Chapter 3: Security Architecture and Engineering (Domain 3)

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Adam recently configured permissions on an NTFS filesystem to describe the access that different users may have to a file by listing each user individually. What did Adam create? a. An access control list b. An access control entry c. Role-based access control d. Mandatory access control

A. Adam created a list of individual users that may access the file. This is an access control list, which consists of multiple access control entries. It includes the names of users, so it is not role-based, and Adam was able to modify the list, so it is not mandatory access control.

Which one of the following components is used to assign classifications to objects in a mandatory access control system? a. Security label b. Security token c. Security descriptor d. Security capability

A. Administrators and processes may attach security labels to objects that provide information on an object's attributes. Labels are commonly used to apply classifications in a mandatory access control system.

Raj is selecting an encryption algorithm for use in his organization and would like to be able to vary the strength of the encryption with the sensitivity of the information. Which one of the following algorithms allows the use of different key strengths? a. Blowfish b. DES c. Skipjack d. IDEA

A. Blowfish allows the user to select any key length between 32 and 448 bits.

Which one of the following terms is not used to describe a privileged mode of system operation? a. User mode b. Kernel mode c. Supervisory mode d. System mode

A. Kernel mode, supervisory mode, and system mode are all terms used to describe privileged modes of system operation. User mode is an unprivileged mode.

Joanna wants to review the status of the industrial control systems her organization uses for building control. What type of systems should she inquire about access to? a. SCADA b. DSS c. BAS d. ICS-CSS

A. Supervisory Control and Data Acquisition systems, or SCADA systems, provide a graphical interface to monitor industrial control systems (ICS). Joanna should ask about access to her organization's SCADA systems.

Beth would like to include technology in a secure area of her data center to protect against unwanted electromagnetic emanations. What technology would assist her with this goal? a. Heartbeat sensor b. Faraday cage c. Piggybacking d. WPA2

B. A Faraday cage is a metal skin that prevents electromagnetic emanations from exiting. It is a rarely used technology because it is unwieldy and expensive, but it is quite effective at blocking unwanted radiation.

Under the Common Criteria, what element describes the security requirements for a product? a. TCSEC b. ITSEC c. PP d. ST

C. Protection Profiles (PPs) specify the security requirements and protections that must be in place for a product to be accepted under the Common Criteria.

Which one of the following humidity values is within the acceptable range for a data center operation? a. 0% b. 10% c. 25% d. 40%

D. Data center humidity should be maintained between 40% and 60%. Values below this range increase the risk of static electricity, while values above this range may generate moisture that damages equipment.

Mike has been tasked with preventing an outbreak of malware like Mirai. What type of systems should be protected in his organization? a. Servers b. SCADA c. Mobile devices d. Internet of Things (IoT) devices

D. Mirai targeted "Internet of Things" devices, including routers, cameras, and DVRs. As organizations bring an increasing number of devices like these into their corporate networks, protecting both internal and external targets from insecure, infrequently updated, and often vulnerable IoT devices is increasing important.

What type of fire extinguisher is useful only against common combustibles? a. Class A b. Class B c. Class C d. Class D

A. Class A fire extinguishers are useful only against common combustible materials. They use water or soda acid as their suppressant. Class B extinguishers are for liquid fires. Class C extinguishers are for electrical fires, and Class D fire extinguishers are for combustible metals.

Ralph is designing a physical security infrastructure for a new computing facility that will remain largely unstaffed. He plans to implement motion detectors in the facility but would also like to include a secondary verification control for physical presence. Which one of the following would best meet his needs? a. CCTV b. IPS c. Turnstiles d. Faraday cages

A. Closed-circuit television (CCTV) systems act as a secondary verification mechanism for physical presence because they allow security officials to view the interior of the facility when a motion alarm sounds to determine the current occupants and their activities.

Warren is designing a physical intrusion detection system for his data center and wants to include technology that issues an alert if the communications lines for the alarm system are unexpectedly cut. What technology would meet this requirement? a. Heartbeat sensor b. Emanation security c. Motion detector d. Faraday cage

A. Heartbeat sensors send periodic status messages from the alarm system to the monitoring center. The monitoring center triggers an alarm if it does not receive a status message for a prolonged period of time, indicating that communications were disrupted.

In Transport Layer Security, what type of key is used to encrypt the actual content of communications between a web server and a client? a. Ephemeral session key b. Client's public key c. Server's public key d. Server's private key

A. In TLS, both the server and the client first communicate using an ephemeral symmetric session key. They exchange this key using asymmetric cryptography, but all encrypted content is protected using symmetric cryptography.

Referring to the figure shown here, what is the name of the security control indicated by the arrow? a. Mantrap b. Turnstile c. Intrusion prevention system d. PortalS

A. Mantraps use a double set of doors to prevent piggybacking by allowing only a single individual to enter a facility at a time.

Sherry conducted an inventory of the cryptographic technologies in use within her organization and found the following algorithms and protocols in use. Which one of these technologies should she replace because it is no longer considered secure? a. MD5 b. 3DES c. PGP d. WPA2

A. The MD5 hash algorithm has known collisions and, as of 2005, is no longer considered secure for use in modern environments.

In what state does a processor's scheduler place a process when it is prepared to execute but the CPU is not currently available? a. Ready b. Running c. Waiting d. Stopped

A. The Ready state is used when a process is prepared to execute but the CPU is not available. The Running state is used when a process is executing on the CPU. The Waiting state is used when a process is blocked waiting for an external event. The Stopped state is used when a process terminates.

