#1 - #10 Combo - CIS 525 - CyberSecurity - McMurtrey - Study for Final Exam

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Which OSI Reference Model layer is responsible for the coding of data? A. Presentation Layer B. Session Layer C. Data Link Layer D. Transport Layer

...

The ___________ framework defines the scope and contents of three levels of audit reports. A. Service Organization Control (SOC) B. permission-level C. real-time monitoring D. zone transfer

___________ refers to the amount of harm a threat can cause by exploiting a vulnerability. A. Impact B. Threat C. Risk D. Incident

system infector

A ________ enables the virus to take control and execute before the computer can load most protective measures.

file infector

A ________ is a type of virus that primarily infects executable programs.

What is meant by digital subscriber line (DSL)?

A high-speed digital broadband service that uses copper cabling for Internet access.

Which of the following is the definition of network address translation ?

A method of IP address assignment that uses an alternate, public IP address to hide a system's real IP address.

Which of the following is the definition of hub?

A network device that connects network segments, echoing all received traffic to all other ports.

Vulnerability

A weakness in the system that can be exploited to cause harm.

________ is the process of managing changes to computer/device configuration or application software.

Change conrol

The cryptanalyst can encrypt any information and observe the output.

Chosen-plaintext attack

The cryptanalyst has access only to a segment of encrypted data, and has no choice as to what that data may be.

Ciphertext-only attack (COA)

____________ is the practice of hiding data and keeping it away from unauthorized users.

Cryptography

___________ is the duty of every government that wants to ensure its national security.

Cybersecurity

________ is the act of unscrambling ciphertext into plaintext.

Decryption

Dynamic Host Configuration Protocol (DHCP)

T/F The weakest link in the security of an IT infrastructure is the server.

False

T/F Until the mid-1980s, personal and business communications involved three primary tools: telephone, answering machines and voicemail, and the Internet.

False

Unlike other organizations that specifically focus on engineering or technical aspects of computing and communication, the __________ primarily addresses standards that support software development and computer system operation.

ISO

Which of the following is the definition of false negative?

Incorrectly identifying abnormal activity as normal.

Which of the following adequately defines continuous authentication?

An authentication method in which a user is authenticated at multiple times or event intervals.

Black-hat Hacker

An individual who tries to break IT security and gain access to systems without authorization.

Wire Tapping: Active ~ Between-The-Lines

An unauthorized user that does not alter the original messages but inserting additional messages in between lines.

attacks against productivity and performance

Another way that malicious code can threaten businesses is by using mass bulk e-mail (spam), spyware, persistence cookies, and the like,consuming computing resources and reducing user productivity. These are known as ________.

It's essential to match your organization's required __________ with its security structure. A. monitoring B. permission level C. operating system D. recommendations

Which of the following is the definition of anomaly-based IDS? A. An intrusion detection system that compares current activity with stored profiles of normal (expected) activity. B. The state of a computer or device in which you have turned off or disabled unnecessary services and protected the ones that are still running. C. An intrusion detection system that uses pattern matching and stateful matching to compare current traffic with activity patterns (signatures) of known network intruders. D. Using tools to determine the layout and services running on an organization's systems and networks.

Gives priorities to the functions an organization needs to keep going

Businees Continuity Plan

What is meant by certification? A. The formal acceptance by the authorizing official of the risk of implementing the system. B. A strategy to minimize risk by rotating employees between various systems or duties. C. The technical evaluation of a system to provide assurance that you have implemented the system correctly. D. A group that is responsible for protecting sensitive data in the event of a natural disaster or equipment failure, among other potential emergencies.

What name is given to a method of developing software that is based on small project iterations, or sprints, instead of long project schedules? A. baseline B. waterfall model C. agile development D. sprint

Connecting your computers or devices to the ________ immediately exposes them to attack.

Internet

Procedure

Mechanisms that implement the policy (One for each policy).

Obtaining the coveted CAE/IAE or CAE/R designation means the curriculum and research institutions meet or exceed the standards defined by the _______.

NSA

_______________ enables you to prevent a party from denying a previous statement or action.

Nonrepudiation

________ provides information on what is happening as it happens.

Real-time monitoring

________ is the difference between the security controls you have in place and the controls youneed to have in place in order to address all vulnerabilities.

Security gap

False

The National Institute of Standards and Technology (NIST) is the main United Nations agency responsible for managing and promoting information and technology issues.

True

The main purpose of security training courses is to rapidly train students in one or more skills, or to cover essential knowledge in one or more specific areas.

four-year

The standard bachelor's degree is a __________ program.

A compliance liaison works with each department to ensure that it understands, implements, and monitors compliance in accordance with the organization's policies.

True

T/F The term security kernel database describes a database made up of rules that determine individual users' access rights.

True

T/F Voice and data traffic should be segmented on different backbone links to optimize performance, segment voice, and data traffic on separate GigE or 10GigEfiber-optic trunks.

True

Policy

Written formal statements that outline the rules (do/don't s) to secure a system.

A botnet consists of a network of compromised computers that attackers use to launch attacks and spread malware.

a botnet

Which of the following describes the Family Educational Rights and Private ACT?

a law that protects the private data of students

An intrusion detection system that uses pattern matching and stateful matching to compare current traffic with activity patterns (signatures) of known network intruders.

anomaly-based IDS?

