IS 360 Midterm
Maria is the manager for a large organization and is evaluating whether the organization should purchase a suppression system She consulted a variety of subject matter experts and determined that there is a 1 percent chance that a fire will occur in a given yearIf a fire occurred it would likely cause $2 million in damage to the facility, which has a $10 million valueGiven this scenario what is the annualized loss expectancy (ALE)?
2,000,000
Maria is the risk manager for a large organization and is evaluating whether the organization should purchase a fire suppression system She consulted a variety of subject matter experts and determined that there is a 1 percent chance that a fire will occur in a given year If a fire occurred, it would likely cause $2 million in damage to the facility, which has a $10 million valueGiven this scenario, what is the exposure factor (EF)
20%
Devaki is capturing traffic on her network She notices connections using ports 20 , 22, 23, and 80. Which port normally protocol that uses secure, encrypted connections?
22
What is the maximum value for any octet in an Internet Protocol version 4 (IPv4) address?
255
What network number is used for unencrypted web -based communication by default ?
80
Juan's web server was down for an entire day in April. It experienced no other downtime during that monthWhat represents the web server uptime for that month?
96.67%
Which of the following is not true of gap analysis
A gap analysis can be performed only through a formal investigation?
Devaki is evaluating different biometric systems. She understands that users might not want to subject themselves to retinal scans due to privacy concerns. Which concern of a biometric system is she considering ?
Acceptability
Jackson is a cybercriminal. He is attempting to keep groups of a company's high-level users from accessing their work network accounts abusing a policy designed to protect employee accounts. Jackson attempts to log in to their work accounts repeatedly using false passwords. What security method is he taking advantage of
Account lockout policies
Brian notices an attack taking place on his network. When he digs deeperhe realizes that the attacker has a physical presence on the loca network and is forging Media Access Control (MAC) addresses. Which type of attack is most likely taking place?
Address resolution protocol (ARP) poisoning
Carl recently joined a new organization. He noticed that the firewall technology used by the firm opens separate connections between the devices on both sides of the firewallWhat type of technology is being used?
Application proxying
Which action is the best step toward protecting Internet of Things (IoT) devices from becoming the entry point for security vulnerabilities a network while still meeting business requirements
Applying security updates promptly
Maria is writing a policy that defines her organization's data classification standard. The policy designates the IT assets that are critical to the organization's mission and defines the organization's systems, uses, and data priorities. It also identifies assets within the seven domains of a typical IT infrastructure. Which policy is Maria writing?
Asset classification policy
is limited to the scanning and enumeration phase of the cyber kill chain, while a encompasses the full kill chain.
Basic network scan in Nessus; port scan in Zenmap
Which security model does not protect the integrity of information?
Bell-lapadula
Which attack is typically used specifically against password files that contain cryptographic hashes?
Birthday
Tom is the IT manager for an organization that experienced a server failure that affected a single business functionWhat type of plan should guide the organization's recovery effort?
Business continuity plan BCP
A Nessus scan report identifies vulnerabilities by a
CVE Value
In OpenVAS, the measures how reliable a vulnerability's severity score is
CVSS score
What compliance regulation is similar to the European Union (EU) General Data Protection Regulation (GDPR) of 2016 and focuses on Individual privacy and rights of data owners?
California consumer privacy act
Miriam is a network administratorShe would like to use a wireless authentication technology similar to that found in hotels where users are redirected to a webpage when they connect to the network. What technology should she deploy?
Captive Portal
With the use of Mobile IPwhich device is responsible for assigning each mobile node (MN) a local address?
Care of address
In Mobile IP, what term describes a device that would like to communicate with a mobile node (MN)?
Correspondent node (CN)
A hacker has stolen logon and passwords. The hacker is now attempting to gain unauthorized access to a public-facing web application by using the stolen credentials one by one . What type of attack is taking place?
Credential Harvesting
Which of the following is the point at which two error rates of a biometric system are equal and is the measure of the system's accuracy expressed as a percentage?
Crossover error rate
What term describes data that has been stripped of personally identifiable information for privacy reasons?
