IS 413 FINAL UAB 2020

What program, released in 2013, is an example of ransomware?

Crypt0L0cker

Betty visits a local library with her young children. She notices that someone using a computer terminal in the library is visiting pornographic websites. What law requires that the library filter offensive web content for minors?

Children's Internet Protection Act (CIPA)

Which type of attack involves the creation of some deception in order to trick unsuspecting users?

Fabrication

A digitized signature is a combination of a strong hash of a message and a secret key.

False

Privacy is the process used to keep data private.

False

What entity is responsible for overseeing compliance with Family Educational Rights and Privacy Act (FERPA)?

Family Policy Compliance Office (FPCO)

Adam's company recently suffered an attack where hackers exploited an SQL injection issue on their web server and stole sensitive information from a database. What term describes this activity?

Incident

Rachel is investigating an information security incident that took place at the high school where she works. She suspects that students may have broken into the student records system and altered their grades. If correct, which one of the tenets of information security did this attack violate?

Integrity

Maria's company recently experienced a major system outage due to the failure of a critical component. During that time period, the company did not register any sales through its online site. Which type of loss did the company experience as a result of lost sales?

Opportunity cost

Christopher is designing a security policy for his organization. He would like to use an approach that allows a reasonable list of activities but does not allow other activities. Which permission level is he planning to use?

Prudent

Earl is preparing a risk register for his organization's risk management program. Which data element is LEAST likely to be included in a risk register?

Risk survey results

Which scenario presents a unique challenge for developers of mobile applications?

Selecting multiple items from a list

Because people inside an organization generally have more detailed knowledge of the IT infrastructure than outsiders do, they can place logic bombs more easily.

True

Classification scope determines what data you should classify; classification process determines how you handle classified data.

True

In an incremental backup, you start with a full backup when network traffic is light. Then, each night, you back up only that day's changes.

True

Information systems security is about ensuring the confidentiality, integrity, and availability of IT infrastructures and the systems they comprise.

True

Message authentication confirms the identity of the person who started a correspondence.

True

Organizations should start defining their IT security policy framework by defining an asset classification policy.

True

The idea that users should be granted only the levels of permissions they need in order to perform their duties is called the principle of least privilege.

True

Adam is evaluating the security of a web server before it goes live. He believes that an issue in the code allows an SQL injection attack against the server. What term describes the issue that Adam discovered?

Vulnerability

What is the maximum value for any octet in an IPv4 IP address?

255

What is NOT a principle for privacy created by the Organization for Economic Cooperation and Development (OECD)?

An organization should share its information.

Federal agencies are required to name a senior official in charge of information security. What title is normally given to these individuals?

Chief information security officer (CISO)

Which one of the following is an example of a direct cost that might result from a business disruption?

Facility repair

A bricks-and-mortar strategy includes marketing and selling goods and services on the Internet.

False

Another name for a border firewall is a DMZ firewall.

False

Continuity of critical business functions and operations is the first priority in a well-balanced business continuity plan (BCP).

False

During the secure phase of a security review, you review and measure all controls to capture actions and changes on the system.

False

Service-level agreements (SLAs) are optical backbone trunks for private optical backbone networks.

False

Terminal Access Controller Access Control System Plus (TACACS+) is an authentication server that uses client and user configuration files.

False

Wardialers are becoming more frequently used given the rise of Voice over IP (VoIP).

False

Betsy recently assumed an information security role for a hospital located in the United States. What compliance regulation applies specifically to healthcare providers?

HIPAA

What is a set of concepts and policies for managing IT infrastructure, development, and operations?

IT Infrastructure Library (ITIL)

Brian needs to design a control that prevents piggybacking, only allowing one person to enter a facility at a time. What type of control would best meet this need?

Mantraps

Which one of the following measures the average amount of time that it takes to repair a system, application, or component?

Mean time to repair (MTTR)

Gwen's company is planning to accept credit cards over the Internet. Which one of the following governs this type of activity and includes provisions that Gwen should implement before accepting credit card transactions?

Payment Card Industry Data Security Standard (PCI DSS)

Which data source comes first in the order of volatility when conducting a forensic investigation?

