Cyber Final Multiple Choice

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

_______ is a list that contains the combinations of cryptographic algorithms supported by the client.

. CipherSuite

In a _______ attack the attacker creates a series of DNS requests containing the spoofed source address for the target system.

. DNS amplification

The ______ is responsible for transferring the message from the MHS to the MS.

. MDA

_______ controls focus on security policies, planning,guidelines, and standards that influence the selection of operational and technical controls to reduce the risk of loss and to protect the organization's mission.

. Management

A multilevel secure system for confidentiality must enforce:

. all of the above

The most common technique for using an appropriate synchronization mechanism to serialize the accesses to prevent errors is to acquire a _______ on the shared file, ensuring that each process has appropriate access in turn.

. lock

A _______ is conducted to determine the adequacy of system controls, ensure compliance with established security policy and procedures, detect breaches in security services, and recommend any changes that are indicated for countermeasures.

. security audit

TCP uses the _______ to establish a connection.

. three-way handshake

_______ are ways for an awareness program to promote the security message to employees.

All of the above

_______ is a benefit of security awareness, training, and education programs to organizations.

All of the above

_______ bandwidth attacks attempt to take advantage of the disproportionally large resource consumption at a server.

Application-based

_________ audit trails may be used to detect security violations within an application or to detect flaws in the application's interaction with the system.

Application-level

________ is a process that ensures a system is developed and operated as intended by the system's security policy.

Assurance

_________ is a formal process to ensure that critical assets are sufficiently protected in acost-effective manner.

B. IT security management

_______ is the process whereby a user first makes itself known to a CA prior to that CA issuing a certificate or certificates for that user.

Certification

The _________ Model was developed for commercial applications in which conflicts of interest can arise.

Clark-Wilson Integrity

________ is when a new document consolidates information from a range of sources and levels so that some of that information is now classified at a higher level than it was originally.

Classification creep

CERT stands for ___________.

Computer Emergency Response Team

________ can include computer viruses, Trojan horse programs, worms, exploit scripts,and tool kits.

Computer Emergency Response Team

Kerberos uses the_______ encryption algorithm.

DES

The ______ attacks the ability of a network server to respond to TCP connection requests by overflowing the tables used to manage such connections.

DNS amplification attack

_________ identifies the level of auditing, enumerates thetypes of auditable events, and identifies the minimum set of audit-related information provided.

Data generation

________ controls focus on the response to a security breach, by warning of violations or attempted violations of security policies.

Detection and recovery

The wireless environment lends itself to a ______ attack because it is so easy for the attacker to direct multiple wireless messages at the target.

DoS

_________ are a collection of string values inherited by each process from its parent that can affect the way a running process behaves.

Environment variables

________ need training on the development of risk management goals, means of measurement, and the need to lead by example in the area of security awareness.

Executives

________ is a process where authentication and permission will be passed on from one system to another, usually across multiple enterprises, reducing the number of authentications needed by the user.

Federation

_________ is a program flaw that occurs when program input data can accidentally or deliberately influence the flow of execution of the program.

Injection attack

One of the earliest and most widely used services is _________.

Kerberos

________ requires that a user prove his or her identity for each service invoked and,optionally, requires servers to prove their identity to clients.

Kerberos

____ defines a number of content formats, which standardize representations for the support of multimedia e-mail.

MIME

The unit of data exchanged between two peer MAC entities using the services of the physical layer is a(n) ____________.

MPDU

At its most fundamental level the Internet mail architecture consists of a user world in the form of _________.

MUA

______ relates to the capacity of the network links connecting a server to the wider Internet.

Network Bandwith

Blocking assignment of form field values to global variables is one of the defenses available to prevent a __________ attack.

PHP remote code injection

__________ attacks are vulnerabilities involving the inclusion of script code in the HTML content of a Web page displayed by a user's browser.

PHP remote code injection Cross-site scripting

A ______ triggers a bug in the system's network handling software causing it to crash and the system can no longer communicate over the network until this software is reloaded.

Poison Packet

"Improper Access Control (Authorization)" is in the _________ software error category.

Porous Defenses

A _______ is a generic term used to denote any method for storing certificates and CRLs so that they can be retrieved by end entities.

RA

The final form of the 802.11i standard is referred to as ________.

RSN

"Incorrect Calculation of Buffer Size" is in the __________ software error category.