A ___________ gives priorities to the functions an organization needs to keep going.

business continuity plan (BCP)

A___________ primarily addresses the processes, resources, equipment,and devices needed to continue conducting critical business activities when an interruption occurs that affects the business's viability.

business continuity plan (BCP)

A ___________ is a formal analysis of an organization's functions and activities that classifies them as critical or noncritical.

business impact analysis (BIA)

What term is used to describe streamlining processes with automation or simplified steps?

business process engineering

The software in a phone system that performs the call switching from an inboundtrunk to a phone extension

call control

The technical evaluation of a system to provide assurance that you have implemented the system correctly

certification

What or who is the individual or team responsible for performing the security test and evaluation for the system and for preparing the report for the AO on the risk of operating the system?

certifier

The purpose of ________ is to provide formal training courses that lead to a certificate or professional certification and not a degree.

continueing education

An educational program that is generally associated with a college or university that provides formal courses that do not lead to degrees is the definition of ________.

continuing education

_______ means only authorized users can change information and deals with the validity and accuracy of data.

integrety

Connecting your computers or devices to the ---- immediately exposes them to attack

internet

The physical part of the LAN Domain includes a __________, which is an interface between the computer and the LAN physical media.

network interface card (NIC)

________ uses various controls to reduce identified risks. These controls might be administrative, technical, or physical.

risk mitigation

The process of managing risks starts by identifying __________.

risks

_____________ is the process of dividing a task into a series of unique activities performed by different people, each of whom is allowed to execute only one part of the overall task.

separation of duties

Backdoor

A direct and easy access to a system.

E-commerce changed how businesses sell, and the --- change how they market

...

The number of possible keys to a cipher is a ___________. A. checksum B. cryptosystem C. keyspace D. key directory

...

Which OSI Reference Model layer uses Media Access Control (MAC) addresses? Device manufacturers assign each hardware device a unique MAC address. A. Data Link Layer B. Presentation Layer C. Transport Layer D. Session Layer

...

________ is a suite of protocols designed to connect sites securely using IP networks. A. Dynamic Host Configuration Protocol (DHCP) B. Network access control (NAC) C. Point-to-Point Tunneling Protocol (PPTP) D. Internet Protocol Security (IPSec)

...

Threat Model

1. Asset 2. Vulnerability 3. Threat 4. Risk

A countermeasure, without a corresponding __________, is a solution seeking a problem; you can never justify the cost. A. risk B. control C. event D. response

7 billion

As of 2013, Cisco estimated that there were more than________ devices connected to the Internet.

________ attack countermeasures such as antivirus signature files or integrity databases.

Retro viruses

In a ________, the attacker sends a large number of packets requesting connections to the victim computer.

SYNflood

The tunnel can be created between a remote workstation using the public Internet and a VPN router or a secure browser and ________ Web site.

Secure Sockets Layer virtual private network (SSL-VPN)

Threat

Something or someone that can cause harm.

Asset

Something that needs to be protected.

What is meant by annual rate of occurrence (ARO)?

The annual probability that a stated threat will be realized.

T/F System owners are in control of data classification.

False

What name is given to a U.S. federal law that requires U.S. government agencies to protect citizens private data and have proper security controls in place?

Federal Information Security Management Act

What name is given to a U.S. federal law that requires U.S. government agencies to protect citizens' private data and have proper security controls in place?

Federal Information Security Management Act (FISMA) Encryption

smurf attack

In a _________, attackers direct forged Internet Control Message Protocol (ICMP) echo-request packets to IP broadcast addresses from remote locations to generate denial of service attacks.

T/F A physically constrained user interface isa user interface that does not provide a physical means of entering unauthorized information.

True

T/F A way to protect your organization from personnel-related security violationsis to use job rotation. This minimizes risk by rotating employees among various systems or duties, which prevents collusion.

True

T/F An attacker will use exploit software when performing vulnerability assessments and intrusive penetration testing.

True

T/F AnSOC 1 report is commonly implemented for organizations that must comply with Sarbanes-Oxley (SOX) or the Gramm-Leach-Bliley Act (GLBA).

True

T/F Even though 3G networks provided mobile devices with connection capabilities similar to those of wired networks, they still did not use true IP network addressing.

True

T/F Having too many risks in the risk register is much better than overlooking any severe risk that does occur.

True

T/F In 2011, the United States ranked second globally as a source of network attacks and highest as a source of attacks in North America, even if they originate outside the United States.

True

T/F The process of managing the baseline settings of a system device is the definition of configuration control.

True

A type of virus that infects other files and spreads in multiple ways.

What is meant by multiparite virus

no standard time frame

With university doctoral programs, completing the degree requirements takes ________.

________is a one-way calculation of information that yields a result usually much smaller than the original message.

Checksum

An organization's facilities manager is often responsible for ---

Physical Access Control

In a ________, the cryptanalyst can encrypt any information and observe the output. This is best for the cryptanalyst.

Chosen-plaintext attack

The total number of errors divided by the total number of bits transmitted is the definition of

bit error rate

Industry Data Classifications

1. Private Data 2. Confidential Data 3. Internal Data 4. Public Data

U.S. Dept. of Defense Data Classifications

1. Top Secret 2. Secret 3. Confidential 4. Unclassified

Which of the following is the definition of net cat?

A network utility program that reads from and writes to network connections.

Which of the following is the definition of guideline?

A recommendation to purchase or how to used a product or system

________ is a document produced by the IETF thatcontains standards as well as other specifications or descriptive contents.

A request for comments (RFC)

Which of the following best describes quantitative risk analysis?

A risk-analysis method that uses mathematical formulas and numbers to assist in ranking risk severity.

OS Fingerprint Scanner

A software program that allows an attacker to send logon packets to a IP host device.

Protocol Analyzer

A software program that enables a computer to monitor and capture network traffic.

Vulnerability Scanner

A software program that identifies and detects what operating system and software is installed on an IP host device.

Which of the following is the definition of continuing professional education (CPE)?

A standard unit of credit that equals 50 minutes of instruction.

______ is a method that black-hat hackers use to attempt to compromise logon and password access controls, usually following a specific attack plan, including the use of social engineering to obtain user information.

Brute-force password atack

________ is a method that black-hat hackers use to attempt to compromise logon and password access controls, usually following a specific attack plan, including the use of social engineering to obtain user information.