De-identified
Which risk is most effectively mitigated by an upstream Internet service provider (ISP)?
Distributed denial of service (DDoS)
In Active Directory the Group Type is used in conjunction with email services such as Microsoft Exchange
Distribution
Carrie is a network technician developing the Internet Protocol (IP) addressing roadmap for her company. While IP version 4 (IPv4) has been the standard for decades, IP version 6 (IPv6) can provide a much greater number of unique IP addresses. Which addressing syster should she designate for primary use on her roadmap and why?
Do both if possible. If not, just IPv4. IPv6 is not backwards compatible it cant talk with IPv4
The Active Directory database is hosted on a specialized Windows Server system referred to which functions as the central as a authority within the network of user accounts and computers that comprise the
Domain Controller; domain
What protocol is responsible for assigning Internet Protocol (IP) addresses to hosts on many networks?
Dynamic hot configuration protocol (DHCP)
Maria is using accounting software to compile sensitive financial informationShe receives a phone call and then her deskWhile she's gonewalks past her cubicle and sees that she has not locked her and exposedBill uses his smartphone to take several photos of this data with the intent of selling it to the company's competitorWhat access control taking place ?
Eavesdropping by observation?
Which of the following is not a defining aspect of using TCP as a connection-oriented protocol?
Encryption of packet Payload
What is an example of an alteration threat?
Espionage
Barry discovers that an attacker is running an access point in a building adjacent to his company. The access point is broadcasting the security set identifier (SSID) of an open network owned by the coffee shop in his lobby. Which type of attack is likely taking place?
Evil twin
Which of the following is an example of a direct cost that might result from a business disruption?
Facility repair
True or False? A disaster recovery plan (DRP) is part of a business continuity plan (BCP) and is necessary to ensure the restoration of resources required by the BCP to an available state.
False
True or False? A packet-filtering firewall remembers information about the status of a network communication
False
True or False? A phishing attack "poisons" a domain name on a domain name server (DNS)
False
True or False? A router is a security appliance that is used to filter Internet Protocol (IP) packets and block unwanted packets
False
True or False? Authorization controls include biometric devices
False
True or False? Bluejacking is an attack in which wireless traffic is sniffed between Bluetooth devices
False
True or False? Hypertext Transfer Protocol (HTTP) encrypts data transfers between secure browsers and secure webpages
False
True or False? In most organizations, focusing on smaller issues rather than planning for the most wide-reaching disaster results in a more comprehensive disaster recovery plan
False
True or False? Internet of Things (devices cannot share and communicate your device data to other systems and applications without your authorization or knowledge
False
True or False? Temporal isolation is commonly used in combination with rule-based access control
False
True or False? The four central components of access control are users, resources, actions, and features.
False
True or False? The term risk methodology refers to a list of identified risks that results from the risk identification process
False
True or False? To create the most secure network, configure the firewall to allow all messages except the ones that are explicitly denied.
False
True or False? Vendors or service providers that have remote access to an Internet of Things (IoT) device may be able to pull information or data from your device without your permission.
False
True or False? Anti-malware programs and firewalls cannot detect most phishing scams because the scams do not contain suspect code.
False?
Bob is the Information security and compliance manager for a financial institution. Which regulation is most likely to directly apply to Bob's employer?
Federal Information Security Management Act (FISMA)
In which domain of a typical IT infrastructure is the first layer of defense for a layered security strategy?
Firewalls
What type of firewall security feature limits the volume of traffic from individual hosts?
Flood guard
Lincoln is a network security specialistHe is updating the password policy for his company's computing infrastructure. His primary method of improving password policy involves lowering the chance that an attacker can compromise and use the password before it expires. What does he do?
Forbids a password being changed to any of the previous 10 passwords listed in the password history ? Several allowed login attempts?
Isabella is in charge of the disaster recovery plan (DRP) teamShe needs to ensure that data center operations will transfer smoothly to an alternate site in the event of a major interruption. She plans to run a complete test that will interrupt the primary data center and transfer processing capability to a hot site. What option is described in this scenario?
