BCIS-5740 - Security Personnel + Security Technology (Chapter 7 and Chapter 8 )
The _____ is an intermediate area between a trusted network and an untrusted network. a) domain b) DMZ c) firewall d) perimeter
DMZ
A firewall cannot be deployed as a separate network containing a number of supporting devices. True False
False
Firewalls can only filter packets by port number. True False
False
GIAC stands for Global Information Architecture Certification. _____ False True
False
ISSEP stands for Information Systems Security Experienced Professional. _____ True False
False
Most current operating systems require specialized software to connect to VPN servers, as support for VPN services is no longer built into the clients. True False
False
Organizations are not required by law to protect employee information that is sensitive or personal. False True
False
Security administrators are accountable to provide day-to-day systems monitoring to support an organization's goalsand objectives. False True
False
The (ISC)2 CISSP-ISSEP concentration focuses on the knowledge area including systems lifecycle management, threat intelligence, and incident managements. True False
False
Task-based controls are associated with the assigned role a user performs in an organization, such as a position or temporary assignment like project manager. False True
False
The ISSMP concentration examination is designed to provide CISSPs with a mechanism to demonstrate competence in _____. a) business continuity planning and disaster recovery planning b) enterprise security management practices c) security management practices d) All of these answers are correct
All of these answers are correct
The restrictions most commonly implemented in packet-filtering firewalls are based on _____. a) All of these answers are correct b) Direction (inbound or outbound) c) TCP or UDP source and destination port requests d) IP source and destination address
All of these answers are correct
Briefly describe the best practice rules for firewall use.
Block traffic by default and monitor user access. Establish a firewall configuration change plan. Optimize the firewall rules of your network Update your firewall software regularly.
The Cybersecurity Analyst+ certification from _____ is an intermediate certification with both knowledge-based and performance-based assessment. A) SANS B)ISACA C)ACM D)CompTIA
CompTIA
_____________ are contracted workers hired for a specific one-time purpose, commonly to provide expertise the organization does not have internally.
Consultant
The _____ packet-filtering firewall can react to an emergent event and update or create rules to deal with that event.
Dynamic
The CISSP certification requires both the successful completion of the examination and a(n) _____ by a qualified third party, typically another similarly certified professional, the candidate's employer, or a licensed, certified, or commissioned professional.
Endorsment
"Administrators" provide the policies, guidelines, and standards in the Schwartz classification. _____ True False
False
"Builders" in the field of information security provide day-to-day systems monitoring and are used to support an organization's goals and objectives. False True
False
The SSCP examination is much more rigorous than the CISSP examination. False True
False
The ability of a router to restrict traffic to a specific service is an advanced capability and not considered a standard feature for most routers. True False
False
The information security function cannot be placed within physical security, as a peer of physical security or protective services. True False
False
The screened subnet protects the DMZ systems and information from outside threats by providing a network with intermediate security, which means the network is less secure than the general-public networks but more secure than the internal network. False True
False
The security manager position is much more general than that of the CISO. True False
False
The static packet filtering firewall can react to an emergent event and update or create rules to deal with that event. _____ False True
False
The static packet filtering firewall can react to an emergent event and update or create rules to deal with that event. _____ True False
False
Using an application layer firewall means the associated Web server must be exposed to a higher level of risk by placing it in the DMZ. True False
False
When Web services are offered outside the firewall, SMTP traffic should be blocked from internal networks through the use of some form of proxy access or DMZ architecture. _____ True False
False
When a bastion host approach is used, the host contains two CPUs, forcing all traffic to go through the device. _____ False True
False
Why shouldn't an organization give a job candidate a tour of secure areas during an interview?
Job candidates are not employees, they are potential personnel that might become employees therefore they should not be shown to the inner workings, or procedures within the company. Allowing candidate in secure areas could lead to potential spying within the company and gain organization trade secrets and potential gain knowledge about the security procedures of the company.
Security managers accomplish _____ identified by the CISO and resolve issues identified by technicians tasks objectives tactics strategies
Objectives
In SESAME, the user is first authenticated to an authentication server and receives a token. The token is then presented to a privilege attribute server as proof of identity to gain a(n) _____. PAC ticket VPN ECMA
PAC
The former System Administration, Networking, and Security Organization is now better known as _____. a) SANS b) SAN c) SANSO D) SANO
SANS
____ is the requirement that every employee be able to perform the work of another employee. a) Two-man control b) Duty exchange c) Collusion d) Task rotation
Task rotation
Access control is the method by which systems determine whether and how to admit a user into a trusted area of the organization, whether systems or physical locations. _____ False True
True
Best practices in firewall rule set configuration state that the firewall device never allows administrative access directly from the public network. _____ False True
True
Best practices in firewall rule set configuration state that the firewall device never allows administrative access directly from the public network. _____ True False
True
ISSAP stands for Information Systems Security Architecture Professional. _____ False True
True
In many cases, organizations look for a technically qualified information security generalist who has a solid understanding of how an organization operates. False True
True
Secure VPNs use security protocols and encrypt traffic transmitted across unsecured public networks like the Internet. _____ True False
True
Security managers accomplish objectives identified by the CISO and resolve issues identified by technicians. _____ False True
True
The application layer proxy firewall is capable of functioning both as a firewall and an application layer proxy server. False True
True
The false reject rate describes the number of legitimate users who are denied access because of a failure in the biometric device. _____ True False
True
The presence of external requests for Telnet services can indicate a potential attack. _____ False True
True
The primary disadvantage of stateful packet inspection firewalls is the additional processing required to manage and verify packets against the state table. _____ True False
True
The application layer proxy firewall is also known as a(n) _____. A) All of these are correct B) proxy firewall C) application firewall D) client firewall
application firewall
Though CISOs are business managers first and technologists second, they must be conversant in all areas of information security, including the technical, planning, and _____ areas.
policy
A firewall device must never be accessible directly from the _____ network.
public
In most common implementation models, the content filter has two components: _____. a) filtering and encoding b) allow and deny c) rating and decryption d) rating and filtering
rating and filtering
A(n) _____ contains a computer chip that can verify and validate several pieces of information instead of just a PIN.
smart card
Related to the concept of separation of duties is that of _____, the requirement that two individuals review and approve each other's work before the task is categorized as finished.
two-person control
Which of the following is not one of the categories of positions defined by Schwartz? A)User B) Definer C) Builder D)Administrator
user