RAM

A personnel safety plan should include an escape plan.

True

An electronic mail bomb is a form of malicious macro attack that typically involves an email attachment that contains macros designed to inflict maximum damage.

True

In remote journaling, a system writes a log of online transactions to an offsite location.

True

The International Electrotechnical Commission (IEC) was instrumental in the development of standards for electrical measurements, including gauss, hertz, and weber.

True

The recovery point objective (RPO) can come from the business impact analysis or sometimes from a government mandate, such as banking laws.

True

Bob has a high-volume virtual private network (VPN). He would like to use a device that would best handle the required processing power. What type of device should he use?

VPN concentrator

Yuri is a skilled computer security expert who attempts to break into the systems belonging to his clients. He has permission from the clients to perform this testing as part of a paid contract. What type of person is Yuri?

White-hat hacker

Which type of attack against a web application uses a newly discovered vulnerability that is not patchable?

Zero-day attack

The auto industry has not yet implemented the Internet of Things (IoT).

False

Which one of the following is the best example of an authorization control?

Access control lists

Which type of password attack attempts all possible combinations of a password in an attempt to guess the correct value?

Brute-force attack

Which element is NOT a core component of the ISO 27002 standard?

Cryptography

A hardware configuration chart should NOT include copies of software configurations.

False

A phishing attack "poisons" a domain name on a domain name server.

False

Certification is the formal agreement by an authorizing official to accept the risk of implementing a system.

False

Which type of authentication includes smart cards?

Ownership

From a security perspective, what should organizations expect will occur as they become more dependent upon the Internet of Things (IoT)?

Security risks will increase.

Backdoor programs are typically more dangerous than computer viruses.

True

The Government Information Security Reform Act (Security Reform Act) of 2000 focuses on management and evaluation of the security of unclassified and national security systems.

True

Allie is working on the development of a web browser and wants to make sure that the browser correctly implements the Hypertext Markup Language (HTML) standard. What organization's documentation should she turn to for the authoritative source of information?

World Wide Web Consortium (W3C)

You should use easy-to-remember personal information to create secure passwords.

False

A keyword mixed alphabet cipher uses a cipher alphabet that consists of a keyword, minus duplicates, followed by the remaining letters of the alphabet.

True

Jacob is conducting an audit of the security controls at an organization as an independent reviewer. Which question would NOT be part of his audit?

Is the security control likely to become obsolete in the near future?

In which type of attack does the attacker attempt to take over an existing connection between two systems?

Session hijacking

Kaira's company recently switched to a new calendaring system provided by a vendor. Kaira and other users connect to the system, hosted at the vendor's site, using a web browser. Which service delivery model is Kaira's company using?

Software as a Service (SaaS)

A substitution cipher replaces bits, characters, or blocks of information with other bits, characters, or blocks.

True

A trusted operating system (TOS) provides features that satisfy specific government requirements for security.

True

After audit activities are completed, auditors perform data analysis.

True

American National Standards Institute (ANSI) was formed in 1918 through the merger of five engineering societies and three government agencies.

True

Henry is creating a firewall rule that will allow inbound mail to the organization. What TCP port must he allow through the firewall?

25

Henry would like to create a different firewall rule that allows encrypted web traffic to reach a web server. What port is used for that communication?

443

The term "router" describes a device that connects two or more networks and selectively interchanges packets of data between them.

True

When servers need operating system upgrades or patches, administrators take them offline intentionally so they can perform the necessary work without risking malicious attacks.

True

What is NOT a commonly used endpoint security technique?

Network firewall

Which security testing activity uses tools that scan for services running on systems?

Network mapping

What term describes the risk that exists after an organization has performed all planned countermeasures and controls?

Residual risk

Which one of the following principles is NOT a component of the Biba integrity model?

Subjects cannot change objects that have a lower integrity level.

What type of network device normally connects directly to endpoints and uses MAC-based filtering to limit traffic flows?

Switch

Aditya is attempting to classify information regarding a new project that his organization will undertake in secret. Which characteristic is NOT normally used to make these type of classification decisions?

Threat

A IT security policy framework is like an outline that identifies where security controls should be used.

True

Digital signatures require asymmetric key cryptography.

