cyber test 2 review
public interest
"EPIC is a _____________________________ research center in Washington, DC. EPIC was established in 1994 to focus public attention on emerging privacy and civil liberties issues and to protect privacy, freedom of expression, and democratic values in the information age. "
Li0n
"The ISC was created in 2001 following the successful detection, analysis, and widespread warning of the ______________ worm. Today, the ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers."
benchmarks
"The National Checklist Program (NCP), defined by the NIST SP 800-70, is the U.S. government repository of publicly available security checklists (or __________________________) that provide detailed low level guidance on setting the security configuration of operating systems and applications."
lookup
A ____________________ table stores the pre-computed hashes of passwords in a password dictionary along with the corresponding password. This table is a data structure that processes hundreds of hash lookups per second.
dictionary
A _______________________ attack uses a file containing common words, phrases, and passwords. The file has the hashes calculated.
cipher
A ________________________ lock uses buttons that a user presses in a given sequence to open the door.
brute-force
A _________________________ attack attempts every possible combination of characters up to a given length
parameters
A validation rule checks that data falls within the _____________________ defined by the database designer.
True
An IDS often requires assistance from other networking devices to respond to an attack.
inline
An IPS device operates in __________________ mode.
false
A Type I Error that rejects a person that registers and is an authorized user is known as a ________________ rejection. In many biometric applications, these rejections can have a very negative impact on business
fence
A _______________ is a barrier that encloses secure areas and designates property boundaries.
53
99.99% availability means ___________ minutes of downtime per year.
privacy impact assessment
A _________________________________________________ (or PIA) ensures that personally identifiable information (PII) is properly handled throughout an organization.
True
A CSIRT can be an ad hoc group within the organization.
fire
A Physical Facilities Domain includes all of the services used by an organization including HVAC, water, and _______________ detection.
internet
A Private Cloud Domain includes private servers, resources, and IT infrastructure available to members of an organization via the ______________________.
True
A RAID solution can be either hardware-based or software-based.
analyst
A Security __________________ configures firewalls and IDSs, implements security software, diagnoses and troubleshoots problems, and coordinates with systems and network administrators to ensure the proper implementation of security technology
redundant array of independent disks
A ____________________________________________________________________ combines multiple physical hard drives into a single logical unit to provide data redundancy and improve performance.
continuity
A business ________________ plan is a broader plan than a DRP because it includes getting critical systems to another location while repair of the original facility is under way.
N+1
A car has four tires and a spare tire in the trunk in case of a flat. This is a comparative example of ____________ Redundancy
(a)bureau (b)authenticate
A certificate authority functions the same as the licensing _____[a]_____. The CA issues digital certificates that _____[b]_____ the identity of organizations and users. These certificates also sign messages to ensure that no one tampered with the messages.
(a)root (b)subordinate
A certificate chain for a two tier CA contains an offline ____[a]____ CA and an online ______[b]______ CA.
a.computer-targeted b.computer-assisted c.computer-incidental
A computer may be involved in a cybercrime in different ways (per our reading). These include:
patches
A critical requirement of hardening operating systems is the application of security ___________________ and updates.
unauthorized
A data breach occurs anytime an _________________________ person copies, transmits, views, steals, or accesses sensitive information
passport
A digital certificate is equivalent to an electronic __________________. They enable users, hosts, and organizations to exchange information securely over the Internet.
exceptions
A fFirewall blocks incoming and outgoing network connections, unless ______________________________ are defined to open and close the ports required by a program
true
A hash tool uses a cryptographic hashing function to verify and ensure data integrity.
intrusion
A host _________________________ detection system is software that runs on a host computer that monitors suspicious activity.
true
A host-based solution is a software application that runs on a local host computer to protect it
false
A large file, application folder, or the contents of a disk drive, result in varying size hash values.
LAN
A misconfigured firewall represents what kind of common threat?
