Study Guide
Which of the following would be considered an attack and penetration tester?
An information security professional with authorization to compromise a system seeking vulnerabilities
For information security purposes, which of the following terms is used to describe the systems that use, store, and transmit information?
Assets
The __________ has primary responsibility for the assessment, management and implementation of information security in the organization? (
CISO
Payment Card Industry ______ Standards are designed to enhance the security of customers' payment card account data?
Data Security
Which of the following is an American contribution to an effort to improve copyright protection internationally?
Digital Millennium Copyright Act (DMCA)
Which type of firewall filtering allows the firewall to react to an emergent event and update or create rules to deal with the event?
Dynamic
The ______ attempts to prevent trade secrets from being illegally shared?
Economic Espionage Act
All traffic exiting from the trusted network should be filtered?
False
Email is the most private form of communication and it is safe to use with personal information?
False
Notification from an IDPS (Intrusion Detection and Prevention System) always indicates a definite incident is in progress since these tools are easy to configure and operate?
False
Passwords should only be shared with trusted people and the IT Security Department?
False
Pretexting to gain confidential information is no longer considered a viable threat as the human element is considered the strongest link in the security chain?
False
Regardless of what information a company manages, it is shielded from local and state laws and regulations because the federal laws supersede them?
False
Service level agreements (SLA) are considered optional in most cases when an organization engages a third party for cloud computing services or other outsourced services?
False
The authentication factor "something a supplicant has" relies upon individual characteristics, such as fingerprints, palm prints, hand topography, hand geometry, or retina and iris scans?
False
The process an organization uses to assign a risk rating or score to each information asset is a risk evaluation?
False
When changing a security blueprint, training employees is not included as part of the process.
False
Which of the following terms are used to describe organized research of the internet addresses owned or controlled by the target organization?
Footprinting
Which law regulates the role of the healthcare industry in protecting the privacy of individuals?
Health Insurance Portability and Accountability Act of 1996 (HIPAA)
The probability that a specific vulnerability within an organization will be the target of an attack is known as which of the following?
Likelihood
The ________ process entails the review and assessment of organizational information security performance toward goals and objectives by the governing body
Monitor
Which layer of the bulls-eye model should information security projects focus the most on?
Networks
What type of firewall examines every incoming packet header and can selectively filter packets based on header information, such as destination address, source address, packet type, and other key information?
Packet filtering
Information about a person's history, background, and attributes that can be used to commit identify theft is called?
Personal Identifiable Information
Which changeover strategy should be used when transitioning from an old system to a new system gradually?
Phased
Information security performs all of the following functions for an organization except?
Provides for the broad and easy access of an organization's intellectual property among companies in the same industry
Incidence response (IR) actions can be organized into three phases. Which of the following is not an IR phase?
Simulation
When projects are initiated at the highest levels of an organization and then pushed to all levels, they are said to follow which approach?
Top Down
A wireless security toolkit should include the ability to sniff wireless traffic, scan wireless hosts, and assess the level of privacy or confidentiality afforded on the wireless network?
True
A zero-day attack makes use of malware that is not yet known by the anti-virus software companies?
True
Cloud-based provisioning can be both a potential continuity option for production systems and a mechanism to manage recovery from disrupted operations?
True
Everyone has responsibility to protect company confidential and sensitive information?
True
Major tasks that are part of a work breakdown structure (WBS) are known as subtasks.
True
SP 800-18, "Guide for Developing Security Plans for Federal Information Systems," is considered the foundation for a comprehensive security blueprint and framework?
True
Strategic planning sets the long-term direction to be taken by the organization and each of its component parts. It should also guide organizational efforts and focus resources toward specific, clearly defined goals?
True
The Center for Internet Security (CIS) outlines three categories of control to detect, prevent, respond to, and mitigate damage from attacks: Basic, Foundational, and Organizational.
True
The cornerstone of many current federal computer-related criminal laws is the Computer Fraud and Abuse Act of 1986?
True
The information technology community of interest must assist in risk management by configuring and operating information systems in a secure fashion?
True
The parallel operations conversion strategy often involves running two systems concurrently.
True
The person responsible for the storage, maintenance, and protection of information is the data custodian?
True
A potential weakness in an asset or its defensive control systems is a _______?