Brute-force password attack

A threat source can be a situation or method that might accidentally trigger a(n) ____________. A. event B. incident C. vulnerability D. control

Audits also often look at the current configuration of a system as a snapshot in time to verify that it complies with ________. A. controls B. management C. standards D. plan

Cryptography accomplishes four security goals: confidentiality, integrity, authentication, and ________________. A. security B. privacy C. nonrepudiation D. reliability

It is necessary to create and/or maintain a plan that makes sure your company continues to operate in the face of disaster. This is known as a ________. A. critical business function B. disaster plan C. business continuity plan D. risk management plan

Security audits help ensure that your rules and __________ are up to date, documented, and subject to change control procedures. A. applications B. mitigation activities C. configurations D. recommendations

The process of managing the baseline settings of a system device is called ________. A. guideline B. baseline C. configuration control D. sprint

A U.S. standards organization whose goal is to empower its members and constituents to strengthen the U.S. marketplace position in the global economy, while helping to ensure the safety and health of consumers and the protection of the environment.

ANSI

Wire Tapping: Active ~ Piggyback-Entry

Actual communication is changed and routed through a different server.

A security awareness program includes

All: teaching employees about security objectives motivating users to comply with security policies informing users about trends and threats in society

The ________ is aU.S. standards organization whose goal is to empower its members and constituents to strengthen the U.S. marketplace position in the global economy, while helping to ensure the safety and health of consumers and the protection of the environment.

American National Standards Institute

Exploit Software

An application that incorporates known software vulnerabilities to "exploit" a weakness of an IP host device or computer system.

________gives you the opportunity to review your risk-management program and toconfirm that the program has correctly identified and reduced (or otherwise addressed)the risks to your organization.

An audit

Which of the following describes an asynchronous token?

An authentication token used to process challenge-response authentication with a server. It takes the server's challenge value and calculates a response. The user enters the response to authenticate a connection.

White-hat Hacker

An authorized professional who identify vulnerabilities and perform penetration testing.

Which of the following is the definition of Vigenerecipher?

An encryption cipher that uses multiple encrytpion cschemes in succession.

Grey-hat Hacker

An intermediate-skilled hacker who could become a black-hat hacker or white-hat hacker.

Which of the following is the definition of anomaly-based IDS?

An intrusion detection system that compares current activity with stored profilesof normal (expected) activity.

Which of the following is the definition of pattern-based IDS?

An intrusion detection system that uses pattern matching and state full matching to compare current traffic with activity patterns (signatures) of known network intruders.

Wire Tapping: Passive

An unauthorized user listening to communication without changing the data.

Security Breach

Any event that results in a violation of any of the C-I-A security tenants.

Which OSI Reference Model layer includes all programs on a computer that interact with the network?

Application Layer

The process of issuing keys to valid users of a cryptosystem so they can communicate.

key distribution

The number of possible keys to a cipher is a

keyspace

A ________ is a collection of computers connected to one another or to a common connection medium.

local area network (LAN)

Loss of financial assets due to ________ is a worst-case scenario for all organizations.

malicious attacks

When you accept a --- you take no further steps to resolve

negative risk

What is the process of using tools to determine the layout and services running on an organization's systems and networks?

network mapping

Distributed Denial of Service (DDoS) Attack

Attackers hijack Internet computers to plant automated attack agents to bombard a site with forged messages by each computer.

What is necessary because of potential liability, negligence, mandatory regulatory complicance?

Audits

---- is an authorization method in which access to resources is decided by the user's formal status.

Authority - level policy

________ is an authorization method in which access to resources is decided by the user's formal status.

Authority-level policy

A(n) ________ is a measurable occurrence that has an impact on the business. A. corrective control B. event C. cost D. critical business function

An attacker or event that might exploit a vulnerability is a(n) ____________. A. incident B. threat source C. cost D. Hacker

As your organization evolves and as threats mature, it is important to make sure your __________ still meet(s) the risks you face today. A. configuration B. controls C. monitoring D. settings

How your organization responds to risk reflects the value it puts on its ___________. A. environment B. assets C. technology D. vulnerability

What is meant by authorizing official (AO)? A. An individual to enact changes in response to reported problems. B. The process of managing changes to computer/device configuration or application software. C. A senior manager who reviews a certification report and makes the decision to approve the system for implementation. D. A mandated requirement for a hardware or software solution that is used to deal with a security risk throughout the organization

A ___________ is a software program that performs one of two functions: brute-forcepassword attack to gain unauthorized access to a system,or recovery of passwords stored in a computer system.

password cracker

It's essential to match your organization's required __________ withits security structure.

permission level

If VoIP traffic needs to traverse through a WAN with congestion, you need

quality of service (QOS)

If VoIP traffic needs to traverse through a WAN with congestion, you need

quality of service (QoS)

The goal of --- is to quantify possible outcomes of risks, determine probabilities of outcomes, identify high impact risks and develop plans based on risks

quantitative risk analysis

The goal of ____________ is to quantify possible outcomes of risks, determine probabilities of outcomes, identify high-impact risks, and develop plans based on risks.

quantitative risk analysis

Enacting changes in response to reported problems is called

reactive change managment

Voice and unified communications are ________ applications that use 64-byte IP packets.

real-time

What name is given to any risk that exists but has a defined response?

residual risk

________ attack countermeasures such as antivirus signature files or integrity databases.

retro virus

________ is arisk management phase that includes assessment of various types of controls to mitigate the identified risks, selection of a control strategy, and justification of choice of controls.

risk assessment

SOC 2 and SOC 3 reports both address primarily ________-related controls.

security

Today, people working in cyberspace must deal with new and constantly evolving ________.

threats

Today, people working in cyberspace must deal with new and constantlyevolving ________.

threats

RTO identifies the maximum allowable ________ to recover the function.

time

Network devices can implement ___________ to better support VoIP and SIP IP packets and reduce dropped calls and delays.

traffic prioritization

Because personnel are so important to solid security, one of the best security controls you can develop is a strong security --- and awareness program

training

Because personnel are so important to solid security, one of the best security controls you can develop is a strong security ___________ and awareness program.

training

Initiating changes to avoid expected problems is the definition of proactive change managment

true

Mandatory access control (MAC) isa means of restricting access to an object based on the object's classification and the user's security clearance.

true

One of the OSI Reference Model layers, the Network Layer, is responsible for the logical implementation of the network.

true

One of the most important parts of a FISMA information security program is that agencies test and evaluate it.

true

The ANSI produces standards that affect nearly all aspects of IT.

true

The traceroute command displays the path that a particular packet follows so you can identify the source of potential network problems.

true

As users upgrade LANs to GigE or 10GigE, switches must support ________ and data IP traffic.

voice

procrastination

"There are so many demands on your time, it is often difficult to justify setting aside time to study. Also, you may find that self-study takes more time than you planned."This is a disadvantage to choosing the self-study option that can be labeled ________.