True
A network computing system may contain redundant equipment and still not be a fully redundant system
true
A packet analyzer can captures data transmitted on a network for legitimate purposes.
true
A packet sniffer can capture network traffic on both wired and wireless networks.
scanner
A port ____________________________ is an application that probes a device for open ports by sending a message to each port and waiting for a response.
recalculate
A potential attacker could intercept a hashed message, _________________ the hash, and append the hash to the message
N+1
A power generator that comes online when a main power source fails is an example of ________________ redundancy.
Limiting
A procedure that prohibits an employee from removing sensitive documents from the premises.
GLBA
A provision provides for opt-out methods so that individuals can control the use of informationprovided in a business transaction with an organization that is part of the financial institution.
farm
A server _______________ is a facility that houses hundreds or thousands of servers for companies
Diversity
A server containing the confidential pictures is in a locked room that requires a swipe card from one manufacturer and biometric authentication supplied by another manufacturer. This is an example of what defense?
PCI DSS
A set of contractual rules governing how to protect credit card data as merchants andbanks exchange the transaction
User-defined Integrity
A set of rules defined by a user which does not belong to one of the other categories
algorithms
A significant security improvement from WPA to WPA2 was the mandatory use of AES _________________
(a)counter cipher (b)message authentication code
A significant security improvement from WPA to WPA2 was the the introduction of _______________[a]_________________ Mode with Block Chaining ______________________[b]_______________________________ Protocol as a replacement for TKIP.
ports
A simple method that many administrators use to help secure the network from unauthorized access is to disable all unused ________________ on a switch.
utility
A single point of failure can be a special piece of hardware, a process, a specific piece of data, or even an essential __________________.
critical operation
A single point of failure is the point in a _______________________ that causes the entire operation to fail should it fail.
packets
A software firewall is a program that runs on a computer to allow or deny traffic between the computer and other connected computers. It applies a set of rules to data transmissions through inspection and filtering of data ________________.
bitlocker
A user can also choose to encrypt an entire hard drive in Windows using a feature called ______________________________.
weakness
A vulnerability scanner assesses computers, computer systems, networks, or applications for ____________________________.
(a)default (b)ports (c)active
A vulnerability scanner looks for the following types of vulnerabilities: Use of _____[a]_____ passwords or common passwords Missing patches Open _____[b]_____ Misconfiguration of operating systems and software _____[c]_____ IP addresses Note: no partial credit given
(a)audit (b)access
A(n) _____[a]_____ log tracks user authentication attempts. A(n) _____[b]_____ log provides all of the details on requests for specific files on a system.
intrusion prevention system
A(n) _______________________________________ can immediately detect and stop an attack.
true
AES superseded TKIP for even key management and encryption protection.
intellectual property
About SIIA: "The Software & Information Industry Association is the principal trade association for the software and digital content industry. SIIA provides global services in government relations, business development, corporate education and ____________________________ protection to the leading companies that are setting the pace for the digital age."
offensive security
About Us: "Kali Linux is an open source project that is maintained and funded by _______________________, a provider of world-class information security training and penetration testing services."
infrastructure
About: "InfraGard is a partnership between the FBI and members of the private sector. The InfraGard program provides a vehicle for seamless public-private collaboration with government that expedites the timely exchange of information and promotes mutual learning opportunities relevant to the protection of Critical ______________________________."
least privilege
According to the Principle of ______________________________, users should be limited to only the resources they need on a computer system or on a network.
HSRP
Actively selects an active device and a standby device for routing redundancy
(a)disgruntled (b)misconfigure
Activists, _____[a]_____ employees and industry competitors can delete data, destroy devices or _____[b]_____ devices to make data and information systems unavailable.
profile
Advanced threat intelligence is a type of event or _______________ data that can contribute to security monitoring and response.
eradicate
After identifying the breach, the organization needs to contain and __________________ it.
original state
After incident remediation, an organization needs to restore all systems to their ___________________ before the breach.