True

Bricks-and-mortar stores are completely obsolete now.

False

Change doesn't create risk for a business.

False

Committee of Sponsoring Organizations (COSO) is a set of best practices for IT management.

False

Cryptographic key distribution is typically done by phone.

False

Hypertext Transfer Protocol (HTTP) encrypts data transfers between secure browsers and secure web pages.

False

In a known-plaintext attack (KPA), the cryptanalyst has access only to a segment of encrypted data, and has no choice as to what that data might be.

False

Often an extension of a memorandum of understanding (MOU), the blanket purchase agreement (BPA) serves as an agreement that documents the technical requirements of interconnected assets.

False

The first step in creating a comprehensive disaster recovery plan (DRP) is to document likely impact scenarios.

False

The main difference between a virus and a worm is that a virus does not need a host program to infect.

False

The term "data owner" refers to the person or group that manages an IT infrastructure.

False

The term certificate authority (CA) refers to a trusted repository of all public keys.

False

Trojans are self-contained programs designed to propagate from one host machine to another using the host's own network communications protocols.

False

Hypertext Transfer Protocol (HTTP) is the communications protocol between web browsers and websites with data in cleartext.

True

What compliance regulation applies specifically to the educational records maintained by schools about students?

Family Education Rights and Privacy Act (FERPA)

Screen locks are a form of endpoint device security control.

True

During an audit, an auditor compares the current setting of a computer or device with a benchmark to help identify differences.

True

For businesses and organizations under recent compliance laws, data classification standards typically include private, confidential, internal use only, and public domain categories.

True

What type of system is intentionally exposed to attackers in an attempt to lure them out?

Honeypot

Single sign-on (SSO) can provide for stronger passwords because with only one password to remember, users are generally willing to use stronger passwords.

True

What is NOT a typical sign of virus activity on a system?

Unexpected power failures

Terry is troubleshooting a network that is experiencing high traffic congestion issues. Which device, if present on the network, should be replaced to alleviate these issues?

Hub

A smurf attack tricks users into providing logon information on what appears to be a legitimate website but is in fact a website set up by an attacker to obtain this information.

False

Deterrent controls identify that a threat has landed in your system.

False

IoT devices cannot share and communicate your IoT device data to other systems and applications without your authorization or knowledge.

False

The International Standard Book Number (ISBN) is an IEEE standard.

False

The anti-malware utility is one of the most popular backdoor tools in use today.

False

Which one of the following is an example of a logical access control?

Password

Gina is preparing to monitor network activity using packet sniffing. Which technology is most likely to interfere with this effort if used on the network?

Secure Sockets Layer (SSL)

Tomahawk Industries develops weapons control systems for the military. The company designed a system that requires two different officers to enter their access codes before allowing the system to engage. Which principle of security is this following?

Separation of duties

Social engineering is deceiving or using people to get around security controls.

True

Which action is the best step to protect Internet of Things (IoT) devices from becoming the entry point for security vulnerabilities into a network while still meeting business requirements?

Applying security updates promptly

Betty receives a cipher text message from her colleague Tim. What type of function does Betty need to use to read the plaintext message?

Decryption

Beth must purchase firewalls for several network circuits used by her organization. Which one circuit will have the highest possible network throughput?

OC-12

Which of the following allows a certificate authority (CA) to revoke a compromised digital certificate in real time?

Online Certificate Status Protocol (OCSP)

Hilda is troubleshooting a problem with the encryption of data. At which layer of the OSI Reference Model is she working?

Presentation

Which of the following does NOT offer authentication, authorization, and accounting (AAA) services?

Redundant Array of Independent Disks (RAID)

What type of malicious software allows an attacker to remotely control a compromised computer?

Remote Access Tool (RAT)

Which activity is an auditor least likely to conduct during the information-gathering phase of an audit?

Report writing

A computer virus is an executable program that attaches to, or infects, other executable programs.

True

Simple Network Management Protocol (SNMP) is used for network device monitoring, alarm, and performance.

True

Some vending machines are equipped with a cellular phone network antenna for secure credit card transaction processing.

True

The three main categories of network security risk are reconnaissance, eavesdropping, and denial of service.

True