Risky Resource Management

______ software is a centralized logging software package similar to, but much more complex than, syslog.

SIEM

_______ is a text-based protocol with a syntax similar to that of HTTP.

SIP

_______ is a minimal set of conventions for invoking code using XML over HTTP that enables applications to request services from one another with XML-based requests and receive responses as data formatted with XML.

SOAP

It is possible to specifically defend against the ______ by using a modified version of the TCP connection handling code.

SYN spoofing attack

In both direct flooding attacks and ______ the use of spoofed source addresses results in response packets being scattered across the Internet and thus detectable.

SYN spoofing attacks

__________ data are data that may be derived from corporate data but that cannot be used to discover the corporation's identity.

Sanitized

________ is explicitly required for all employees.

Security awareness

_______ controls are pervasive, generic, underlying technical IT security capabilities that are interrelated with, and used by, many other controls.

Supportive

___________ scan critical system files, directories, and services to ensure they have not been changed without proper authorization.

System integrity verification tools

_________ audit trails are generally used to monitor and optimize system performance.

System-level

The _______ is a hardware module that is at the heart of a hardware/software approach to trusted computing.

TPM

______ is the identification of data that exceed a particular baseline value.

Thresholding

________ is the process of receiving, initial sorting, and prioritizing of information to facilitate its appropriate handling.

Triage

_________ is assurance that a system deserves to be trusted such that the trust can be guaranteed in some convincing way such as through formal analysis or code review.

Trustworthiness

In order to accelerate the introduction of strong security into WLANs the Wi-Fi Alliance promulgated ________, a set of security mechanisms that eliminates most 802.11 security issues, as a Wi-Fi standard.

WPA

_______ certificates are used in most network security applications, including IP security,secure sockets layer, secure electronic transactions, and S/MIME.

X.509

_____ is a markup language that uses sets of embedded tags or labels to characterize text elements within a document so as to indicate their appearance, function, meaning, or context.

XML

The most common variant of injecting malicious script content into pages returned to users by the targeted sites is the _________ vulnerability.

XSS reflection

A(n) __________ is any entity that has station functionality and provides access to the distribution system via the wireless medium for associated stations.

access point

Security awareness, training, and education programs can serve as a deterrent to fraud and actions by disgruntled employees by increasing employees' knowledge of their ________and of potential penalties.

accountability

System conditions requiring immediate attention is a(n) _______ severity.

alert

A benefit of IPsec is __________.

all of the above

A capability set up for the purpose of assisting in responding to computer security-related incidents that involve sites within a defined constituency is called a ______.

all of the above

A wireless access point is a _______.

all of the above

A wireless client can be _______.

all of the above

An IT security ________ helps to reduce risks.

all of the above

An IT security plan should include details of _________.

all of the above

Data items to capture for a security audit trail include:

all of the above

From a security point of view, which of the following actions should be done upon the termination of an employee?

all of the above

IPsec can assure that _________.

all of the above

Security auditing can:

all of the above

The follow-up stage of the management process includes _________.

all of the above

The ________ access mode allows the subject only write access to the object.

append

The ________ is a module that transmits the audit trail records from its local system to the centralized audit trail collector.

audit dispatcher

The ________ is a module on a centralized system that collects audit trail records from other systems and creates a combined audit trail.

audit trail collector

A characteristic of reflection attacks is the lack of _______ traffic.

backscatter

The objective of the ________ control category is to counteract interruptions to business activities and to protect critical business processes from the effects of major failures of information systems or disasters and to ensure their timely resumption.

business continuity management

The ________ is the government agency that monitors the evaluation process.

certifier

The specification of a protocol, along with the chosen key length, is known as a ___.

cipher suite

A _______ is a collection of requirements that share a common focus or intent.

class

A _______ attack is where the input includes code that is then executed by the attacked system.

code injection

A _________ attack occurs when the input is used in the construction of a command that is subsequently executed by the system with the privileges of the Web server.

command injection

A _______ policy states that the company may access, monitor, intercept, block access,inspect, copy, disclose, use, destroy, or recover using computer forensics any data covered by this policy.

company rights

The objective of the ________ control category is to avoid breaches of any law, statutory,regulatory, or contractual obligations, and of any security requirements.

compliance

Management should conduct a ________ to identify those controls that are most appropriate and provide the greatest benefit to the organization given the available resources.

cost-benefit analysis

The result of S/MIME encrypting the digest using DSS and the sender's private DSS key is the ________.

digital signature

To protect the data, either the signature alone or the signature plus the message are mapped into printable ASCII characters using a scheme known as ________ or base 64 mapping.