Domain Integrity
All data stored in a column must follow the same format and definition
entity integrity
All rows must have a unique identifier called a Primary Key
consequences
All users must be aware of security policies and _______________________ of not complying with the organization's policies
GLBP
Allows load balancing between a group of redundant routers
validate
Always _________________________ backups to ensure the integrity of the data.
binary
An 8-bit checksum calculates the hash by converting the message into ____________________ numbers
true
An ARO can be greater than 100% if a loss can occur more than once a year.
badge
An access _______________ allows an individual to gain access to an area with automated entry points. An entry point can be a door, a turnstile, a gate, or other barrier. Various technologies used include magnetic stripe, barcode, or biometrics.
lockout
An account _________________ Policy locks a computer for a configured duration when too many incorrect login attempts occur
appliance
An administrator can implement _____________________________-based content filtering, which is similar to router-based content filtering.
(a)configuration (b)services
An administrator hardens an operating system by modifying the default _____[a]_____ to make it more secure to outside threats. This process includes the removal of unnecessary programs and _____[b]_____.
false
An automated patch service provides administrators with a less controlled setting
true
An example of drop down master data controls is using a locations list from the U.S. postal address system.
Physical Facilities
An open lobby that allows a visitor to walk straight through to the inside facilities represent what kind of common threat?
Layering
An organization stores its confidential documents on a server in a building surrounded by an electronic fence. This is an example of what defense?
True
An organization's DRP restores mission critical systems first.
detection
Anomaly ___________________ refers to identifying patterns in data that do not conform to expected behavior.
patterns
Anomaly verification requires verification data requests or modifications when a system detects unusual or surprising _____________________.
True
Application resilience is the application's ability to react to problems in one of its components while still functioning.
standards
Asset _____________________ identify specific hardware and software products that the organization uses and supports
characteristics
Asset classification assigns all resources of an organization into a group based on common _______________________
lifecycle
Asset management manages the __________________ and inventory of technology assets including devices and software.
rogue
Attackers can target DNS servers in order to deny access to network resources or redirect traffic to ________________ websites
Public Cloud Domain
Attacking a federated identity repository represent what kind of common threat?
false
Avoid using SHA-1 and SHA-2 due to the discovery of security flaws.
grant
BJA Mission:"BJA provides leadership and services in ____________________ administration and criminal justice policy development to support local, state, and tribal law enforcement in achieving safer communities."
True
Backing up data is one of the most effective ways of protecting against data loss.
fingerprints
Because a hash value changes every time data is changed, cryptographic hash values are often called digital ___________________________.
motherboard
Before using BitLocker, a user needs to enable Trusted Platform Module (TPM) in the BIOS. The TPM is a specialized chip installed on the ________________________________.
revocation
Best practices for securing privileged accounts includes establishing a process for ______________________ of rights when employees leave or change jobs
gateway
Best practices for securing privileged accounts includes implementing a _________________ between the end-user and sensitive assets to limit network exposure to malware
True
Biometrics describes the automated methods of recognizing an individual based on a physiological or behavioral characteristic
(a)financial (b)data
Biometrics provides confidential _____[a]_____ transactions and personal _____[b]_____ privacy.
False
BitLocker To Go is similar to Bitlocker in that it uses a TPM chip
validation
Browsers and applications perform a ______________________ check before they trust a certificate to ensure they are valid.
processes
Businesses and consumers use IoT devices to automate _________________________, monitor environmental conditions, and alert the user of adverse conditions.
aerospace
COTS systems used in the _________________ and defense industry for battlespace communications networks provide access to the improved reliability, availability, and information processing of standardized equipment
computer security incident response team
CSIRT is the acronym for what term?
true
CSPRNGs generate a random number that has a high level of randomness and is completely unpredictable, so it is cryptographically secure.
