Quiz1 hw1/hw2 review
processing overhead
A prime disadvantage of an application gateway is the ___________
presentation layer
In which layer of the OSI model would encryption take place?
Detect
The NIST _______ function enables timely discovery of cybersecurity events
Source routing attacks
The source station specifies the route that a packet should take as it crosses the Internet
detailed
Which of the following approaches is often mandated by government organizations for IT risk management?
availability
You are in the process of implementing a backup server for a critical application.
NIST800-53
cyber risk management
denial of service
prevents or inhibits the normal use or management of communications facilities
transport layer
reliability
Internetwork
A network of networks using multiple technologies forming a large global network is known as
Wide Area Network
A network that connects multiple local area networks spanning large area is________________
attack
An assault on system security that derives from an intelligent act that is a deliberate attempt to evade security services and violate the security policy of a system is a(n) __________.
spoofing
An intruder transmitting packets from the outside with a source IP address field is known as IP address _________.
Encapsulation
Attempt to prevent people from being able to see information is ____________
Formulating policies
CSIRT is not responsible for ___________.
Security Policy, Implementation, Evaluation and Assurance
Computer Security Strategy comprises of
Statistical anomaly
Develops baselines of normal traffic activity and throughput, and alerts on deviations from those baselines.
Anomaly
Host based IPS looking ________ for that indicate malware
Network Layer
IP and IPSec reside on what layer of the OSI model?
Data Link Layer
In OSI model, _______________ performs frame boundary checks.
External Firewall
In a DMZ, the ___________ adds less stringent filtering capability
n-1
In the layered OSI model, the data portion of a packet at level _____ encapsulates the entire Packet Data Unit from N level as payload
Network Layer
Layer handles congestion in the network
Protocol anomaly
Looks for deviation from standards set forth in RFCs
cost-benefit analysis
Management should conduct a ________ to identify those controls that are most appropriate and provide the greatest benefit for the given resources
Packet-switched
No dedicated path is established between source and destination before sending data in a ________________ network:
IP address, ports, protocol
Packet Filtering Firewall applies rules to each incoming and outgoing IP packet based on
active attacks
Replay, masquerade, modification of messages, and denial of service are example of ________.
cost impact to organization
Risk = (Probability that threat occurs) x _________.
Pattern matching
Scans incoming packets for specific byte sequences (the signature) stored in a database of known attacks.
Accountability
Security awareness programs can serve as a deter disgruntled employees by increasing the awareness of their ________ and of potential penalties
Session Hijacking
Stateful firewalls keep track of TCP sequence number to prevent attacks such as ____________.
Application Layer
Telnet, FTP, and SMTP reside on what layer of the OSI model?
End to End network data flow
The bottom four OSI layers deal with _______________
Corporate security policy
The intent of the ________ is to provide a clear overview of how an organization's IT infrastructure supports its overall business objectives
Tiny fragment attacks
The intruder uses the IP fragmentation option to create extremely small fragments and force the TCP header information into a separate packet fragment.
fraud
The principal problems associated with employee behavior related to security are errors and omissions, _______, and actions by disgruntled employees
establishing the context
The purpose of ________ is to determine the basic parameters within which the risk assessment will be conducted
Risk Register
The results of the risk analysis should be documented in a _________
attack surface
The scope that the hacker can use to break into a system is also called as ____________
attack surface reduction
The use of layering, or defense in depth, and ________________ complement each other in risk mitigation
Traffic anomaly
Watches for unusual traffic activities, such as a flood of UDP packets or a new service appearing on the network.
network
Which of the following involves finding the best route for Protocol Data Unit towards its destination?
Bootup
Which of the following is NOT a part of the connection-oriented protocol session?
A. Red Hat Ansible
Which of the following is NOT an automated tool used for incident detection?
capability maturity model
Which of the following is not a model listed in NIST 800-50 for communicating the security awareness program implementation plan?
Data link, transport, application, session, and network
Which of the following shows the layer sequence as layers 2, 4, 7, 5, and 3?
fingerprint
_______ is a type of biometric authentication for identifying a person to access confidential data
Detection and recovery
________ controls focus on the response to a security breach, by warning of violations of security policies.
Triage
________ is the process of receiving, initial sorting, and prioritizing of information to facilitate its appropriate handling.
executives
________ need training on the development of risk management goals, and the need to lead by example in the area of security awareness
Control information
_________ can be found in the Header and Footer of a Network Protocol Data Unit (PDU) packet.
integrity
_________ makes sure that data is not changed when it is not supposed to be
privacy
__________ assures that individuals influence what information related to them may be collected and stored
risk
__________ describes the probability that a threat to an IT system can materialize
Stateful matching
__________ scans for attack signatures in the context of a traffic stream rather than individual packets.
presentation layer
_______________ layer in the OSI model is responsible for data compression.
attack tree
________________ is hierarchical data structure representing techniques for exploiting security vulnerabilities
Packet flood
adverse event
countermeasure
an action, device, procedure, or technique that reduces a threat by preventing it or by minimizing the harm it can cause
UDP
connectionless
Residual Risk
is the amount of risk associated remaining after natural or inherent risks have been reduced by new risk controls
circuit switching
pstn