CSC 4220 Final

Intrusion _____ activities finalize the restoration of operations to a normal state and seek to identify the source and method of the intrusion in order to ensure that the same type of attack cannot occur again.

Correction

A(n) _____ scheme is a formal access control methodology used to assign a level of confidentiality to an information asset and thus restrict the number of people who can access it.

Data classification

A passive IDPS response is a definitive action automatically initiated when certain types of alerts are triggered.

False

A(n) monitoring vulnerability scanner is one that listens in on the network and determines vulnerable versions of both server and client software. _____

False

Enticement is the illegal and unethical action of luring an individual into committing a crime to get a conviction. _____

False

Fingerprinting is the organized research of the Internet addresses owned or controlled by a target organization. _____

False

Hardware is often the most valuable asset possessed by an organization, and it is the main target of intentional attacks.

False

In order to keep the Web server inside the internal network, direct all HTTP requests to the internal filtering firewall and configure the internal filtering router/firewall to allow only that device to access the internal Web server. _____

False

In the Information Security field, the terms Policies and Procedures can be used interchangeably.

False

In the context of information security, confidentiality is the right of individuals or groups to protect themselves and their information from unauthorized access.

False

Information denigration refers to pieces of nonprivate data that, when combined, may create information that violates privacy. _____

False

Information has redundancy when it is free from mistakes or errors and it has the value that the end user expects. _______

False

The Digital _____ Copyright Act is the American contribution to an international effort by the World Intellectual Properties Organization (WIPO) to reduce the impact of copyright, trademark, and privacy infringement.

Millennium

__________ has become a widely accepted evaluation standard for training and education related to the security of information systems and is hosted by CNSS.

NSTISSI No. 4011

Which type of security encompasses the protection of voice and data networking components, connections, and content?

Network

In most common implementation models, the content filter has two components: _____.

Rating and filtering

As each information asset is identified, categorized, and classified, a(n) _____ value must be assigned to it.

Relative

In addition to being credited with inventing a substitution cipher, Julius Caesar was associated with an early version of the transposition cipher.

True

Indirect attacks originate from a compromised system or resource that is malfunctioning or working under the control of a threat. _______

True

Information security can begin as a grassroots effort in which systems administrators attempt to improve the security of their systems, often referred to as the bottom-up approach. _______

True

Internet Protocol Security is designed to protect data integrity, user confidentiality, and authenticity at the IP packet level. _____

True

Intrusion detection and prevention systems perform monitoring and analysis of system events and user behaviors.

True

In 2002, Congress passed the Federal Information Security Management Act (FISMA), which mandates that all federal agencies _____.

All of the above

________ of information is the quality or state of being genuine or original, rather than a reproduction or fabrication.

Authenticity

__________ of information is the quality or state of being genuine or original.

Authenticity

In 1993, the first ______ conference was held in Las Vegas. Originally, it was established as a gathering for people interested in information security, including authors, lawyers, government employees, and law enforcement officials.

DEFCON

Digital signatures should be created using processes and products that are based on the _____.

DSS

Payment Card Industry _____ Standards are designed to enhance the security of customers' payment card account data.

Data Security

Information security can be an absolute.

False

Intellectual privacy is recognized as a protected asset in the United States. _____

False

Network security focuses on the protection of physical items, objects, or areas from unauthorized access andmisuse.

False

The history of information security begins with the concept of communications security. ______

False

The role of the project manager—typically an executive such as a chief information officer (CIO) or the vice president of information technology (VP-IT)—in this effort cannot be overstated. _______

False

​Accountability is the matching of an authenticated entity to a list of information assets and corresponding access levels.

False

A(n) _____ is an event that triggers an alarm when no actual attack is in progress.

False attack stimulus

Which of the following is NOT one of the categories recommended for categorizing information assets?

Firmware

The risk management (RM) _____ is the overall structure of the strategic planning and design for the entirety of the organization's RM efforts.

Framework

_____ benchmark and monitor the status of key system files and detect when an intruder creates, modifies, or deletes monitored files.

HIDPSs

In file hashing, a file is read by a special algorithm that uses the value of the bits in the file to compute a single number called the __________ value.

