MIST 5785 All Quizzes for Midterm

CIA Triad Includes _______. -Availability -Accountability -Integrity - Confidentiality

- Availability -Integrity - Confidentiality

The seven domains of a typical IT infrastructure include ___________________________. -System/Application domain -router domain -workstation domain -LAN-to-WAN domain

-System/Application domain -workstation domain -LAN-to-WAN domain

Juan's web server was down for an entire day last September. It experienced no other downtime during that month. Which one of the following represents the web server's availability factor for that month? 3.33% 96.67% 0.04% 99.96%

96.67%

Alan is evaluating different biometric systems and is concerned that users might not want to subject themselves to retinal scans due to privacy concerns. Which characteristic of a biometric system is he considering?

Acceptability

What policy, provide by a typical ISP, should be read and understood before performing any port scanning outside of your private network? -Acceptable Use Policy -ISP Security Policy -Hacking Policy -Port Scanning Policy

Acceptable use Policy

Ed wants to make sure that his system is designed in a manner that allows tracing actions to an individual. Which phase of access control is Ed concerned about? Authorization Identification Authentication Accountability

Accountability

Which of the following is a form of OS fingerprinting that involves actively requesting information from a target system? Active fingerprinting Banner fingerprinting Network fingerprinting

Active fingerprinting

In what type of attack does the attacker take over an established session between two parties and then interacts with the remaining party as if the attacker were the party that has been disconnected? -Passive session hijacking -Passive sniffing -Active session hijacking -Active sniffing

Active session hijacking

What type of sniffing takes place on networks that have connectivity hardware that is "smarter" or more advanced, such as those with a switch? Passive sniffing Promiscuous sniffing Hub sniffing Active sniffing

Active sniffing

Alice would like to send a message to Bob using a digital signature. What cryptographic key does Alice use to create the digital signature?

Alice's private key

Bob received a message from Alice that contains a digital signature. What cryptographic key does Bob use to verify the digital signature?

Alice's public key

During which phase of the access control process does the system answer the question,"What can the requestor access?" Authorization Identification Accountability Authentication

Authorization

Alice would like to send a message to Bob securely and wishes to encrypt the contents of the message. What key does she use to encrypt this message? Alice's private key Alice's public key Bob's public key Bob's private key

Bob's public key

Which type of password attack attempts all possible combinations of a password in an attempt to guess the correct value? Rainbow table attack Brute-force attack Dictionary attack Social engineering attack

Brute-force attack

Which of the following statements is NOT true regarding passive sniffing?

Passive sniffing works only when the traffic you wish to observe and the station that will do the sniffing are in different collision domains (*should be in same collision domains*)

Which one of the following is an example of a logical access control? Key for a lock Fence Password Access card

Password

Which of the following is NOT an advantage of biometric systems? -Biometrics are hard to fake. -Physical characteristics may change. -Users do not need to remember anything. -Biometrics require physical presence.

Physical characteristics may change

Which of the following is a distributed denial of service (DDoS) attack in which the attacker sends a large number of ping packets with the intent of overwhelming a victim? SYN flood Reflected attack Teardrop attack Ping flood

Ping flood

Which element of the security policy framework requires approval from upper management and applies to the entire organization? Policy Standard Guideline Procedure

Policy

Chris is writing a document that provides step-by-step instructions for end users seeking to update the security software on their computers. Performing these updates is mandatory. Which type of document is Chris writing? Procedure Standard Policy Guideline

Procedure

If you work for a company as a security professional, you will most likely be placed on a special team that will conduct penetration tests. What is the standard name for a team made up of security professionals? Red team Pen team Blue team Security team

Red team

Which of the following statements is true when using SSH to remotely access a Cisco router? -SSH encrypts the data transmission between the SSH client and the SSH host to maintain confidentiality. -The rest of the SSH conversation is unencrypted, making the username and password visible. -None of the packets related to the SSH session can be viewed. -Wireshark is unable to capture the password in clear text.

SSH encrypts the data transmission between the SSH client and the SSH host to maintain confidentiality.

