IS 3513 Exam One (Modules 1, 2, 3)

The 'C' in the "CIA" of security stands for _______.

Confidentiality

Which item(s) below best describe shell programming?

It allows for quick execution of batch files.

Definition of Authentication

The process by which a subject's (such as a user's) identity is verified

The function of a UNIX "pipe" is to _______.

pass the output of one tool to the input of another

True or False: The strength of a symmetric encryption is based on the secrecy of the algorithm, but the key can be public.

False

What algorithm can be used to provide for key stretching?

PBKDF2

(True or False) Accreditation is a formal declaration by a designated approving authority (DAA) that an AIS is approved to operate in a particular security mode using a prescribed set of safeguards.

True

What is the most important characteristic of a key to have?

long and random

Match the correct aliases below to the Powershell command-let Get-Help.

man help

In the list below, match each of the types of technology and techniques to one of the three elements (prevention, detection, and response) of the operational model of computer security: Protection = Prevention + (Detection + Response). (Response Only)

Backups Computer Forensics Incident Response Teams

(True or False) Certification is a formal declaration by a designated approving authority (DAA) that an AIS is approved to operate in a particular security mode using a prescribed set of safeguards.

False

(True or False)A pipeline consists of only one command that ends with the pipe symbol (|).

False

True or False: DES, AES, RSA, and ECC are all examples of symmetric encryption.

False

_______ functions are very special type of encryption algorithms that takes an input and mathematically reduces it to a unique number that is not reversible.

Hashing

For what reason(s) do some security professionals consider insiders more dangerous than outside intruders?

Insiders have knowledge of the security systems in place and are better able to avoid detection

According to CIS Critical Security Controls, which control is part of the "Foundational Cyber Hygiene"—five basic things that you must do to create a strong foundation for your defense?

Inventory of Authorized and Unauthorized Devices

GnuPG, or Gnu Privacy Guard, is an open source implementation of which standard?

OpenPGP

Which of the following is NOT a method to manage enterprise risk?

Outsource enterprise security to a managed system security provider

What are qualitative assessments?

Set of methods, principles, or rules for assessing risk based on nonnumerical categories or levels (e.g., low, moderate, high, very high)

What are quantitative assessments?

Set of methods, principles, or rules for assessing risk based on the use of numbers—where the meanings and proportionality of values are maintained inside and outside the context of the assessment

What are semi-quantitative assessments?

Set of methods, principles, or rules for assessing risk that uses bins (e.g., 0-15, 16-35, 35-70, 71-85, 86-100), scales (e.g., 1-10), or representative numbers whose values and meanings are not maintained in other contexts

Definition of Assurance

The availability of the systems and information when it is needed (i.e., the dependability)

(True of False) The management of organizational risk provides an effective framework for selecting the appropriate security controls.

True

(True or False) Diff is the utility to use to display the differences between two files.

True

(True or False) Hiding a text file in a .jpg file is an example of steganography.

True

(True or False) In Bash, the shell functions are stored in memory so that they do not have to be read from the disc every time you execute them.

True

(True or False) Users can use a shell as a programming language.

True

True or False: Cryptography can be used to protect confidentiality and integrity as well as to implement nonrepudiation, authentication, key escrow, digital signatures, and digital rights management.

True

In 1970, AT&T at Bell Labs created the _____ operating system

Unix

What is the best description of a shell script?

a text file that contains Linux (UNIX) commands

Which statement(s) accurately describe cyber threats today? Select all that apply.

a. Our information networks and technology are constantly at risk from a variety of bad actors. b. Terrorists and extremist groups today use the power of the Internet to spread their messages and to recruit new members. c. Theft of intellectual property can result in economic and social costs that are broader than profit losses to a single company or sector.

