Information Security Test 2

transposition

Which type of cipher works by rearranging the characters in a message?

Maximum Tolerable Downtime (MTD)

__________ is the limit of time that a business can survive without a particular critical system.

checksum

A __________ is used to detect forgeries.

Business Continuity Plan

A plan that contains the actions needed to keep critical business processes running after a disruption is called a __________.

Threat

Aditya is attempting to classify information regarding a new project that his organization will undertake in secret. Which characteristic is NOT normally used to make these type of classification decisions?

Detective Control

An IDS is what type of control?

False positive error

Anthony is responsible for tuning his organization's intrusion detection system. He notices that the system reports an intrusion alert each time that an administrator connects to a server using Secure Shell (SSH). What type of error is occurring?

Prudent

Christopher is designing a security policy for his organization. He would like to use an approach that allows a reasonable list of activities but does not allow other activities. Which permission level is he planning to use?

True

Configuration management is the management of modifications made to the hardware, software, firmware, documentation, test plans, and test documentation of an automated system through- out the system life cycle. t/f

Symmetric algorithms

DES, IDEA, RC4, and WEP are examples of __________.

Black-box test

Fran is conducting a security test of a new application. She does not have any access to the source code or other details of the application she is testing. What type of test is Fran conducting?

Integrity

Gary is sending a message to Patricia. He wants to ensure that nobody tampers with the message while it is in transit. What goal of cryptography is Gary attempting to achieve?

Secure Sockets Layer (SSL)

Gina is preparing to monitor network activity using packet sniffing. Which technology is most likely to interfere with this effort if used on the network?

DMZ

Host isolation is the isolation of internal net- works and the establishment of a(n) __________.

False

IP addresses are assigned to computers by the manufacturer. t/f

RFC 1087

In 1989, the IAB issued a statement of policy about Internet ethics. This document is known as ________.

waterfall

In what software development model does activity progress in a lock-step sequential process where no phase begins until the previous phase is complete?

Security information and event management

Isaac is responsible for performing log reviews for his organization in an attempt to identify security issues. He has a massive amount of data to review. What type of tool would best assist him with this work?

True

Policy sets the tone and culture of the organization. t/f

True

Security administration is the group of individu- als responsible for the planning, design, imple- mentation, and monitoring of an organization's security plan. t/f

True

Some of the tools and techniques used in security monitoring include baselines, alarms, closed- circuit TV, and honeypots. t/f

Encryption

The act of scrambling plaintext into ciphertext is known as __________.

Open Systems Interconnection (OSI) Refer- ence Model

The basic model for how you can build and use a network and its resources is known as the __________.

Configuration, change

The change management process includes ________ control and ________ control.

True

The primary steps to disaster recovery include the safety of individuals, containing the damage, and assessing the damage and beginning the recovery operations. t/f

False

The process of describing a risk scenario and then determining the degree of impact that event would have on business operations is quantitative risk analysis. t/f

Reconnaissance

The review of the system to learn as much as possible about the organization, its systems, and networks is known as __________.

The security process The policies, procedures, and guidelines adopted by the organization The authority of the persons responsible for security

The security program requires documentation of:

True

The three basic types of firewalls are packet filter- ing, application proxy, and stateful inspection. t/f

RSA

What is NOT a symmetric encryption algorithm?

System configurations

What is NOT generally a section in an audit report?

Presentation

What layer of the OSI Reference Model is most commonly responsible for encryption?

System integrity monitoring

What type of security monitoring tool would be most likely to identify an unauthorized change to a computer system?

SSL

Which VPN technology allows users to initiate connections over the Web?

Alice's public key

Bob received a message from Alice that contains a digital signature. What cryptographic key does Bob use to verify the digital signature?

WPA

What technology is the most secure way to encrypt wireless communications?

True

When you use a control that costs more than the risk involved, you're making a poor management decision. t/f

nonReal-time monitoring

__________ is used when it's not as critical to detect and respond to incidents immediately.

Cryptography

__________ offers a mechanism to accomplish four security goals: confidentiality, integrity, authenti- cation, and nonrepudiation.

standard

A -----------is a generally agreed-upon technology, method or format for a given application such as TCP/IP protocol

router

A __________ is a device that interconnects two or more networks and selectively interchanges packets of data between them.

Security information and event management

A common platform for capturing and analyzing log entries is __________.

False

A hardened configuration is a system that has had unnecessary services enabled. t/f

Disaster Recovery Plan

A plan that details the steps to recover from a major disruption and restore the infrastructure necessary for normal business operations is a __________.

Incident

Any event that either violates or threatens to violate your security policy is known as a(n) __________.

Decryption

Betty receives a cipher text message from her colleague Tim. What type of function does Betty need to use to read the plaintext message?

Signature based

In __________ methods, the IDS compares current traffic with activity patterns consistent with those of a known network intrusion via pattern match- ing and stateful matching.

Audit

Ricky is reviewing security logs to independently assess security controls. Which security review process is Ricky engaging in?

