bcis 4740 final

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

____________________ is the process of making and using codes to secure the transmission of information.

Cryptography

In TCP/IP networking, port __________ is not used.

0

The __________ is a center of Internet security expertise and is located at the Software Engineering Institute, a federally funded research and development center operated by Carnegie Mellon University.

CERT/CC

The __________ is typically considered the top information security officer in the organization.

CISO

The breadth and depth covered in each of the domains makes the __________ one of the most difficult-to-attain certifications on the market.

CISSP

In PKI, the CA periodically distributes a(n) _________ to all users that identifies all revoked certificates.

CRL

__________ are hired by the organization to serve in a temporary position or to supplement the existing workforce.

Temporary employees

True or False: "Unfreezing" in the Lewin change model involves thawing hard-and-fast habits and established procedures.

True

True or False: A chain of custody is the detailed documentation of the collection, storage, transfer, and ownership of evidence from the crime scene through its presentation in court. ___________

True

True or False: A fully distributed IDPS control strategy is an IDPS implementation approach in which all control functions are applied at the physical location of each IDPS component.

True

True or False: A(n) log file monitor is similar to an NIDPS. _________________________

True

True or False: An HIDPS can detect local events on host systems and detect attacks that may elude a network-based IDPS.

True

True or False: An ideal organization fosters resilience to change. _________________________

True

True or False: Ciphertext or a cryptogram is an encoded message, or a message that has been successfully encrypted. _________________________

True

True or False: Corrective action decisions are usually expressed in terms of trade-offs. _________________________

True

True or False: In DNS cache poisoning, valid packets exploit poorly configured DNS servers to inject false information and corrupt the servers' answers to routine DNS queries from other systems on the network.

True

True or False: In some instances, risk is acknowledged as being part of an organization's business process.

True

True or False: Internet Protocol Security (IPSec) is an open-source protocol framework for security development within the TCP/IP family of protocols.

True

True or False: Nonrepudiation means that customers or partners can be held accountable for transactions, such as online purchases, which they cannot later deny.

True

True or False: Once the OS is known, all of the vulnerabilities to which a system is susceptible can easily be determined.

True

True or False: Organizations should have a carefully planned and fully populated inventory of all their network devices, communication channels, and computing devices. _________________________

True

True or False: Planning for the implementation phase of a security project requires the creation of a detailed project plan.

True

True or False: Popular cryptosystems use a hybrid combination of symmetric and asymmetric algorithms.

True

True or False: Security managers accomplish objectives identified by the CISO and resolve issues identified by technicians. _________________________

True

Related to the concept of separation of duties is that of ____________________, the requirement that two individuals review and approve each other's work before the task is categorized as finished.

two-person control

The Lewin change model includes __________.

unfreezing, moving and refreezing

Rehearsals that use plans as realistically as possible are called ____________________ games.

war

The __________ vulnerability assessment is designed to find and document vulnerabilities that may be present in the organization's wireless local area networks.

wireless

Using __________, the system reviews the log files generated by servers, network devices, and even other IDPSs.

LFM

The CISA credential is touted by ISACA as the certification that is appropriate for all but which type of professionals?

accounting

A(n) ____________________ vulnerability scanner is one that initiates traffic on the network in order to determine security holes.

active

__________ are a component of the security triple.

all of the above; threats, vulnerabilities and assets

In ____________________ protocol verification, the higher-order protocols are examined for unexpected packet behavior or improper use.

application

At the center of the bull's-eye model are the ____________________ used by the organization to accomplish its work.

applications

The ____________________ of (ISC)2 program is geared toward those who want to take the CISSP or SSCP exam before obtaining the requisite experience for certification.

associate

Under the guise of justice, some less scrupulous administrators may be tempted to ____________________, or hack into a hacker's system to find out as much as possible about the hacker.

back hack

A performance ____________________ is an expected level of performance against which all subsequent levels of performance are compared.

baseline

Which of the following ports is commonly used for the HTTP protocol?

