IS413 UAB Final

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Bob is preparing to dispose of magnetic media and wishes to destroy the data stored on it. Which method is NOT a good approach for destroying data?

Formatting

Which item is an auditor least likely to review during a system controls audit?

Resumes of system administrators

What is NOT a symmetric encryption algorithm?

Rivest-Shamir-Adelman (RSA)

Which classification level is the highest level used by the U.S. federal government?

Top Secret

Protected health information (PHI) is any individually identifiable information about a person's health.

True

Rootkits are malicious software programs designed to be hidden from normal methods of detection.

True

While running business operations at an alternate site, you must continue to make backups of data and systems.

True

Written security policies document management's goals and objectives.

True

Florian recently purchased a set of domain names that are similar to those of legitimate websites and used the newly purchased sites to host malware. Which type of attack is Florian using?

Typosquatting

Adam is evaluating the security of a web server before it goes live. He believes that an issue in the code allows an SQL injection attack against the server. What term describes the issue that Adam discovered?

Vulnerability

Mark is considering outsourcing security functions to a third-party service provider. What benefit is he most likely to achieve?

Access to a high level of expertise

A bricks-and-mortar strategy includes marketing and selling goods and services on the Internet.

False

A packet-filtering firewall remembers information about the status of a network communication.

False

A rootkit uses a directed broadcast to create a flood of network traffic for the victim computer.

False

Breanne's system was infected by malicious code after she installed an innocent-looking solitaire game that she downloaded from the Internet. What type of malware did she likely encounter?

Trojan horse

Henry's last firewall rule must allow inbound access to a Windows Terminal Server. What port must he allow?

3389

In Mobile IP, what term describes a device that would like to communicate with a mobile node (MN)?

Correspondent node (CN)<br><u>&nbsp;</u>

Which one of the following is an example of a direct cost that might result from a business disruption?

Facility repair

An SOC 1 report primarily focuses on security.

False

Often an extension of a memorandum of understanding (MOU), the blanket purchase agreement (BPA) serves as an agreement that documents the technical requirements of interconnected assets.

False

Product cipher is an encryption algorithm that has no corresponding decryption algorithm.

False

Regarding data center alternatives for disaster recovery, a mobile site is the least expensive option but at the cost of the longest switchover time.

False

Regarding security controls, the four most common permission levels are poor, permissive, prudent, and paranoid.

False

Removable storage is a software application that allows an organization to monitor and control business data on a personally owned device.

False

The first step in the risk management process is to monitor and control deployed countermeasures

False

The four central components of access control are users, resources, actions, and features.

False

The term "data owner" refers to the person or group that manages an IT infrastructure.

False

The term risk methodology refers to a list of identified risks that results from the risk-identification process.

False

Which control is not designed to combat malware?

Firewalls

Which element of the security policy framework offers suggestions rather than mandatory actions?

Guideline

With the use of Mobile IP, which device is responsible for keeping track of mobile nodes (MNs) and forwarding packets to the MN's current network?

Home agent (HA)

Violet deploys an intrusion prevention system (IPS) on her network as a security control. What type of control has Violet deployed?

Preventive

Chris is writing a document that provides step-by-step instructions for end users seeking to update the security software on their computers. Performing these updates is mandatory. Which type of document is Chris writing?

Procedure

Under the Health Insurance Portability and Accountability Act (HIPAA) Security Rule, what type of safeguards must be implemented by all covered entities, regardless of the circumstances?

Required

Which one of the following principles is NOT a component of the Biba integrity model?

Subjects cannot change objects that have a lower integrity level.

What type of network device normally connects directly to endpoints and uses MAC-based filtering to limit traffic flows?

Switch

A disaster recovery plan (DRP) directs the actions necessary to recover resources after a disaster.

True

A functional policy declares an organization's management direction for security in such specific functional areas as email, remote access, and Internet surfing.

True

ActiveX is used by developers to create active content.

True

An auditing benchmark is the standard by which a system is compared to determine whether it is securely configured.

True

An example of a threat to access control is in a peer-to-peer (P2P) arrangement in which users share their My Documents folder with each other by accident.

True

Bring Your Own Device (BYOD) opens the door to considerable security issues.

True

In a Bring Your Own Device (BYOD) policy, the user acceptance component may include separation of private data from business data.

True

In a chosen-ciphertext attack, cryptanalysts submit data coded with the same cipher and key they are trying to break to the decryption device to see either the plaintext output or the effect the decrypted message has on some system.

True

In security testing data collection, observation is the input used to differentiate between paper procedures and the way the job is really done.

True

Log files are records that detail who logged on to a system, when they logged on, and what information or resources they used.

True

Message authentication confirms the identity of the person who started a correspondence.

True

Networks, routers, and equipment require continuous monitoring and management to keep wide area network (WAN) service available.