What type of testing procedure involves the tester(s) analyzing the company's security policy and procedures, and reporting any vulnerabilities to management? Security test Hacking test Ethical hacking test Penetration test

Security test

Tomahawk Industries develops weapons control systems for the military. The company designed a system that requires two different officers to enter their access codes before allowing the system to engage. Which principle of security is this following -Separation of duties -Security through obscurity -Least privilege -Need to know

Separation of duties

Which one of the following is a better example of two-factor authentication? -Password and security questions -Smart card and personal identification number (PIN) -Personal identification number (PIN) and password -Token and smart card

Smart card and personal identification number (PIN)

Yolanda discovered that a botnet infected several systems on her network. Which of the following activities is not a likely use of the botnet? -Information theft -Denial of service attacks -Social engineering -Click fraud

Social engineering

Which element of the IT security policy framework provides detailed written definitions for hardware and software and how they are to be used? Standard Policy Procedure Guideline

Standard

Which type of TCP scan is the most reliable but also the easiest to detect? TCP SYN scan TCP connect scan TCP NULL scan TCP FIN scan

TCP connect scan

Which of the following statements is NOT true regarding distributed denial of service (DDoS) attacks?

The attack is easily tracked back to its true source (*not easily tracked back to its true source because of the number of systems and devices involved*)

Which of the following statements is true regarding asymmetrical encryption? -The receiver obtains the needed key from the sender or through a trusted third party, such as a certificate server. -The sender encrypts with his/her public key and the receiver decrypts using the sender's private key. -It is quite fast and generally easier to implement than symmetric cryptography. -It does not guarantee the authenticity of the sender.

The receiver obtains the needed key from the sender or through a trusted third party, such as a certificate server.

Which term describes any action that could damage an asset?

Threat

Which classification level is the highest level used by the US federal government?

Top Secret

Which type of cipher works by rearranging the characters in a message? Steganographic Substitution Asymmetric Transposition

Transposition

Single sign-on (SSO) can provide for stronger passwords because with only one password to remember, users are generally willing to use stronger passwords.

True

T/F: A substitution cipher replaces bits, characters, or blocks of information with other bits, characters, or blocks.

True

T/F: An algorithm is a repeatable process that produces the same result when it receives the same input.

True

T/F: Content addressable memory (CAM) is the memory present on a switch, which is used to build a lookup table.

True

T/F: Digital signatures require asymmetric key cryptography.

True

T/F: For businesses and organizations under recent compliance laws, data classification standards typically include private, confidential, internal use only, and public domain categories.

True

T/F: Log files are records that detail who logged on to a system, when they logged on, and what information or resources they used.

True

T/F: Promiscuous mode is a special mode that a network card can be switched to that will allow the card to observe all traffic that passes by on the network segment.

True

What is NOT an effective key distribution method for plaintext encryption keys? Unencrypted email Smart card CD Paper

Unencrypted email

Which one of the following is NOT a commonly accepted best practice for password security? -Include a mixture of uppercase characters, lowercase characters, and numbers in passwords. -Do not include usernames in passwords. -Include a special character in passwords. -Use at most six alphanumeric characters.

Use at most six alphanumeric characters.

What is the process of locating wireless access points and gaining information about the configuration of each? Wardriving Port scanning Wardialing Pinging

Wardriving

If you and another person want to encrypt messages, what should you provide that person with?

Your public key

What do others need to decrypt files that you have encrypted with your private key?

Your public key

Betty receives a cipher text message from her colleague Tim. What type of function does Betty need to use to read the plaintext message? -Decryption -Validation -Hashing -Encryption

Decryption

Gary would like to choose an access control model in which the owner of a resource decides who may modify permissions on that resource. Which model fits that scenario? Role-based access control (RBAC) Mandatory access control (MAC) Rule-based access control Discretionary access control (DAC)

Discretionary access control (DAC)

Harold is performing a penetration test and would like to force a switch to fall back to forwarding mode. Which of the following attacks would be most helpful to Harold in meeting his goal? Active sniffing ARP spoofing Passive sniffing MAC flooding

MAC flooding

Which one of the following measures the average amount of time that it takes to repair a system, application, or component? -Mean time to repair (MTTR) -Recovery time objective (RTO) -Mean time to failure (MTTF) -Uptime

