CS-416 Chapter 6 - Final

अब Quizwiz के साथ अपने होमवर्क और परीक्षाओं को एस करें!

Organizations are usually not aware of when compliance auditing is a mandated periodic occurrence, so preparation is challenging and often not possible.

False

Security management is the ongoing process of evaluating security so that you can improve it.

False

Single-factor authentication uses a single element of validation or verification to prove the identity of a subject, and it is considered much stronger than multi-factor authentication.

False

The act of containment should not interrupt or interfere with the continued spread or operation of the unwanted event.

False

Training is less rigorous than awareness and more rigorous than education.

False

You should wait at least a month before applying a patch or update from the vendor.

False

To write a comprehensive security policy, you should first inventory and examine the components of the IT infrastructure.

True

Trusted Platform Module (TPM) is a dedicated microchip found on some motherboards; it hosts and protects the encryption key for whole hard drive encryption.

True

You should never assume that a service or protocol is secured by another layer or service.

True

Which form of investigation aims at checking whether or not a target system is subject to attack based on a database of tests, scripts, and simulated exploits? Incident response plan Fail-open Vulnerability scanning Separation of duties

Vulnerability scanning

Which one of the following is not a cause of a configuration error? Physical damage Updates Human error Vulnerability scanning

Vulnerability scanning

What prevents a hard drive from being read by another system if it is stolen? Whole hard drive encryption Host firewall Antivirus scanner Intrusion detection system (IDS)

Whole hard drive encryption

Checking authentication, checking authorization and access control, auditing systems, and verifying firewalls and other filters should all be included on which of the following? A physical security checklist A whitelist A response plan A logical security checklist

A logical security checklist

What is a business continuity plan? A plan explaining the use of only a single element of validation or verification to prove the identity of a subject. A plan outlining the failure response that results in open and unrestricted access or communication. A plan to maintain the mission-critical functions of the organization in the event of a problem that threatens to take business processes offline. A plan to restore the mission-critical functions of the organization once they have been interrupted by an adverse event.

A plan to maintain the mission-critical functions of the organization in the event of a problem that threatens to take business processes offline.

Which of the following describes separation of duties? A security stance that allows all communications except those prohibited by specific deny exceptions A plan to restore the mission-critical functions of the organization once they have been interrupted by an adverse event A security guideline, procedure, or recommendation manual An administrative rule whereby no single individual possesses sufficient rights to perform certain actions

An administrative rule whereby no single individual possesses sufficient rights to perform certain actions

Which of the following creates copies of data on other storage media? Fail-Open Honeynets Backups Security Technical Implementation Guide (STIGS)

Backups

Which of the following describes awareness? A dedicated microchip found on some motherboards that host and protect the encryption key for whole hard drive encryption The third and highest level of obtaining security knowledge that leads to career advancement A security guideline, procedure, or recommendation manual Basic security training that focuses on common or basic security elements that all employees must know and abide by

Basic security training that focuses on common or basic security elements that all employees must know and abide by

Which of the following is an element of infrastructure design that takes into account the likelihood of a security breach by malicious code or some other intruder? Containment Trapping Compartmentalization Intrusion detection

Compartmentalization

Which of the following is a detailed and thorough review of the deployed security infrastructure compared with the organization's security policy and any applicable laws and regulations? Incident response plan Compliance audit Disaster recovery plan Business continuity plan

Compliance audit

Which of the following determines the available vendor patches that are installed or missing? Vulnerability scan Configuration scan Penetration test Post-mortem assessment

Configuration scan

A security stance that blocks access to all resources until a valid authorized explicit exception is defined? Fail-secure Fail-open Default deny Default allow

Default deny

Which of the following is not a step in an incident response solution? Evasion Containment Eradication Recovery

Evasion

Which of the following refers to a failure response resulting in open and unrestricted access or communication? Fail-open Mission-critical Default allow Fail-secure

Fail-open

A fail-open grants all users the minimum level of access and permission required to perform an assigned job task or responsibility.

False

Default deny is a specialized host used to place an attacker into a system where the intruder cannot do any harm.

False

Handling physical security attacks is the most important aspect of a security plan, as these types of attacks pose the highest risks to the organization.

False

Which of the following is a form of security protection that protects individual files by scrambling the contents in such a way as to render them unusable by unauthorized third parties? Default allow Separation of duties File encryption Fail-secure

File encryption

Which of the following describes a predefined procedure that will limit damage, contain the spread of malicious content, stop the compromise of information, and promptly restore the environment to a normal state? Separation of duties Incident response plan Business continuity plan Disaster recovery plan

Incident response plan

Which of the following is not a characteristic of security education? Its purpose is to obtain knowledge that leads to career advancement. It is usually obtained inside of the organization. It is broad and not necessarily focused on specific job tasks or assignments. It is more rigorous than awareness or training.

It is usually obtained inside of the organization.

Which of the following describes the state or condition of an asset or process vitally important to the long-term existence and stability of an organization? Mission-critical Fail-secure Fail-open Compliance audit

Mission-critical

Which of the following refers to a specialized host used to place an attacker into a system where the intruder cannot do any harm? Incident response plan Padded cell Principle of least privilege Default allow

Padded cell

Which of the following refers to the guideline that all users should be granted only the minimum level of access and permission required to perform their assigned job tasks and responsibilities? The whitelist Principle of least privilege Single-factor authentication Incident response plan

Principle of least privilege

The goal of disaster recovery planning is to return the business to functional operation within a limited time to prevent the failure of the organization due to the incident.

True

A Security Technical Implementation Guide (STIGS) is a guideline, procedure, or recommendation manual.

True

A honeynet is a collection of multiple honeypots in a network for the purposes of luring and trapping hackers.

True

A port-mortem assessment review is the self-evaluation performed by individuals and organizations after each security assessment task.

True

Bricking occurs when an update process causes a complete failure of the security control.

True

It is a mistake to use remote system and device management mechanisms that are convenient but not secure, such as telnet, HTTP, and FTP.

True

Patch management watches for the release of new updates from vendors, tests the patches, obtains approval, and then oversees the deployment and implementation of updates across the production environment.

True

Penetration testing involves the application of hacking techniques, methodology, and tools; ethical security experts conduct penetration testing.

True


संबंधित स्टडी सेट्स

Muscles of the Lips and Facial Expression

View Set

Comparing and Contrasting Two Versions of The War of the Worlds Quiz 100%!!!!

View Set

University Physics II Midterm 2017 Multiple Choice

View Set

Econ 320 - Ch 3: National Income

View Set

Chapter 2: Organizational Behavior

View Set

classification of BP for Adults age 18-older

View Set

Security+ SY0-601 Chapter 3 Review Questions

View Set