Final Study Guide
Which of the following wide area network (WAN) types is the most secure and gives a subscriber exclusive access to all bandwidth?
A persistent connection between two nodes that allows bidirectional communication as if the connection were a direct connection with both nodes in the same network
Match each of the following potential "Advantages of Cloud Computing" to its definition: Agility
Cloud computing allows new systems to be deployed quickly.
Which type of control only reports that a violation has occurred??
Detective
________ means the ongoing attention and care an organization places on security and compliance.
Due diligence
Which of the following devices repeats input received to all ports?
Hub
Which department should take the lead in User Domain compliance accountability?
Human resources
Which of the following is the process of verifying credentials of a specific user?
Identification
Match each term with its definition: CLOUD SERVICE TERMINATION OR FAILURE
If the cloud provider faces the risk of going out of business due to financial, legal, or other reasons, the customer could suffer from loss or deterioration of service delivery performance and quality of service; as well as loss of investment.
Which of the following best describes the purpose of auditing?
It verifies that systems are operating in compliance
Which of the following controls would comply with the directive to limit access to payroll data to computers in the HR department?
Media Access Control - based authorization
When using DAC, a subject must possess sufficient clearance as well as ________ to access an object.
Need to know
In one step of a penetration test, detailed information is collected about each node. Testers identify open and active ports, and can query open ports to determine which services are running on a selected node. This is:
Scanning and enumeration
Which of the following terms ensures at least two people must perform a series of actions to complete a task?
Separation of duties
Match each term with its definition: LOCK-IN
The potential dependency on a particular cloud provider, depending on the provider's commitments, may lead to a catastrophic business failure, should the cloud provider go bankrupt or the content and application migration path to another provider become too costly. There is little or no incentive for cloud providers to make migrating to another provider easy if they are not contractually bound to do so.
True or False. Discretionary access control is based on roles and granted permissions.
True
True or False. Even the newest wireless protocols are slower than using high-quality physical cable.
True
True or False. You should back up LAN device configuration settings as part of a LAN backup.
True
The SPECIFIC type of cyber security process that takes note of the normal conduct of users and in turn, detects any anomalous behavior or instances when there are deviations from these "normal" patterns.
UEBA
What are data classifications used by the U.S. government?
Unclassified, Confidential, Secret, and Top Secret
In the computing industry, what does the term "in the clear" refer to?
Unencrypted data
A software program that attaches itself to, or copies itself into, another program for the purpose of causing the computer to follow instructions that were not intended by the original program developer is known as a:
Virus
Some attackers use the process of ________ to find modems that may be used to attack a computer.
War dialing
A nonintrusive penetration test ____________.
only validates the existence of a vulnerability
Most firewall rules are based on static attributes. They are not effective at protecting a network from all types of attacks, such as a distributed denial of service (DDoS) attack from a trusted server that was compromised. What can be used to help firewalls do a better job?
Intrusion detection system (IDS)/intrusion prevention system (IPS)
Of the following, what is the best method of reducing the success of fingerprinting attacks on computers?
Keep the operating system patched and up to date.
Remote Access Domain server components also generally reside in the ___________, even though they still belong to the Remote Access Domain.
LAN-to-WAN Domain
Match each of the following potential "Advantages of Cloud Computing" to its definition: Reliability
Large service providers, hosted in data centers with multiple redundant systems including power generators or batteries, network connectivity, data backup, server failovers, fire prevention, flood prevention, and physical security.
Which of the following terms defines a strategy in which you grant access that allows a user to complete assigned tasks and nothing else?
Least privilege
A(n) ________ is a dedicated computer on a LAN that runs network management software.
Network monitoring platform (NMP)
The hardware devices that connect other devices and computers using connection media are known as:
Networking devices
Match each of the following potential "Advantages of Cloud Computing" to its definition: Reduced costs
No need to buy computing infrastructure, pay only for software, processing, and storage that you use. Employees can use thin clients rather than expensive stand-alone PCs.
Which of the following is a series of individual tasks that users accomplish to comply with one or more goals?
Procedure
What are the types of malware? (Select two.)
Programs that actively spread or infect and programs that hide
Which of the following is a type of firewall that makes requests for remote services on the behalf of local clients?
Proxy server
Which access control method is based on granting permissions?
RBAC
Match each of the correlation patterns to what it might describe: Non-admin account creation followed by privilege escalation.
This isn't the typical user administration path, i.e. non-admin accounts don't generally get their privileges escalated to admin or some other advanced user status.
