chapter 8

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Which of the following statements are true? IT developments such as virtualization, Cloud computing, and the Internet of Things weaken information security. A large number of emergency changes is a potential red flag of other problems. Information security is improved when the CISO reports to the CIO. All of the statements are true. None of the statements are true.

IT developments such as virtualization, Cloud computing, and the Internet of Things weaken information security.

Which of the following set of authentication credentials provides the strongest access control? A password and a security question. A PIN and a smart card. Voice recognition and a fingerprint. All of the combinations of credentials are equally strong.

a PIN and a smart card

border router

a device that connects an organization's information system to the internet

biometric identifier

a physical or behavioral characteristic that is used as an authentication credential

deep packet inspection

a process that examines the data in the body of a TCP packet to control traffic, rather than looking only at the information in the IP and TCP headers

packet filtering

a process that uses various fields in a packet's IP and TCP headers to decide what to do with the packet

exploit

a program designed to take advantage of a known vulnerability

demilitarized zone

a separate network located outside the organization's internal information system that permits controlled access from the internet

Access Control List (ACL)

a set of IF-THEN rules used to determine what to do with arriving packets

Intrusion Detection System (IDS)

a system that creates logs of all network traffic that was permitted to pass the firewall and then analyzes those logs for signs of attempted or successful intrusions

Access Control Matrix

a table used to implement authorization controls

Computer Incident Response Team (CIRT)

a team that is responsible for dealing with major security incidents

Which of the following is a preventive control? a. training b. log analysis c. CIRT d. virtualization

a.

Which of the following techniques is the most effective way for a firewall to use to protect the perimeter? a. deep packet inspection b. packet filtering c. access control list d. All of the above are equally effective.

a.

penetration test

an authorized attempt to break into the organization's information system

The system employs a compatibility test to decide whether to let a particular employee update records in a particular file. The compatibility test is a part of the aspect of access control referred to as . authentication authorization accountability

authorization

vulnerability scanners

automated tools designed to identify whether a given system possesses any unused and unnecessary programs that represent potential security threats

The control procedure designed to restrict what portions of an information system an employee can access and what actions he or she can perform is called . a. authentication b. authorization c. intrusion prevention d. intrusion detection

b

Which of the following combinations of credentials is an example of multifactor authentication? a. voice recognition and a fingerprint reader b. a PIN and an ATM card c. a password and a user ID d. all of the above

b.

Which of the following is a corrective control designed to fix vulnerabilities? a. virtualization b. patch management c. penetration testing d. authorization

b.

Which of the following statements is true? a. The concept of defense-in-depth reflects the fact that security involves the use of a few sophisticated technical controls. b. Information security is necessary for protecting confidentiality, privacy, integrity of processing, and availability of information resources. c. The time-based model of security can be expressed in the following formula: P<D+RP<D+R d. Information security is primarily an IT issue, not a managerial concern.

b.

A weakness that an attacker can take advantage of to either disable or take control of a system is called a(n) . a. exploit b. patch c. vulnerability d. attack

c.

Which of the following is a detective control? a. hardening endpoints b. physical access controls c. penetration testing d. patch management

c.

patch

code released by software developers that fixes a particular vulnerability

endpoints

collective term for the workstations, servers, printers, and other devices that comprise an organization's network

Modifying default configurations to turn off unnecessary programs and features to improve security is called . a. user account management b. defense-in-depth c. vulnerability scanning d. hardening

d.

Which of the following statements is true? a. "Emergency" changes need to be documented once the problem is resolved. b. Changes should be tested in a system separate from the one used to process transactions. c. Change controls are necessary to maintain adequate segregation of duties. d. All of the above are true.

d.