What standard governs the creation and validation of digital certificates for use in a public key infrastructure? a. X.509 b. TLS c. SSL d. 802.1x

A. The X.509 standard, developed by the International Telecommunications Union, contains the specification for digital certificates.

Todd wants to add a certificate to a certificate revocation list. What element of the certificate goes on the list? a. Serial number b. Public key c. Digital signature d. Private key

A. The certificate revocation list contains the serial numbers of digital certificates issued by a certificate authority that have later been revoked.

Fran's company is considering purchasing a web-based email service from a vendor and eliminating its own email server environment as a cost-saving measure. What type of cloud computing environment is Fran's company considering? a. SaaS b. IaaS c. CaaS d. PaaS

A. This is an example of a vendor offering a fully functional application as a web-based service. Therefore, it fits under the definition of software as a service (SaaS). In infrastructure as a service (IaaS), compute as a service (CaaS), and platform as a service (PaaS) approaches, the customer provides their own software. In this example, the vendor is providing the email software, so none of those choices is appropriate.

After scanning all of the systems on his wireless network, Mike notices that one system is identified as an iOS device running a massively out-of-date version of Apple's mobile operating system. When he investigates further, he discovers that the device is an original iPad and that it cannot be updated to a current secure version of the operating system. What should Mike recommend? a. Retire or replace the device. b. Isolate the device on a dedicated wireless network c. Install a firewall on the tablet d. Reinstall the OS

A. When operating system patches are no longer available for mobile devices, the best option is typically to retire or replace the device. Building isolated networks will not stop the device from being used for browsing or other purposes, which means it is likely to continue to be exposed to threats. Installing a firewall will not remediate the security flaws in the OS, although it may help somewhat. Finally, reinstalling the OS will not allow new updates or fix the root issue.

Which one of the following does not describe a standard physical security requirement for wiring closets? a. Place only in areas monitored by security guards. b. Do not store flammable items in the closet. c. Use sensors on doors to log entries. d. Perform regular inspections of the closet.

A. While it would be ideal to have wiring closets in a location where they are monitored by security staff, this is not feasible in most environments. Wiring closets must be distributed geographically in multiple locations across each building used by an organization.

A component failure in the primary HVAC system leads to a high temperature alarm in the data center that Kim manages. After resolving the issue, what should Kim consider to prevent future issues like this? a. A closed loop chiller b. Redundant cooling systems c. Swamp coolers d. Relocating the data center to a colder climate

B. A well-designed data center should have redundant systems and capabilities for each critical part of its infrastructure. That means that power, cooling, and network connectivity should all be redundant. Kim should determine how to ensure that a single system failure cannot take her data center offline.

Object-oriented programming languages use a black box approach to development, where users of an object do not necessarily need to know the object's implementation details. What term is used to describe this concept? a. Layering b. Abstraction c. Data hiding d. Process isolation

B. Abstraction uses a black box approach to hide the implementation details of an object from the users of that object.

What term is used to describe the formal declaration by a designated approving authority (DAA) that an information technology (IT) system is approved to operate in a specific environment? a. Certification b. Accreditation c. Evaluation d. Approval

B. Accreditation is the formal approval by a DAA that an IT system may operate in a described risk environment.

Alice and Bob would like to use an asymmetric cryptosystem to communicate with each other. They are located in different parts of the country but have exchanged encryption keys by using digital certificates signed by a mutually trusted certificate authority. Alice would also like to digitally sign the message that she sends to Bob. What key should she use to create the digital signature? a. Alice's public key b. Alice's private key c. Bob's public key d. Bob's private key

B. Alice creates the digital signature using her own private key. Then Bob, or any other user, can verify the digital signature using Alice's public key.

Rick is an application developer who works primarily in Python. He recently decided to evaluate a new service where he provides his Python code to a vendor who then executes it on their server environment. What type of cloud computing environment is this service? a. SaaS b. PaaS c. IaaS d. CaaS

B. Cloud computing systems where the customer only provides application code for execution on a vendor-supplied computing platform are examples of platform as a service (PaaS) computing.

Alice and Bob would like to use an asymmetric cryptosystem to communicate with each other. They are located in different parts of the country but have exchanged encryption keys by using digital certificates signed by a mutually trusted certificate authority. Which one of the following keys would Bob not possess in this scenario? a. Alice's public key b. Alice's private key c. Bob's public key d. Bob's private key

B. Each user retains their private key as secret information. In this scenario, Bob would only have access to his own private key and would not have access to the private key of Alice or any other user.

In a software as a service cloud computing environment, who is normally responsible for ensuring that appropriate firewall controls are in place to protect the application? a. Customer's security team b. Vendor c. Customer's networking team d. Customer's infrastructure management team

B. In a software as a service environment, the customer has no access to any underlying infrastructure, so firewall management is a vendor responsibility under the cloud computing shared responsibility model.

What is the minimum number of independent parties necessary to implement the Fair Cryptosystems approach to key escrow? a. 1 b. 2 c. 3 d. 4

B. In the Fair Cryptosystem approach to key escrow, the secret keys used in communications are divided into two or more pieces, each of which is given to an independent third party.

What cryptographic principle stands behind the idea that cryptographic algorithms should be open to public inspection? a. Security through obscurity b. Kerckhoff's principle c. Defense in depth d. Heisenburg principle

B. Kerckhoff's principle says that a cryptographic system should be secure even if everything about the system, except the key, is public knowledge.