80

The ISSMP examination is designed to provide CISSPs with a mechanism to demonstrate competence in __________.

All of the above; enterprise security management practices, security management practices, business continuity planning and disaster recovery planning

The __________ layer of the bull's-eye model receives attention last.

Applications

____________________ is the process of reviewing the use of a system, not to check performance but to determine if misuse or malfeasance has occurred.

Auditing

A(n) __________ is used to justify that the project will be reviewed and verified prior to the development of the project plan.

CBA

The International Society of Forensic Computer Examiners (ISFCE) offers which certifications?

CCE and MCCE

In digital forensics, all investigations follow the same basic methodology once permission for search and seizure has been obtained. Which of the following is NOT one of the elements of that process?

Determine whether to "apprehend and prosecute"

__________ are encrypted message components that can be mathematically proven to be authentic.

Digital signatures

__________ is the process of converting an original message into a form that is unreadable to unauthorized individuals.

Encryption

True or False: "Administrators" provide the policies, guidelines, and standards in the Schwartz, Erwin, Weafer, and Briney classification. _________________________

False

True or False: "Builders" in the field of information security provide day-to-day systems monitoring and use to support an organization's goals and objectives.

False

True or False: A background check must always be conducted to determine the level of trust the business can place in a candidate for an information security position.

False

True or False: A passive IDPS response is a definitive action automatically initiated when certain types of alerts are triggered.

False

True or False: A(n) NIDPS functions on the host system, where encrypted traffic will have been decrypted and is available for processing. _________________________

False

True or False: A(n) server-based IDPS protects the server or host's information assets. _________________________

False

True or False: Adopted by NIST in 1976 as a federal standard, DES uses a 64-bit block size and key.

False

True or False: All organizations should designate a champion from the general management community of interest to supervise the implementation of an information security project plan.

False

True or False: An effective information security governance program requires constant change. _________________________

False

True or False: Asymmetric encryption systems use a single key to both encrypt and decrypt a message.

False

True or False: DES was created to offer the same strength as the DES algorithm but ran three times as fast, thus saving time.

False

True or False: Encryption methodologies that require the same secret key to encipher and decipher the message are using what is called public-key encryption. _________________________

False

True or False: Fingerprinting is the organized research of the Internet addresses owned or controlled by a target organization. _________________________

False

True or False: ISSMP stands for Information Systems Security Monitoring Professional. _________________________

False

True or False: In 1953, Giovan Batista Bellaso introduced the idea of the passphrase (password) as a key for encryption.

False

True or False: In general, the design phase is accomplished by changing the configuration and operation of the organization's information systems to make them more secure.

False

True or False: In project planning, the tasks or action steps that come before the specific task at hand are commonly referred to as prerequisites. _________________________

False

True or False: Intrusion detection consists of procedures and systems that identify system intrusions and take action when an intrusion is detected.

False

True or False: Many hiring managers in information security prefer to recruit a security professional who already has proven HR skills and professional experience, since qualified candidates with information security experience are scarce. _________________________

False

True or False: Organizations are not required by law to protect employee information that is sensitive or personal.

False

True or False: Performance management is the process of identifying and controlling the resources applied to a project as well as measuring progress and adjusting the process as progress is made toward the goal. _________________________

False

True or False: S-HTTP is an extended version of Hypertext Transfer Protocol that provides for the encryption of protected e-mail transmitted via the Internet between a client and server. _________________________

False

True or False: The CISA credential is geared toward experienced information security managers and others who may have similar management responsibilities. _________________________

False

True or False: The first step in the work breakdown structure (WBS) approach encompasses activities, but not deliverables.

False

True or False: The general management community of interest must plan for the proper staffing of the information security function. _________________________

False

True or False: The information security function cannot be placed within protective services.

False

True or False: The networks layer of the bull's eye is the outermost ring of the bull's eye.