This appliance examines IP data streams for common attack and malicious intent patterns

(IDS)

Systems Security Certified Practitioner

(ISC)2 offers the ________ credential, which is ideal for those who are working toward or already hold positions as senior network security engineers, senior security systems analysts, or senior security administrators. It covers the seven domains of best practices for information security.

Certified Secure Software Lifecycle Professional

(ISC)2 offers the ________________ credential, which is one of the few credentials that address developing secure software. It evaluates professionals for the knowledge and skills necessary to develop and deploy secure applications.

The tunnel can be created between a remote workstation using the public internet and VPN router and a --- web site

(SSL - VPN)

What term is used to describe a type of cryptography that uses a cipher with two separate keys, one for encryption and one for decryption, so that correspondents do not first have to exchange secret information to communicate securely? A. hash B. key distribution C. asymmetric key cryptography D. symmetric key cryptography

...

Which OSI Reference Model layer creates, maintains, and disconnects communications that take place between processes over the network? A. Presentation Layer B. Session Layer C. Data Link Layer D. Transport Layer

...

Which OSI Reference Model layer includes all programs on a computer that interact with the network? A. Presentation Layer B. Session Layer C. Network Layer D. Application Layer

...

Which OSI Reference Model layer is responsible for transmitting information on computers connected to the same local area network (LAN)? A. Presentation Layer B. Session Layer C. Data Link Layer D. Transport Layer

...

Which OSI Reference Model layer must translate the binary ones and zeros of computer language into the language of the transport medium? A. Data Link Layer B. Transport Layer C. Session Layer D. Physical Layer

...

Which of the following is not a type of authentication?

...

Which of the following is the definition of hub? A. A device that connects two or more networks and selectively interchanges packets of data between them. B. A network device that connects network segments, echoing all received traffic to all other ports. C. A firewall device that examines the state of a connection as well as simple address, port, and protocol rules to determine how to process a packet. D. A suite of protocols designed to connect sites securely using IP networks.

...

Without any knowledge of the key, an attacker with access to an encrypted message and the decryption cipher could try every possible key to decode the message. This is referred to as ________. A. decryption B. breaking codes C. brute-force attack D. cryptanalysis

...

________ allows the computer to get its configuration information from the network instead of the network administrator providing the configuration information to the computer. It provides a computer with an IP address, subnet mask, and other essential communication information, simplifying the network administrator's job. A. Internet Protocol Security (IPSec) B. Dynamic Host Configuration Protocol (DHCP) C. Point-to-Point Tunneling Protocol (PPTP) D. Internet Control Message Protocol (ICMP)

...

________ is a one-way calculation of information that yields a result usually much smaller than the original message. A. Caesar cipher B. Checksum C. Hash D. Symmetric key

...

_________ was developed for organizations such as insurance and medical claims processors, telecommunication service providers, managed services providers, and credit card transaction processing companies. A. Real-time monitoring B. Gray-box testing C. SAS 70 D. White-box testing

...

_______________ enables you to prevent a party from denying a previous statement or action. A. Authentication B. Integrity C. Nonrepudiation D. Confidentiality

...

The name given to a group that is responsible for protecting sensitive data in the event of a natural disaster or equipment failure, among other potential emergencies, is ________. A. emergency operations group B. security event team C. guideline control D. security administration

file infector

A ________ is a virus that attacks and modifies executable programs (like COM, EXE, SYS, and DLL files).

firewall

A ___________ controls the flow of traffic by preventing unauthorized network traffic from entering or leaving a particular portion of the network.

logic bomb

A ___________ is a program that executes a malicious function of some kind when it detects certain conditions.

phishing attack

A ____________ tricks users into providing log-on information on what appears to be a legitimate Web site but is in fact a Web site set up by an attacker to obtain this information.

firewall

A _____________ contains rules that define the types of traffic that can come and go through a network.

Which of the following is the definition of botnet?

A botnet consists of a network of compromised computers that attackers use to launch attacks and spread malware.

What is the project Management Body of Knowledge ?

A collection of the knowledge and best practices of the project management profession

What is the Project Management Body of Knowledge (PMBOK)?

A collection of the knowledge and best practices of the project management profession.

Denial of Service (DoS) Attack

A coordinated attempt to deny service by causing a computer to perform an unproductive task.

What is meant by multi-tenancy?

A database feature that allows different groups of users to access the database without being able to access each other's data.

packet-filtering firewall

A firewall that examines each packet it receives and compares the packet to a list of rules configured by the network administrator is the definition of ________.

Downtime -> Unintentional ->

1. Human Error 2. System Failure 3. Attack (DoS)

What assets do we need to protect?

1. IT infrastructure 2. Intellectual property 3. Financial information 4. Service availability and productivity 5. Reputation

network access control (NAC)

A method to restrict access to a network based on identity or other rules is the definition of ________.

What term is used to describe a benchmark used to make sure that a system provides a minimum level of security across multiple applications and across different products? A. configuration control B. functional policy C. baseline D. authorizing official (AO)

Which of the following is the definition of guideline? A. A method of developing software that is based on small project iterations, or sprints, instead of long project schedules. B. Recorded information from system events that describes security-related activity. C. A recommendation to purchase or how to use a product or system. D. A senior manager who reviews a certification report and makes the decision to approve the system for implementation.