Full interruption test?
Which of the following is not a market driver for the Internet of Things ()
Global adoption of internet protocol networking
Which of the following is an example of a business-to-consumer (B2C) application of the Internet of Things ()?
Health monitoring
Which tool or application can be used to create a remote connection with network devices, including switches, file servers, or web servers, across a LAN or WAN?
Ping
With the use of Mobile IP, which device is responsible for keeping track of mobile nodes (MNs) and forwarding packets to the MN's current network?
Home Agent
Dawn is selecting an alternative processing facility for her organization's primary data center. She needs a facility with the least switchover even if it's the most expensive option. What is the most appropriate option in this situation?
Hot
Keisha is a network administrator . She wants a cloud-based service that will allow her to load operating systems on virtual machines and manage them as if they were local serversWhat service is Keisha looking for?
Infrastructure as a service
Rachel is investigating an information security incident that took place at the high school where she worksShe suspects that students may have broken into the student records system and altered their gradesIf that is correct, which one of the tenets of information security did this attack violate?
Integrity
Which organization pursues standards for Internet of Things (IoT) devices and is widely recognized as the authority for creating standards on the Internet?
Internet engineering task force (IETF)
What is key to implementing a consistent Internet of Things (IoT) device, connectivity, and communications environment?
Interoperability and standards
What is key to implementing a consistent Internet of Things device connectivity, and communications environment?
Interoperability standards
Which network device is designed to block network connections that are identified as potentially malicious?
Intrusion prevention system IPS
A company's IT manager has advised the business's executives to use a method of decentralized access control rather than centralized to avoid creating a single point of failure. She selects a common protocol that hashes passwords with a one-time challenge number to defeat eavesdropping-based replay attacks. What is this protocol?
Kerberos?
On early Ethernet networks, all computers were connected to a single wire, forcing them to take turns on a local area network (LAN) Today, this situation is alleviated on larger networks because each computer has a dedicated wire connected to a that controls a portion of the
LAN switch
Wen is a network engineerFor several months, he has been designing a system of controls to allow and restrict access to network assets based on various methods and informationHe is currently configuring the authentication methodWhat does this method do
MITRE corporation , mitigate
What measures the average amount of time between failures for a particular system?
Mean time to failure (MTTF)
option specifies the group to which When adding a new Active Directory group via the PowerShell command line interface, the you want to add user account(s).
Members
Which of the following is an example of a reactive disaster recovery plan?
Move to a warm site
Isabella is a network engineer. She would like to strengthen the security of her organization's networks by adding more requirements before allowing a device to connect to a networkShe plans to add authentication to the wireless network and posture checking to the wired networkWhat technology should Isabella use?
NAC
What is not a commonly used endpoint security technique?
Network firewall
Which Nmap command would you run to execute a Ping scan on all hosts on the 172.30.0.0/24 ?
Nmap -T4 -A -v 172.30.0.0/24
What level of technology infrastructure should you expect to find in a cold site alternative data center facility?
No tech infrastructure
What is an example of a logical access control?
Password
A hospital is planning to introduce a new point-of-sale system in the cafeteria that will handle credit card transactions. Which one of the following governs the privacy of information handled by those point-of-sale terminals?
Payment card industry data security standard (PCI DSS)
Gwen's company is planning to accept credit cards over the Internet. What governs this type of activity and includes provisions that Gwen would implement before accepting credit card transactions?
Payment card industry data security standard (PCI DSS)
Susan is troubleshooting a problem with a computer's network cabling. At which layer of the Open Systems Interconnection (OSI) Reference Model is she working?
Physical
An automatic teller machine (ATM) uses a form of constrained user interface to limit the user's ability to access resources in the system. Specifically for ATMs, which method is being used?
Physically constrained user interface
What is an example of two- factor authentication ( 2FA)?
