T/F Chapter 7 Quiz, Chapter 8 Quiz, Chapter 9 Quiz, Chapter 10 Quiz, Chapter 11 Quiz, Chapter 12 Quiz
True or False? A best practice is the standard collection of configuration settings or performance metrics to which a system is compared to determine whether it is securely configured.
False
True or False? A block cipher encrypts one byte (or bit) at a time, whereas a stream cipher encrypts an entire block of data at a time.
False
True or False? A business impact analysis (BIA) details the steps to recover from a disruption and restore the infrastructure necessary for normal business operations.
False
True or False? A digitized signature is a combination of a strong hash of a message and a secret key.
False
True or False? A port-scanning tool enables an attacker to escalate privileges on a network server.
False
True or False? A private key cipher is also called an asymmetric key cipher.
False
True or False? A product cipher is an encryption algorithm that has no corresponding decryption algorithm.
False
True or False? A report indicating that a system's disk is 80 percent full is a good indication that something is wrong with that system.
False
True or False? A smurf attack tricks users into providing logon information on what appears to be a legitimate website but is in fact a website set up by an attacker to obtain this information.
False
True or False? All types of disaster recovery sites are available in the cloud.
False
True or False? Change does not create risk for a business.
False
True or False? Clustering comprises multiple disk drives that appear as a single disk drive but actually store multiple copies of data in case a disk drive in the array fails.
False
True or False? Committee of Sponsoring Organizations (COSO) is a set of best practices for IT management.
False
True or False? Configuration changes can be made at any time during a system life cycle, and no process is required.
False
True or False? Cyberterrorism is the use of online media and assets to harass individuals.
False
True or False? During a simulation test of a contingency plan, you must shut down the original system at the primary site for the duration.
False
True or False? Hijacking refers to the use of social engineering to obtain access credentials, such as usernames and passwords.
False
True or False? In a known-plaintext attack (KPA), the cryptanalyst has access only to a segment of encrypted data and has no choice as to what that data might be.
False
True or False? Mandatory vacations minimize risk by rotating employees among various systems or duties.
False
True or False? Operating systems remove data when a file is deleted.
False
True or False? Regarding log monitoring, false negatives are alerts that seem malicious but are not real security events.
False
True or False? Regarding security controls, the four most common permission levels are poor, permissive, prudent, and paranoid.
False
True or False? Regulatory compliance means complying with an organization's own policies, audits, culture, and standards.
False
True or False? Signature-based intrusion detection systems (IDSs) compare current activity with stored profiles of normal (expected) activity.
False
True or False? Spyware does not use cookies.
False
True or False? Stealth viruses attack countermeasures, such as antivirus signature files or integrity databases, by searching for these data files and deleting or altering them.
False
True or False? System infectors are viruses that attack document files containing embedded macro programming capabilities.
False
True or False? Testimonial evidence is often the most important evidence in court because it provides relevance for other types of evidence.
False
True or False? The U.S. government currently has no standard for creating cryptographic keys for classified applications.
False
True or False? The macOS operating system uses the ext3 or ext4 file systems.
False
True or False? The process of collecting evidence is called evidence preservation.
False
True or False? The process of remediation makes sure all personnel are aware of and comply with an organization's policies.
False
True or False? The term "data owner" refers to the person or group that manages an IT infrastructure.
False
True or False? The term "firmware" indicates that software is stored on a separate storage unit within a file system, as opposed to directly in the hardware.
False
True or False? The term certificate authority (CA) refers to a trusted repository of all public keys.
False
True or False? The waterfall software development model works well in very dynamic environments where requirements change and are often revisited.
False
True or False? When outsourcing operations to a cloud service provider, the client is responsible for determining the best fault tolerance implementations to meet the service level-agreement (SLA) availability requirements.
False
True or False? Worms operate by encrypting important files or even the entire storage device and making them inaccessible.
False
True or False? You must always use the same algorithm to encrypt information and decrypt the same information.
False
True or False? A Faraday bag stops any electromagnetic emanations from passing into or out of the bag, preventing a mobile device from communicating with the outside world.
True
True or False? A backdoor is a hidden way to bypass access controls and allow access to a system or resource.