Which of the following would be the best use for a packet sniffer?
To analyze packet contents for known inappropriate traffic
As discussed in class, when you have a wired LAN and a wireless capability the placement of a firewall for protection of wireless networks must be done in a specific manner. Which of the of following statements is NOT correct:
To save money, the internet firewall and wireless firewall functions should be covered by a single "next generation" firewall resulting in no loss of security
Match each of the following potential "Advantages of Cloud Computing" to its definition: Data loss
Using cloud computing reduces the chances of losing confidential data. If a laptop is stolen no data is lost. All data is stored in the cloud and accessed by a secure connection.
Which of the following wide area network (WAN) types is very inexpensive but performance and stability depend on the user's Internet connection?
VPN over Internet
Why is mapping a LAN a productive exercise?
Visual maps help in understanding your LAN design.
A free popular network sniffer that PASSIVELY captures packets in network traffic but does NOT block or filter out packets is:
Wireshark
A ________ is a type of malware that is a self-contained program that replicates and sends copies of itself to other computers.
Worm
Match each of the following potential "Advantages of Cloud Computing" to its definition: Scalability
You only pay for what you use and additional resources are allocated dynamically. A company's computing resources are always "right-sized."
Match each term with its definition: SUPPLY CHAIN FAILURE
A cloud computing provider can outsource certain specialized tasks of its infrastructureto third parties. In such a situation, the cloud provider's level of security may depend on the level of security of each one of the links and the level of dependency of the cloud provider on the third party. In general, lack of transparency in the contract can be a problem for the whole system.
What is a metro Ethernet?
A hybrid network that uses Ethernet in a metropolitan area network (MAN)
What is meant by wide area network (WAN) optimizer?
A network device or software that can analyze current WAN performance and then modify how new traffic is sent across the WAN
Which of the following types of policies defines prohibited actions?
Acceptable use policy
Regarding system access controls in the Workstation Domain, what is meant by the term "subject"?
A user or principle object that requests to access a file, folder, or other resource.
How can some smart routers attempt to stop a DoS attack in progress?
They can terminate any connections with the source of the attack.
All of the following are security improvements in WPA-3 EXCEPT:
Actually, all of the above are improvements that come with WPA-3 (Brute Force Protection, Public Network Privacy, Securing the Internet of Things, Strengthened 192-bit encryption)
In Lecture we discusses the impetus for change and the "Digital Transformation". Which of the following are includes in these forces for change?
All of the above (Big Data, Analytics, Rising Risk, System Administration Automation, Resource Gap)
Which of the following best describes the WAN Domain?
An IT domain that covers the equipment and activities outside of the LAN and beyond the LAN-to-WAN Domain
A rogue Access Point is:
An access point that has been installed on a secure network without explicit authorization from a local network administrator
Match each of the correlation patterns to what it might describe: Exploit against DMZ system followed by a configuration change on same system.
An attacker has gained access to a system and altered.
Match each of the following potential "Advantages of Cloud Computing" to its definition: Accessibility
As long as a client has access to the Internet it can access all applications, data, and services
Which of the following is the process of providing additional private credentials that match the user ID or username?
Authentication
A successful DoS attack violates the ________ property of C-I-A.
Availability
Match each of the correlation patterns to what it might describe: A host on your network begins attacking or probing other hosts on the network.
This could be an indication that the source host is infected with a worm/trojan/malware/etc. You can use firewall logs to determine this
Match each of the correlation patterns to what it might describe: Exploit against DMZ system followed by outbound connection (the classic!).
This could be indicative of a bot infection.
Match each of the correlation patterns to what it might describe: Lots of Web 404s, 401s, 500 and other Web error codes within a few minutes.
This could be indicative of your Web server or applications not functioning properly to various causes.
The term ________ defines the components, including people, information, and conditions, that support business objectives.
Business drivers
Match each term with its definition: LOSS OF GOVERNANCE
By using cloud infrastructures, the client necessarily cedes control to the cloud provider on a number of issues that may affect security. This could have a severe impact on the organization's strategy and therefore on the capacity to meet its mission and goals. The loss of control and governance could lead to the impossibility of complying with the security requirements, a lack of confidentiality, integrity and availability of data, and a deterioration of performance and quality of service, not to mention the introduction of compliance challenges.
Match each term with its definition: COMPLIANCE CHALLENGES
Certain companies migrating to the cloud might need to meet certain industry standards or regulatory requirements, such as Payment Card Industry (PCI) Data Security Standard (DSS). Migrating to the cloud could compromise these business needs if the cloud provider cannot furnish evidence of its own compliance to the relevant requirements or if the provider does not permit audits by the customer.
