MIS 4800 - Final Exam Study

Which term refers to a set of wireless technologies that enables smartphones and other devices to establish radio communication over a short proximity?

Near field communication (NFC)

Which type of attack occurs when the attacker captures a portion of a communication between two parties and retransmits it at a later time?

Replay

Which access control type would be used to grant permissions based on the specific duties that must be performed?

Role-based access control

Which device forms the backbone of the Internet, moving traffic from network to network, inspecting packets from every communication as they move traffic in optimal paths?

Router

What protocol has its origins as a replacement for the insecure Telnet application from the UNIX operating system?

SSH

What is the correct sequence of the three-way handshake?

SYN, SYN/ACK, ACK

Which security concept uses the approach of protecting something by hiding it?

Security through obscurity

A _________________ is a critical operation upon which many other operations rely and which itself relies on a single item that, if lost, would halt this critical operation.

Single point of failure

____________________ is a form of authentication that involves the transferring of credentials between systems.

Single sign-on (SSO)

Which term describes a point-in-time saving of the state of a virtual machine?

Snapshot

__________ relies on lies and misrepresentation, which an attacker uses to trick an authorized user into providing information or access the attacker would not normally be entitled to.

Social engineering

Which attacks represent examples of state-sponsored malware?

Stuxnet, Duqu, and Flame

Which device forms the basis for connections in most Ethernet-based LANs?

Switch

Which encryption method is based on the idea of using the same key for encryption and decryption of data?

Symmetric encryption

Which security device is a passive signal-copying mechanism installed between two points on the network?

TAP

Which statement describes the main difference between TCP and UDP packets?

TCP packets are connection oriented, whereas UPD packets are connectionless.

What term does the U.S. Department of Defense use to describe both a program in the military to control electronic emanations from electrical equipment and the actual process or controlling the emanations?

TEMPEST

This is a common form of testing a disaster recovery plan that has little to no impact on the company but also doesn't completely test the plan.

Tabletop exercise

Which Internet worm, released in 1988, is considered to be one of the first real Internet crime cases?

The Morris Worm

What is the primary vulnerability associated with many methods of remote access?

The passing of critical data in cleartext

The best algorithms are always public algorithms that have been published for peer review by other cryptographic and mathematical experts.

True

The primary defense against a majority of physical attacks are walls, fences, gates, and doors.

True

The purpose of change management is to ensure proper procedures are followed when modifications to the IT infrastructure are made.

True

Today, the data stored and processed by computers is almost always more valuable than the hardware.

True

Which term describes a category of attacks that generally are conducted over short periods of time (lasting at most a few months), involve a smaller number of individuals, have little financial backing, and are accomplished by insiders or outsiders who do not seek collusion with insiders?

Unstructured threat category

Which term refers to a unique alphanumeric identifier for a user of a computer system?

Username

What is a logical implementation of a LAN that allows computers connected to different physical networks to act and communicate as if they were on the same physical network?

VLAN

Which service is typically used to allow a user access to a corporate data network from a home PC across the Internet?

VPN

Certificates are used to (check all that apply):

Verify the sender of an email Sign software Verify the legitimacy of a website

Which term is used to describe the hosting of a desktop environment on a central server?

Virtual desktop infrastructure (VDI)

Which tool is used to provide a secure communication channel between users across public networks such as the Internet?

Virtual private network (VPN)

What is a drawback to water-based fire suppression systems?

Water-based systems are destructive to electrical equipment.

A certificate revocation list (CRL) is

a list of serial numbers of certificates that have been revoked

Businesses should have a ___________________ that outlines what employees can do with company resources, such as computer systems, e-mail, Internet access, and networks.

acceptable use policy

A(n) ____________________ is a trusted authority that certifies individuals' identities and creates electronic documents indicating that individuals are who they say they are.

certificate authority

Which poor security practice is one of the most common and most dangerous?

choosing poor passwords

When material, called plaintext, needs to be protected from unauthorized interception or alteration, it is encrypted into __________.

ciphertext

Which term generally refers to the standard of care a business is expected to exercise in preparation for a business transaction?

due diligence

In a ________________ backup all files and software are stored on the media.

full

Under privilege management, a(n) ____________________ is a collection of users with some common criteria, such as a need for access to a particular dataset or group of applications.

group

Transport encryption is used to protect data that is __________

in motion

Common uses of hashing algorithms are to store computer passwords and to ensure message __________.

integrity

A __________ is a special piece of data used in both the encryption and decryption processes.

key

The term __________ refers to software that has been designed for some nefarious purpose

malware

What security design principle states that secrecy itself cannot be relied upon as a means of protection?

open design

Which statement describes why social engineering is successful?

people have a basic desire to be helpful

What step can be taken to evaluate the effectiveness of the security measures in place at an organization?