True
True or False? A blanket purchase agreement (BPA) creates preapproved accounts with qualified suppliers to fulfill recurring orders for products or services.
True
True or False? A computer virus is an executable program that attaches to, or infects, other executable programs.
True
True or False? A functional policy declares an organization's management direction for security in such specific functional areas as email use, remote access, and Internet interaction (including social media).
True
True or False? A hash function is a mathematical function that takes arbitrary data as input and returns a fixed-length output (number).
True
True or False? A host-based intrusion detection system (HIDS) can recognize an anomaly that is specific to a particular machine or user.
True
True or False? A keyword mixed alphabet cipher uses a cipher alphabet that consists of a keyword, minus duplicates, followed by the remaining letters of the alphabet.
True
True or False? A parallel test of a contingency plan is the same as a full-interruption test except that processing does not stop at the primary site.
True
True or False? A primary concern for collected evidence is the preservation of its collected state, which means assurance that evidence remains unchanged from its state when it was collected.
True
True or False? A rootkit is a type of malware that modifies or replaces one or more existing programs to hide the fact that a computer has been compromised.
True
True or False? A salt value is a set of random characters you can combine with an input key to create an encryption key.
True
True or False? A security awareness program should address the requirements and expectations of an organization's security policy.
True
True or False? A successful business impact analysis (BIA) maps the context, the critical business functions (CBFs), and the processes on which they rely.
True
True or False? After audit activities are completed, auditors perform data analysis.
True
True or False? All types of evidence are subject to the chain of custody procedures.
True
True or False? American Institute of Certified Public Accountants (AICPA) Service Organization Control (SOC) 2 reports are commonly implemented for service providers, hosted data centers, and managed cloud computing providers.
True
True or False? An American Institute of Certified Public Accountants (AICPA) Service Organization Control (SOC) 1 report is commonly implemented for organizations that must comply with Sarbanes-Oxley (SOX) or the Gramm-Leach-Bliley Act (GLBA).
True
True or False? An American Institute of Certified Public Accountants (AICPA) Service Organization Control (SOC) 3 report is intended for public consumption.
True
True or False? An algorithm is a repeatable process that produces the same result when it receives the same input.
True
True or False? An auditing benchmark is the standard by which a system is compared to determine whether it is securely configured.
True
True or False? An example of a nonaccess computer crime is crashing a target's critical functionality to prevent normal (revenue-creating) processes from occurring.
True
True or False? An organization can maintain a cloud-based disaster recovery site for a fraction of the cost of a physical site.
True
True or False? Any component that, if it fails, could interrupt business processing is called a single point of failure (SPOF).
True
True or False? Attackers have established thousands of botnets, which they use to distribute malware and spam and to launch denial of service (DoS) attacks against organizations or even countries.
True
True or False? Attacks against confidentiality and privacy, data integrity, and availability of services are all ways malicious code can threaten businesses.
True
True or False? Because people inside an organization generally have more detailed knowledge of the IT infrastructure than outsiders do, they can place logic bombs more easily.
True
True or False? Business continuity management includes business continuity planning, disaster recovery planning, crisis management, incident response management, and risk management.
True
True or False? Change control is the management of changes to the configuration of a system.
True
True or False? Classification scope determines what data to classify; classification process determines how to handle classified data.
True
True or False? Company-related classifications are not standard; therefore, there may be some differences of meaning between the terms "private" and "confidential" in different companies.
True
True or False? Data loss prevention (DLP) uses business rules to classify sensitive information to prevent unauthorized end users from sharing it.
True
True or False? Defense in depth is the practice of layering defenses to increase overall security and provide more reaction time to respond to incidents.
True
True or False? Digital forensics is the process of using well-defined analytical and investigative techniques to guide the processes of collecting and examining evidence related to a computer security incident.
True
True or False? Digital signatures require asymmetric key cryptography.
True
True or False? During an IT audit, security controls are checked to ensure they are effective, reliable, and functioning as required and expected.
True
True or False? During the planning and execution phases of an audit, an auditor will most likely review risk analysis output.
True
True or False? E-discovery is an iterative process of examining storage media, searching for items of interest, identifying likely items that may have value as evidence, and then recovering those items.