Mean time to Repair (MTTR)

Media Access Control (MAC) flooding and Address Resolution Protocol (ARP) poisoning are _______. -types of promiscuous modes -methods of placing stations in separate collision domains -forms of passive sniffing -methods of active sniffing

Methods of active sniffing

When Patricia receives a message from Gary, she wants to be able to demonstrate to Sue that the message actually came from Gary. What goal of cryptography is Patricia attempting to achieve? Nonrepudiation Integrity Availability Confidentiality

Nonrepudiation

Which type of authentication includes smart cards? -Ownership -Action -Knowledge -Location

Ownership

Countermeasures to thwart footprinting of an organization's website include all of the following except ________. -making mentions of applications, programs, and protocols used by the company nondescript. -removing email addresses, phone numbers, and employee names. -removing potentially sensitive or restricted information. -adding unnecessary information to the website to throw attackers off the trail.

adding unnecessary information to the website to throw attackers off the trail.

Consumption of bandwidth, consumption of resources, and exploitation of programming defects are the three broad categories of ________. botnets denial of service (DoS) attacks session hijacking sniffing

denial of service (DoS) attacks

All of the following actions can be helpful in thwarting session hijacking attacks except ________. -employing operating systems that create predictable sets of sequence numbers -using an intrusion detection system (IDS) that can watch for suspicious activity -using encryption to make it difficult for attackers to see what is being transmitted -configuring routers to block spoofed traffic from outside the protected network

employing operating systems that create predictable sets of sequence numbers

Bits that are set in the header of a packet, each describing a specific behavior, are called _______" id="question_36352963">Bits that are set in the header of a packet, each describing a specific behavior, are called _______ pings flags banners probes

flags

Denial of service (DoS) and distributed denial of service (DDoS) attacks have the same effect. However, a DDoS attack ________. -involves accessing a system of computers without authorization -involves intentional deception designed to produce illegal financial gain or to damage another party -is launched from large numbers of hosts that have been compromised -is software written with a deliberate purpose to cause damage, destruction, or disruption

is launched from large numbers of hosts that have been compromised

Shoulder surfing, keyboard sniffing, and social engineering are considered ________. -dictionary attacks -hybrid password attacks -technical password attacks -nontechnical password attacks

nontechnical password attacks

Botnets are used to perform all of the following attacks except ________. -stealing information -distributed denial of service (DDoS) attacks -passive session hijacking -transmitting spam and other bogus information on behalf of their owner

passive session hijacking

T/F: Content-dependent access control requires the access control mechanism to look at the data to decide who should get to see it.

true

T/F: A brute-force attack tries passwords that are pulled from a predefined list of words.

False

T/F: A private key cipher is also called an asymmetric key cipher.

False

T/F: Cryptographic key distribution is typically done by phone.

False

T/F: Most networks and protocols are inherently secure, making them difficult to sniff

False

T/F: Passphrases are less secure than passwords.

False

T/F: The four central components of access control are users, resources, actions, and features.

False

T/F: You must always use the same algorithm to encrypt information and decrypt the same information.

False

Which element of the security policy framework offers suggestions rather than mandatory actions? Policy Standard Guideline Procedure

Guideline

What type of function generates the unique value that corresponds to the contents of a message and is used to create a digital signature? Encryption Decryption Elliptic curve Hash

Hash

Bob recently accepted a position as the information security and compliance manager for a medical practice. Which regulation is likely to most directly apply to Bob's employer? -Children's Internet Protection Act (CIPA) -Gramm-Leach-Bliley Act (GLBA) -Health Insurance Portability and Accountability Act (HIPAA) -Federal Information Security Management Act (FISMA)

Health Insurance Portability and Accountability Act (HIPAA)

Gary is sending a message to Patricia. He wants to ensure that nobody tampers with the message while it is in transit. What goal of cryptography is Gary attempting to achieve?

Integrity

Rachel is investigating an information security incident that took place at the high school where she works. She suspects that students may have broken into the student records system and altered their grades. If correct, which one of the tenets of information security did this attack violate? Accountability Integrity Availability Nonrepudiation

Integrity