Fundamentals of Information Security

GLBA

"Graham-Leach-Bliley Act" (Financial Services Modernization Act of 1999) repealed a 1933 law that barred the consolidation of financial institutions and insurance companies. Included within GLBA are multiple sections relating to the PRIVACY of financial information. Companies must provide written notice to consumers of their privacy rights and explain the company's procedures for safeguarding data.

Bell-LaPadula Model

A combination of DAC and MAC, primarily concerned with the confidentiality of the resource. Two security properties define how information can flow to and from the resource: the simple security property and the * property (Can't read higher & can't write lower)

Technical Obsolescence

A product becomes technically obsolete when it is replaced by a better product with more advanced technology.

SSH FTP (SFTP)

A secure version of the File Transfer Protocol that uses a Secure Shell (SSH) tunnel as an encryption method to transfer, access, and manage files.

Honeypots

A seemingly tempting, but bogus target meant to draw hacking attempts. By monitoring infiltration attempts against a honeypot, organizations may gain insight into the identity of hackers and their techniques, and they can share this with partners and law enforcement.

confused deputy problem

A type of attack that is common in systems that use ACLs rather than capabilities. The crux of the confused deputy problem is seen when the software with access to a resource has a greater level of permission to access the resource than the user who is controlling the software. If we, as the user, can trick the software into misusing its greater level of authority, we can potentially carry out an attack

Optical Media

A type of media used to store data which is read by a laser such as a CD or a DVD.

Fuzzer

A type of tool that works by bombarding our applications with all manner of data and inputs from a wide variety of sources, in the hope that we can cause the application to fail or to perform in unexpected ways

Limit user account privileges.

A user runs an application that has been infected with malware that is less than 24 hours old. The malware then infects the operating system. Which safeguard should be implemented to prevent this type of attack?

Vulnerabilities

A weakness that a threat event or the threat agent can take advantage of:

Which form of access control uses CAPTCHAs? A. Attribute base access control. B. Rule based access control. C. Media access control. D. discretionary, access, control

A. Attribute based access control.

What act deals with the online privacy of minors under 13? A. COPPA B. FERPA C. GLBA D. FISMA

A. COPPA

What are two common types of access control list (ACLs)? Choose two answers. A. Filesystem. B. Allow. C. Net work. D. Deny. E. Database system.

A. File system. C. Net work.

What are 3 forms of authentication? A. Four-digit PIN number B. Text of 6-digit number to phone C. Phone number D. Fingerprint E. Account Number F. Username

A. Four-digit PIN number B. Text of 6-digit number to phone D. Fingerprint

Which type of attack category is an attack against confidentiality? A. Interception B. Modification C. Fabrication D. Interruption

A. Interception

Which two types of compliances are laws? A. Privacy Act B. GDPR C. HIPAA D. Least privilege

A. Privacy Act C. HIPAA

Which 2 attributes are included in the concept of risk? Choose 2 answers A. Threats B. Frequency C. Vulnerabilities D. Impacts

A. Threats C. Vulnerabilities

An Example of Symmetric

AES

What is an example of symmetric key encryption?

AES

Clickjacking

An attack that tricks users into clicking something other than what they think they're clicking.

SQL Injection

An attacker issues a SQL command to a web server as part of the URL or as input to a form on a company's website; web server might pass the command onto the database which then allows potentially anything to be done to the database

integrity

An organization plans to encrypt data in transit on a network. Which aspect of data is the organization attempting to protect?

Threats

Any potential occurrence that may cause an undesirable or unwanted outcome for an organization or for a specific asset.

integrity

At a small company, an employee makes an unauthorized data alteration. Which component of the CIA triad has been compromised?

Interception

Attacks allow unauthorized users to access our data, applications, or environments, and are primarily an attack against confidentiality

Interruption

Attacks cause our assets to become unusable or unavailable for our use, on a temporary or permanent basis. Interruption attacks often affect availability but can be an attack on integrity as well.

Fabrication

Attacks involve generating data, processes, communications, or other similar activities with a system. Fabrication attacks primarily affect integrity but could be considered an availability attack as well.

modifcation

Attacks involve tampering with our asset. Such attacks might primarily be considered an integrity attack but could also represent an availability attack.