________ gives you the opportunity to review your risk-management program and to confirm that the program has correctly identified and reduced (or otherwise addressed) the risks to your organization. A. Penetration testing B. Real-time monitoring C. An audit D. Vulnerability testing

________ is the process of managing changes to computer/device configuration or application software. A. Sprint B. Procedure control C. Change control D. Proactive change management

________ states that users must never leave sensitive information in plain view on an unattended desk or workstation. A. Procedure management B. Emergency operations policy C. Clean desk/clear screen policy D. Security administration policy

___________ is the likelihood that a particular threat exposes a vulnerability that could damage your organization. A. Backup B. Incident C. Risk D. Preventive control

Which OSI Reference Model layer uses Media Access Control (MAC) addresses?Device manufacturers assign each hardware device a unique MAC address.

Data Link Layer

What name is given to an encryption cipher that is a product cipher with a 56-bit key consisting of 16 iterations of substitution and transformation?

Data encryption standard

Which OSI Reference Model layer uses Media Access Control (MAC) addresses?Device manufacturers assign each hardware device a unique MAC address.

DataLink Layer

True

Employers do use certifications to help assess prospects, but the best assessment is the prospect's actual performance.

___________ is the process of transforming data from cleartext into ciphertext.

Encryption

Software vendors must protect themselves from liabilities of their own vulnerabilities with a

End-User License Agreement (

Software vendors must protect themselves from the liabilities of their own vulnerabilities with a(n) ____________.

End-User License Agreement (EULA)

_______ is the proportion of value of a particular asset likely to be destroyed by a given risk,expressed as a percentage.

Exposure factor (EF)

________represents the percentage of the asset value that will be lost if an incident were to occur.

Exposure factor (EF)

Which regulating agency has oversight for the Children's Internet Protection ACt?

FCC

Most educational institutions offer accelerated programs to complete PhD degree requirements in less than one year.

False

Students who have had their FERPA rights violated are allowed to sue a school for that violation.

False

T/F A time-based synchronization system is a mechanism that limits access to computer systems and network resources.

False

T/F An organization can choose to plan for any interruption time frame, but in many BIAs, restoration plans assume that access to primary resources will not be possible for at least 60 days.

False

T/F Annual loss expectancy (ALE) means the process of identifying, assessing, prioritizing, and addressing risks.

False

T/F Authority-level policy is adatabase feature that allows different groups of users to access the database without being able to access each other's data.

False

T/F Role-based access control (RBAC) means limiting users' access to database views, as opposed to allowing users to access data in database tables directly.

False

T/F Successfully connecting to a computer using a modem makes it impossible to access the rest of the organization's network.

False

T/F The Delphi method is the estimated loss due to a specific realized threat. The formula to calculate this loss is =SLE × ARO.

False

T/F The audit itself sets new policies.

False

T/F The difference between black-hat hackers and white-hat hackers is that black-hat hackers are mainly concerned with finding weaknesses for the purpose of fixing them, and white-hat hackers want to find weaknesses just for the fun of it or to exploit them.

False

T/F The network security group is responsible for the Internet-to-WAN Domain.

False

T/F The up-to-date Common Vulnerabilities & Exposure list is maintained and managed by the U.S. Department of Finance.

False

__________ tests interrupt the primary data center and transfer processing capability to an alternate site.

Full-interruption

Keystroke Logger

Hardware or software that can record every keystroke a user makes on a keyboard into a log file.

SYN flood attack

In a __________, the attacker uses IP spoofing to send a large number of packets requesting connections to the victim computer. These appear to be legitimate but in fact reference a client system that is unable to respond.

The ________ is the main United Nations agency responsible for managing and promoting information and technology issues.

Internation Telecommunication Union

The _____________ is the preeminent organization for developing and publishing international standards for technologies related to electrical and electronic devices and processes.

International Electrotechnical Commission

E-commerce changed how businesses sell, and the ________ changed how they market.

Internet

A standards organization that develops and promotes Internet standards.

Internet Engineering Task Force

________ is asuite of protocols designed to connect sites securely using IP networks.

Internet Protocol Security (IPSec)

In a --- , the cryptanalyst possesses certain pieces of information before and after encryption

Known plaintext attack

The cryptanalyst processes certain pieces of information before and after encryption.

Known-plaintext attack (KPA)

This represents the fourth layer of defense for a typical IT infrastructure

LAN - to - WAN Domain

The ____________ represents the fourth layer of defense for a typical IT infrastructure.

LAN-to-WANDomain

A ________ examines the network layer address and routes packets based on routing protocol path determination decisions.

Layer 3 switch

availability

Malicious code attacks all three information security properties. Malware can erase or overwrite files or inflict considerable damage to storage media. This property is ________.

In a _____, cryptanalysts submit data coded with the same cipher and key they are trying to break to the decryption device to see either the plaintext output or the effect the decrypted message has on some system

Chosen-ciphertext attack

In a ________, cryptanalysts submit data coded with the same cipher and key they are trying to break to the decryption device to see either the plaintext output or the effect the decrypted message has on some system.

Chosen-ciphertext attack

_____ is a special case, It is relevant in asymmetric key system and has functions.

Chosen-ciphertext attack

There are four basic forms of a cryptographic attack. In a ________, the cryptanalyst has access only to a segment of encrypted data, and has no choice as to what that data mightbe.

Ciphertext-only attack (COA)

________ states that users must never leave sensitive information in plain view on an unattended desk or workstation.

Clean desk/clear screen policy

Information Security

Collection of activities that protect information systems and the data stored in it.

entry-level information security certification of choice for IT professionals

Comp TIA's Security+ certification provides ________.

A federal agency within the U.S. Department of Commerce whose mission is to "promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life."

