IS 3513 Exam One (Modules 1, 2, 3)
The 'C' in the "CIA" of security stands for _______.
Confidentiality
Which item(s) below best describe shell programming?
It allows for quick execution of batch files.
Definition of Authentication
The process by which a subject's (such as a user's) identity is verified
The function of a UNIX "pipe" is to _______.
pass the output of one tool to the input of another
True or False: The strength of a symmetric encryption is based on the secrecy of the algorithm, but the key can be public.
False
What algorithm can be used to provide for key stretching?
PBKDF2
(True or False) Accreditation is a formal declaration by a designated approving authority (DAA) that an AIS is approved to operate in a particular security mode using a prescribed set of safeguards.
True
What is the most important characteristic of a key to have?
long and random
Match the correct aliases below to the Powershell command-let Get-Help.
man help
In the list below, match each of the types of technology and techniques to one of the three elements (prevention, detection, and response) of the operational model of computer security: Protection = Prevention + (Detection + Response). (Response Only)
Backups Computer Forensics Incident Response Teams
(True or False) Certification is a formal declaration by a designated approving authority (DAA) that an AIS is approved to operate in a particular security mode using a prescribed set of safeguards.
False
(True or False)A pipeline consists of only one command that ends with the pipe symbol (|).
False
True or False: DES, AES, RSA, and ECC are all examples of symmetric encryption.
False
_______ functions are very special type of encryption algorithms that takes an input and mathematically reduces it to a unique number that is not reversible.
Hashing
For what reason(s) do some security professionals consider insiders more dangerous than outside intruders?
Insiders have knowledge of the security systems in place and are better able to avoid detection
According to CIS Critical Security Controls, which control is part of the "Foundational Cyber Hygiene"—five basic things that you must do to create a strong foundation for your defense?
Inventory of Authorized and Unauthorized Devices
GnuPG, or Gnu Privacy Guard, is an open source implementation of which standard?
OpenPGP
Which of the following is NOT a method to manage enterprise risk?
Outsource enterprise security to a managed system security provider
What are qualitative assessments?
Set of methods, principles, or rules for assessing risk based on nonnumerical categories or levels (e.g., low, moderate, high, very high)
What are quantitative assessments?
Set of methods, principles, or rules for assessing risk based on the use of numbers—where the meanings and proportionality of values are maintained inside and outside the context of the assessment
What are semi-quantitative assessments?
Set of methods, principles, or rules for assessing risk that uses bins (e.g., 0-15, 16-35, 35-70, 71-85, 86-100), scales (e.g., 1-10), or representative numbers whose values and meanings are not maintained in other contexts
Definition of Assurance
The availability of the systems and information when it is needed (i.e., the dependability)
(True of False) The management of organizational risk provides an effective framework for selecting the appropriate security controls.
True
(True or False) Diff is the utility to use to display the differences between two files.
True
(True or False) Hiding a text file in a .jpg file is an example of steganography.
True
(True or False) In Bash, the shell functions are stored in memory so that they do not have to be read from the disc every time you execute them.
True
(True or False) Users can use a shell as a programming language.
True
True or False: Cryptography can be used to protect confidentiality and integrity as well as to implement nonrepudiation, authentication, key escrow, digital signatures, and digital rights management.
True
In 1970, AT&T at Bell Labs created the _____ operating system
Unix
What is the best description of a shell script?
a text file that contains Linux (UNIX) commands
Which statement(s) accurately describe cyber threats today? Select all that apply.
a. Our information networks and technology are constantly at risk from a variety of bad actors. b. Terrorists and extremist groups today use the power of the Internet to spread their messages and to recruit new members. c. Theft of intellectual property can result in economic and social costs that are broader than profit losses to a single company or sector.