Pin and password
Which tool or application can be used to create a remote connection with network devices, including switches, servers, or web servers across a LAN or WAN
Ping
Kaira's company recently switched to a new calendaring system provided by a vendorKaira and other users connect to the system, hosted at the vendor's site, using a web browser. Which service delivery model is Kaira's company using ?
Platform as a service
Which element of the security policy framework requires approval from upper management and applies to the entire organization?
Policy
Violet deploys an intrusion prevention system (IPS) on her network as a security control. What type of control has Violet deployed?
Preventive
Chris is writing a document that provides step-bystep instructions for end users seeking to update the security software on their computersPerforming these updates is mandatoryWhich type of document is Chris writing?
Procedure
Which of the following is not a security control that can be configured by the Group Policy Management Console (GPMC)?
Program execution privileges
When a full tunnel is being used by a VPN client and server, you can expect the first hop into always be the gateway for the network
PuTTY, VPN
Which type of password attack is used on weak passwords and compares a hashed value of the passwords to the system password file to a match?
Rainbow table attack
Hajar is developing a business impact assessment for her organization. She is working with business units to determine the target state of recovered data that allows the organization to continue normal processing after a major interruption Which of the following is Hajar determining ?
Recovery time objective
Aditya is the security manager for a mid-sized business. The company has suffered several serious data losses when laptops were stolen Aditya decides to implement full disk encryption on all laptops. What risk response did Aditya take?
Reduce
Aditya is the security manager for a mid-sized business. The company has suffered several serious data losses when laptops were stolen Aditya decides to implement full disk encryption on all laptopsWhat risk response did Aditya take?
Reduce
Administrators can use Active Directory in conjunction with software updates, and more to enforce security policies surrounding passwords, antivirus, software updates, and more.
Remote server access tools
Which type of attack involves capturing data packets from a network and retransmitting them to produce an unauthorized effect? The receipt of duplicate, authenticated Internet Protocol (IP) packets may disrupt service or produce another undesired consequence.
Replay
What term describes the risk that exists after an organization has performed all planned countermeasures and controls?
Residual Risk
Which is the typical risk equation?
Risk = likelihood x vulnerability
Giving HR managers full control access to files in a folder called HR Policies while giving HR representatives read-only access to the files in the same HR Policies folder is an example of access controls
Role-based
Which of the following is an example of devices associated with the Transport Layer?
Router? Firewall
User IDs and passwords sent through are sent as and are readable with Wireshark
SHHv2, clear text
Which of the following is another name for Windows Security permissions that enforce the proper access controls for security groups
SMB permissions
What firewall approach is shown in the figure, assuming the firewall has three network cards?
Screened subnet
There are a large number of protocols and programs that use port numbers to make computer connectionsOf the following which ones do not use port numbers?
Secure sockets layer ssl or transport layer security tls
From a security perspective, what should organizations expect will occur as they become more dependent the Internet of Things (IoT)
Security risks will increase
Tomahawk Industries develops weapons control systems for the military. The company designed a system that requires two different officers to enter their access codes before allowing the system to engage. Which principle of security is this following?
Separation of duties
Hajar is investigating a denial of service attack against her network. She notices that the Internet Control Message Protocol (ICMP) echo replies coming into her network far exceed the ICMP echo requests leaving her network. What type of attack is likely taking place?
Smurf
routing refers torouting refers to the process of routing packets via paths that are manually defined on a router, while the process of routing packets via paths that may change according to network conditions
Static, dynamic
A________ is used to identify the part of an Ethernet network where all hosts share the same host address
Subnet?
Which domain contains critical systems and applications that support and provide various services that perform core functions like authentication, authorization, and data management?
System/application domain
In Wireshark, which of the following Protocol column filters would display only packets transported over a wireless network?
Telnet? What filter do you need to put only to see wireless traffic on wireshark I dont know the filter?
What is the main purpose of risk identification in an organization ?
To understand threats to critical resources?
What is a U.S. federal government classification level that applies to information that would cause serious damage to national security if it were disclosed?