As part of his team's forensic investigation process, Matt signs drives and other evidence out of storage before working with them. What type of documentation is he creating? a. Criminal b. Chain of custody c. Civil d. CYA

B. Matt is helping to maintain the chain of custody documentation for his electronic evidence. This can be important if his organization needs to prove that the digital evidence they handled has not been tampered with. A better process would involve more than one person to ensure that no tampering was possible.

What type of software program exposes the code to anyone who wishes to inspect it? a. Closed source b. Open source c. Fixed source d. Unrestricted source

B. Open-source software exposes the source code to public inspection and modification. The open-source community includes major software packages such as the Linux operating system.

Referring to the fire triangle shown here, which one of the following suppression materials attacks a fire by removing the fuel source? a. Water b. Soda acid c. Carbon dioxide d. Halon

B. Soda acid and other dry powder extinguishers work to remove the fuel supply. Water suppresses temperature, while halon and carbon dioxide remove the oxygen supply from a fire.

Process _____________ ensures that any behavior will affect only the memory and resources associated with a process. a. Restriction b. Isolation c. Limitation d. Parameters

B. When a process is confined within certain access bounds, that process runs in isolation. Isolation protects the operating environment, the operating system kernel, and other processes running on the system.

Chris is designing a cryptographic system for use within his company. The company has 1,000 employees, and they plan to use an asymmetric encryption system. How many total keys will they need? a. 500 b. 1,000 c. 2,000 d. 4,950

C. Asymmetric cryptosystems use a pair of keys for each user. In this case, with 1,000 users, the system will require 2,000 keys.

Lauren implements ASLR to help prevent system compromises. What technique has she used to protect her system? a. Encryption b. Mandatory access control c. Memory address randomization d. Discretionary access control

C. Lauren has implemented address space layout randomization, a memory protection methodology that randomizes memory locations, which prevents attackers from using known address spaces and contiguous memory regions to execute code via overflow or stack smashing attacks.

Alice sent a message to Bob. Bob would like to demonstrate to Charlie that the message he received definitely came from Alice. What goal of cryptography is Bob attempting to achieve? a. Authentication b. Confidentiality c. Nonrepudiation d. Integrity

C. Nonrepudiation occurs when the recipient of a message is able to demonstrate to a third party that the message came from the purported sender.

During a system audit, Casey notices that the private key for her organization's web server has been stored in a public Amazon S3 storage bucket for more than a year. What should she do? a. Remove the key from the bucket b. Notify all customers that their data may have been exposed. c. Request a new certificate using a new key d. Nothing, because the private key should be accessibly for validation

C. The first thing Casey should do is notify her management, but after that, replacing the certificate and using proper key management practices with the new certificate's key should be at the top of her list.

During a third-party vulnerability scan and security test, Danielle's employer recently discovered that the embedded systems that were installed to manage her company's new buildings have a severe remote access vulnerability. The manufacturer has gone out of business, and there is no patch or update for the devices. What should Danielle recommend that her employer do about the hundreds of devices that are vulnerable? a. Identify a replacement device model and replace every device b. Turn off all of the devices c. Move the devices to a secured network segment d. Reverse engineer the devices and build an in-house patch

C. The most reasonable choice presented is to move the devices to a secure and isolated network segment. This will allow the devices to continue to serve their intended function while preventing them from being compromised. All of the other scenarios either create major new costs or deprive her organization of the functionality that the devices were purchased to provide.

Helen is a software engineer and is developing code that she would like to restrict to running within an isolated sandbox for security purposes. What software development technique is Helen using? a. Bounds b. Input validation c. Confinement d. TCB

C. The use of a sandbox is an example of confinement, where the system restricts the access of a particular process to limit its ability to affect other processes running on the same system.

Which one of the following statements is correct about the Biba model of access control? a. It addresses confidentiality and integrity. b. It addresses integrity and availability. c. It prevents covert channel attacks. d. It focuses on protecting objects from integrity threats.

D. The Biba model focuses only on protecting integrity and does not provide protection against confidentiality or availability threats. It also does not provide protection against covert channel attacks. The Biba model focuses on external threats and assumes that internal threats are addressed programmatically.

Matthew is the security administrator for a consulting firm and must enforce access controls that restrict users' access based upon their previous activity. For example, once a consultant accesses data belonging to Acme Cola, a consulting client, they may no longer access data belonging to any of Acme's competitors. What security model best fits Matthew's needs? a. Clark-Wilson b. Biba c. Bell-LaPadula d. Drewer-Nash

D. The Brewer-Nash model allows access controls to change dynamically based upon a user's actions. It is often used in environments like Matthew's to implement a "Chinese wall" between data belonging to different clients.

What type of fire suppression system fills with water when the initial stages of a fire are detected and then requires a sprinkler head heat activation before dispensing water? a. Wet pipe b. Dry pipe c. Deluge d. Preaction

D. A preaction fire suppression system activates in two steps. The pipes fill with water once the early signs of a fire are detected. The system does not dispense water until heat sensors on the sprinkler heads trigger the second phase.

Alex's employer creates most of their work output as PDF files. Alex is concerned about limiting the audience for the PDF files to those individuals who have paid for them. What technology can he use to most effectively control the access to and distribution of these files? a. EDM b. Encryption c. Digital signatures d. DRM

D. Alex can use digital rights management technology to limit use of the PDFs to paying customers. While DRM is rarely a perfect solution, in this case, it may fit his organization's needs. EDM is electronic dance music, which his customers may appreciate but which won't solve the problem. Encryption and digital signatures can help to keep the files secure and to prove who they came from but won't solve the rights management issue Alex is tackling.