Windows has many commands useful for security actions. Which of the following are not security-oriented commands? Choose all that apply.
a. dir, del, mov b. chkdsk, echo, path
In the list below, match each of the types of technology and techniques to one of the three elements (prevention, detection, and response) of the operational model of computer security: Protection = Prevention + (Detection + Response). (Detection Only)
audit logs honeypots intrusion detection systems
Cryptographic algorithms directly address all of the following components of security EXCEPT _______.
availability
Which of the following utilities can you find in the Sysinternals Tool Suite? Select all that apply.
c. handle, autoruns, shellrunas d. PsKill, PsExec, PsPasswd
The Risk Management Framework identifies a Security Life Cycle that consists of the following steps: _______.
categorize, select, implement, assess, authorize, monitor
The term _______ _______ refers to an arranged group of different algorithms used for authentication, encryption/decryption, digital signatures, and hashing.
cipher suite
Which of the following represents Windows operating system commands?
cls, echo, exit
A little program in Windows PowerShell script that performs a single function is knoas wn a(n) _______.
cmdlet
Making two inputs result in the exact same cryptographic hash is called a(n) _______ _______ .
collision attack
A good hash function is resistant to _______.
collisions
The Center for Internet Security (CIS), which created the 20 Critical Security Controls, is a _____.
community of individuals, governments, and companies
Agents intercept a message that is encrypted, and proceed to use various techniques to try and decipher the plain text message. This is an example of _______.
cryptanalysis
The term _______ refers to every possible value for a cryptographic key.
keyspace
What is the security principle based upon providing a user with the minimum set of rights and privileges that he or she needs to perform required functions?
least privilege
According to the "NSA Methodology for Adversary Obstruction," which mitigation measure reduces the adversary's ability to go from exploiting one machine to taking over the entire network?
limiting lateral movement
The "NSA Methodology for Adversary Obstruction" outlines steps to segregate networks and functions. One of these methods is DMZ isolation. By ensuring that the DMZ is properly segregated both through physical and _______ network architecture and admin/user accounts, a network owner can greatly decrease the external attack surface.
logical
In which of the following is an attacker looking for any organization vulnerable to a specific exploit, rather than attempting to gain access to a specific organization?
target of opportunity attack
What is a network device used to segregate traffic based on rules?
Firewalls
Which shells below are common Linux shells?
tsch, bash, sh
Definition of Virus
A form of malicious code or software that attaches itself to other pieces of code in order to replicate
Definition of vulnerability
A weakness in an asset that can be exploited by a threat to cause harm
According to the "NSA Methodology for Adversary Obstruction," a(n) [x] network is one that provides the network defense team a chance to quickly and effectively detect, counter, and expel an adversary.
According to the "NSA Methodology for Adversary Obstruction," a(n) defendable network is one that provides the network defense team a chance to quickly and effectively detect, counter, and expel an adversary.
Actors who deliberately access computer systems and networks without authorization are called [x].
Actors who deliberately access computer systems and networks without authorization are called hackers.
How is 3DES an improvement over normal DES?
It uses three keys and multiple encryption and/or decryption sets.
The use of social engineering to trick a user into responding to something such as an e-mail to instantiate a malware-based attack is known as _______.
Phishing
Which of the five critical tenets of an effective cyber defense system as reflected in the CIS Critical Security Controls is based upon investing first in controls that will provide the greatest risk reduction and protection against the most dangerous threat actors and that can be feasibly implemented in your computing environment?
Prioritization
In the list below, match each of the types of technology and techniques to one of the three elements (prevention, detection, and response) of the operational model of computer security: Protection = Prevention + (Detection + Response). (Prevention Only)
access controls encryption firewalls
Which of the following is not a Linux Shell?
powershell
What is the biggest drawback to symmetric encryption?
requires a key to be secretly shared
Which Linux command is not associated with access permissions?
rmdir
Entered using any standard text editor, a shell _____ is a text file that contains Linux (UNIX) commands, which you enter using any standard text editor.
script
The rise of which of the following has greatly increased the number of individuals who probe organizations looking for vulnerabilities to exploit?
script kiddies
A simple way to hide information, the _______ _______ moves a letter a set number of places down the alphabet.
shift cipher
Which function is not associated with a basic Linux shell?
to ensure proper system shutdown with the use of the EXIT command
As part of the "CIA" of security, what is the goal of availability?
to ensure that the data, or the system itself, is accessible when the authorized user wants it
When a message is sent, no matter what its format, why do we care about its integrity?
to show that the message has not been edited in transit
Encrypting a message by simply rearranging the order of the letters is a function of the _______.
transposition
_______ functions are difficult to process without the key but easy to process when you have the key.
trapdoor
The term "information _______" refers to actions against the information and information processing equipment used by an adversary.
warfare