Intro to Network Security sixth ed chapter 9.5

D. Supply chains take advantage of the trusted "chain of trust" concept.

1. Which of the following is NOT a reason why supply chain infections are considered especially dangerous? A. If the malware is planted in the ROM firmware of the device this can make it difficult or sometimes even impossible to clean an infected device. B. Users are receiving infected devices at the point of purchase and are completely unaware that a brand new device may be infected. C. It is virtually impossible to closely monitor every step in the supply chain. D. Supply chains take advantage of the trusted "chain of trust" concept.

A. Requires periodic visual inspections

10. Which of the following is NOT a characteristic of an alarmed carrier PDS? A. Requires periodic visual inspections B. Uses continuous monitoring C. Carrier can be hidden above the ceiling D. Eliminates the need to seal connections

D. Variable overflow

11. Which of the following is NOT a memory vulnerability? A. DLL injection B. Pointer deference C. Buffer overflow D. Variable overflow

C. Staging stage

12. Which stage is a "quality assurance" test that verifies the code functions as intended? A. Production stage B. Testing stage C. Staging stage D. Development stage

A. Waterfall model

13. Which model uses a sequential design process? A. Waterfall model B. Rigid model C. Agile model D. Secure model

C. Group Policy

14. What allows for a single configuration to be set and then deployed to many or all users? A. Snap-In Replication (SIR) B. Active Directory C. Group Policy D. Command Configuration

B. Service pack

15. Which of the following is a cumulative package of all patches? A. Rollup B. Service pack C. Patch D. Hotfix

C. Users can disable or circumvent updates just as they can if their computer is configured to use the vendor's online update service.

16. Which of the following is NOT an advantage to an automated patch update service? A. Administrators can approve or decline updates for client systems, force updates to install by a specific date, and obtain reports on what updates each computer needs. B. Downloading patches from a local server instead of using the vendor's online update service can save bandwidth and time because each computer does not have to connect to an external server. C. Users can disable or circumvent updates just as they can if their computer is configured to use the vendor's online update service. D. Specific types of updates that the organization does not test, such as hotfixes, can be automatically installed whenever they become available.

A. Using the security mechanisms on a standard Wi-Fi network.

17. How can an SDIO card be made secure? A. Using the security mechanisms on a standard Wi-Fi network. B. Turning on patch updates to the SDIO card. C. Requiring a username before accessing the SDIO card. D. SDIO cards are natively secure and no security settings are needed.

C. The bytes of a virus are placed in different "piles" and then used to create a profile.

18. How does heuristic detection detect a virus? A. A virtualized environment is created and the code is executed in it. B. A string of bytes from the virus is compared against the suspected file. C. The bytes of a virus are placed in different "piles" and then used to create a profile. D. The virus signature file is placed in a suspended chamber before streaming to the CPU.

B. Whitelist

19. Which of these is a list of approved email senders? A. Blacklist B. Whitelist C. Bluelist D. Yellowlist

B. Network OS

2. Which type of operating system runs on a firewall, router, or switch? A. Server OS B. Network OS C. Device OS D. Resource OS

B. Dynamic analysis

20. Which of the following types of testing uses unexpected or invalid inputs? A. Stress testing B. Dynamic analysis C. Static analysis D. Runtime testing

A. Barricade

3. Which of the following is NOT designed to prevent individuals from entering sensitive areas but instead is intended to direct traffic flow? A. Barricade B. Fencing C. Roller barrier D. Type V controls

C. Moisture

4. Which of the following is NOT a motion detection method? A. Magnetism B. Radio frequency C. Moisture D. Infrared

B. Keyed entry lock

5. Which type of residential lock is most often used for keeping out intruders? A. Encrypted key lock B. Keyed entry lock C. Privacy lock D. Passage lock

D. deadbolt lock

6. A lock that extends a solid metal bar into the door frame for extra security is the _____. A. triple bar lock B. deadman's lock C. full bar lock D. deadbolt lock

B. It monitors and controls two interlocking doors to a room.

7. Which statement about a mantrap is true? A. It is illegal in the United States. B. It monitors and controls two interlocking doors to a room. C. It is a special keyed lock. D. It requires the use of a cipher lock.

B. Restricting patch management

8. Which of the following is NOT a typical OS security configuration? A. Employing least functionality B. Restricting patch management C. Disabling default accounts/passwords D. Disabling unnecessary ports and services

B. Cable lock

9. Which of the following can be used to secure a laptop or mobile device? A. Mobile connector B. Cable lock C. Mobile chain D. Security tab

application development lifecycle model

A conceptual model that describes the different stages involved in creating an application

cable lock

A device that can be inserted into the security slot of a portable device and rotated so that it is secured to the device to prevent it from being stolen.

multifunctional device (MFD)

A device that combines the functions of a printer, copier, scanner, and fax machine.

mantrap

A device that monitors and controls two interlocking doors to a small room (a vestibule), designed to separate secure and nonsecure areas.

digital camera

A device that uses internal storage and external SD cards to record photographs and capture video.

deadbolt lock

A door lock that extends a solid metal bar into the door frame for extra security.

cage

A fenced secure waiting area that can contain visitors until they are approved for entry.

security guard

A human who is an active secu-rity element.

door lock

A lock that requires a key or other device to open doors.

change management

A methodology for making modifications to a system and keeping track of those changes.

supply chain

A network that moves a product from the supplier to the customer.