NIST

A _____________ is a flaw or weakness in a system's security procedures, design, implementation, or internal controls. A. threat B. impact C. risk D. vulnerability

Audits are necessary because of ________. A. potential liability B. negligence C. mandatory regulatory compliance D. all of the above

What or who is the individual or team responsible for performing the security test and evaluation for the system and for preparing the report for the AO on the risk of operating the system? A. remediation B. certifier C. compliance liaison D. system owners

DHCP

Which OSI Reference Model layer is responsible for transmitting information on computers connected to the same local area network (LAN)?

Data Link Layer

What term is used to describe a type of virus that includes a separate encryption engine that stores the virus body in encrypted format while duplicating the main body of the virus?

polymorphic virus

A --- is a tool used to scan IP host devices for open ports that have been enabled

port scanner

A ___________ is a tool used to scan IP host devices for open ports that have been enabled.

port scanner

What term is used to describe a strategy that uses a device to provide electrical power for IP phones from the RJ-45 8-pin jacks directly to the workstation outlet?

power over Ethernet (Poe)

____________ is a person's right to control the use and disclosure of his or her own personal information.

privacy

Risks apply to specific assets. If you multiply the risk __________ by the cost of the asset, the result is the exposure to a specific risk.

probability

What term is used to describe a set of step-by-step actions to be performed to accomplish a security requirement, process, or objective?

procedure

The four main areas in NIST SP 800-50 are awareness, training, education, and __________________.

profesisonal development

The mode in which sniffers operate; it is nonintrusive and does not generate network traffic. This means that every data packet is captured and can be seen by the sniffer.

promiscuous mode

A countermeasure, without a corresponding __________, is a solution seeking a problem; you can never justify the cost.

risk

___________ is the likelihood that a particular threat exposes a vulnerability that could damage your organization.

risk

Anorganization knows that arisk exists and has decided that the cost of reducing it is higher than the loss would be. This can include self-insuring or using a deductible. This is categorized as ________.

risk acceptance

________ allows anorganization to transfer risk to another entity. Insurance is a common way to reduce risk.

risk assignment

A company can discontinue or decide not to enter a line of business if the risk level is too high. This is categorized as ________.

risk avoidance

What name is given to an access control method that bases access control approvals on the jobs the user is assigned?

role-based access control

A type of malware that modifies or replaces one or more existing programs to hide the fact that a computer has been compormised

rootkit

What name is given to random characters that you can combine with an actual input key to create the encryption key?

salt key

An encrypted channel used for remote access to a server or system, commonly used in Linux and UNIX servers and applications, is the definition of __________.

secure shell (SSH)

The world needs people who understand computer-systems ________ and who can protect computers and networks from criminals and terrorists.

security

The world needs people who understand computer-systems ________ and who can protect computers and networksfrom criminals and terrorists.

security

The--- team's responsibilities include handling events that affect your computers and networks and ultimately can respond rapidly and effectively to any event.

security administration

E-commerce systems and applications demand strict C-I-A ________.

security controls

________ is the difference between the security controls you have in place and the controls you'd to have in place in order to address all vulnerabilities.

security gap

The --- is the central part of a computing environment's hardware, software, and firmware that enforces access control for computer systems

security kernel

SIP is a ___________ protocol used to support real-time communications.

signaling

What name is given to an encryption cipher that uniquely maps any letter to any other letter?

simple substitution cipher

An organization's facilities manager might give you a security card programmed with your employee ID number, also known as a ________.

smart card

A mandated requirement for a hardware or software solution that is used to deal with a security risk throughout the organization

standard

What is the technique of matching network traffic with rules or signatures based on the apprearance of the traffic and its relationship to other packets?

stateful matching

What name is given to a type of virus that uses a number of techniques to conceal itself from the user or detection software?

stealth virus

What term is used to describe communication that doesn't happen in real time but rather consists of messages (voice or e-mail) that are stored on a server and downloaded to endpoint devices?

store-and-forward communications

What term is used to describe communication that doesn't happen in real time but rather consists of messages that are stored on a server and downloaded to endpoint devices?

store-and-forward communications

What term is used to describe a device used as a log on authenticator for remote users of a network?

synchronous token

A ________ enables the virus to take control and execute before the computer can load most protective measures.

system infector

A control that is carried out or managed by a computer system is the definition of ________.

technical control

A method of restricting resource access to specific periods of time is called ---

temporal isolation

A method of restricting resource access to specific periods of time is called ________.

temporal isolation

A --- is any action that could damage an asset that can be natural and or human iduced

threat

A --- is an intent and method to exploit a vulnerability

threat source

An attacker or event that mightexploit a vulnerability is a(n) ____________.

threat source

What name is given to an encryption cipher that rearranges characters or bits of data?

transposition cipher

Unrecognized new processes running, startup messages indicating that new software has been (or is being) installed (registry updating), unresponsiveness of applications to normal commands, and unusual redirection of normal Web requests to unknown sites are all telltale symptoms of a ________.

trojan

A DoS attack is a coordinated attempt to deny service by causing a computer to perform an unproductive task.

true

A certificate of completion is a document that is given to a student upon completion of the program and is signed by the instructor.

true

A way to protect your organization from personnel - related security violations is to use job rotation.

true

An auditing bechmark is the standard by which asystem is compared to determine whether it is securely configured

true

An information security safeguard is also called in informaiton security control

true

An organization must comply with rules on two levels. regulatory compliance and organizational compliance.

true

An organization seeks a balance between an acceptable level of a risk and the cost of reducing it.

true

AnSOC 1 report is commonly implemented for organizations that must complywith Sarbanes-Oxley (SOX) or the Gramm-Leach-Bliley Act (GLBA).

true

Anomaly detection involves developing a network baseline profile of normal or acceptable activity, such as services or traffic patterns, and then measuring actual network traffic againstthis baseline.

true

Border firewalls simply seperate the protected network from the internet

true

Certifications that require additional education generally specity the number of credits each certificate requires

true

Defense in depth combines the capabilities of people, operations, and security technologies to establish multiple layers of protection, eliminating single lines of defense and effectively raising the cost of an attack.

