Test 2 ITC

Kim is the risk manager for a large organization. She is evaluating whether the organization should purchase a fire suppression system. She consulted a variety of subject matter experts and determined that there is a 1 percent chance that a fire will occur in a given year. If a fire occurred, it would likely cause $2 million in damage to the facility, which has a $10 million value. Given this scenario, what is the single loss expectancy (SLE)?

$2,000,000

Kim is the risk manager for a large organization. She is evaluating whether the organization should purchase a fire suppression system. She consulted a variety of subject matter experts and determined that there is a 1 percent chance that a fire will occur in a given year. If a fire occurred, it would likely cause $2 million in damage to the facility, which has a $10 million value. Given this scenario, what is the annualized loss expectancy (ALE)?

$20,000

Nancy performs a full backup of her server every Sunday at 1 A.M. and differential backups on Mondays through Fridays at 1 A.M. Her server fails at 9 A.M. Wednesday. How many backups does Nancy need to restore?

2

Kim is the risk manager for a large organization. She is evaluating whether the organization should purchase a fire suppression system. She consulted a variety of subject matter experts and determined that there is a 1 percent chance that a fire will occur in a given year. If a fire occurred, it would likely cause $2 million in damage to the facility, which has a $10 million value. Given this scenario, what is the exposure factor?

20 percent

Henry is creating a firewall rule that will allow inbound mail to the organization. What TCP port must he allow through the firewall?

25 - Simple Mail Transfer Protocol (SMTP)

What is the maximum value for any octet in an IPv4 IP address?

255

Henry's last firewall rule must allow inbound access to a Windows Terminal Server. What port must he allow?

3389

Henry would like to create a different firewall rule that allows encrypted web traffic to reach a web server. What port is used for that communication?

443 HTTP over Secure Sockets Layer (SSL)

What is NOT a valid encryption key length for use with the Blowfish algorithm?

512 bits

Mark is considering outsourcing security functions to a third-party service provider. What benefit is he most likely to achieve?

Access to a high level of expertise

Alice would like to send a message to Bob using a digital signature. What cryptographic key does Alice use to create the digital signature?

Alice's private key

Bob received a message from Alice that contains a digital signature. What cryptographic key does Bob use to verify the digital signature?

Alice's public key

What is NOT a principle for privacy created by the Organization for Economic Cooperation and Development (OECD)?

An organization should share its information.

Norm recently joined a new organization. He noticed that the firewall technology used by his new firm opens separate connections between the devices on both sides of the firewall. What type of technology is being used?

Application Proxying

What is NOT a good practice for developing strong professional ethics?

Assume that information should be free

Ricky is reviewing security logs to independently assess security controls. Which security review process is Ricky engaging in?

Audit

Janet is identifying the set of privileges that should be assigned to a new employee in her organization. Which phase of the access control process is she performing?

Authorization

In an accreditation process, who has the authority to approve a system for implementation?

Authorizing official (AO)

Ann is creating a template for the configuration of Windows servers in her organization. It includes the basic security settings that should apply to all systems. What type of document should she create?

Baseline

Fran is conducting a security test of a new application. She does not have any access to the source code or other details of the application she is testing. What type of test is Fran conducting?

Black-box test

Alice would like to send a message to Bob securely and wishes to encrypt the contents of the message. What key does she use to encrypt this message?

Bob's public key

Karen would like to use a wireless authentication technology similar to that found in hotels where users are redirected to a webpage when they connect to the network. What technology should she deploy?

Captive portal

Which information security objective allows trusted entities to endorse information?

Certification

Which audit data collection method helps ensure that the information-gathering process covers all relevant areas?

Checklist

Which cryptographic attack offers cryptanalysts the most information about how an encryption algorithm works?

Chosen plaintext

Which activity manages the baseline settings for a system or device?

Configuration control

Betty receives a ciphertext message from her colleague Tim. What type of function does Betty need to use to read the plaintext message?

Decryption

What information should an auditor share with the client during an exit interview?

Details of Major Issues

Alice and Bob would like to communicate with each other using a session key but they do not already have a shared secret key. Which algorithm can they use to exchange a secret key?

Diffie-Hellman

Curtis is conducting an audit of an identity management system. Which question is NOT likely to be in the scope of his audit?

Does the firewall properly block unsolicited network connection attempts?