Top Secret
Purchasing an insurance policy is an example of the risk management strategy
Transfer
True or False ? In a watering -hole attack , a targeted user is lured to a commonly visited website on which malicious code has been planted
True
True or False ? Kerberos is an example of a biometric method
True
True or False? A Chinese wall security policy defines a barrier and develops a set of rules to ensure that no subject gets to objects on the other side
True
True or False? A challenge created by the Internet of Things (IoT) is how to protect personal identity and private data from theft or unauthorized access
True
True or False? A data classification standard provides a consistent definition for how an organization should handle and secure different types of data
True
True or False? A degausser creates a magnetic field that erases data from magnetic storage media
True
True or False? A network protocol governs how networking equipment interacts to deliver data across the network
True
True or False? A social engineering consensus tactic relies on the position that "everyone else has been doing it as proof that it is okay or acceptable to do.
True
True or False? A threat analysis identifies and documents threats to critical resources, which means considering the types of disasters that are possible and what kind of damage they can cause.
True
True or False? The Gramm-Leach-Bliley Act (GLBA) addresses information security concerns in the financial industry
True
True or False? A unified threat management (UTM) device can provide content inspection, where some or all network packet content inspected to determine whether the packet should be allowed to pass
True
True or False? Access control lists (ACLs) are used to permit and deny traffic in an Internet Protocol (IP) router
True
True or False? An alteration threat violates information integrity.
True
True or False? An information system is a safeguard or countermeasure an organization implements to help reduce risk
True
True or False? Application service providers (ASPs) are software companies that build applications hosted in the cloud and on the Internet
True
True or False? Authentication by action is based on something you do, such as typing.
True
True or False? Authentication controls include passwords and personal identification numbers (PINs ).
True
True or False? Authorization is the process of granting rights to use an organization's IT assets, systems, applications, and data to a specific user
True
True or False? Availability is the tenet of information security that deals with uptime and downtime.
True
True or False? Bring Your Own Device ( BYOD) opens the door to considerable security issues.
True
True or False? Changes to external requirements, such as legislation, regulationor industry standards, that require control changes can result in a security gap for an organization.
True
True or False? Common methods used to identify a user to a system include username, smart card, and biometrics
True
True or False? Content-dependent access control requires the access control mechanism to look at the data to decide who should get to it
True
True or False? Cryptography is the practice of making data unreadable.
True
True or False? E-commerce systems and applications demand strict confidentiality integrity, and availability (C-I-A) security controls
True
True or False? Each 5G device has a unique Internet Protocol (IP) address and appears just like any other wired device on a network
True
True or False? Encrypting data within databases and storage devices gives an added layer of security
True
True or False? Facility automation uses Internet of Things () to integrate automation into business functions to reduce reliance on machinery.
True
True or False? For businesses and organizations under recent compliance laws , data classification standards typically include private, confidential, internal use only, and public-domain categories.
True
True or False? For businesses and organizations under recent compliance laws, data classification standards typically include private confidential, internal use only and public-domain categories
True
True or False? If a company informs employees that email sent over the company's network is monitored, the employees can no longer claim to have an expectation of privacy
True
True or False? In a masquerade attack, one user or computer pretends to be another user or computer
True
True or False? Log files are one way to prove accountability on a system or network
True
True or False? Metadata of Internet of Things () devices is sometimes sold to companies seeking demographic marketing data about users and their spending habits.
True
True or False? Remote wiping is a device security control that allows an organization to remotely erase data or email in the event of loss or theft of the device
True
True or False? Safeguards address gaps or weaknesses in the controls that could otherwise lead to a realized threat
True
True or False? The business continuity plan (BCP) identifies the resources for which a business impact analysis (BIA) is necessary.
True
True or False? The computer game Solitaire operates at the Application Layer of the Open Systems Interconnection (OSI) Reference Model
True
True or False? The ownership of Internet of Things () data, as well as the metadata of that data, is sometimes in question
True
True or False? The ping utility identifies the path that packets travel through a network.
True
True or False? The protocols in the Transmission Control Protocol/Internet Protocol (TCP/IP) suite work together to allow any two computers to be connected and thus create a network.