Vulnerability
The method by which systems determine whether and how to admit users into a trusted area of the organization is known as which of the following?
access control
Which step of the systems development life cycle (SDLC) reviews issues with a current system and establishes the requirements of the new system being created?
analysis
Which term is used to describe the process of validating a supplicant's purported identity?
authentication
In which IDPS control strategy are all IDPSs control functions implemented and managed in a central location?
centralized control strategy
What is a type of law that represents all that apply to a citizen (or subject) of a jurisdiction?
civil law
A network filter that allows administrators to restrict access to external content from within a network is known as which of the following?
content filter
The generally recognized term for the government protection afforded to intellectual property (written and electronic) is called which of the following?
copyright law
What is the type of law that addresses violations harmful to society and that is enforced by prosecution by the state?
criminal law
As the text describes, the purpose of digital forensics is to preserve?
evidentiary material (EM)
Which of the following is an event that triggers alarms when no actual attacks are in progress?
false attack stimulus
The biometric technology criteria that describes the number of legitimate users who are denied access because of a failure in the biometric device is known as which of the following?
false reject rate
What term is used to describe decoy systems designed to lure potential attackers away from critical systems?
honeypot
What detection method examines the system or network data for patterns that match known attack signatures?
knowledge-based detection
Which type of IDPS resides on a computer or appliance connected to a segment of an organization's network and monitors traffic on that segment looking for indications of on-going or successful attacks?
network-based IDPS
What is a network tool that collects copies of packets from the network and analyzes them?
packet sniffer
A scanner that listens in on a network and identifies vulnerable versions of both server and client software is known as which of the following?
passive vulnerability scanner
In developing information security guidance, which is the hierarchy of development?
policy, standards, guidelines, procedures
Which of the following is not a definite indicator of an incident?
presence of unfamiliar files
Which consideration is focused on the selection of equipment and services for a project?
procurement
What is the situation called when a project manager spends more time adjusting a project management software file than focusing on the project itself?
projectitis
When reviewing the Microsoft SDL (System Development Lifecycle), what is the final phase of their plan where an incident response plan is executed?
response
The application of controls that reduce the risks to an organization's information assets to an acceptable level is known as which of the following?
risk control
In a ___________, the organization creates a role-playing exercise in which the CP (Contingency Planning) Team is presented with a scenario of an actual incident or disaster and is expected to react as if it had occurred?
simulation
According to the National Information Infrastructure Act of 1996, the severity of the penalty for computer crimes depends on the value of the information obtained and whether the offense is judged to have been committed for each of the following except?
to harass
Which VPN technology uses circuits from a service provider and conducts packet switching over these leased circuits?
trusted VPN
The process of adjusting an IDPS to maximize its efficiency in detecting true positives while minimizing false positives and false negatives is known as which of the following?
tuning
What is used to dial every number in a configured range and checks to see if a person, answering machine, or modem picks up?
war dialer
In determining recovery criticality, which of the following is true?
· As disruption time increases, cost to recover goes down and cost of disruption goes up
Using a known or previously installed access mechanism is known as which of the following?
· Back Door
Which of the following could be considered highly desirable trophies for corporate espionage?
· Customer information · Intellectual property (IP) · Financial results · Elon Musk flight details
According to the text and the information security governance roles and responsibilities graphic, who is responsible for policy implementation, reporting security vulnerabilities, and breaches?
· Enterprise staff/employees
Which of the following terms best describes a specification of a model to be followed during the design, selection, and initial and ongoing implementation of all subsequent security controls?
· Information security framework
The following is often a main trophy for corporate espionage?
· Intellectual property (IP)
A hacker will typically utilize IP spoofing to install a _________to monitor data traveling over a network?
· Packet sniffer
The following form of social engineering attempts to direct a target to provide personal or confidential information?
· Phishing
A hacker would typically attempt to attain the following in order to gain advanced access and control over the compromised system?
· Privilege escalation
The C.I.A Triad industry standard for computer security has all of the following characteristics except?
· Shareability
Access control lists (ACL) are a unique form of what kind of policy?
· SysSP
A _______ is an investigation and assessment of adverse events that can affect the organization; it includes a determination of how critical a system or data are to the organization's core processes and its recovery priorities?
· business impact analysis
What is the term called which represents the actions taken by management, specifically the organization's efforts and actions if an adverse event becomes an incident or disaster?
· contingency planning
As indicated earlier, one of the foundations of security architectures is the requirement to implement security in layers. This layered approach is referred to as which of the following?
· defense in depth
Before deciding on a treatment strategy for a specific TVA triple, the organization should perform which of the following to determine the merits of the treatment?
· economic feasibility study
Providing customer billing as mentioned in the text is an example of what?
· mission/business process
Which risk control strategy attempts to reduce the impact of a successful attack through planning and preparation?
· mitigation
Which type of asset might a company take a zero-tolerance risk exposure posture?
· research and development
Risk identification is performed within a larger process of identifying and justifying risk controls that is called which of the following?
· risk management
Which of the following defines the edge between the outer limit of an organization's security and the beginning of the outside world?
· security perimeter
What type of planning occurs where the actions taken by management to specify the intermediate goals and objectives of the organization in order to obtain specified strategic goals are followed by estimates and schedules for the allocation of resources necessary to achieve those goals and objectives?
· tactical
Which risk control strategy attempts to shift residual risk to other assets, other processes, or other organizations?
· transference
