need to create their own subjective social reality and is part of the several processes that we use to remember how to operate ourselves, meaning how and why we decide to do things.

Cognitive Bias

The security goal that seeks to ensure that only authorized people are given access is:

Confidentiality

In Robert Cialdini's Principles of Persuasion, he discusses factors in which we may be more apt to respond favorably to persuasion or influence. The desire to do what we've said we'll do is an example of:

Consistency

Mechanisms or protections against behavior that is outside an expected norm

Controls

Which of the following is not a subsystem involved in infrastructure security management?

Corporate cybersecurity policies

These sorts of controls reduce the consequences of an incident, perhaps by limiting the damage that is likely to occur no matter what other controls exist.

Corrective

This attack uses Javascript to perform commands on the user's system, when the user visits sites using a vulnerable browser

Cross Site Scripting (XSS)

Which OSI model layer is responsible for controlling how data is packaged and moved between communication points?

Data Link Layer

Two tools used in reverse engineering malware include:

Decompilers and Debuggers

The act of unscrambling ciphertext into plaintext.

Decryption

Which are viable ways that attackers can hide their conduct from network security appliances?

Denial of Service attacks, Operator Fatigue, Packet Fragmentation Attacks, Encryption, Unique Patterns

In the STRIDE model, what does the 'D' stand for?

Denial of service

These sorts of controls are intended to reduce attacks on a system merely by advertising that they are there. Much like a wall or barbed wire fence, or an armed guard, these controls typically reduce the threat level by informing potential attackers that there will be adverse consequences for them if they proceed.

Deterrent

SETA is an important tool for an organization seeking to improve knowledge of cybersecurity topics. This course is an example of which of these?

Education

In the STRIDE model, what does the 'E' stand for?

Elevation of Privilege

Where components are isolated from other components in a way that limits the amount of damage any fault could cause.

Encapsulation

Ways of mitigating privilege escalation include:

Enforcing principle of least privilege, Preventing data execution, Randomizing memory address space layout

_____ is a report that incorrectly authenticates the individual, which could provide access to equipment or data that this person should not have.

False Acceptance

Examples of malware include:

Fileless, Browser Hijacker, Ransomware, Trojan Horse

Which lens enables you to view an entire room but with some distortion of the image?

Fish-eye Lens

This system monitors the host operating systems logs, including processing, memory usage, file structures, and accesses or merely attempted accesses to files, functions, and network ports, looking for abnormal behavior.

HIDS (Host-based Intrusion Detection System)

These sorts of antimalware and intrusion detection systems build a model of acceptable baseline behavior, use inference engines to make decisions on what they detect, and flag exceptions to that model.

Heuristic based

A message alerting a user to a non-existent threat, which may falsely indicate malware infection and cause them to perform tasks to actually expose their system to actual malware

Hoaxware

In the STRIDE model, what does the 'I' stand for?

Information Disclosure

_____ is a type of camera that provides the best resolution in low-light conditions.

Infrared

Which of the following cameras provides the ability to maintain a degree of secrecy by using illumination that is undetectable by a human eye?

Infrared security camera

Which cloud service model does this describe? Cloud providers offer the infrastructure environment of a traditional data center in an on-demand delivery method. Companies deploy their own operating systems, applications, and software onto this provided infrastructure and are responsible for maintaining them.

Infrastructure as a Service (IaaS)

Biometrics are examples of which authentication factor?

Inherence

What does it mean when a virus is wormable?

It can propagate itself

Which component is considered the core of the operating system?

Kernel

The process of issuing keys to valid users of a cryptosystem so that they can communicate.

Key Distribution

This device can be used to record and store input into a computer system.

Key logger

_____ is a type of security device used for programming, controlling, and operating access control and management devices.

Keypad

A password, passphrase, or PIN are examples of which authentication factor?

Knowledge

From the lecture, which layer of the OSI model represents the human user of a network application?

Layer 8

These sorts of risks are those that might have simple to effect mitigations, like putting on a seat belt, looking twice before crossing the street, or tying your shoes.

Low-hanging fruit

In which type of network attack do attackers update their own MAC addresses with the target's MAC address to cause a switch to forward traffic to both locations?

MAC Duplicating

Which organization manages and maintains the Common Vulnerabilities & Exposures database?

MITRE Corporation

Dividing processing tasks or programs into subtasks that have a single purpose, small enough to understand, with as simple logic as possible, and with independent execution, to avoid things like race conditions.

Modularity

Which of the following are software development techniques intended to reduce the frequency and severity of vulnerabilities in software.

Modularity, Encapsulation, Information Hiding

This system receives logs from firewalls and other network equipment, including from the operating systems of connected computers. Also, this system can operate in stealth mode, passively as if it is merely a bump on the wire, and hidden from the detection of an attacker.

NIDS (Network Intrusion Detection System)

This tactic is where network engineers install new links, restructure network segments, or upgrade connectivity to improve performance by using solid baseline data from traffic monitored over time.