True
True or False? The protocols in the Transmission Control Protocol/Internet Protocol (TCP/|P) suite work together to allow any two computers to be connected and thus create a network.
True
True or False? The term "risk management" describes the process of identifying, assessing, prioritizing, and addressing risks.
True
True or False? The term "router" describes a device that connects two or more networks and selectively interchanges packets of data between them
True
True or False? The tools for conducting a risk analysis can include the documents that define, categorize, and rank risks
True
True or False? The tools for conducting a risk analysis can include the documents that define, categorize, and rank risks.
True
True or False? Transmission Control Protocol / Internet Protocol (TCP/IP) is a suite of protocols that operates at both the Network and Transport layers of the Open Systems Interconnection (OSI) Reference Model.
True
True or False? Using Mobile IP users can move between segments on a local area network (LAN and stay connected without interruption
True
True or False? Using Mobile users can move between segments on a local area network (LAN) and stay connected without interruption
True
True or False? Utility companies are incorporating Internet- connected sensors into their business functions
True
True or False? Vehicles that have Wi-Fi access and onboard computers require software patches and upgrades from the manufacturer
True
True or False? e-business secure web applications are one of the critical security controls that each organization must implement to reduce
True
True or False? mandatory access control (MAC), access rules are closely managed by the security administrator and not by the system owner or ordinary users for their own
True
True or FalseThe User Domain of a typical IT infrastructure defines the people and processes that access an organization's information systems
True
True or FalseTransmission Control Protocol/Internet Protocol (TCP/IP) is a suite of protocols that operates at both the Network and Transport layers of the Open Systems Interconnection (Reference Model)
True
True or False? Bring Your Own Device (BYOD) often replaces the need for the organization to procure limited mobile device model options and issue them to employees for individual use.
True?
True or False? The protocols in the Transmission Control Protocol/Internet Protocol (TCP/IP) suite work together to allow any two computers to be connected and thus create a network
True?
True or False? Transmitting private or sensitive data unencrypted is a risk in both the Local Area Network (LAN) and Wide Area Network (WAN) Domains of a typical IT infrastructure
True?
True or FalseService-level agreements (SLAs) are a common part of the Local Area Network (LAN)-to-Wide Area Network (WAN) of a typical IT infrastructure
True?
hat is a primary risk to the Workstation Domain, the Local Area Network (LAN) Domain, and the System/Application Domain?
Unauthorized access to systems
An attacker attempting to break into a facility pulls the fire alarm to distract the security guard manning an entry point. Which type of social engineering attack is the attacker using?
Urgency
Which domain is typically the weakest link in any IT infrastructure?
User domaine
Which security control is most helpful in protecting against eavesdropping on wide area network (WAN) transmissions?
VPN
Bob has a high-volume virtual private network (VPN). He would like to use a device that would best handle the required processing power What type of device should he use?
VPN concentrator
Hakim is a network engineerHe is configuring a virtual private network (VPN) technology that is available only for computers running the Windows operating system. Which technology is it ?
VPN?
Wen is a network engineer. He would like to isolate several systems belonging to the product development group from other systems the network, without adding new hardware. What technology is best to use?
Virtual LAN (VLAN)
Cloud Service Providers (CSPs) use the to offer services to customers throughout the world.
WAN
You should enumerate recommended mitigations or next steps in this section of a formal Penetration Test Report ?
conclusion section (I think lolol)
Forensics and incident response are examples of controls
corrective
True or False? The term "risk methodology'' refers to a list of identified risks that results from the risk identification process
false
Which type of attack involves eavesdropping on transmissions and redirecting them for unauthorized use?
interception
To capture Ethernet-based frames addressed to any/all IP addresses on a LAN segment, you need to use Wireshark in mode
promiscuous
Which of the following enables businesses to transform themselves into an Internet of Things ()
service offering
Wen is a network engineerFor several months, he has been designing a system of controls to allow and restrict access to network assets based on various methods and informationHe is currently configuring the authentication methodWhat does this method do
verifies that requesters are who they claim to be