False

True or False: The systems development life cycle (SDLC) is the overall process of developing, implementing, and retiring information systems through a multistep approach—initiation, analysis, design, implementation, and use. _________________________

False

True or False: The work breakdown structure (WBS) can only be prepared with a complex, specialized desktop PC application.

False

True or False: Threats cannot be removed without requiring a repair of the vulnerability.

False

True or False: To be put to the most effective use, the information that comes from the IDPS must be integrated into the inventory process. _________________________

False

True or False: Within a PKI, a(n) registration authority issues, manages, authenticates, signs, and revokes users' digital certificates, which typically contain the user name, public key, and other identifying information. _________________________

False

True or False: You can document the results of the verification of a vulnerability by saving the results in what is called a(n) profile. _________________________

False

__________ testing is a straightforward testing technique that looks for vulnerabilities in a program or protocol by feeding random input to the program or a network running the protocol.

Fuzz

The Secure ____________________ Standard issued by the National Institute of Standards and Technology specifies secure algorithms, such as SHA-1, for computing a condensed representation of a message or data file.

Hash

__________ is a protocol that can be used to secure communications across any IP-based network such as LANs, WANs, and the Internet.

IPSec

A __________ is a key-dependent, one-way hash function that allows only specific recipients (symmetric key holders) to access the message digest.

MAC

_________ is a hybrid cryptosystem that combines some of the best available cryptographic algorithms and has become the open-source de facto standard for encryption and authentication of e-mail and file storage applications.

PGP

__________ was developed by Phil Zimmermann and uses the IDEA cipher for message encoding.

PGP

__________ is an integrated system of software, encryption methodologies, protocols, legal agreements, and third-party services that enables users to communicate securely.

PKI

The __________ commercial site focuses on current security tool resources.

Packet Storm

Originally released as freeware, ____________________ is a hybrid cryptosystem that combines some of the best available cryptographic algorithms as an open-source de facto standard for encryption and authentication of e-mail and file storage.

Pretty Good Privacy (PGP)

If the task is to write firewall specifications for the preparation of a(n) __________, the planner would note that the deliverable is a specification document suitable for distribution to vendors.

RFP

The __________ is responsible for the fragmentation, compression, encryption, and attachment of an SSL header to the cleartext prior to transmission.

SSL Record Protocol

__________ are the technically qualified individuals tasked to configure firewalls, deploy IDSs, implement security software, diagnose and troubleshoot problems, and coordinate with systems and network administrators to ensure that an organization's security technology is properly implemented.

Security technicians

True or False: The CISO uses the results of maintenance activities and the review of the information security program to determine if the status quo can adequately meet the threats at hand. _________________________

True

True or False: The International Society of Forensic Computer Examiners (ISFCE) offers two levels of certification: the Certified Computer Examiner (CCE) and the Master Certified Computer Examiner (MCCE). _________________________

True

True or False: The optimal time frame for training is usually one to three weeks before the new policies and technologies come online. _________________________

True

True or False: The permutation cipher simply rearranges the values within a block to create the ciphertext.

True

True or False: The primary drawback to the direct changeover approach is that if the new system fails or needs modification, users may be without services while the system's bugs are worked out.

True

True or False: The primary drawback to the direct changeover approach is that if the new system fails or needs modification, users may be without services while the system's bugs are worked out. _________________________

True

True or False: The size of the organization and the normal conduct of business may preclude a large training program on new security procedures or technologies.

True

True or False: The vulnerability database, like the risk, threat, and attack database, both stores and tracks information.

True

True or False: To assist in footprint intelligence collection, attackers may use an enhanced Web scanner that, among other things, can scan entire Web sites for valuable pieces of information, such as server names and e-mail addresses.

True

True or False: To maintain a secure facility, all contract employees should be escorted from room to room, as well as into and out of the facility.

True

True or False: Weak management support, with overly delegated responsibility and no champion, sentences a project to almost-certain failure.

True

True or False: When an estimate is flawed, as when the number of effort-hours required is underestimated, the plan should be corrected and downstream tasks updated to reflect the change.