True

The goal of a command injection is to execute commands on a host operating system.

True

The hash message authentication code (HMAC) is a hash function that uses a key to create a hash, or message digest.

True

Unified messaging allows you to download both voice and email messages to a smartphone or tablet.

True

Using Mobile IP, users can move between segments on a local area network (LAN) and stay connected without interruption.

True

What type of network connects systems over the largest geographic area?

Wide area network (WAN)

During what phase of a remote access connection does the end user prove his or her claim of identity?

Authentication

Alice would like to send a message to Bob securely and wishes to encrypt the contents of the message. What key does she use to encrypt this message?

Bob's public key

Which type of password attack attempts all possible combinations of a password in an attempt to guess the correct value?

Brute-force attack

What is the maximum value for any octet in an IPv4 IP address?

255

The Children's Online Privacy Protection Act (COPPA) restricts the collection of information online from children. What is the cutoff age for COPPA regulation?

13

Kim is the risk manager for a large organization. She is evaluating whether the organization should purchase a fire suppression system. She consulted a variety of subject matter experts and determined that there is a 1 percent chance that a fire will occur in a given year. If a fire occurred, it would likely cause $2 million in damage to the facility, which has a $10 million value. Given this scenario, what is the exposure factor?

20 percent

Henry is creating a firewall rule that will allow inbound mail to the organization. What TCP port must he allow through the firewall?

25

Which security control is most helpful in protecting against eavesdropping on wireless LAN (WLAN) data transmissions that would jeopardize confidentiality?

Applying strong encryption

Taylor is a security professional working for a retail organization. She is hiring a firm to conduct the Payment Card Industry Data Security Standard (PCI DSS) required quarterly vulnerability scans. What credential should she seek in a vendor?

Approved scanning vendor (ASV)

Ann is creating a template for the configuration of Windows servers in her organization. It includes the basic security settings that should apply to all systems. What type of document should she create?

Baseline

What program, released in 2013, is an example of ransomware?

Crypt0L0cker

Betty receives a cipher text message from her colleague Tim. What type of function does Betty need to use to read the plaintext message?

Decryption

Which organization creates information security standards that specifically apply within the European Union?

European Telecommunication Standards Institute (ETSI) Cyber Security Technical Committee (TC CYBER)

Which organization pursues standards for Internet of Things (IoT) devices and is widely recognized as the authority for creating standards on the Internet?

Internet Engineering Task Force

Which regulatory standard would NOT require audits of companies in the United States?

Personal Information Protection and Electronic Documents Act (PIPEDA)

Adam discovers a virus on his system that is using encryption to modify itself. The virus escapes detection by signature-based antivirus software. What type of virus has he discovered?

Polymorphic virus

Which data source comes first in the order of volatility when conducting a forensic investigation?

RAM

What type of malicious software allows an attacker to remotely control a compromised computer?

Remote Access Tool (RAT)

Which activity is an auditor least likely to conduct during the information-gathering phase of an audit?

Report writing

In which type of attack does the attacker attempt to take over an existing connection between two systems?

Session hijacking

Which intrusion detection system strategy relies upon pattern matching?

Signature detection

Kaira's company recently switched to a new calendaring system provided by a vendor. Kaira and other users connect to the system, hosted at the vendor's site, using a web browser. Which service delivery model is Kaira's company using?

Software as a Service (SaaS)

Users throughout Alison's organization have been receiving unwanted commercial messages over the organization's instant messaging program. What type of attack is taking place?

Spim

Purchasing an insurance policy is an example of the ____________ risk management strategy.

transfer

Kim is the risk manager for a large organization. She is evaluating whether the organization should purchase a fire suppression system. She consulted a variety of subject matter experts and determined that there is a 1 percent chance that a fire will occur in a given year. If a fire occurred, it would likely cause $2 million in damage to the facility, which has a $10 million value. Given this scenario, what is the single loss expectancy (SLE)?

$2,000,000

Kim is the risk manager for a large organization. She is evaluating whether the organization should purchase a fire suppression system. She consulted a variety of subject matter experts and determined that there is a 1 percent chance that a fire will occur in a given year. If a fire occurred, it would likely cause $2 million in damage to the facility, which has a $10 million value. Given this scenario, what is the annualized loss expectancy (ALE)?

$20,000

Henry would like to create a different firewall rule that allows encrypted web traffic to reach a web server. What port is used for that communication?

443

Bob is using a port scanner to identify open ports on a server in his environment. He is scanning a web server that uses Hypertext Transfer Protocol (HTTP). Which port should Bob expect to be open to support this service?

80

Which Institute of Electrical and Electronics Engineers (IEEE) standard covers wireless LANs?

802.11

Juan's web server was down for an entire day last September. It experienced no other downtime during that month. Which one of the following represents the web server uptime for that month?