True
True or False? Elliptic curve cryptography (ECC) relies on algebraic structures of elliptic curves over finite fields.
True
True or False? Even if a mobile device is deemed not to be a direct part of a crime or incident, its ability to record the environment of an attacker during the incident could be material.
True
True or False? Examples of major disruptions include extreme weather, application failure, and criminal activity.
True
True or False? Fault-tolerance options are not replacements for data backups.
True
True or False? Forensic labs may use both open source and commercial software for digital analysis.
True
True or False? Generally, once evidence becomes inadmissible, it cannot be fixed.
True
True or False? ISO 27002 is a best-practices document that gives guidelines for information security management.
True
True or False? In an incremental backup, you start with a full backup when network traffic is light. Then, each night, you back up only that day's changes.
True
True or False? In cryptography, a keyspace is the number of possible keys to a cipher.
True
True or False? In remote journaling, a system writes a log of online transactions to an offsite location.
True
True or False? One way to harden a system is to turn off or disable unnecessary services.
True
True or False? Patching computers and devices with the latest security fixes makes them more resistant to many types of attacks.
True
True or False? Policies that cover data management should cover transitions throughout the data's life cycle.
True
True or False? Procedures help enforce the intent of a policy.
True
True or False? Regarding an intrusion detection system (IDS), stateful matching looks for specific sequences appearing across several packets in a traffic stream, rather than just in individual packets.
True
True or False? Regarding disaster recovery, an alternate processing center or mirrored site is always ready and under the organization's control.
True
True or False? Revocation is a security measure that stops authorization for access to data.
True
True or False? Security breaches perpetrated by current and former employees often go undetected due to weak personnel and security policies or ineffective countermeasures.
True
True or False? Standards are mandated requirements for hardware and software solutions used to address security risk throughout an organization.
True
True or False? Symmetric key ciphers require that both parties first exchange keys to be able to securely communicate.
True
True or False? The Common Criteria is a set of system procurement standards used by several countries.
True
True or False? The U.S. Department of Defense (DoD) Cyber Crime Center (DC3) sets standards for digital evidence processing, analysis, and diagnostics.
True
True or False? The emergency operations center (EOC) is the place where an organization's recovery team will meet and work during a disruption.
True
True or False? The function of homepage hijacking is to change a browser's homepage to point to the attacker's site.
True
True or False? The goal of a command injection is to execute commands on a host operating system.
True
True or False? The idea that users should be granted only the levels of permissions they need to perform their duties is called the principle of least privilege.
True
True or False? The purpose of a security audit is to make sure computing environments and security controls work as expected.
True
True or False? The recovery point objective (RPO) can come from the business impact analysis (BIA) or sometimes from a government mandate, such as banking laws.
True
True or False? The success of Trojans is due to their reliance on social engineering to spread and operate; they have to trick users into running them.
True
True or False? The term "computer crime" typically refers to crimes that target computer resources, either data that computers store or the services they provide (or both).
True
True or False? The term "web defacement" refers to someone gaining unauthorized access to a web server and altering the index page of a site on the server.
True
True or False? Time stamps correspond to computer log files to help coordinate a sequence of events and are accurate to at least the second.
True
True or False? Today's mobile devices almost all run with either iOS or Android.
True
True or False? Transport Layer Security (TLS) is an example of a transport encryption protocol.
True
True or False? Two common methods to protect evidence during imaging are to use forensic software that forces read-only mode or connect the evidence device using a hardware interface that blocks any write operations.
True
True or False? Unlike viruses, worms do not require a host program to survive and replicate.
True
True or False? Using the names of superiors to convince another person that a higher authority has allowed access to information is a form of social engineering.
True
True or False? When planning an IT audit, one must ensure that the areas not reviewed in the current audit will be subject to another audit.
True
True or False? Whereas a cipher performs a particular task, a key gives the specific directions for how to do it.
True
True or False? While running business operations at an alternate site, you must continue to make backups of data and systems.
True
True or False? With asymmetric key ciphers, it is computationally infeasible to derive the second algorithm from the first algorithm.
True
True or False? You can break a cipher by analyzing the ciphertext to find the plaintext or key or by analyzing the ciphertext and its associated plaintext to find the key.
True