Windows has many commands useful for security actions. Which of the following are not security-oriented commands? Choose all that apply.

a. dir, del, mov b. chkdsk, echo, path

In the list below, match each of the types of technology and techniques to one of the three elements (prevention, detection, and response) of the operational model of computer security: Protection = Prevention + (Detection + Response). (Detection Only)

audit logs honeypots intrusion detection systems

Cryptographic algorithms directly address all of the following components of security EXCEPT _______.

availability

Which of the following utilities can you find in the Sysinternals Tool Suite? Select all that apply.

c. handle, autoruns, shellrunas d. PsKill, PsExec, PsPasswd

The Risk Management Framework identifies a Security Life Cycle that consists of the following steps: _______.

categorize, select, implement, assess, authorize, monitor

The term _______ _______ refers to an arranged group of different algorithms used for authentication, encryption/decryption, digital signatures, and hashing.

cipher suite

Which of the following represents Windows operating system commands?

cls, echo, exit

A little program in Windows PowerShell script that performs a single function is knoas wn a(n) _______.

cmdlet

Making two inputs result in the exact same cryptographic hash is called a(n) _______ _______ .

collision attack

A good hash function is resistant to _______.

collisions

The Center for Internet Security (CIS), which created the 20 Critical Security Controls, is a _____.

community of individuals, governments, and companies

Agents intercept a message that is encrypted, and proceed to use various techniques to try and decipher the plain text message. This is an example of _______.

cryptanalysis

The term _______ refers to every possible value for a cryptographic key.

keyspace

What is the security principle based upon providing a user with the minimum set of rights and privileges that he or she needs to perform required functions?

least privilege

According to the "NSA Methodology for Adversary Obstruction," which mitigation measure reduces the adversary's ability to go from exploiting one machine to taking over the entire network?

limiting lateral movement

The "NSA Methodology for Adversary Obstruction" outlines steps to segregate networks and functions. One of these methods is DMZ isolation. By ensuring that the DMZ is properly segregated both through physical and _______ network architecture and admin/user accounts, a network owner can greatly decrease the external attack surface.

logical

In which of the following is an attacker looking for any organization vulnerable to a specific exploit, rather than attempting to gain access to a specific organization?

target of opportunity attack

What is a network device used to segregate traffic based on rules?

Firewalls

Which shells below are common Linux shells?

tsch, bash, sh

Definition of Virus

A form of malicious code or software that attaches itself to other pieces of code in order to replicate

Definition of vulnerability

A weakness in an asset that can be exploited by a threat to cause harm

According to the "NSA Methodology for Adversary Obstruction," a(n) [x] network is one that provides the network defense team a chance to quickly and effectively detect, counter, and expel an adversary.

According to the "NSA Methodology for Adversary Obstruction," a(n) defendable network is one that provides the network defense team a chance to quickly and effectively detect, counter, and expel an adversary.

Actors who deliberately access computer systems and networks without authorization are called [x].

Actors who deliberately access computer systems and networks without authorization are called hackers.

How is 3DES an improvement over normal DES?

It uses three keys and multiple encryption and/or decryption sets.

The use of social engineering to trick a user into responding to something such as an e-mail to instantiate a malware-based attack is known as _______.

Phishing

Which of the five critical tenets of an effective cyber defense system as reflected in the CIS Critical Security Controls is based upon investing first in controls that will provide the greatest risk reduction and protection against the most dangerous threat actors and that can be feasibly implemented in your computing environment?

Prioritization

In the list below, match each of the types of technology and techniques to one of the three elements (prevention, detection, and response) of the operational model of computer security: Protection = Prevention + (Detection + Response). (Prevention Only)

access controls encryption firewalls

Which of the following is not a Linux Shell?

powershell

What is the biggest drawback to symmetric encryption?

requires a key to be secretly shared

Which Linux command is not associated with access permissions?

rmdir

Entered using any standard text editor, a shell _____ is a text file that contains Linux (UNIX) commands, which you enter using any standard text editor.

script

The rise of which of the following has greatly increased the number of individuals who probe organizations looking for vulnerabilities to exploit?

script kiddies

A simple way to hide information, the _______ _______ moves a letter a set number of places down the alphabet.

shift cipher

Which function is not associated with a basic Linux shell?

to ensure proper system shutdown with the use of the EXIT command

As part of the "CIA" of security, what is the goal of availability?

to ensure that the data, or the system itself, is accessible when the authorized user wants it

When a message is sent, no matter what its format, why do we care about its integrity?

to show that the message has not been edited in transit

Encrypting a message by simply rearranging the order of the letters is a function of the _______.

transposition

_______ functions are difficult to process without the key but easy to process when you have the key.

trapdoor

The term "information _______" refers to actions against the information and information processing equipment used by an adversary.

warfare