UEFI (Unified Extensible Firmware Interface)

A newer mechanism that replaces the BIOS for startup.

access log

A paper or electronic record of individuals who have permission to enter a secure area, the time that they entered, and the time they left the area.

pointer deference

A pointer with a value of NULL used as if it pointed to a valid memory area.

least functionality

A principle in which a user is given the minimum set of permissions required to perform necessary tasks.

patch

A publicly released software security update intended to repair a vulnerability.

safe

A ruggedized steel box with a lock.

secure cabinet

A ruggedized steel box with a lock.

screen filter

A screen that "blacks out" view-ers outside the normal direct viewing angle of a display.

dead code

A section of an application that executes but performs no meaningful function.

bollard

A short but sturdy vertical post that is used to block vehicular traffic.

microSD

A smaller form factor type of Secure Digital card commonly used in smaller devices such as smartphones, digital cameras, and tablets.

secure DevOps

A specific type of software methodology that follows the agile model and heavily incorporates security concepts.

staging stage

A stage in application develop-ment that performs a quality assurance test to verify that the code functions as intended.

testing stage

A stage in which an application is tested for any errors that could result in a security vulnerability.

development stage

A stage of application development in which the requirements for the application are established and it is confirmed that the application meets the intended business needs before the actual coding begins.

Secure Boot

A standard designed to be used with UEFI to ensure that a computer boots using only software that is trusted by the computer manufacturer.

barricade

A structure designed to block the passage of traffic.

stored procedure

A subroutine available to applications that access a relational database.

protected distribution system (PDS)

A system of cable conduits that is used to protect classified information being transmitted between two secure areas.

model verification

A test used to ensure that the projected application meets all specifications at that point.

sandbox

A testing environment that iso-lates untested code from the live production environment.

memory leak

A vulnerability that occurs when an application dynamically allocates memory but does not free that memory when finished using it.

sign

A written placard that displays a warning, such as a notice that an area is restricted.

proper input validation

Accounting for errors such as incorrect user input.

integrity measurement

An "attestation mechanism" designed to ensure that an application is running only known and approved executables.

agile model

An application development life-cycle model that follows an incremental approach.

production stage

An application development stage in which the application is released to be used in its actual setting.

DLL injection

An attack that inserts code into a running process through a Dynamic Link Library.

alarm

An audible sound to warn a guard of an intruder.

mobile OS

An operating system for mobile phones, smartphones, tablets, and other handheld devices.

trusted OS

An operating system that has been designed through OS hardening.

application whitelisting/blacklisting

Creating a list of applications that are permitted or denied to run.

baselining

Creating a starting point for comparison purposes to apply targets and goals to measure success.

motion detection

Determining an object's change in position in relation to its surroundings.

code signing

Digitally signing applications.

data exposure

Disclosing sensitive data to attackers.

immutable systems

Ensuring that once a value or configuration is employed as part of an application, it is not modified.

continuous integration

Ensuring that security features are incorporated at each stage of application development.

BIOS (Basic Input/Output System)

Firmware that wakens and tests the various components of the computer upon startup.

lighting

Illuminating an area so that it can be viewed after dark.

client-side execution and validation

Input validation that is performed by the user's web browser.

server-side execution and validation

Input validation that uses the server to perform the validation.

runtime code testing

Looking for errors after the program has compiled correctly and is running, such as a pointer deference or memory leak.

infrastructure as code

Managing a hard-ware and software infrastructure using the same principles as developing computer code.

appliance OS

OS in firmware that is designed to manage a specific device like a digital video recorder or video game console.

disabling unnecessary ports and services

One of the primary OS security configurations, this involves the "turning off" any service that is not being used.

Secure Digital (SD)

One popular type of remov-able data storage.

network OS

Operating system (OS) software that runs on a network device like a firewall, router, or switch.

server OS

Operating system software that runs on a network server to provide resources to network users.

normalization

Organizing data within a database to minimize redundancy.

key management

Procedures to regulate the distribution of door keys.

stress testing

Putting an application under a heavier than normal load to determine if the program is robust and can perform all error handling correctly.

deprovisioning

Removing a resource that is no longer needed.

compiled code testing

Searching for errors that could prevent an application from properly compiling from source code to application code.

fencing

Securing a restricted area by erecting a barrier.

dynamic analysis (fuzzing)

Software testing technique that deliberately provides invalid, unexpected, or random data as inputs to a computer program.

version control

Software that allows changes to be automatically recorded and if necessary "rolled back" to a previous version of the software.

antivirus (AV)

Software that can examine a computer for any infections as well as monitor computer activity and scan new documents that might contain a virus.

kiosk OS

System and user interface software for an interactive kiosk.

proper error handling

Taking the correct steps when an error occurs so that the application does not abort unexpectedly.

provisioning

The enterprise-wide configuration, deployment, and management of multiple types of IT system resources.

hardware root of trust

The hardware starting point in a chain of trust.

static program analyzers

Tools that examine software without actually executing the pro-gram; instead, the source code is reviewed and analyzed.

security automation

Tools that test for vulnerabilities automatically.

patch management tools

Tools used to man-age security patches.

disabling default accounts/passwords

Turning off unnecessary default accounts and passwords.

code reuse of third-party libraries and SDKs

Using existing software or software development kits (SDKs) in a new application.

video surveillance camera

Video camera used to monitor activity; captured images can be sent to closed circuit TV (CCTV) monitored by a human or recorded for later examination.

obfuscation/camouflaged code

Writing an application in such a way that its inner functionality is difficult for an outsider to understand.