96.67%

Brian notices an attack taking place on his network. When he digs deeper, he realizes that the attacker has a physical presence on the local network and is forging Media Access Control (MAC) addresses. Which type of attack is most likely taking place?

Address Resolution Protocol (ARP) poisoning

A security policy is a comparison of the security controls you have in place and the controls you need in order to address all identified threats.

False

A structured walk-through test is a review of a business continuity plan to ensure that contact numbers are current and that the plan reflects the company's priorities and structure.

False

Committee of Sponsoring Organizations (COSO) is a set of best practices for IT management.

False

Cryptography is the process of transforming data from cleartext into ciphertext.

False

In a known-plaintext attack (KPA), the cryptanalyst has access only to a segment of encrypted data, and has no choice as to what that data might be.

False

Terminal Access Controller Access Control System Plus (TACACS+) is an authentication server that uses client and user configuration files.

False

The Transport Layer of the OSI Reference Model creates, maintains, and disconnects communications that take place between processes over the network.

False

Trojans are self-contained programs designed to propagate from one host machine to another using the host's own network communications protocols.

False

User-based permission levels limit a person to executing certain functions and often enforces mutual exclusivity.

False

You must always use the same algorithm to encrypt information and decrypt the same information.

False

digitized signature is a combination of a strong hash of a message and a secret key.

False

What compliance regulation applies specifically to the educational records maintained by schools about students?

Family Education Rights and Privacy Act (FERPA)

What entity is responsible for overseeing compliance with Family Educational Rights and Privacy Act (FERPA)?

Family Policy Compliance Office (FPCO)

Yolanda would like to prevent attackers from using her network as a relay point for a smurf attack. What protocol should she block?

Internet Control Message Protocol (ICMP)

What is a single sign-on (SSO) approach that relies upon the use of key distribution centers (KDCs) and ticket-granting servers (TGSs)?

Kerberos

Brian would like to conduct a port scan against his systems to determine how they look from an attacker's viewpoint. What tool can he use for this purpose?

Nmap

What level of technology infrastructure should you expect to find in a cold site alternative data center facility?

No technology infrastructure

Which scenario presents a unique challenge for developers of mobile applications?

Selecting multiple items from a list

Karen is designing a process for issuing checks and decides that one group of users will have the authority to create new payees in the system while a separate group of users will have the authority to issue checks to those payees. The intent of this control is to prevent fraud. Which principle is Karen enforcing?

Separation of duties

Tomahawk Industries develops weapons control systems for the military. The company designed a system that requires two different officers to enter their access codes before allowing the system to engage. Which principle of security is this following?

Separation of duties

A Chinese wall security policy defines a barrier and develops a set of rules that makes sure no subject gets to objects on the other side.

True

A birthday attack is a type of cryptographic attack that is used to make brute-force attack of one-way hashes easier.

True

Application service providers (ASPs) are software companies that build applications hosted in the cloud and on the Internet.

True

Authorization is the process of granting rights to use an organization's IT assets, systems, applications, and data to a specific user.

True

One advantage of using a security management firm for security monitoring is that it has a high level of expertise.

True

Payment Card Industry Data Security Standard (PCI DSS) version 3.2 defines 12 requirements for compliance, organized into six groups, called control objectives.

True

SOC 2 reports are created for internal and other authorized stakeholders and are commonly implemented for service providers, hosted data centers, and managed cloud computing providers.

True

Simple Network Management Protocol (SNMP) is used for network device monitoring, alarm, and performance.

True

Social engineering is deceiving or using people to get around security controls.

True

The Federal Financial Institutions Examination Council (FFIEC) developed the Cybersecurity Assessment Tool, which can be used as a self-assessment tool for identifying a bank or financial institution's cyber security maturity.

True

The International Electrotechnical Commission (IEC) is the predominant organization for developing and publishing international standards for technologies related to electrical and electronic devices and processes.

True

The Internet Architecture Board (IAB) is a subcommittee of the IETF.

True

The Physical Layer of the OSI Reference Model must translate the binary ones and zeros of computer language into the language of the transport medium.

True

Val would like to isolate several systems belonging to the product development group from other systems on the network, without adding new hardware. What technology can she use?

Virtual LAN (VLAN)

What tool might be used by an attacker during the reconnaissance phase of an attack to glean information about domain registrations?

Whois

Which type of attack against a web application uses a newly discovered vulnerability that is not patchable?

Zero-day attack

Authorization is the process of granting rights to use an organization's IT assets, systems, applications, and data to a specific user.

true


Ensembles d'études connexes

Chapter 16 The Scientific Revolution

View Set

Elimination, Nutrition & Mobility Mastery Assessment

View Set

Important Brightspace Vocabulary

View Set