What concept describes the degree of confidence that an organization has that its controls satisfy security requirements? a. Trust b. Credentialing c. Verification d. Assurance

D. Assurance is the degree of confidence that an organization has that its security controls are correctly implemented. It must be continually monitored and reverified.

Gordon is concerned about the possibility that hackers may be able to use the Van Eck radiation phenomenon to remotely read the contents of computer monitors in his facility. What technology would protect against this type of attack? a. TCSEC b. SCSI c. GHOST d. TEMPEST

D. The TEMPEST program creates technology that is not susceptible to Van Eck phreaking attacks because it reduces or suppresses natural electromagnetic emanations.

In an infrastructure as a service (IaaS) environment where a vendor supplies a customer with access to storage services, who is normally responsible for removing sensitive data from drives that are taken out of service? a. Customer's security team b. Customer's storage team c. Customer's vendor management team d. Vendor

D. In an infrastructure as a service environment, security duties follow a shared responsibility model. Since the vendor is responsible for managing the storage hardware, the vendor would retain responsibility for destroying or wiping drives as they are taken out of service. However, it is still the customer's responsibility to validate that the vendor's sanitization procedures meet their requirements prior to utilizing the vendor's storage services.

Chris wants to verify that a software package that he downloaded matches the original version. What hashing tool should he use if he believes that technically sophisticated attackers may have replaced the software package with a version containing a backdoor? a. MD5 b. 3DES c. SHA1 d. SHA 256

D. Intentional collisions have been created with MD5, and a real-world collision attack against SHA 1 was announced in early 2017. 3DES is not a hashing tool, leaving SHA 256 (sometimes called SHA 2) as the only real choice that Chris has in this list.

James is working with a Department of Defense system that is authorized to simultaneously handle information classified at the Secret and Top Secret levels. What type of system is he using? a. Single state b. Unclassified c. Compartmented d. Multistate

D. Multistate systems are certified to handle data from different security classifications simultaneously by implementing protection mechanisms that segregate data appropriately.

Which one of the following computing models allows the execution of multiple concurrent tasks within a single process? a. Multitasking b. Multiprocessing c. Multiprogramming d. Multithreading

D. Multithreading permits multiple tasks to execute concurrently within a single process. These tasks are known as threads and may be alternated between without switching processes.

Match the following numbered security models with the appropriate lettered security descriptions: Security Models 1. Clark-Wilson 2. Graham-Denning 3. Bell-LaPadula 4. Sutherland 5. Biba Descriptions A. This model blocks lower-classified objects from accessing higher-classified objects, this ensuring confidentiality. b. The * property of this model can be summarized as "no write-up." c. This model uses security labels to grant access to objects via transformation procedures and a restricted interface model. d. This model focuses on the secure creation and deletion of subjects and objects using eight primary protection rules or actions. e. This integrity model focuses on preventing interference in support of integrity.

The security models match with the descriptions as follows: 1. Clark-Wilson: C. This model uses security labels to grant access to objects via transformation procedures and a restricted interface model. 2. Graham-Denning: D. This model focuses on the secure creation and deletion of subjects and objects using eight primary protection rules or actions. 3. Bell-LaPadula: A. This model blocks lower-classified objects from accessing higher-classified objects, thus ensuring confidentiality. 4. Sutherland: E. This integrity model focuses on preventing interference in support of integrity. 5. Biba: B. The * property of this model can be summarized as "no write-up."

What is the minimum fence height that makes a fence difficult to climb easily, deterring most intruders? a. 3 feet b. 4 feet c. 5 feet d. 6 feet

D. Fences designed to deter more than the casual intruder should be at least 6 feet high. If a physical security system is designed to deter even determined intruders, it should be at least 8 feet high and topped with three strands of barbed wire.

Which one of the following fire suppression systems uses a suppressant that is no longer manufactured due to environmental concerns? a. FM-200 b. Argon c. Inergen d. Halon

D. Halon fire suppression systems use a chlorofluorocarbon (CFC) suppressant material that was banned in the Montreal Protocol because it depletes the ozone layer.

Alan is reviewing a system that has been assigned the EAL1 evaluation assurance level under the Common Criteria. What is the degree of assurance that he may have about the system? a. It has been functionally tested. b. It has been structurally tested. c. It has been formally verified, designed, and tested. d. It has been methodically designed, tested, and reviewed.

A. EAL1 assurance applies when the system in question has been functionally tested. It is the lowest level of assurance under the Common Criteria.

Referring to the figure shown here, what is the earliest stage of a fire where it is possible to use detection technology to identify it? a. Incipient b. Smoke c. Flame d. Heat

A. Fires may be detected as early as the incipient stage. During this stage, air ionization takes place, and specialized incipient fire detection systems can identify these changes to provide early warning of a fire.

Which one of the following is not an attribute of a hashing algorithm? a. They require a cryptographic key. b. They are irreversible. c. It is very difficult to find two messages with the same hash value. d. They take variable-length input.

A. Hash functions do not include any element of secrecy and, therefore, do not require a cryptographic key.

How many bits of keying material does the Data Encryption Standard use for encrypting information? a. 56 bits b. 64 bits c. 128 bits d. 256 bits

A. DES uses a 64-bit encryption key, but only 56 of those bits are actually used as keying material in the encryption operation. The remaining 8 bits are used to detect tampering or corruption of the key.