digital signature

A _______ policy states that violation of this policy may result in immediate termination of employment or other discipline deemed appropriate by the company.

disciplinary action

A system used to interconnect a set of basic service sets and LANs to create an extended service set is a _________.

distribution system

The function of the ________ layer is to control access tothe transmission medium and to provide an orderly and efficient use of that capacity.

distribution system

"An individual (or role) may grant to another individual (or role) access to a document based on the owner's discretion, constrained by the MAC rules" describes the _________.A. ss-property B. ds-property

ds-property

With _________ the linking to shared library routines is deferred until load time so that if changes are made any program that references the library is unaffected.

dynamically linked shared libraries

The _________ level focuses on developing the ability and vision to perform complex,multidisciplinary activities and the skills needed to further the IT security profession and to keep pace with threat and technology changes.

education and experience

Severe messages, such as immediate system shutdown, is a(n) _____ severity.

emerg

In the case of ________ only the digital signature is encoded using base 64.

enveloped data

The ________ function consists of encrypted content o fany type and encrypted-content encryption keys for one or more recipients.

enveloped data

The _________ is logic embedded into the software of the system that monitors system activity and detects security-related events that it has been configured to detect.

event discriminator

The intent of ________ is to determine whether the program or function correctly handles all abnormal inputs or whether it crashes or otherwise fails to respond appropriately.

fuzzing

The most complex part of TLS is the __________.

handshake protocol

When a DoS attack is detected, the first step is to _______.

identify the attack

Incorrect handling of program _______ is one of the most common failings in software security.

input

A contingency plan for systems critical to a large organization would be _________ than that for a small business.

larger, more detailed

The ________ accepts the message submitted by a message user agent and enforces the policies of the hosting domain and the requirements of Internet standards.

mail submission agent

Periodically reviewing controls to verify that they still function as intended, upgrading controls when new requirements are discovered, ensuring that changes to systems do not adversely affect the controls, and ensuring new threats or vulnerabilities have not become known are all ________ tasks.

maintenance

Maintenance of security controls, security compliance checking, change and configuration management, and incident handling are all included in the follow-up stage of the _________process.

management

A stead reduction in memory available on the heap to the point where it is completely exhausted is known as a ________.

memory leak

An example of a(n) __________ attack is one in which bogus reconfiguration commands are used to affect routers and switches to degrade network performance.

network injection

Windows allows the system user to enable auditing in _______ different categories.

nine

The _______ consists of two dates: the first and last on which the certificate is valid.

period of validity

A ________ is a secret key shared by the AP and a STA and installed in some fashion outside the scope of IEEE 802.11i.

pre-shared key

The MPDU exchange for distributing pairwise keys is known as the _______.

pre-shared key

The smallest building block of a wireless LAN is a ______.

pre-shared key

______ is the recommended technique for wireless network security.

pre-shared key

The _______ field in the outer IP header indicates whether the association is an AH or ESP security association.

protocol identifier

Modifying the system's TCP/IP network code to selectively drop an entry for an incomplete connection from the TCP connections table when it overflows, allowing a new connection attempt to proceed is _______.

random drop

A ________ is a pattern composed of a sequence of characters that describe allowable input variants.

regular expression

Defensive programming is sometimes referred to as _________.

secure programming

The _______ category is a transitional stage between awareness and training.

security basics and literacy

The ________ control the manner by which a subject may access an object.

security classes

Security classes are referred to as __________.

security levels

The implementation process is typically monitored by the organizational ______.

security officer

An integer value unique within the issuing CA that is unambiguously associated with the certificate is the ________.

serial number

Using forged source addresses is known as _________.

source address spoofing

Bots starting from a given HTTP link and then following all links on the provided Website in a recursive way is called _______.

spidering

______ attempts to monopolize all of the available request handling threads on the Webserver by sending HTTP requests that never complete.

spidering

Identification and authentication is part of the _______ class of security controls.

technical

The basic tool that permits widespread use of S/MIME is ________.

the public-key certificate

ESP supports two modes of use: transport and _________.

tunnel

The _______ access mode allows the subject both read and write access to the object.

write


Ensembles d'études connexes

280 - module 2 multiple choice - fixed

View Set

Implement Microsoft VPN Services Part Two

View Set

Essentials of Pediatric Nursing - Chapter 28

View Set

The Crucible act one questions and answers

View Set

AP Psychology Multiple Choice Questions

View Set