Phishing

Roger's organization received a mass email message that attempted to trick users into revealing their passwords by pretending to be a help desk representative. What category of social engineering is this an example of?

Firewall

The basic job of a __________ is to enforce an access control policy at the border of a network.

True

The two basic types of ciphers are transposition and substitution t/f

screened subnet

What firewall topology supports the implementa- tion of a DMZ?

IT Infrastructure Library

What is a set of concepts and policies for managing IT infrastructure, development, and operations?

Request, impact assessment, approval, build/test, implement, monitor

What is the correct order of steps in the change control process?

report writing

Which activity is an auditor least likely to conduct during the information-gathering phase of an audit?

Configuration Control

Which activity manages the baseline settings for a system or device?

Checklist

Which audit data collection method helps ensure that the information-gathering process covers all relevant areas?

chosen plaintext

Which cryptographic attack offers cryptanalysts the most information about how an encryption algorithm works?

Signature detection

Which intrusion detection system strategy relies upon pattern matching?

Resumes of system administrators

Which item is an auditor least likely to review during a system controls audit?

They provide for places within the process to conduct assurance checks.

Which of the following is true of procedures?

Personal Information Protection and Electronic Documents Act

Which regulatory standard would NOT require audits of companies in the United States?

Network mapping

Which security testing activity uses tools that scan for services running on systems?

switch

Which simple network device helps to increase network performance by using the MAC address to send network traffic only to its intended destination?

Benchmark

A __________ is a standard used to measure how effective your system is as it relates to industry expectations.

Digital

A __________ signature is a representation of a physical signature stored in a digital format.

True

A secure virtual private network (VPN) creates an authenticated and encrypted channel across some form of public network. t/f

True

A strong hash function is designed so that a forged message cannot result in the same hash as a legitimate message. t/f

True

A vulnerability is any exposure that could allow a threat to be realized. t/f

Service Level Agreement

A(n) ________ is a formal contract between your organization and an outside firm that details the specific services the firm will provide

Wide area network

A(n) __________ is a critical element in every corpo- rate network today, allowing access to an organi- zation's resources from almost anywhere in the world.

Bob's public key

Alice would like to send a message to Bob securely and wishes to encrypt the contents of the message. What key does she use to encrypt this message?

Alice's private key

Alice would like to send a message to Bob using a digital signature. What cryptographic key does Alice use to create the digital signature?

Cipher

An algorithm used for cryptographic purposes is known as a __________.

Addressing their purpose

An audit examines whether security controls are appropriate, installed correctly, and __________.

Symmetric

An encryption cipher that uses the same key to encrypt and decrypt is called a(n) __________ key.

false

An organization does not have to comply with both regulatory standards and organizational standards. T/F

Baseline

Ann is creating a template for the configuration of Windows servers in her organization. It includes the basic security settings that should apply to all systems. What type of document should she create?

Does the firewall properly block unsolicited network connection attempts?

Curtis is conducting an audit of an identity management system. Which question is NOT likely to be in the scope of his audit?

False

DHCP provides systems with their MAC addresses. t/f

True

Data classification is the responsibility of the per- son who owns the data. t/f

SOC 3

Emily is the information security director for a large company that handles sensitive personal information. She is hiring an auditor to conduct an assessment demonstrating that her firm is satisfying requirements regarding customer private data. What type of assessment should she request?

True

Encryption ciphers fall into two general catego- ries: symmetric (private) key and asymmetric (public) key. t/f

Is the security control likely to become obsolete in the near future?

Jacob is conducting an audit of the security controls at an organization as an independent reviewer. Which question would NOT be part of his audit?

Project Initiation and planning

Marguerite is creating a budget for a software development project. What phase of the system lifecycle is she undertaking?

System development lifecycle

More and more organizations use the term ________ to describe the entire change and maintenance process for applications.

Residual

Risk that remains even after risk mitigation efforts have been implemented is known as __________ risk.

Waterfall

There are several types of software development methods, but most traditional methods are based on the ________ model.

Details on major issues

What information should an auditor share with the client during an exit interview?

NAT

What technology allows you to hide the private IPv4 address of a system from the Internet?

hash

What type of function generates the unique value that corresponds to the contents of a message and is used to create a digital signature?

nonrepudiation

When Patricia receives a message from Gary, she wants to be able to demonstrate to Sue that the message actually came from Gary. What goal of cryptography is Patricia attempting to achieve?

Managers should include their responses to the draft audit report in the final audit report.

When should an organization's managers have an opportunity to respond to the findings in an audit?

Fuzzing

Which software testing method provides random input to see how software handles unexpected data?

Standards

________ involve the standardization of the hard- ware and software solutions used to address a security risk throughout the organization.

Principles of least privilege

________ is the concept that users should be granted only the levels of permissions they need in order to perform their duties.

nonrepudiation

__________ corroborates the identity of an entity, whether the sender, the sender's computer, some device, or some information.

TCP/IP

__________ is a suite of protocols that was devel- oped by the Department of Defense to provide a highly reliable and fault-tolerant network infrastructure.