Howard is choosing a cryptographic algorithm for his organization, and he would like to choose an algorithm that supports the creation of digital signatures. Which one of the following algorithms would meet his requirement? a. RSA b. DES c. AES d. Blowfish

A. Digital signatures are possible only when using an asymmetric encryption algorithm. Of the algorithms listed, only RSA is asymmetric and supports digital signature capabilities.

Which one of the following is not one of the basic requirements for a cryptographic hash function? a. The function must work on fixed-length input. b. The function must be relatively easy to compute for any input. c. The function must be one way. d. The function must be collision free.

A. Hash functions must be able to work on any variable-length input and produce a fixed-length output from that input, regardless of the length of the input.

Harry would like to access a document owned by Sally and stored on a file server. Applying the subject/object model to this scenario, who or what is the subject of the resource request? a. Harry b. Sally c. Server d. Document

A. In the subject/object model of access control, the user or process making the request for a resource is the subject of that request. In this example, Harry is requesting resource access and is, therefore, the subject.

What type of security vulnerability are developers most likely to introduce into code when they seek to facilitate their own access, for testing purposes, to software they developed? a. Maintenance hook b. Cross-site scripting c. SQL injection d. Buffer overflow

A. Maintenance hooks, otherwise known as backdoors, provide developers with easy access to a system, bypassing normal security controls. If not removed prior to finalizing code, they pose a significant security vulnerability if an attacker discovers the maintenance hook.

Gary is concerned about applying consistent security settings to the many mobile devices used throughout his organization. What technology would best assist with this challenge? a. MDM b. IPS c. IDS d. SIEM

A. Mobile Device Management (MDM) products provide a consistent, centralized interface for applying security configuration settings to mobile devices.

Grace would like to implement application control technology in her organization. Users often need to install new applications for research and testing purposes, and she does not want to interfere with that process. At the same time, she would like to block the use of known malicious software. What type of application control would be appropriate in this situation? a. Blacklisting b. Graylisting c. Whitelisting d. Bluelisting

A. The blacklisting approach to application control allows users to install any software they wish except for packages specifically identified by the administrator as prohibited. This would be an appropriate approach in a scenario where users should be able to install any nonmalicious software they wish to use.

Rhonda is considering the use of new identification cards for physical access control in her organization. She comes across a military system that uses the card shown here. What type of card is this? a. Smart card b. Proximity card c. Magnetic stripe card d. Phase three card

A. The card shown in the image has a smart chip underneath the American flag. Therefore, it is an example of a smart card. This is the most secure type of identification card technology.

The Bell-LaPadula and Biba models implement state machines in a fashion that uses what specific state machine model? a. Information flow b. Noninterference c. Cascading d. Feedback

A. The information flow model applies state machines to the flow of information. The Bell-LaPadula model applies the information flow model to confidentiality while the Biba model applies it to integrity.

In the ring protection model shown here, what ring contains the operating system's kernel? a. Ring 0 b. Ring 1 c. Ring 2 d. Ring 3

A. The kernel lies within the central ring, Ring 0. Conceptually, Ring 1 contains other operating system components. Ring 2 is used for drivers and protocols. User-level programs and applications run at Ring 3. Rings 0 through 2 run in privileged mode while Ring 3 runs in user mode. It is important to note that many modern operating systems do not fully implement this model.

Alison is examining a digital certificate presented to her by her bank's website. Which one of the following requirements is not necessary for her to trust the digital certificate? a. She knows that the server belongs to the bank. b. She trusts the certificate authority. c. She verifies that the certificate is not listed on a CRL. d. She verifies the digital signature on the certificate.

A. The point of the digital certificate is to prove to Alison that the server belongs to the bank, so she does not need to have this trust in advance. To trust the certificate, she must verify the CA's digital signature on the certificate, trust the CA, verify that the certificate is not listed on a CRL, and verify that the certificate contains the name of the bank.

Sonia recently removed an encrypted hard drive from a laptop and moved it to a new device because of a hardware failure. She is having difficulty accessing encrypted content on the drive despite the fact that she knows the user's password. What hardware security feature is likely causing this problem? a. TCB b. TPM c. NIACAP d. RSA

B. The Trusted Platform Module (TPM) is a hardware security technique that stores an encryption key on a chip on the motherboard and prevents someone from accessing an encrypted drive by installing it in another computer.

What action can you take to prevent accidental data disclosure due to wear leveling on an SSD device before reusing the drive? a. Reformatting b. Disk encryption c. Degaussing d. Physical destruction

B. Encrypting data on SSD drives does protect against wear leveling. Disk formatting does not effectively remove data from any device. Degaussing is only effective for magnetic media. Physically destroying the drive would not permit reuse.

A hacker recently violated the integrity of data in James's company by modifying a file using a precise timing attack. The attacker waited until James verified the integrity of a file's contents using a hash value and then modified the file between the time that James verified the integrity and read the contents of the file. What type of attack took place? a. Social engineering b. TOCTOU c. Data diddling d. Parameter checking

B. In a time of check to time of use (TOCTOU) attack, the attacker exploits the difference in time between when a security control is verified and the data protected by the control is actually used.

John and Gary are negotiating a business transaction, and John must demonstrate to Gary that he has access to a system. He engages in an electronic version of the "magic door" scenario shown here. What technique is John using? a. Split-knowledge proof b. Zero-knowledge proof c. Logical proof d. Mathematical proof

B. In a zero-knowledge proof, one individual demonstrates to another that they can achieve a result that requires sensitive information without actually disclosing the sensitive information.