True

True or False: When possible, major incident response plan elements should be rehearsed. _________________________

True

Which of the following is not one of the categories of positions defined by Schwartz, Erwin, Weafer, and Briney?

User

The analysis step of an Internet vulnerability assessment occurs when a knowledgeable and experienced vulnerability analyst screens test results for ____________________ vulnerabilities logged during scanning.

candidate

The level of resistance to ____________________ impacts the ease with which an organization is able to implement procedural and managerial changes.

change

When the measured activity is outside the baseline parameters, it is said to exceed the ____________________ level.

clipping

Because the goals and objectives of CIOs and CISOs tend to contradict each other, InformationWeek recommends: "The people who do and the people who watch shouldn't report to a ____________________ manager."

common

The science of encryption is known as ____________________.

cryptology

Almost all aspects of a company's environment are ____________________, meaning threats that were originally assessed in the early stages of the project's systems development life cycle have probably changed and new priorities have emerged.

dynamic

It is important to gather employee ____________________ early about the information security program and respond to it quickly.

feedback

Activities that scan network locales for active systems and then identify the network services offered by the host systems are known as __________.

fingerprinting

The model commonly used by large organizations places the information security department within the __________ department.

information technology

The __________ vulnerability assessment is a process designed to find and document selected vulnerabilities that are likely to be present on the organization's internal network.

intranet

A signature-based IDPS is sometimes called a(n) ____________________-based IDPS.

knowledge

Security ____________________ are accountable for the day-to-day operation of the information security program.

managers

The ____________________ port is also known as a switched port analysis (SPAN) port or mirror port.

monitoring

The objective of the external ____________________ domain within the maintenance model is to provide early awareness of new and emerging threats, threat agents, vulnerabilities, and attacks that the organization needs in order to mount an effective and timely defense.

monitoring

One of the oldest models of change is the Lewin change model, which consists of three stages: unfreezing, ____________________, and refreezing.

moving

Organizations should perform a(n) ____________________ assessment of their information security programs.

periodic

During the implementation phase, the organization translates its blueprint for information security into a project ____________________.

plan

Though CISOs are business managers first and technologists second, they must be conversant in all areas of information security, including the technical, planning, and ____________________ areas.

policy

By managing the __________, the organization can reduce unintended consequences by having a process to resolve the potential conflict and disruption that uncoordinated change can introduce.

process of change

The attack ____________________ is a series of steps or processes used by an attacker, in a logical sequence, to launch an attack against a target system or network.

protocol

Using a database of precomputed hashes from sequentially calculated passwords called a(n) __________, an attacker can simply look up a hashed password and read out the text version.

rainbow table

A step commonly used for Internet vulnerability assessment includes __________, which occurs when the penetration test engine is unleashed at the scheduled time using the planned target list and test selection.

scanning

The __________ is a statement of the boundaries of the RA.

scope

Three methods dominate IDPS detection methods: the ____________________-based approach, the statistical anomaly-based approach, and the stateful packet inspection approach.

signature

To determine whether an attack has occurred or is underway, NIDPSs compare measured activity to known __________ in their knowledge base.

signatures

A(n) ____________________ risk is one that is higher than the risk appetite of the organization.

significant

A(n) ____________________ IDPS can adapt its reactions in response to administrator guidance over time and circumstances of the current local environment.

smart

A packet ____________________ is a software program or hardware appliance that can intercept, copy, and interpret network traffic.

sniffer

The goal of the __________ is to resolve any pending project-related issues, critique the overall effort of the project, and draw conclusions about how to improve the project management process for the future.

wrap-up


Ensembles d'études connexes

Biology: Chapter 14 End-of-Chapter

View Set

Social Psychology Test 1 Practice Questions

View Set

CISSP-Topic 1, Security Management Practices

View Set

N3035- Fluid and Electrolytes (REVISED for final exam)

View Set

FIT1043 - Introduction to data Science Week 1

View Set