Match each of the following potential "Advantages of Cloud Computing" to its definition: Disaster recovery
Cloud computing offers off-site data storage and online applications. In the event of a disaster, no critical systems or data would be lost. Time to recovery would be minimal.
Which type of agreement can protect the ability to file a patent application?
Confidentiality agreement
Why is LAN device configuration control important?
Configuration control can detect changes an attacker might have made to allow harmful traffic in a LAN.
Which of the following is NOT a common method of maximizing C-I-A in the LAN-to-WAN Domain?
Configure a single ISP connection.
With respect to the Remote Access Domain, most compliance concerns focus on ________.
Data privacy
The components of Data Science Inlcude:
Data, Model, Problem
Which of the following choices protect your system from users transferring private data files from a server to a workstation? (Select two.)
Deliver current security policy training and place access control to prohibit inappropriate actions
Where must sensitive information be encrypted to ensure its confidentiality? (Select two.)
During transmission over the network and as it is stored on disk
Weaknesses of Intrusion Detection Systems include all of the following EXCEPT:
Enables you to detect malicious traffic and ensure IT personnel are notified when an attack or network intrusion might be taking place
True or False. A LAN is a network that generally spans several city blocks.
False
True or False. A confidentiality agreement sets the expectations of each employee and sets job performance standards.
False
True or False. A local resource is any resource connected to the local LAN.
False
True or False. CI DSS allows merchants to store the CVV number.
False
The term FCAPS represents the focal tasks necessary to effectively manage a network. What do F and C stand for?
Fault, Configuration
________ cabling provides excellent protection from interference but can be expensive.
Fiber optic
When comparing Network Intrusion Detection/Prevention Systems and Firewalls, which of the following are TRUE?
Firewalls and Network Intrustion Detection/Prevention Systems perform complementary functions
Which security-related act requires organizations to protect all personal medical information?
HIPAA
Although trust in the cloud and adoption has taken off over the past few years, the following list of items are all common "cloud computing challenges" except:
Inadequate computing power
Of the following, what is the best method of maximizing availability in the Workstation Domain?
Install an uninterruptible power supply (UPS)
The ________ property of the C-I-A triad provides the assurance the information cannot be changed by unauthorized users.
Integrity
he two main types of attacks that may originate from within an organization are internal attacks on the organization and _______________.
Internal-to-external attacks on another organization
In one step of a penetration test, as much information as possible is collected about the target environment. At this stage, the attacker is collecting both technical and nontechnical information. Both types of information can help the attacker determine how the organization operates, where it operates, and which characteristics the organization and its customers' value. This is:
Reconnaissance
Match each term with its definition: LOSS OF BUSINESS REPUTATION DUE TO CO-TENANT ACTIVITIES
Resource sharing can give rise to problems when the shared resources' reputation becomes tainted by a bad neighbor's activities. This would also include that certain measures be taken to mitigate, such as IP address blocking and equipment confiscation.
Using a RACI matrix, which attribute refers to the party that actually carries out the work?
Responsible
Which LAN device commonly has the ability to filter packets and deny traffic based on the destination address?
Router
Within the LAN-to-WAN Domain, what connects two or more separate networks?
Router
You want to configure devices to send an alert to the network manager when remote users connect to your network. Which protocol is the best choice for monitoring network devices?
Simple Network Management Protocol (SNMP)
What is a packet sniffer?
Software that intercepts and copies traffic passing over a digital network
What is meant by networking services software?
Software that provides connection and communication services for users and devices
The three main concerns when selecting a wide area network (WAN) provider are cost, speed, and ____________.
Stability
Which of the following is a collection of requirements the users must meet?
Standard
There are three main strategies for encrypting data to send to remote users. One strategy does not require any application intervention or changes at all; the connection with the remote user handles the encryption. This is:
System connection encryption
Match each term with its definition: CLOUD PROVIDER ACQUISITION
The acquisition of the cloud provider could increase the possibility of a strategic change and could put previous agreements at risk. This could make it impossible to comply with existing security requirements. The final impact could be damaging for crucial assets, such as the organization reputation, customer or patient trust, and employee loyalty and experience.
Which of the following best describes connection media?
The adapters and wires, or wireless media, that connect components together in the LAN Domain
What condition must exist for a background check to be governed by FCRA?
The investigation is performed by a third party
Which of the following best describes footprinting?
The process of determining the operating system and version of a network node