Harry would like to retrieve a lost encryption key from a database that uses m of n control, with m= 4 and n = 8. What is the minimum number of escrow agents required to retrieve the key? a. 2 b. 4 c. 8 d. 12

B. In an m of n control system, at least m of n possible escrow agents must collaborate to retrieve an encryption key from the escrow database.

Gary intercepts a communication between two individuals and suspects that they are exchanging secret messages. The content of the communication appears to be the image shown here. What type of technique may the individuals use to hide messages inside this image? a. Visual cryptography b. Steganography c. Cryptographic hashing d. Transport layer securityS

B. Steganography is the art of using cryptographic techniques to embed secret messages within other content. Some steganographic algorithms work by making alterations to the least significant bits of the many bits that make up image files.

Tom is responsible for maintaining the security of systems used to control industrial processes located within a power plant. What term is used to describe these systems? a. POWER b. SCADA c. HAVAL d. COBOL

B. Supervisory control and data acquisition (SCADA) systems are used to control and gather data from industrial processes. They are commonly found in power plants and other industrial environments.

Florian and Tobias would like to begin communicating using a symmetric cryptosystem, but they have no prearranged secret and are not able to meet in person to exchange keys. What algorithm can they use to securely exchange the secret key? a. IDEA b. Diffie-Hellman c. RSA d. MD5

B. The Diffie-Hellman algorithm allows for the secure exchange of symmetric encryption keys over a public network.

Bob is a security administrator with the federal government and wishes to choose a digital signature approach that is an approved part of the federal Digital Signature Standard under FIPS 186-4. Which one of the following encryption algorithms is not an acceptable choice for use in digital signatures? a. DSA b. HAVAL c. RSA d. ECDSA

B. The Digital Signature Standard approves three encryption algorithms for use in digital signatures: the Digital Signature Algorithm (DSA); the Rivest, Shamir, Adleman (RSA) algorithm; and the Elliptic Curve DSA (ECDSA) algorithm. HAVAL is a hash function, not an encryption algorithm. While hash functions are used as part of the digital signature process, they do not provide encryption.

Susan would like to configure IPsec in a manner that provides confidentiality for the content of packets. What component of IPsec provides this capability? a. AH b. ESP c. IKE d. ISAKMP

B. The Encapsulating Security Payload (ESP) protocol provides confidentiality and integrity for packet contents. It encrypts packet payloads and provides limited authentication and protection against replay attacks.

In the figure shown here, Sally is blocked from reading the file due to the Biba integrity model. Sally has a Secret security clearance, and the file has a Confidential classification. What principle of the Biba model is being enforced? a. Simple Security Property b. Simple Integrity Property c. *-Security Property d. *-Integrity Property

B. The Simple Integrity Property states that an individual may not read a file classified at a lower security level than the individual's security clearance.

In the diagram shown here of security boundaries within a computer system, what component's name has been replaced with XXX? a. Kernel b. TCB c. Security perimeter d. User execution

B. The Trusted Computing Base (TCB) is a small subset of the system contained within the kernel that carries out critical system activities.

A software company developed two systems that share information. System A provides information to the input of System B, which then reciprocates by providing information back to System A as input. What type of composition theory best describes this practice? a. Cascading b. Feedback c. Hookup d. Elementary

B. The feedback model of composition theory occurs when one system provides input for a second system and then the second system provides input for the first system. This is a specialized case of the cascading model, so the feedback model is the most appropriate answer.

In a virtualized computing environment, what component is responsible for enforcing separation between guest machines? a. Guest operating system b. Hypervisor c. Kernel d. Protection manager

B. The hypervisor is responsible for coordinating access to physical hardware and enforcing isolation between different virtual machines running on the same physical platform.

Which one of the following is an example of a code, not a cipher? a. Data Encryption Standard b. "One if by land; two if by sea" c. Shifting letters by three d. Word scramble

B. The major difference between a code and a cipher is that ciphers alter messages at the character or bit level, not at the word level. DES, shift ciphers, and word scrambles all work at the character or bit level and are ciphers. "One if by land; two if by sea" is a message with hidden meaning in the words and is an example of a code.

Harold is assessing the susceptibility of his environment to hardware failures and would like to identify the expected lifetime of a piece of hardware. What measure should he use for this? a. MTTR b. MTTF c. RTO d. MTO

B. The mean time to failure (MTTF) provides the average amount of time before a device of that particular specification fails.

What name is given to the random value added to a password in an attempt to defeat rainbow table attacks? a. Hash b. Salt c. Extender d. Rebar

B. The salt is a random value added to a password before it is hashed by the operating system. The salt is then stored in a password file with the hashed password. This increases the complexity of cryptanalytic attacks by negating the usefulness of attacks that use precomputed hash values, such as rainbow tables.

Tommy is planning to implement a power conditioning UPS for a rack of servers in his data center. Which one of the following conditions will the UPS be unable to protect against if it persists for an extended period of time? a. Fault b. Blackout c. Sag d. Noise

B. UPSs are designed to protect against short-term power losses, such as power faults. When they conduct power conditioning, they are also able to protect against sags and noise. UPSs have limited-life batteries and are not able to maintain continuous operating during a sustained blackout.

How many possible keys exist for a cipher that uses a key containing 5 bits? a. 10 b. 16 c. 32 d. 64

C. Binary keyspaces contain a number of keys equal to two raised to the power of the number of bits. Two to the fifth power is 32, so a 5-bit keyspace contains 32 possible keys.