What a key principle of risk management programs?

Don't spend more to protect an asset than it is worth.

What protocol is responsible for assigning IP addresses to hosts on most networks?

Dynamic Host Configuration Protocol (DHCP)

Which practice is NOT considered unethical under RFC 1087 issued by the Internet Architecture Board (IAB)?

Enforcing the integrity of computer-based information

What mathematical problem forms the basis of most modern cryptographic algorithms?

Factoring large primes

Anthony is responsible for tuning his organization's intrusion detection system. He notices that the system reports an intrusion alert each time that an administrator connects to a server using Secure Shell (SSH). What type of error is occurring?

False positive error

David would like to connect a fibre channel storage device to systems over a standard data network. What protocol can he use?

Fibre Channel over Ethernet (FCoE)

What type of firewall security feature limits the volume of traffic from individual hosts?

Flood guard

Bob is preparing to dispose of magnetic media and wishes to destroy the data stored on it. Which method is NOT a good approach for destroying data?

Formatting

What type of function generates the unique value that corresponds to the contents of a message and is used to create a digital signature?

Hash

Which recovery site option provides readiness in minutes to hours?

Hot site

Terry is troubleshooting a network that is experiencing high traffic congestion issues. Which device, if present on the network, should be replaced to alleviate these issues?

Hub

What is a set of concepts and policies for managing IT infrastructure, development, and operations?

IT Infrastructure Library (ITIL)

Adam's company recently suffered an attack where hackers exploited an SQL injection issue on their web server and stole sensitive information from a database. What term describes this activity?

Incident

Gary is sending a message to Patricia. He wants to ensure that nobody tampers with the message while it is in transit. What goal of cryptography is Gary attempting to achieve?

Integrity

Jacob is conducting an audit of the security controls at an organization as an independent reviewer. Which question would NOT be part of his audit?

Is the security control likely to become obsolete in the near future?

Which of the following would NOT be considered in the scope of organizational compliance efforts?

Laws

When should an organization's managers have an opportunity to respond to the findings in an audit?

Managers should include their responses to the draft audit report in the final audit report.

Brian needs to design a control that prevents piggybacking, only allowing one person to enter a facility at a time. What type of control would best meet this need?

Mantraps

What term describes the longest period of time that a business can survive without a particular critical system?

Maximum tolerable downtime (MTD)

Which agreement type is typically less formal than other agreements and expresses areas of common interest?

Memorandum of understanding (MOU)

Which security testing activity uses tools that scan for services running on systems?

Network mapping

When Patricia receives a message from Gary, she wants to be able to demonstrate to Sue that the message actually came from Gary. What goal of cryptography is Patricia attempting to achieve?

Nonrepudiation

Which of the following allows a certificate authority (CA) to revoke a compromised digital certificate in real time?

Online Certificate Status Protocol (OCSP)

Which regulatory standard would NOT require audits of companies in the United States?

Personal Information Protection and Electronic Documents Act (PIPEDA)

Roger's organization received a mass email message that attempted to trick users into revealing their passwords by pretending to be a help desk representative. What category of social engineering is this an example of?

Phishing

Hilda is troubleshooting a problem with the encryption of data. At which layer of the OSI Reference Model is she working?

Presentation

Violet deploys an intrusion prevention system (IPS) on her network as a security control. What type of control has Violet deployed?

Preventive

Marguerite is creating a budget for a software development project. What phase of the system life cycle is she undertaking?

Project initiation and planning

Christopher is designing a security policy for his organization. He would like to use an approach that allows a reasonable list of activities but does not allow other activities. Which permission level is he planning to use?

Prudent

What is NOT a goal of information security awareness programs?

Punish users who violate policy

Beth is conducting a risk assessment. She is trying to determine the impact a security incident will have on the reputation of her company. What type of risk assessment is best suited to this type of analysis?

Qualitative

Which approach to cryptography provides the strongest theoretical protection?

Quantum cryptography

Which data source comes first in the order of volatility when conducting a forensic investigation?

RAM

Alan is the security manager for a mid-sized business. The company has suffered several serious data losses when mobile devices were stolen. Alan decides to implement full disk encryption on all mobile devices. What risk response did Alan take?

Reduce

Which activity is an auditor least likely to conduct during the information-gathering phase of an audit?