A firewall that uses would be most effective in detecting and stopping an attempt to deface the organization's website by sending an HTML "PUT" command to its web server. static packet filtering stateful packet filtering deep packet inspection

deep packet inspection

Defense in Depth

employing multiple layers of controls to avoid a single point-of-failure

The set of instructions for taking advantage of a flaw in a program is called a(n) . vulnerability patch update exploit

exploit

Vulnerabilities

flaws in programs that can be exploited to either crash the system or take control of it

Time Based Model of Information Security

implementing a combination of controls that protect assets long enough to enable an organization to recognize that an attack is occurring and take steps to thwart it before any information is lost or compromised p>D+R

compatibility test

matching the user's authentication credentials against the access control matrix to determine whether that employee should be allowed to access that resource and perform the requested action

ABC bank wants to strengthen the security of its online bill-pay features. Therefore, it decides that in addition to a password, users must also correctly identify a picture that they have previously chosen to be one of their authentication credentials. This is an example of a process referred to as . multifactor authentication multimodal authentication neither of the above

multimodal authentication

In addition to encryption, organizations should to effectively secure wireless communications. place all wireless access points in the DMZ configure all wireless clients to operate in ad hoc mode do both of the above do none of the above

place all wireless access points in the DMZ

info security procedures protect info integrity by

preventing ficticious transactions

Trust Services Framework

principle of integrity is achieved when system produces data that is complete accurate and valid principle that states info should be protected from unauthorized disclosure is privacy

internet protocol

protocol specifies the route of packets sent over internet to get them to right destination

internet of things

refers to the embedding of sensors in a multitude of devices (lights, heating and air conditioning, appliances) so that those devices can now connect to the internet

A company's current password policy requires that passwords be alphanumeric, case-sensitive, and 10 characters long. Which one of the following changes to a company's password policy will increase password strength the most? Require passwords to also include special characters (such as $, &, etc.) Require passwords to be 15 characters long Both of the above changes would have the same effect on password strength

require passwords to be 15 characters long

Virtualization

running multiple systems simultaneously on one physical computer

Firewalls are most effective in reducing the ability of an attacker to . conduct initial reconnaissance research vulnerabilities and exploits scan and map the target all of the above are prevented by firewalls none of the above are prevented by firewalls

scan and map the target

transmission control protocol

sequencing of packets, re routes to the right place

Intrusion Prevention System (IPS)

software or hardware that monitors patterns in the traffic flow to identify and automatically block attacks

routers

special purpose devices that are designed to read the source and destination address fields in IP packet headers to decide where to send (route) the packet next

reconnaissance

steps criminals take to study target's physical layout to learn about controls it has in place

change control and change management

the formal process used to ensure that modifications to hardware, software, or processes do not reduce systems reliability

log analysis

the process of examining logs to identify evidence of possible attacks

hardening

the process of modifying the default configuration of endpoints to eliminate unnecessary settings and services

Patch Management

the process of regularly applying patches and updates to software

authorization

the process of restricting access of authenticated users to specific portions of the system and limiting what actions they are permitted to perform

multimodal authentication

the use of multiple authentication credentials of the same type to achieve a greater level of security

multifactor authentication

the use of two or more types of authentication credentials in conjunction to achieve a greater level of security

Cloud Computing

using a browser to remotely access software, data storage, hardware, and applications

Social Engineering

using deception to obtain unauthorized access to information resources

Authentication

verifying the identity of the person or device attempting to access the system

Security Life Cycle

1. assess threats and select risk response 2. develop and communicate policy 3. acquire and implement solutions 4. monitor performance

firewall

A special-purpose hardware device or software running a general-purpose computer that controls both inbound and outbound communication between the system behind the firewall and other networks.


Ensembles d'études connexes

ILTS Elementary Education (305-Content Test)

View Set

Musculoskeletal Impairments: amputations, contractures, hip fxs/replacement, OA/RA, fibromyalgia, osteoporosis, oncology

View Set

Ch. 10 Managing Employee Motivation & Performance

View Set

COP1220 Quiz 2, COP1220, COP1220 Final

View Set

SOC 101- Chapter 7- Deviance, Crime, & Social Control

View Set