What type of motion detector senses changes in the electromagnetic fields in monitored areas? a. Infrared b. Wave pattern c. Capacitance d. Photoelectric

C. Capacitance motion detectors monitor the electromagnetic field in a monitored area, sensing disturbances that correspond to motion.

Alice has read permissions on an object, and she would like Bob to have those same rights. Which one of the rules in the Take-Grant protection model would allow her to complete this operation? a. Create rule b. Remove rule c. Grant rule d. Take rule

C. The grant rule allows a subject to grant rights that it possesses on an object to another subject.

Which one of the following is an example of a covert timing channel when used to exfiltrate information from an organization? a. Sending an electronic mail message b. Posting a file on a peer-to-peer file sharing service c. Typing with the rhythm of Morse code d. Writing data to a shared memory space

C. Covert channels use surreptitious communications' paths. Covert timing channels alter the use of a resource in a measurable fashion to exfiltrate information. If a user types using a specific rhythm of Morse code, this is an example of a covert timing channel. Someone watching or listening to the keystrokes could receive a secret message with no trace of the message left in logs.

Kyle is being granted access to a military computer system that uses System High mode. What is not true about Kyle's security clearance requirements? a. Kyle must have a clearance for the highest level of classification processed by the system, regardless of his access. b. Kyle must have access approval for all information processed by the system. c. Kyle must have a valid need to know for all information processed by the system. d. Kyle must have a valid security clearance.

C. For systems running in System High mode, the user must have a valid security clearance for all information processed by the system, access approval for all information processed by the system, and a valid need to know for some, but not necessarily all, information processed by the system.

Tom is a cryptanalyst and is working on breaking a cryptographic algorithm's secret key. He has a copy of an intercepted message that is encrypted, and he also has a copy of the decrypted version of that message. He wants to use both the encrypted message and its decrypted plaintext to retrieve the secret key for use in decrypting other messages. What type of attack is Tom engaging in? a. Chosen ciphertext b. Chosen plaintext c. Known plaintext d. Brute force

C. In a known plaintext attack, the attacker has a copy of the encrypted message along with the plaintext message used to generate that ciphertext.

Johnson Widgets strictly limits access to total sales volume information, classifying it as a competitive secret. However, shipping clerks have unrestricted access to order records to facilitate transaction completion. A shipping clerk recently pulled all of the individual sales records for a quarter and totaled them up to determine the total sales volume. What type of attack occurred? a. Social engineering b. Inference c. Aggregation d. Data diddling

C. In an aggregation attack, individual(s) use their access to specific pieces of information to piece together a larger picture that they are not authorized to access.

Alice and Bob would like to use an asymmetric cryptosystem to communicate with each other. They are located in different parts of the country but have exchanged encryption keys by using digital certificates signed by a mutually trusted certificate authority. If Alice wishes to send Bob an encrypted message, what key does she use to encrypt the message? a. Alice's public key b. Alice's private key c. Bob's public key d. Bob's private key

C. In an asymmetric cryptosystem, the sender of a message always encrypts the message using the recipient's public key.

Michael is responsible for forensic investigations and is investigating a medium-severity security incident that involved the defacement of a corporate website. The web server in question ran on a virtualization platform, and the marketing team would like to get the website up and running as quickly as possible. What would be the most reasonable next step for Michael to take? a. Keep the website offline until the investigation is complete. b. Take the virtualization platform offline as evidence. c. Take a snapshot of the compromised system and use that for the investigation. d. Ignore the incident and focus on quickly restoring the website.

C. Michael should conduct his investigation, but there is a pressing business need to bring the website back online. The most reasonable course of action would be to take a snapshot of the compromised system and use the snapshot for the investigation, restoring the website to operation as quickly as possible while using the results of the investigation to improve the security of the site.

Betty is concerned about the use of buffer overflow attacks against a custom application developed for use in her organization. What security control would provide the strongest defense against these attacks? a. Firewall b. Intrusion detection system c. Parameter checking d. Vulnerability scanning

C. Parameter checking, or input validation, is used to ensure that input provided by users to an application matches the expected parameters for the application. Developers may use parameter checking to ensure that input does not exceed the expected length, preventing a buffer overflow attack.

Which one of the following would be a reasonable application for the use of self-signed digital certificates? a. E-commerce website b. Banking application c. Internal scheduling application d. Customer portal

C. Self-signed digital certificates should be used only for internal-facing applications, where the user base trusts the internally generated digital certificate.

In the figure shown here, Harry's request to write to the data file is blocked. Harry has a Secret security clearance, and the data file has a Confidential classification. What principle of the Bell-LaPadula model blocked this request? a. Simple Security Property b. Simple Integrity Property c. *-Security Property d. Discretionary Security Property

C. The *-Security Property states that an individual may not write to a file at a lower classification level than that of the individual. This is also known as the confinement property.

Which one of the following terms accurately describes the Caesar cipher? a. Transposition cipher b. Block cipher c. Shift cipher d. Strong cipher

C. The Caesar cipher is a shift cipher that works on a stream of text and is also a substitution cipher. It is not a block cipher or a transposition cipher. It is extremely weak as a cryptographic algorithm.

Laura is responsible for securing her company's web-based applications and wishes to conduct an educational program for developers on common web application security vulnerabilities. Where can she turn for a concise listing of the most common web application issues? a. CVE b. NSA c. OWASP d. CSA

C. The Open Web Application Security Project (OWASP) produces an annual list of the top ten web application security issues that developers and security professionals around the world rely upon for education and training purposes. The OWASP vulnerabilities form the basis for many web application security testing products.