True
Categorizing the impact level for a threat helps an organization realize the dollar impact of the threat.
passwords
Change the default _________________ before connecting any new appliance to a network.
web browser
Content control software restricts the content that a user can access using a ________________________ over the Internet.
integrity
Code signing is used to verify the _______________ of executable files downloaded from a vendor website.
smart
Commercial HVAC systems and other building management systems now connect to the Internet for remote monitoring and control. These systems are often called "__________________ systems"
a:virus b:patches c:password
Common NAC systems checks include: Updated _____[a]_____ detection Operating systems _____[b]_____ and updates Complex _____[c]_____ enforcement
True
Computer Fraud and Abuse Act was created in 1986
Obscurity
Concealing certain types of information makes it more difficult for cyber criminals to attack a system. This would be considered what type of defense?
false
Congress created FISMA in 2005 to change the U.S. government's approach to information security.
moral
Criminal laws enforce a commonly accepted _________________ code backed by the authority of the government.
a. The output has a fixed length. b. Two different input values will almost never result in the same hash values. e. The input can be any length. f. The hash function is one way
Cryptographic hash functions have the following properties:
certificates
Cyber criminals attack timeservers to disrupt secure communication that depends on digital _________________________ and to hide attack information like accurate time stamps.
agree
Cyber criminals may target videoconferencing equipment in order to eavesdrop on video calls.
True
Cyber criminals target IoT systems in order to intercept data or to affect performance and availability.
type
Data _____________ validation is the simplest data validation and verifies that a user entering data is consistent with the type of characters expected.
supply
Data centers should be on a different power ______________ from the rest of the building
will inherit new permissions
Data copied to a different volume
will inherit new permissions
Data copied to the same volume
masks
Data field validation via input ______________ prevents users from entering invalid data or help ensure that they enter data consistently.
true
Data integrity refers to the accuracy, consistency, and reliability of data stored in a database.
will inherit new permissions
Data moved to a different volume
will keep the original permissions
Data moved to the same volume
(a)reputation (b)liability
Data theft by users can cost organizations financially resulting in damage to an organization's _____[a]_____ or posing a legal _____[b]_____ associated with disclosure of sensitive information.
User
Data theft represents what kind of common threat?
true
Database anomaly detection can protect data from massive destruction or changes.
True
Destruction of systems, applications, or data may be accidental or deliberate
true
Device hardening involves implementing proven methods of physically securing network devices.
true
Digital certificates identify how long a certificate is valid.
true
Digital signatures can provide the same functionality as handwritten signatures.
verification
Digital signatures require two operations: Key generation & Key _____________________ Both operations require key encryption and decryption.
cloning
Disk _____________________ copies the contents of the computer's hard disk to an image file.
format
Domain integrity enforcement can be as simple as choosing the correct data type, length and or ____________ for a column.
true
Domain integrity ensures that all the data items in a column fall within a defined set of valid values.
True
Downtime can be caused by application errors, infrastructure failures, application upgrades, and patching.
utilitarian
During the 19th century, Jeremy Benthan and John Stuart Mill created _________________________ Ethics. The guiding principle is that any actions that provide the greatest amount of good over bad or evil are ethical choices.
Agree
Educate users annually on policies, staff manuals, and handbook updates.
False
Electronic Privacy Information Center (EPIC) promotes privacy and open government laws and policies globally and focuses on US-China relations.
VRRP
Elects a virtual router master
Limiting
Employees in the the shipping department do not need access to marketing presenations to perform their jobs. This is an example of what defense?
LAN
Exploits of data in-transit represent what kind of common threat?
tolerance
Fault _____________________ enables a system to continue operating if one or more components fail.
True
Federal IT systems are the largest creator and user of information within the United States.
99.999
Five nines mean that systems and services are available _________________ % of the time.
5.26
Five nines means that both planned and unplanned downtime is less than ____________ minutes per year
100
GPS tracking can pinpoint a location within __________________ meters.
true
Good risk mitigation finds a balance between the negative impact of countermeasures and controls and the benefit of risk reduction.
true
HIDS stores all log data locally.
True
HMAC defeats man-in-the-middle attacks and provides authentication of the data origin.