Hash

_____ are decoy systems designed to lure potential attackers away from critical systems.

Honeypots

A(n) _____ works like a burglar alarm in that it detects a violation (some system activities analogous to an opened or broken window) and activates an alarm.

IDPS

_____ is a professional association that focuses on auditing, control, and security. The membership comprises both technical and managerial professionals.

ISACA

The community of interest made up of IT managers and skilled professionals in systems design, programming, networks, and other related disciplines is called ______.

Information Technology Management and Professionals

_____ is the probability that a specific vulnerability within an organization's assets will be successfully attacked.

Likelihood

A(n) _____ IDPS is focused on protecting network information assets.

Network-based

The probability of an unwanted occurrence, such as an adverse event or loss, is known as a(n) _________.

Risk

_____ involves four major undertakings: risk identification, risk analysis, risk evaluation, and risk treatment/control.

Risk Management

RAND Report R-609 was the first widely recognized published document to identify the role of management and policy issues in computer security. ______

True

Steganography is a data hiding method that involves embedding information within other files, such as digital pictures or other images.

True

The Digital Signature Standard established by NIST is used for electronic document authentication by federal information systems. It is based on a variant of the ElGamal algorithm. _____

True

Every organization, whether public or private and regardless of size, has information it wants to protect. ______

True

Exposure factor is the expected percentage of loss that would occur from a particular attack. _____

True

Good firewall rules include denying all data that is not verifiably authentic.

True

Hardware is the physical technology that houses and executes the software, stores and transports the data, and provides interfaces for the entry and removal of information from the system. _______

True

IDPS responses can be classified as active or passive.

True

A threat _____ is an evaluation of the threats to information assets, including a determination of their likelihood of occurrence and potential impact of an attack.

Assessment

Risk _____ is the identification, analysis, and evaluation of risk as initial parts of risk management.

Assessment

You can determine the relative risk for each of the organization's information assets using a process called risk _____, which combines risk identification, risk analysis and risk evaluation.

Assessment

An organizational resource that is being protected is sometimes logical, such as a Web site, software information, or data. Sometimes the resource is physical, such as a person, computer system, hardware, or other tangible object. Either way, the resource is known as a(n) ___________.

Asset

The _____ is a respected professional society that was established in 1947. Today it is "the world's largest educational and scientific computing society.

Association for Computing Machinery

________ enables authorized users—people or computer systems—to access information without interference or obstruction and to receive it in the required format.

Availability

Individuals with authorization and privileges to manage information within the organization are most likely to cause harm or damage _____.

By accident and/or through unintentional negligence

A(n) ________ is a group of individuals who are united by similar interests or values within an organization and who share a common goal of helping the organization to meet its objectives.

Community of interest

Which of the following acts defines and formalizes laws to counter threats from computer-related acts and offenses?

Computer Fraud and Abuse Act of 1986

In an organization, the value of ________ of information is especially high when it involves personal information about employees, customers, or patients.

Confidentiality

A false positive is the failure of an IDPS system to react to an actual attack event.

False

A security clearance is a component of a data classification scheme that assigns a status level to systems to designate the maximum level of classified data that may be stored on them.

False

A(n) intranet ​is a segment of the DMZ where additional authentication and authorization controls are put into place to provide services that are not available to the general public. _____

False

According to the CNSS, networking is "the protection of information and its critical elements." _______

False

All organizations with a router at the boundary between the organization's internal networks and the external service provider will experience improved network performance due to the complexity of the ACLs used to filter the packets.

False

Authentication is a mechanism whereby unverified entities who seek access to a resource provide a label by which they are known to the system. _____

False

The Graham-Leach-Bliley Act is a critical piece of legislation that affects the executive management of publicly traded corporations and public accounting firms. _____

False

There are three general causes of unethical and illegal behavior: _____, Accident, and Intent.

Ignorance

The unauthorized taking of person information with the intent of committing fraud and abuse of a person's financial and personal reputation, purchasing goods and services without authorization, and generally impersonating the victim for illegal or unethical purposes.is known as _____.