What logical operation is described by the truth table shown here? a. OR b. AND c. XOR d. NOR

C. The exclusive or (XOR) operation is true when one and only one of the input values is true.

Which one of the following systems assurance processes provides an independent third-party evaluation of a system's controls that may be trusted by many different organizations? a. Certification b. Definition c. Verification d. Accreditation

C. The verification process is similar to the certification process in that it validates security controls. Verification may go a step further by involving a third-party testing service and compiling results that may be trusted by many different organizations. Accreditation is the act of management formally accepting an evaluating system, not evaluating the system itself.

Alan intercepts an encrypted message and wants to determine what type of algorithm was used to create the message. He first performs a frequency analysis and notes that the frequency of letters in the message closely matches the distribution of letters in the English language. What type of cipher was most likely used to create this message? a. Substitution cipher b. AES c. Transposition cipher d. 3DES

C. This message was most likely encrypted with a transposition cipher. The use of a substitution cipher, a category that includes AES and 3DES, would change the frequency distribution so that it did not mirror that of the English language.

The ___________ of a process consist(s) of the limits set on the memory addresses and resources that the process may access. a. Perimeter b. Confinement limits c. Metes d. Bounds

D. Each process that runs on a system is assigned certain physical or logical bounds for resource access, such as memory.

In the figure shown here, Sally is blocked from writing to the data file by the Biba integrity model. Sally has a Secret security clearance, and the file is classified Top Secret. What principle is preventing her from writing to the file? a. Simple Security Property b. Simple Integrity Property c. *-Security Property d. *-Integrity Property

D. The *-Integrity Property states that a subject cannot modify an object at a higher integrity level than that possessed by the subject.

Which one of the following cryptographic goals protects against the risks posed when a device is lost or stolen? a. Nonrepudiation b. Authentication c. Integrity d. Confidentiality

D. The greatest risk when a device is lost or stolen is that sensitive data contained on the device will fall into the wrong hands. Confidentiality protects against this risk.

The Double DES (2DES) encryption algorithm was never used as a viable alternative to the original DES algorithm. What attack is 2DES vulnerable to that does not exist for the DES or 3DES approach? a. Chosen ciphertext b. Brute force c. Man in the middle d. Meet in the middle

D. The meet-in-the-middle attack uses a known plaintext message and uses both encryption of the plaintext and decryption of the ciphertext simultaneously in a brute-force manner to identify the encryption key in approximately double the time of a brute-force attack against the basic DES algorithm.

As part of his incident response process, Charles securely wipes the drive of a compromised machine and reinstalls the operating system (OS) from original media. Once he is done, he patches the machine fully and applies his organization's security templates before reconnecting the system to the network. Almost immediately after the system is returned to service, he discovers that it has reconnected to the same botnet it was part of before. Where should Charles look for the malware that is causing this behavior? a. The operating system partition b. The system BIOS or firmware c. The system memory d. The installation media

D. The system Charles is remediating may have a firmware or BIOS infection, with malware resident on the system board. While uncommon, this type of malware can be difficult to find and remove. Since he used original media, it is unlikely that the malware came from the software vendor. Charles wiped the system partition, and the system would have been rebooted before being rebuilt, thus clearing system memory.

Alice and Bob would like to use an asymmetric cryptosystem to communicate with each other. They are located in different parts of the country but have exchanged encryption keys by using digital certificates signed by a mutually trusted certificate authority. When Bob receives the encrypted message from Alice, what key does he use to decrypt the message? a. Alice's public key b. Alice's private key c. Bob's public key d. Bob's private key

D. When Bob receives the message, he uses his own private key to decrypt it. Since he is the only one with his private key, he is the only one who should be able to decrypt it, thus preserving confidentiality.

What physical security control broadcasts false emanations constantly to mask the presence of true electromagnetic emanations from computing equipment? a. Faraday cage b. Copper-infused windows c. Shielded cabling d. White noise

D. While all of the controls mentioned protect against unwanted electromagnetic emanations, only white noise is an active control. White noise generates false emanations that effectively "jam" the true emanations from electronic equipment.

Match each of these following numbered architecture security concepts with the appropriate lettered description: Architectural security concepts: 1. Time of check 2. Covert channel 3. Time of use 4. Maintenance hooks 5. Parameter checking 6. Race condition Descriptions a. A method used to pass information over a path not normally used for communication. b. The exploitation of the difference between time of check and time of use c. The time at which the subject checks whether an object is available. d. The time at which a subject can access an object. e. An access method known only to the developer of the system f. A method that can help prevent buffer overflow attacks

The architecture security concepts match with the descriptions as follows: 1. Time of check: C. The time at which the subject checks whether an object is available. 2. Covert channel: A. A method used to pass information over a path not normally used for communication. 3. Time of use: D. The time at which a subject can access an object. 4. Maintenance hooks: E. An access method known only to the developer of the system. 5. Parameter checking: F. A method that can help prevent buffer overflow attacks. 6. Race condition: B. The exploitation of difference between time of check and time of use.


Ensembles d'études connexes

SEJONG 4 BOOK (Grammar Ch. 1-14)

View Set

Digestive System (Alimentary Canal)

View Set

Official Google Cloud Platform Associate Cloud Engineer Study Guide (April 2019) - corrected

View Set