True
HMACs can be used for web user authentication.
secret
HMACs use an additional _______________ key as input to the hash function.
heating, ventilation, and air conditioning
HVAC systems control the ambient environment including temperature, humidity, airflow, and air filtering. HVAC is the acronym for what?
misconfiguration
Hardware failures threats to data and information availability include hard drive crashes or firewall _______________________________.
downtime
Hardware monitoring systems are used to monitor the health of these systems and to minimize server and application ________________
True
Hardware-monitoring systems have become an essential security countermeasure
one-way
Hash functions are ______________ functions. It is computationally infeasible for two different sets of data to come up with the same output
digest
Hashing is a tool that ensures data integrity by taking binary data and producing a fixed-length representation called the hash value or message _________________.
false
Hashing is relatively easy to compute and equally easy to reverse.
man-in-the-middle
Hashing is vulnerable to ______________________ attacks and does not provide security to transmitted data.
false
High availability refers to a system or component that is continuously nonoperational for a given length of time
True
Higher frequency RFID systems are more sensitive to radio wave interference.
False
Higher frequency RFID systems have a faster data transfer rate and shorter read ranges.
entry
Human error threats to data and information availability include actions such as an employee that makes inadvertent data _________ errors
reporting
IC3 Mission Statement: "The mission of the Internet Crime Complaint Center is to provide the public with a reliable and convenient _______________________ mechanism to submit information to the Federal Bureau of Investigation concerning suspected Internet-facilitated criminal activity and to develop effective alliances with law enforcement and industry partners."
False
IDS device is physically positioned in the network so that traffic must be diverted in order to reach it.
False
IDS is a better solution than IPS
11i
IEEE 802.__________ is now the industry standard for securing WLANs.
traffic flows
IPFIX is a standard format for exporting router-based information about network _____________________ to data collection devices
False
IPS allows malicious traffic to pass before addressing the problem.
accept the risk and periodaccly re-assess
Identify one common way to reduce risk (as presented in our reading):
identify assets and their value
Identify one risk analysis has goal:
ports
If a network cable or switch fails, STP recalculates available paths and unblocks necessary _____________ to allow a redundant path to become active.
True
If an organization does not standardize its hardware selection, personnel may not easily find a replacement component
simplicity
If an organization implements complex systems that are hard to understand and troubleshoot, it may actually backfire. What type of defense best alleviates this issue?
thaw
If the administrator needs to change a system's configuration, they must first ______________________ the protected partition by disabling Deep Freeze.
True
Implement logging to manage threats to applications.
Agree
Implementing an idle timer that will automatically log the user out and lock the screen after a specified period is typically good security practice.
(a):loading (b):refuse
In a highly secure environment, an organization should place video and electronic surveillance at all entrances, exits, _____[a]_____ bays, stairwells and _____[b]_____ collection areas.
secpol.msc
In all versions of Windows except Home edition, enter _______________ at the Run command to open the Local Security Policy tool.
antivirus
In regards to IT disaster recovery, Detective controls include using up-to-date _______________ software.
documents
In regards to IT disaster recovery, corrective controls include keeping critical _______________________ in the disaster recovery plan.
monitoring
In regards to IT disaster recovery, detective controls include installing server and network ____________________ software
surge protectors
In regards to IT disaster recovery, preventative controls include keeping data backed up, keeping data backups off-site, using ____________________, or installing generators
True
In some situations, an organization may want employees to log in only during specific hours.
response
Incident _______________ is the procedures that an organization follows after an event occurs outside the normal range.
source
Incident analysis helps to identify the _________________, extent, impact, and details of a data breach
true
Incident containment efforts include the immediate actions performed such as disconnecting a system from the network to stop the information leak.
True
Many DoS attacks use ICMP as part of the attack
true
Many industry specific laws have a security and/or a privacy component.
trustworthy
Integrity ensures that data remains unchanged and __________________ by anyone or anything over its entire life cycle.
true
It may take several different programs and multiple scans to remove all malicious software completely from a computer.
linux
Kali _______________ incorporates more than 300 penetration testing and security auditing programs.