Indentity theft

A _____ is a key-dependent, one-way hash function that allows only specific recipients (symmetric key holders) to access the message digest.

MAC

Information about a person's history, background, and attributes that can be used to commit identity theft is known as _____ information.

Personally identifiable

Which of the following was not an identified fundamental problem with ARPANET security?

Phone numbers for access were closely held and distributed on a need-to-know basis

During the early years, information security was a straightforward process composed predominantly of ________ security and simple document classification schemes.

Physical

Using a database of precomputed hashes from sequentially calculated passwords called a(n) _____, an attacker can simply look up a hashed password and read out the text version.

Rainbow table

The first phase of the risk management process is _____.

Risk identification

_____ is the process of identifying all risk, as represented by vulnerabilities, to an organization's information assets and infrastructure, and taking steps to reduce this risk to an acceptable level.

Risk management

In the 1999 study of computer use-ethics, which of the following countries reported the least tolerant attitudes toward misuse of organizational computing resources?

Singapore

Which of the following examines the behavior of individuals as they interact with systems, whether societal systems or information systems?

Social Science

An information system is the entire set of __________, people, procedures, and networks that enable the use of information resources in the organization.

Software, hardware, data (All of the above)

_____ inspection firewalls keep track of each network connection between internal and external systems.

Stateful

A computer is the __________ of an attack when it is used to conduct an attack against another computer.

Subject

A method of encryption that requires the same secret key to encipher and decipher the message is known as _____ encryption.

Symmetric

Kerberos _____ provides tickets to clients who request services.

TGS

A graphical representation of a information security architecture

The McCumber Model

A breach of possession may not always result in a breach of confidentiality.

True

A data custodian works directly with data owners and is responsible for the storage, maintenance, and protection of the information.

True

A fully distributed IDPS control strategy is an IDPS implementation approach in which all control functions are applied at the physical location of each IDPS component.

True

Authentication is the process of validating and verifying an unauthenticated entity's purported identity.

True

Confidentiality ensures that only those with the rights and privileges to access information are able to do so. _______

True

A(n) _____ is a private data network that makes use of the public telecommunication infrastructure, maintaining privacy through the use of a tunneling protocol and security procedures.

VPN

Flaws or weaknesses in an information asset, security procedure, design, or control that can be exploited accidentally or on purpose to breach security are known as _____.

Vulnerabilities

In the TVA worksheet, assets are placed into a matrix with threats and then the exposure of the assets to specific threats is explored by documenting _____.

Vulnerabilities

The famous study entitled "Protection Analysis: Final Report" focused on a project undertaken by ARPA to understand and detect __________ in operating systems security.

Vulnerabilities

A potential weakness in an asset or its defensive control system(s) is known as a(n) ​_________.

Vulnerability

In a _____, assets or threats can be prioritized by identifying criteria with differing levels of importance, assigning a score for each of the criteria, and then summing and ranking those scores.

Weighted table analysis

DES uses a(n) _____-bit block size.

64

_____ is the current federal information processing standard that specifies a cryptographic algorithm used within the U.S. government to protect information in federal agencies that are not a part of the national defense infrastructure.

AES

__________ is a network project that preceded the Internet.

ARPANET

A subject or object's ability to use, manipulate, modify, or affect another subject or object is known as ___________.

Access

Risk _____ is a determination of the extent to which an organization's information assets are exposed to risk.

Analysis

Risk _____ defines the quantity and nature of risk that organizations are willing to accept as they evaluate the trade-offs between perfect security and unlimited accessibility.

Appetite

Laws, policies, and their associated penalties only provide deterrence if which of the following conditions is present?

Caught, penalty, administered (All of the above)

_____ law comprises a wide variety of laws pertaining to relationships among individuals and organizations.

Civil

A server would experience a(n) __________ attack when a hacker compromises it to acquire information via a remote location using a network connection.

Direct

A _____ filtering firewall can react to an emergent event and update or create rules to deal with the event.

Dynamic

Key studies reveal that the overriding factor in leveling the ethical perceptions within a small population is _____.