true

ISO 17799 is an international security standard.

true

Information systems security is about ensuring the confidentiality, integrity, and availability of IT infrastructures and the systems they comprise.

true

Ininformation technology, perhaps the best-known ISO standard is the Open Systems Interconnection (OSI) Reference Model. This internationally accepted framework of standards governs how separate computer systems communicate using networks.

true

Residual risk is the risk that remains after you have installed countermeasures and controls.

true

Singe loss expectancy(SLE) means the expected loss for a single threat occurrence. The formula to calculate SLE is SLE = Resource Value x EF

true

Symmetric key cryptography is a type of cryptography that cannot secure correspondence until after the two parties exchange keys.

true

Telephony denial of service (TDoS) is a variation of a denial of service (DoS) attack, but is launched against traditional and packet-based telephone systems. A TDoS attack disrupts an organization's use of its telephone system through a variety of methods.

true

The FTC Safeguards Rule requires a financial institution to create a written information security program that must state how the institution collects and uses customer data. It also must describe the controls used to protect that data.

true

The Family Educational Rights and Privacy Act (FERPA) is the main federal law protecting the privacy of student information.

true

The Internet Architecture Board (IAB) is a subcommittee of the IETF composed of independent researchers and professionals who have a technical interest the overall well-being of the Internet.

true

The Office of Personnel Management (OPM) requires that federal agencies provide the training suggested by the NIST guidelines.

true

The Payment Card Industry Data Security Standard (PCI DSS) is an international standard for handling transactions involving payment cards.

true

The best-known standard that relates to information security is the IEEE 802 LAN/MAN standard family.

true

The current term for online study is distance learning

true

The following are al methods of collecting data: questionnaires, interviews, observation, and checklists.

true

The main purpose of security training courses is to rapidly train students in one or more skills, or to cover essential knowledge in one or more specific areas.

true

The primary characteristic of a virus is that it replicates and generally involves user action of some type

true

The term Bring Your Own Device (BYOD) refers to an organizational policy of allowing or even encouraging employees, contractors, and others to connect their own personal equipment to the corporate network; this offers cost savings and other benefits but also presents security risks.

true

The term detective control refers to a control that determines that a threat has landed in your system.

true

The term remediation refers to fixing something before it is broken, defective, of vulnerable.

true

The term risk management describes the process of identifying, assessing, prioritizing and addressing risks

true

Under CIPA, a technology protection measure is any technology that can block or filter the objectionable content.

true

Unlike viruses, worms do not require a host program in order to survive and replicate.

true

Whereas MS programs prepare students to perform information security work, MBA programs prepare students to manage and maintain the people and environment of information security.

true

spoofing means a type of attack in which one person, program, or computer disguises itself as another person, program, or computer to gain access to some resource.

true

As users upgrade LANs to GigE or 10GigE, switches must support ________and data IP traffic.

voice

A --- is a weakness that allows a threat to be realized

vulnerability

A _____________ is a flaw or weakness in asystem's security procedures, design, implementation, or internal controls.

vulnerability

A threat source can be a situation or method that might accidentally trigger a(n) ____________.

vulnerability

A threate source can be a situation or a method that might accidentally trigger a

vulnerability

Security testing that is based on knowledge of the application's design and source code.

white box testing

Unexplained increases in bandwidth consumption, high volumes of inbound and outbound e-mail during normal activity periods, a sudden increase in e-mail server storage utilization (this may trigger alarmthresholds set to monitor and manage disk/user partition space), and an unexplained decrease in available disk space are all telltale symptoms of a ________.

worm

Social Security numbers, financial account numbers, credit card numbers, and date of birthare examples of __________ as stipulated under GLBA.

NPI

________ is used to describe a property that indicates that a specific subject needs access to a specific object. This is necessary to access the object in addition to possessing the proper clearance for the object's classification.

Need-to-know

reconnaissance

Network ________ is gathering information about a network for use in a future attack.

NSA

Obtaining the coveted CAE/IAE or CAE/R designation means the curriculum and research institutions meet or exceed the standards defined by the _______.

Confidentiality

Only authorized users can view information.

________ is an authentication credential that is generally longer and more complex than a password.

Passphrase

Information Security Procedure

Protect, Detect, and React (Only a problem for integrity)

________ attempts to describe risk in financial terms and put a dollar value on all the elements of a risk.

Quantitative risk analysis

____________ is the amount of time it takes to recover and make a system, application, and data available for use after an outage.

Recover time objective

____________ is the amount of time it takes to recover and make a system, application, and data available for use after an outage.

Recovery time objective (RTO)

the likelyhood that something bad happens to an asset is

Risk

What is ment by constrained user interface?

Software that allows users to enter only specific information.

A ________ enables the virus to take control and execute before the computer can load most protective measures.

System infector

________are viruses that target computer hardware and software startup functions.

System infectors

SYN Flood attack

In a ________, the attacker sends a large number of packets requesting connections to the victim computer

SYN flood

The regulating agency for the Sarbanes-Oxley Act is the ________.

Securities and Exchange Commission

What fills security gaps and software weaknesses?

Testing and quality assurance

True

The Gauss is a measurement of a magnetic field.

True

The Info tech Security Certified Program (SCP) certification programs apply mainly to network security topics and are most appropriate for professionals involved in securing network components within the IT infrastructure.

American National Standards Institute (ANSI)

The ________ is a U.S. standards organization whose goal is to empower its members and constituents to strengthen the U.S. marketplace position in the global economy, while helping to ensure the safety and health of consumers and the protection of the environment.

World Wide Web Consortium (W3C)

The ________ is an organization formed in 1994 to develop and publish standards for the World Wide Web.

IAB

The ________ provides oversight for architecture for Internet protocols and procedures, processes used to create standards, editorial and publication procedures for RFCs, and confirmation of IETF chair and technical area directors. It also provides much of the high-level management and validation of the processes of conducting IETF business.