What is a sandbox? A. A tool only used in Java B. An isolated environment that protects a set of resources. C. Part of VPN connection D. A virtual location to share digital information

B. An isolated environment that protects a set of resources.

A tornado destroyed a data center. Eh I hidden of the CIA triad is most affected? A. Authenticity B. Availability C. Utility D. Integrity

B. Availability

A malicious actor has breached the firewall with a reverse shell. Which side of the CIA triad is most affected? A. Availability B. Confidentially C. Authentication D. Integrity

B. Confidentiality

Which concept refers to adding layers of security to our networks? A. Administrative control depth B. Defense in depth. C. Physical control depth. D. Logical control depth.

B. Defense in depth.

What is an example of identification? A. Text to Cell Phone. B. Employee number C. Update access. D. Fingerprint.

B. Employee number

Which example demonstrates access control? A. Turning the key in the ignition of a car. B. Locking and unlocking the doors of your house. C. Selecting a pin for a new account. D. Changing a bank account password.

B. Locking and unlocking the doors of your house.

Which tool is used for vulnerability assessment? A. Super scan. B. Nessus C. Snort. D. Wire shark.

B. Nessus

Which term is synonymous with asymmetric cryptography? A. Private-Public key pair B. Public key cryptography C. Private key cryptography D. Secret key encryption algorithm

B. Public key cryptography

Which type of compliance is achieved by law? A. Security B. Regulatory C. Industry D. Privacy

B. Regulatory

Which term is synonymous with symmetric cryptography? A. Rivest-Shamir-Adleman encryption algorithm B. Secret Key cryptography C. Public key cryptography D. Private-public key pair

B. Secret Key cryptography

What is an objective for performing an audit? A. To ensure a company can respond effectively to a disaster. B. To ensure compliance and detect misuse. C. To ensure potential risks are identified and analyzed. D. To ensure proper access is granted to resources.

B. To ensure compliance and detect misuse.

Which attribute of the parkerian hexad allows for proper attribution of the owner of a dataset? A. Possession B. Availability C. Authenticity D. Integrity

C. Authenticity

What is the final step in allowing access to resources? A. Identification B. Authentication C. Authorization D. Accountability

C. Authorization

What is an example of identification? A. Voice Pattern B. Write access C. Email Address D. Mother's Maiden Name

C. Email Address

Which method is used to protect data at rest? A. Back up to a disk B. Hashing C. Encryption D. Back up to the cloud

C. Encryption

Which standards apply to any financial entity policies? A. PCI DSS B. ECPI C. Gramm-Leech-Bliley D. SOX

C. Gramm-Leech-Bliley

Which type of compliance is achieved by stakeholder agreement? A. Security B. Regulatory C. Industry D. Privacy

C. Industry

What is the name of the process where the client authenticates the server in the server authenticates the client? A. Token based authentication. B. Mutual authentication. C. Two factor authentication. D. Multi factor authentication.

C. Mutual authentication.

Which combination of factors demonstrates multifactor authentication? A. Fingerprint and voice print B. Password and Pin. C. Password and fingerprint. D. Voice print and weight.

C. Password and fingerprint.

Which phase of the incident response process includes putting the system back better than the original state? A. Post-incident activity. B. Containment. C. Recovery. D. Detection and Analysis

C. Recovery

What element of the parkerian hexad concerned with usefulness? A. Integrity B. Confidentiality C. Utility D. Availability

C. Utility

Flash Drives (portable storage)

Can survive in harsh environments that are subjected to heat, humidity, and magnetic fields.

Parkerian hexad

Confidentiality, Availability, Integrity, Possession, Authenticity, Utility

CIA Triad

Confidentiality, Integrity, Availability

Which type of system is considered absolutely secure? A. A system that is new. B. A system that has been recently patched. C. A system that has been in production for many years. D. A system that is shut off and disconnected from all networks.

D. A system that is shut off and disconnected from all networks.

Which type of access control model is a CAPTCHA an example of? A. Role-based B. Mandatory-based C. Discretionary-based D. Attribute-based

D. Attribute-based

What company audits other companies for licensing requirements? A. BASF B. RCA C. CIA D. BSA

D. BSA

What are two common values for a net work access control list (ACL)? Choose two answers. A. Accept B. Agree C. Disagree. D. Deny. E. Allow.