Education

_____ is the action of luring an individual into committing a crime to get a conviction.

Entrapment

Bit stream methods commonly use algorithm functions like the _____ OR operation.

Exclusive

A single loss _____ is the calculation of the value associated with the most likely loss from an attack.

Expectancy

A technique used to compromise a system is known as a(n) ___________.

Exploit

Understanding the _____ context means understanding the impact of elements such as the business environment, the legal/regulatory/compliance environment, as well as the threat environment.

External

_____ use allows copyrighted materials to be used to support news reporting, teaching, scholarship, and similar activities, if the use is for educational or library purposes, is not for profit, and is not excessive.

Fair

Cost-benefit analyses (CBAs) cannot be calculated after controls have been functioning for a time, as observation over time prevents precision in evaluating the benefits of the safeguard and determining whether it is functioning as intended.

False

Cultural differences can make it difficult to determine what is ethical and not ethical between cultures, except when it comes to the use of computers, where ethics are considered universal.

False

E-mail spoofing involves sending an e-mail message with a harmful attachment.

False

Encryption is the process of converting the ciphertext message back into plaintext so that it can be readily understood. _____

False

Hashing functions require the use of keys.

False

Information has ________ when it is whole, complete, and uncorrupted.

Integrity

Criminal or unethical _____ goes to the state of mind of the individual performing the act.

Intent

Which of the follow is not usually considered a characteristic of information.

Interconnectedness

In 2001, the Council of Europe drafted the European Council Cybercrime Convention, which empowers an international task force to oversee a range of security functions associated with _____ activities.

Internet

"Long arm _____" refers to the long arm of the law reaching across the country or around the world to draw an accused individual into its court systems whenever it can establish jurisdiction.

Jurisdiction

The service within Kerberos that generates and issues session keys is known as _____.

KDC

A _____ is the information used in conjunction with an algorithm to create the ciphertext from the plaintext or derive the plaintext from the ciphertext.

Key

_____ is the entire range of values that can possibly be used to construct an individual key.

Keyspace

_____ is the legal obligation of an entity that extends beyond criminal or contract law.

Liability

The probability that a specific vulnerability within an organization will be attacked by a threat is known as _____.

Likelihood

A computer is the ________ of an attack when it is the entity being targeted.

Object

The ability to detect a target computer's _____ is very valuable to an attacker.

Operating system

Individuals who control, and are therefore ultimately responsible for, the security and use of a particular set of information are known as data __________.

Owners

_____ is a hybrid cryptosystem that combines some of the best available cryptographic algorithms and has become the open-source de facto standard for encryption and authentication of e-mail and file storage applications.

PGP

_____ is an integrated system of software, encryption methodologies, protocols, legal agreements, and third-party services that enables users to communicate securely.

PKI

_____ firewalls examine every incoming packet header and can selectively filter packets based on header information such as destination address, source address, packet type, and other key information.

Packet-filtering

A _____ vulnerability scanner listens in on the network and identifies vulnerable versions of both server and client software.

Passive

More advanced substitution ciphers use two or more alphabets, and are referred to as _____ substitutions.

Polyalphabetic

A frequently overlooked component of an information system, ________ are the written instructions for accomplishing a specific task.

Procedures

_____ law regulates the structure and administration of government agencies and their relationships with citizens, employees, and other governments.

Public

Any event or circumstance that has the potential to adversely affect operations and assets is known as a(n) ​_________.

Threat

After identifying and performing the preliminary classification of an organization's information assets, the analysis phase moves on to an examination of the _____ facing the organization.

Threats

When projects are initiated at the highest levels of an organization and then pushed to all levels, they are said to follow which approach?

Top Down

In _____ mode, the data within an IP packet is encrypted, but the header information is not.

Transport

Risk _____ is the application of security mechanisms to reduce the risks to an organization's data and information systems.

Treatment

When unauthorized individuals or systems can view information, confidentiality is breached. _______

True

Individuals who are assigned the task of managing a particular set of information and coordinating its protection, storage, and use are known as data __________.

Trustees

The _____ defines stiffer penalties for prosecution of terrorism-related activities.

USA PATRIOT Act