Report Writing

What is the correct order of steps in the change control process?

Request, impact assessment, approval, build/test, implement, monitor

What term describes the risk that exists after an organization has performed all planned countermeasures and controls?

Residual risk

Which item is an auditor least likely to review during a system controls audit?

Resumes of system administrators

What is NOT a symmetric encryption algorithm?

Rivest-Shamir-Adelman (RSA)

Emily is the information security director for a large company that handles sensitive personal information. She is hiring an auditor to conduct an assessment demonstrating that her firm is satisfying requirements regarding customer private data. What type of assessment should she request?

SOC 3

In what type of attack does the attacker send unauthorized commands directly to a database?

SQL injection

What firewall approach is shown in the figure?

Screen subnet

Gina is preparing to monitor network activity using packet sniffing. Which technology is most likely to interfere with this effort if used on the network?

Secure Sockets Layer (SSL)

Isaac is responsible for performing log reviews for his organization in an attempt to identify security issues. He has a massive amount of data to review. What type of tool would best assist him with this work?

Security information and event management (SIEM) - Software and devices that assist in collecting, storing, and analyzing the contents of log files.

Karen is designing a process for issuing checks and decides that one group of users will have the authority to create new payees in the system while a separate group of users will have the authority to issue checks to those payees. The intent of this control is to prevent fraud. Which principle is Karen enforcing?

Separation of duties

Biyu is making arrangements to use a third-party service provider for security services. She wants to document a requirement for timely notification of security breaches. What type of agreement is most likely to contain formal requirements of this type?

Service level agreement (SLA)

Which intrusion detection system strategy relies upon pattern matching?

Signature Detection

Barbara is investigating an attack against her network. She notices that the Internet Control Message Protocol (ICMP) echo replies coming into her network far exceed the ICMP echo requests leaving her network. What type of attack is likely taking place?

Smurf Smurf attack - A network attack in which forged Internet Control Message Protocol (ICMP) echo request packets are sent to IP broadcast addresses from remote locations to generate DoS attacks.

Joe is responsible for the security of the industrial control systems for a power plant. What type of environment does Joe administer?

Supervisory Control and Data Acquisition (SCADA)

What type of network device normally connects directly to endpoints and uses MAC-based filtering to limit traffic flows?

Switch

Which set of characteristics describes the Caesar cipher accurately?

Symmetric, stream, substitution

What is NOT generally a section in an audit report?

System configurations

What type of security monitoring tool would be most likely to identify an unauthorized change to a computer system?

System integrity monitoring

Aditya is attempting to classify information regarding a new project that his organization will undertake in secret. Which characteristic is NOT normally used to make these type of classification decisions?

Threat

Which type of cipher works by rearranging the characters in a message?

Transposition

What is NOT an effective key distribution method for plaintext encryption keys?

Unencrypted email

Bob has a high-volume virtual private network (VPN). He would like to use a device that would best handle the required processing power. What type of device should he use?

VPN concentrator

What is the only unbreakable cipher when it is used properly?

Vernam

Val would like to isolate several systems belonging to the product development group from other systems on the network, without adding new hardware. What technology can she use?

Virtual LAN (VLAN)

Adam is evaluating the security of a web server before it goes live. He believes that an issue in the code allows an SQL injection attack against the server. What term describes the issue that Adam discovered?

Vulnerability

Which control is NOT an example of a fault tolerance technique designed to avoid interruptions that would cause downtime?

Warm site

In what software development model does activity progress in a lock-step sequential process where no phase begins until the previous phase is complete?

Waterfall

Gary is configuring a smartphone and is selecting a wireless connectivity method. Which approach will provide him with the highest speed wireless connectivity?

Wi-Fi

What type of network connects systems over the largest geographic area?

Wide area network (WAN)

What standard is NOT secure and should never be used on modern wireless networks?

Wired Equivalent Privacy (WEP)

What wireless security technology contains significant flaws and should never be used?

Wired Equivalent Privacy (WEP)

What is NOT a service commonly offered by unified threat Management (UTM) devices?

Wireless network access

Forensics and incident response are examples of __________ controls.

corrective

A(n) _________ is an event that prevents a critical business function (CBF) from operating for a period greater than the maximum tolerable downtime.

disaster

Purchasing an insurance policy is an example of the ____________ risk management strategy.

transfer