D. Deny E. Allow

What are hash functions used for? A. Decrypting messages B. Sexuring messages in transport C. Discovering original content D. Determining whether the message has changed

D. Determine whether the message has changed

Which access control model allows access to be determined by the owner of the resource? A. Mandatory access control. B. Attribute based access control. C. Role based access control. D. Discretionary access control.

D. Discretionary access control.

What characteristic falls under accountability? A. Interruption B. Integrity C. Utility D. Identity

D. Identity

A user changes a number in a dataset with a typo. Which side of the CIA Triad is most affected? A. Availability B. Confidentiality C. Authentication D. Integrity

D. Integrity

Which concept of the CIA Triad is associated with reliability? A. Availability B. Confidentiality C. Authentication D. Integrity

D. Integrity (it ensures data has not been tampered with & its correct, authentic, & reliable.

What is an example of authentication? A. Username B. Write Access C. Email Address D. Mother's Maiden Name

D. Mother's Maiden Name

Which factors demonstrate multifactor authentication? A. Vein patterns and iris scan. B. User name and email address. C. Childhood pet and mothers maiden name. D. Mothers maiden name and voice print.

D. Mothers, maiden name, and voice print

What is an example of authentication? A. Username. B. First car. C. Read only. D. Pin

D. Pin

What is an example of identification? A. Fingerprint B. Mothers Maiden Name C. Captcha Tests D. Username

D. Username

An organization employs a VPN to safeguard its information. Which security principle is protected by a VPN?

Data in motion.

Somewhere you are

Geolocation

A company developing and distributing open source applications realizes that attackers are copying the publicly available, open source code and inserting malware into the code. Which type of cryptographic tool should the company use to protect the integrity of its open source applications?

Hash functions

Physical

Hasn't been connected to the interned or other corporate network. This type will secure any software on the computer.

Something you have

ID badge/swipe card/OTP

Which two principles of the CIA triad can be violated by a fabrication attack?

Integrity and availability

Which two principles of the CIA triad can be violated by an interruption attack?

Integrity and availability

MD5

Message Digest 5. A hashing function used to provide integrity. MD5 uses 128 bits. A hash is simply a number created by applying the algorithm to a file or message at different times. The hashes are compared to each other to verify that integrity has been maintained.

Parkerian Hexad- Authenticity

Non authentic or not the same.

Apply the principle of least privilege

Only HR staff can access employee personal information

PCI DSS

Payment Card Industry Data Security Standard, a security standard created by the Payment Card Industry Security Standards Council (PCI SSC)

Firewall

Prevent unauthorized external access to its internal network.

Which asymmetric cryptographic algorithm can provide confidentiality for data in motion?

RSA

Parkerian Hexad- confidentiality

Refers to our ability to protect our data from those who are not authorized to view it.

Which web attack is a server-side attack?

SQL injection

Which web attack is possible due to a lack of input validation?

SQL injection

SSL/TLS

Secure Sockets layer / Transport Layer Security - An encryption layer of HTTP that uses public key cryptography to establish a secure connection.

Parkerian Hexad - Availability

The ability to access our data when we need it.

Parkerian Hexad - Integrity

The ability to prevent people from changing your data in a unauthorized or undesirable manner.

Risk

The likelihood that a threat will occur.

hash function

Types of systems where the user sends a plain text message to another user without a key. They are usually generated based on the message which helps determine whether the integrity of the message has been tampered.

Fuzzer

Which type of tool can be used to detect vulnerabilities in source code related to improper handling of user input?

sniffer

a type of eavesdropping program that monitors information traveling over a network

AES

advanced encryption standard, a symmetric 128-bit block data encryption technique

After considerable research, attackers directed a spear phishing attack at employees at a single bank. One employee opened a message, resulting in a breach that delivered ransomware. Which type of control should be implemented to prevent future spear phishing attacks?

employee training

FISMA

federal info security management act - US law requires federal agencies to create, document and implement security program

Something you are

fingerprint, iris, retina scan

Something you do

handwriting/typing/walking

Which aspect of the CIA triad is violated by an unauthorized database roll back or undo?

integrity

Parkerian Hexad- Utility

refers to how useful the data is to us

SOX

regulates financial data, operations, and assets for publicly held companies

Spear Phishing Attack

targeted attacks against specific companies, organizations or people

Which cybersecurity term is defined as the potential for an attack on a resource?

threat

Symmetric Key Encryption

used a single key to both encrypt the plaintext and decrypt the cipher text.

Something you know

username, password, pin