Network Behavior Analysis, Network Tuning

The part of your computer that is the environment architecture, which abstracts the low-level interfaces to bare processing hardware or peripherals. It allows convenient use and interfaces to the user and hides the tedious low-level stuff, to include resource scheduling and allocation, memory management, deadlock avoidance, and interfaces for low-level hardware

Operating System

Several factors can be used to identify someone as an Insider Threat. These include:

Organizational, Personal, Behavioral

_____ is the science, technique, and art of establishing a system of exclusion and inclusion for tangible assets.

Physical Security

Which of the following is the most fundamental step in providing physical security for network connectivity devices?

Placing devices in secure wall cabinets or locating them within the security of the server room to provide physical protection

A non-encrypted message is:

Plaintext or Deciphered

A smart card, token, or identification device are examples of which authentication factor?

Possession

These two risk management strategies are similar, but different based on the context of time.

Prevent & Avoid

When a virus is labeled as 'wormable' it implies that it does what?

Propagates independently

This server type allows clients to dial into a computer from a remote site, even if they are not connected to a LAN.

RAS (Remote Access Server)

Malware that makes multiple copies of itself on a single computer until it clogs the system

Rabbit Virus

In Robert Cialdini's Principles of Persuasion, he discusses factors in which we may be more apt to respond favorably to persuasion or influence. In this context, the term used for your obligation to give when you receive is:

Reciprocity

An independent group that challenges an organization to improve its effectiveness by assuming an adversarial role

Red Team

Malware installed without the victim's knowledge and which can control a system through a network connection.

Remote Access Trojan (RAT)

_____ are technologies used to report alarm conditions to key personnel or remote monitoring organizations.

Remote notification systems

In the STRIDE model, what does the 'R' stand for?

Repudiation

Enumerate the probability and impact of each risk describes which step in the Risk Management process?

Risk Analysis

This type of malware specifically targets the kernel or kernel-level privileges.

Rootkit

In Robert Cialdini's Principles of Persuasion, he discusses factors in which we may be more apt to respond favorably to persuasion or influence. A persuasive argument based on the short supply of a good for sale is an example of:

Scarcity

This protocol is a method for secure remote login from one computer to another.

Secure Shell

These appliances gather logs from various devices (servers, firewalls, routers, etc.) and attempt to correlate the log data and provide analysis capabilities.

Security Information and Event Management (SIEM)

In Bruce Schneier's Ted Talk, he discusses the Security Mirage. He discusses how our feeling of security chases our model of security, which chases the reality of our security. In some cases, the security model and security reality don't match up, but yet we tend to feel secure. What is this called?

Security Theater

This technical access control identifies the basic properties or characteristics of an entity with regard to safeguarding information so that control decisions can be dynamic and automated

Security attributes

These sorts of antimalware and intrusion detection systems perform simple pattern-matching functions and report or act on situations when there's a match.

Signature Based

Defined as the level of confidence that software is free from vulnerabilities and that it functions in the intended manner.

Software Assurance

Which cloud service model does this describe?Provider gives users access to specific application software (CRM, e-mail, games). The provider gives the customer's network-based access to a single copy of an application created specifically for SaaS distribution and use.

Software as a Service (SaaS)

The lecture mentioned this product as a popular example of a SIEM.

Splunk for Security

In the STRIDE model, what does the 'S' stand for?

Spoofing

This famous worm was created by an advanced persistent threat group known as the Equation Group to find and disable specific nuclear enriching centrifuges.

Stuxnet

This cryptographic primitive describes the replacement of a character or set of bits with another character or set of bits.

Substitution

This form of cryptography uses the same key to encrypt as it does to decrypt.

Symmetric

Websites like this one, silkroad7rn2puhj.onion , are in the Dark Web, and only accessible by this and other similar browsers.

TOR

In the STRIDE model, what does the 'T' stand for?

Tampering

_____ employs structures, systems, and devices to prevent unauthorized entry and create a clear difference between what is public and private.

Territorial reinforcement

In the lecture, when referring to Cloud Service Providers (CSP) seeking to meet possibly over-stringent regulatory compliance standards, your instructor described them as a high-water mark. What does the adoption of such a standard provide to reassure its clients and potential clients?

The lowest acceptable risk level

Securing which of the following involves controlling who can move (walk, drive, fly) across the physical or logical line that marks this perimeter, such as property lines or the exterior walls of a building or complex?

The outer perimeter

Otherwise known as a maintenance hook

Undocumented access point

_____ is a condition monitoring system that can record and signal each time a specific gate or door is unlocked (access granted) and what type of access is granted.

Unlocked condition monitoring

This service creates a secure tunnel between a set of routers or between an application and its server.

Virtual Private Network

Which wireless security feature offers the best defense for wireless networking?

WPA2 Enterprise

Defined as the exploitation of an unknown vulnerability or a known but unpatched vulnerability.

Zero-day Attack

Collecting intelligence information from people as part of human intelligence is known as:

social engineering