CISSP-ISSMP®

The ____________ concentration from (ISC)2 contains deeper managerial elements such as project management, risk management, setting up and delivering a security awareness program, and managing a business continuity planning program.

CISSP-ISSEP®

The ____________ concentration from (ISC)2 is the road map for incorporating security into projects, applications, business processes, and all information systems.

Hollings Manufacturing Extension Partnership

The ____________ is a network of centers around the United States that offers technical and business assistance to small- and medium-sized manufacturers.

SYN Flood

The attacker sends a large number of packets requesting connections to the victim computer, filling up their connections table and denying service to legitimate users.

Certified Authorization Professional

The best fits for (ISC)2's_____________ are personnel responsible for developing and implementing processes used to assess risk and for establishing security requirements.

True

The best-known standard that relates to information security is the IEEE 802 LAN/MAN standard family.

What is meant by promiscuous mode?

The mode in which sniffers operate; it is nonintrusive and does not generate network traffic. This means that every data packet is captured and can be seen by the sniffer.

Which of the following is the definition of cipher text?

The opposite of clear text. Data sent as cipher text is not visible and not decipherable.

What is meant by checksum?

The output of a one-way algorithm; a mathematically derived numerical representation of some input.

Which of the following is the definition of system owner?

The person responsible for the daily operation of a system and for ensuring that the system continues to operate in compliance with the conditions set out by the AO.

Cryptography

The practice of hiding the data and keeping it away from unauthorized users.

Which of the following is an accurate description of cloud computing?

The practice of using computing services that are delivered over a network.

Risk

The probability of damage to an asset. (Risk = Vulnerability * Threat)

Which of the following is the definition of access control?

The process of protecting a resource so that it is used only by those allowed to use it; a particular method used to restrict or allow access to resources.

Password Cracker

The process of recovering a password that can be performed by a brute-force attack or dictionary attack.

Encryption

The process of transforming data from clear-text into ciphertext.

True

The purpose of DoD Directive 8570.01 is to reduce the possibility that unqualified personnel can gain access to secure information.

When an information security breach occurs in your organization, a --- helps determine what happened to the system and when.

Security event log

---- is the process of dividing up tasks into a series of unique activities

Separation of duties

What is meant by call control?

The software in a phone system that performs the call switching from an inboundtrunk to a phone extension.

What is meant by certification?

The technical evaluation of a system to provide assurance that you have implemented the system correctly.

The primary difference between SOC 2 and SOC 3 reports is ________.

Their audience

Certain security objectives add value to information systems. _________ provides an exact time when a producer creates or sends information.

Timestamping

Most certifications require certification holders to pursue additional education each year to keep their certifications current.

True

T/F Sprint means one of the small project iterations used in the "agile" method of developing software, in contrast with the usual long project schedules of other ways of developing software.

True

T/F A DoS attack is a coordinated attempt to deny service by causing a computer to perform an unproductive task.

True

T/F A benchmark is the standard by which a system is compared to determine whether it is securely configured. One technique in an audit is to compare the current setting of a computer or device with a benchmark to help identify differences.

True

T/F A physically constrained user interface is a user interface that does not provide a physical means of entering unauthorized information.

True

T/F Initiating changes to avoid expected problems is the definition of proactive change management.

True

T/F Mandatory access control (MAC) isa means of restricting access to an object based on the object's classification and the user's security clearance.

True

T/F Many jurisdictions require audits by law.

True

T/F Resources are protected objects in a computing system, such as files, computers, or printers.

True

T/F SOC 3 reports are intended for public consumption.

True

T/F Single loss expectancy (SLE) means the expected loss for a single threat occurrence. The formula to calculate SLE is SLE= Resource Value × EF.

True

T/F Synchronous token means a device used as a logon authenticator for remote users of a network.

True

T/F The International Information Systems Security Certification Consortium (ISC)2, has two certifications: Systems Security Certified Practitioner (SSCP®) and Certified Information Systems Security Professional (CISSP®). CISSP candidates must pass a difficult and comprehensive exam and have at least 5 years of professional information security experience.

True

T/F The term Bring Your Own Device (BYOD) refers to an organizational policy of allowing or even encouraging employees, contractors, and others to connect their own personal equipment to the corporate network; this offers cost savings and other benefits but also presents security risks.

True

T/F The term clipping level refers to a value used in security monitoring that tells controls to ignore activity that falls below a stated value.

True

The weakest link in the security of an IT infrastructure is the user

True

The regulating agency for the Family Educational Rights and Privacy Act is the ________.

U.S. department of eduacation

Malicious software can be hidden in a ________.

URL link PDF file ZIP file all of the above

This device uses public key infrastructure (PKI) technology—for example, a certificate signed by a trusted certification authority—and doesn't provide one-time passwords.

USBtoken

ANSI

A communication protocol that is connectionless and is popular for exchanging small amounts of data or messages is called ---

User Datagram Protocol (UDP)

Point-to-Point Tunneling Protocol (PPTP)

What name is given to a protocol to implement a VPN connection between two computers?

National Centers of Academic Excellence in Information Assurance Education (CAE/IAE)

What name is given to educational institutions that meet specific federal information assurance educational guidelines?

Network address translation (NAT)

What term is used to describe a method of IP address assignment that uses an alternate, public IP address to hide a system's real IP address?

Wi-Fi Protected Access (WPA)

What term is used to describe the current encryption standard for wireless networks?

True

Whereas MS programs prepare students to perform information security work, MBA programs prepare students to manage and maintain the people and environment of information security.

Architect

Which is Cisco's highest level of certification?

The --- framework defines the scope and content of threelevels of audit reports.

Service Organizaiton Control (SOC)

The ___________ framework defines the scope and contents of three levels of audit reports.

Service Organization Control (SOC)

________ is the basis for unified communications and is the protocol used by real-timeapplications such as IM chat, conferencing, and collaboration.

Session Initiation Protocal (SIP)

--- is the basis for unified communication and is the protocol used by real-time applications such as IM chat, conferencing and collaboration