CIS2530 Final Ch5,7,9,10

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Ricky is reviewing security logs to independently assess security controls. Which security review process is Ricky engaging in?

Audit

A packet-filtering firewall remembers information about the status of a network communication.

False

A physical courier delivering an asymmetric key is an example of in-band key exchange.

False

User-based permission levels limit a person to executing certain functions and often enforces mutual exclusivity.

False

Gary is sending a message to Patricia. He wants to ensure that nobody tampers with the message while it is in transit. What goal of cryptography is Gary attempting to achieve?

Integrity

What firewall approach is shown in the figure?

Screened subnet

After audit activities are completed, auditors perform data analysis.

True

An SOC 1 report is commonly implemented for organizations that must comply with Sarbanes-Oxley (SOX) or the Gramm-Leach-Bliley Act (GLBA).

True

Single sign-on (SSO) can provide for stronger passwords because with only one password to remember, users are generally willing to use stronger passwords

True

What is NOT an effective key distribution method for plaintext encryption keys?

Unencrypted email

Which one of the following is NOT a commonly accepted best practice for password security?

Use at least six alphanumeric characters.

An SOC 1 report primarily focuses on security.

False

Cryptographic key distribution is typically done by phone.

False

Regarding security controls, the four most common permission levels are poor, permissive, prudent, and paranoid.

False

When should an organization's managers have an opportunity to respond to the findings in an audit?

Managers should include their responses to the draft audit report in the final audit report.

Common methods used to identify a user to a system include username, smart card, and biometrics.

True

TCP/IP is a suite of protocols that operates at both the Network and Transport layers of the OSI Reference Model.

True

During which phase of the access control process does the system answer the question,"What can the requestor access?"

Authorization

Alice would like to send a message to Bob securely and wishes to encrypt the contents of the message. What key does she use to encrypt this message?

Bob's public key

Karen would like to use a wireless authentication technology similar to that found in hotels where users are redirected to a webpage when they connect to the network. What technology should she deploy?

Captive portal

Data loss prevention (DLP) uses business rules to classify sensitive information to prevent unauthorized end users from sharing it.

True

Alan is evaluating different biometric systems and is concerned that users might not want to subject themselves to retinal scans due to privacy concerns. Which characteristic of a biometric system is he considering?

Acceptability

Bob received a message from Alice that contains a digital signature. What cryptographic key does Bob use to verify the digital signature?

Alice's public key

Which one of the following is an example of a logical access control?

Password

The three main categories of network security risk are reconnaissance, eavesdropping, and denial of service.

True

Which audit data collection method helps ensure that the information-gathering process covers all relevant areas?

Checklist

Implicit deny is when firewalls look at message addresses to determine whether a message is being sent around an unending loop.

False

In a known-plaintext attack (KPA), the cryptanalyst has access only to a segment of encrypted data, and has no choice as to what that data might be.

False

Internet Control Message Protocol (ICMP) is a method of IP address assignment that uses an alternate, public IP address to hide a system's real IP address.

False

The Transport Layer of the OSI Reference Model creates, maintains, and disconnects communications that take place between processes over the network

False

The term certificate authority (CA) refers to a trusted repository of all public keys.

False

An algorithm is a repeatable process that produces the same result when it receives the same input.

True

During an audit, an auditor compares the current setting of a computer or device with a benchmark to help identify differences.

True

The Diffie-Hellman (DHE) algorithm is the basis for several common key exchange protocols, including Diffie-Hellman in Ephemeral mode (DHE) and Elliptic Curve DHE (ECDHE).

True

The Physical Layer of the OSI Reference Model must translate the binary ones and zeros of computer language into the language of the transport medium.

True

The term "router" describes a device that connects two or more networks and selectively interchanges packets of data between them.

True

The ___________ is the central part of a computing environment's hardware, software, and firmware that enforces access control.

security kernel

An auditing benchmark is the standard by which a system is compared to determine whether it is securely configured.

True

An example of a threat to access control is in a peer-to-peer (P2P) arrangement in which users share their My Documents folder with each other by accident.

True

Betty receives a cipher text message from her colleague Tim. What type of function does Betty need to use to read the plaintext message?

Decryption

The four main types of logs that you need to keep to support security auditing include event, access, user, and security.

False

Which of the following is an example of a hardware security control?

MAC filtering

What type of network connects systems over the largest geographic area?

Wide area network (WAN)

What is the maximum value for any octet in an IPv4 IP address?

255

Henry's last firewall rule must allow inbound access to a Windows Terminal Server. What port must he allow?

3389

Product cipher is an encryption algorithm that has no corresponding decryption algorithm.

False

Regarding log monitoring, false negatives are alerts that seem malicious but are not real security events.

False

The number of failed logon attempts that trigger an account action is called an audit logon event

False

David would like to connect a fibre channel storage device to systems over a standard data network. What protocol can he use?

Fibre Channel over Ethernet (FCoE)

What type of function generates the unique value that corresponds to the contents of a message and is used to create a digital signature?`

Hash

Which one of the following is NOT an advantage of biometric systems?

Physical characteristics may change.

What is an XML-based open standard for exchanging authentication and authorization information and is commonly used for web applications?

Security Assertion Markup Language (SAML)

Bob has a high-volume virtual private network (VPN). He would like to use a device that would best handle the required processing power. What type of device should he use?

VPN concentrator

DIAMETER is a research and development project funded by the European Commission.

False

Fran is conducting a security test of a new application. She does not have any access to the source code or other details of the application she is testing. What type of test is Fran conducting?

Black-box test

Isaac is responsible for performing log reviews for his organization in an attempt to identify security issues. He has a massive amount of data to review. What type of tool would best assist him with this work?

Security information and event management (SIEM)

Fingerprints, palm prints, and retina scans are types of biometrics.

True

Curtis is conducting an audit of an identity management system. Which question is NOT likely to be in the scope of his audit?

Does the firewall properly block unsolicited network connection attempts?

A salt value is a set of random characters you can combine with an actual input key to create the encryption key.

True

In a chosen-ciphertext attack, cryptanalysts submit data coded with the same cipher and key they are trying to break to the decryption device to see either the plaintext output or the effect the decrypted message has on some system.

True


Ensembles d'études connexes

How to interview to get that job!

View Set

Tigers in the Wild/Tigers Next Door

View Set

CompTIA A+ Core 2 Module 5 Questions

View Set

Salesforce Development Lifecycle & Deployment Designer

View Set