perform a vulnerability assessment

________________ is the target time that is set for resuming operations after an incident.

recovery time objective (RTO)

A(n) ____________________ is the PKI component that accepts a request for a digital certificate and performs the necessary steps of registering and authenticating the person requesting the certificate.

registration authority

Making data look like it has come from a different source is called __________

spoofing

A session key is a(n) __________ key used for encrypting messages during a communication session.

symmetric

A DMZ acts as a buffer zone between the Internet, where no controls exist, and the inner, secure network, where an organization has security policies in place.

true

IPv6 complexity increases operational challenges for correct deployment.

true

Phishing is the most common form of social engineering attack related to computer security.

true

Which of the following is an example of a MAC address?

00:07:e9:c8:ff:00

Which of the following is a valid IP address?

12.12.12.12

How many bits are in an IPv6 address?

128

__________ is essentially noting which domains and source addresses have a reputation for sending spam, and rejecting messages coming from those domains and source addresses

Blacklisting

Which term refers to any media used to boot a computer into an operating system (OS) that is not the native OS on its hard drive?

Bootdisk

Which type of attack occurs when a password-cracking program attempts all possible password combinations?

Brute-force

A public cloud system is one where several organizations with a common interest share a cloud environment for the specific purposes of the shared endeavor.

False

Currently, all instant messaging programs natively support encryption.

False

Keys and certificates should not have expiration dates.

False

Systems that are categorized as optional should be restored first after an emergency.

False

Targeted attacks are easier and take less time and effort than attacks on targets of opportunity.

False

Telnet traffic is encrypted by default.

False

The biggest danger to any organization comes from external attacks more than internal attacks

False

Today the focus of security should be on prevention.

False

Which term describes a network device—hardware, software, or a combination thereof—whose purpose is to enforce a security policy across its connections by allowing or denying traffic to pass into or out of the network

Firewall

Which type of alternative site ( backup site) is the most ready for a company to restore service from?

Hot site

What is a good way to reduce the chance of a successful social engineering attack?

Implement a strong security education and awareness training program.

Which security principle states that if you have not specifically been allowed access, then it should be denied?

Implicit Deny

What is a firewall condition in which any traffic not specifically permitted by a previous rule in the rule set is denied?

Implicit deny

How did the Code Red worm spread?

It made use of a buffer-overflow condition in Microsoft's IIS web servers that had been known for a month.

Which term refers to a process by which the user escalates their privilege level, bypassing the operating system's controls and limitations?

Jailbreaking

In terms of physical security, which term refers to protecting important assets by using multiple perimeters?

Layered access

Which term refers to the ability to distribute the processing load over two or more systems?

Load balancing

What term refers to a piece of code that sits dormant for a period of time until some event invokes its malicious payload?

Logic bomb

Which term refers to a type of an attack where an attacker spoofs addresses and imposes their packets in the middle of an existing connection?

Man-in-the-middle attack

What term refers to the combination of two or more types of authentication?

Multifactor authentication

What is one benefit of Network Address Translation (NAT)?

NAT compensates for the lack of available IP address space.

Which term refers to technology employed to detect and prevent transfers of data across an enterprise?

Data loss prevention (DLP)

Which security principle is characterized by the use of multiple, different defense mechanisms with a goal of improving the defensive response to an attack?

Defense in depth

What type of attack is based on the automated download of malware that takes advantage of a browsers' ability to download the different files that compose a web page?

Drive-by download

Which term means that the message sender cannot later deny that they sent the message?

Nonrepudiation

What is a paradox of social engineering attacks?

People are not only the biggest problem and security risk but also the best tool in defending against an attack.

___________________ distributes data over multiple hard drives to provide speed, redundancy or both.

RAID

Permissions can be applied to specific users or groups to control that user's or group's ability to vie, modify, access, use, or delete resources such as folders and file.

True

Why is wireless problematic from a security standpoint?

There is no control over the physical layer of traffic.

A digital certificate binds an individual's identity to a public key

True

A key security methodology is to attempt to avoid a single point of failure in critical functions within an organization.

True

A wildcard certificate is good for more than one website in a domain

True

Application whitelisting can improve security by preventing unapproved applications from being installed and run on the device.

True

Asymmetric encryption is more commonly known as public key cryptography

True

Digital certificates can be used to verify an individual's identity through e-mail.

True

Firewalls can act as flood guards, detecting and mitigating specific types of DoS/DDoS attacks.

True

It is important to consider the legal implications of where you store your backups

True

It is important to secure certificates because they can be used to fake your identity or in a cybersecurity attack

True

Most e-mail is sent in plaintext, providing no privacy in its default form

True

One company can trust another company's certificate authority server.

True