Physical Facilities
Lack of surveillance represents what kind of common threat?
national vulnerability database
Launched by NIST in 2005, the US _____________________________________________________ (or NVD for short) provides a vulnerability database of enhanced CVE content that is fully synchronized with the CVE List, so any updates to the CVE List appear immediately in NVD.
guard shelters
List one component of a perimeter security system (as discussed in our reading):
barbed wire
List one type of "top guard" used with fencing:
True
Logs are useful for performing auditing analysis and identifying trends and long-term problems.
simple
MBSA checks blank, _______________________, or non-existent passwords
128
MD5 is a complex sequence of simple binary operations performed on input data to produce a _______________ bit hash value
message digest 5
MD5 is short for what?
warning
Malicious rogue antivirus products may appear like an actual Windows _______________________________ window
Devices
Malware represents what kind of common threat?
true
Manage threats to a private cloud domain by disabling probing and port scanning.
disaster recovery plan
Manage threats to physical facilities by developing a _____________________________________________ plan.
guests
Manage threats to physical facilities by establishing policies and procedures for ___________________ visiting the facility.
asset
Manage threats to physical facilities by implementing an _________________ tagging system.
physical
Manage threats to physical facilities by testing building security using both cyber and ____________________ means to covertly gain access.
service pack
Manufacturers may combine patches and upgrades into a comprehensive update application called a _______________________.
download
Many network and workstation infections and attacks trace back to users who ___________________ unauthorized emails, photos, music, games, apps, programs and videos to workstations, networks, or storage devices.
cable locks
Many portable devices and expensive computer monitors have a special steel bracket security slot built in to use in conjunction with __________________________.
VPPA
Many privacy advocates consider this law to be the strongest U.S. privacy law.
strikes a.Labor events walkouts a.Labor events vandalism c.Social-political events protests c.Social-political events sabotage c.Social-political events terrorism c.Social-political events war c.Social-political events fire b.Materials events power failures d.Utilities disruptions fuel shortages d.Utilities disruptions
Match the human-caused disasters with it's corresponding category:
earthquake b.Geological tsunamis b.Geological volcano b.Geological hurricane d.Meteorological tornado d.Meteorological lightning d.Meteorological pandemic a.Health quarantine a.Health floods c.Miscellaneous fire c.Miscellaneous
Match the natural disasters with it's corresponding category:
ping
Mitigate LAN threats by Disabling _____________ and port scanning
encryption
Mitigate LAN threats by Implementing ____________________________ between devices and wireless networks.
penetration tests
Mitigate LAN threats by conducting post-configuration _______________________________
credentials
Mitigate LAN threats by denying access for data centers to anyone without the proper _____________________.
unknown
Mitigate Private Cloud threats by monitoring implementing file transfer monitoring and scanning for ______________ file types.
traffic
Mitigate Private Cloud threats by monitoring inbound IP ___________________ anomalies.
disaster recovery plan
Mitigate common threats to applications by developing a _______________________________________ plan for critical applications.
awareness
Mitigate social engineering attacks on a public cloud domain by completing ____________________ programs
(a)severity (b)file permissions
Mitigation involves reducing the _____[a]_____ of the loss or the likelihood of the loss from occurring. Many technical controls mitigate risk including authentication systems, _____[b]_____, and firewalls.
radio
Mobile devices transmit data using ________________ signals that any device with a compatible antenna can receive.
incrementally
Modern methodologies reduce risk by developing software ______________________ and providing regular updates and patches.
humidity
Most physical computer hardware devices come with environmental requirements that include acceptable temperature and ____________________ ranges.
a.device b.quarantines
NAC evaluates an incoming _____[a]_____ against the policies of the network. NAC also _____[b]_____ systems that do not comply and manages the remediation of noncompliant systems.
1. Develop the policy statement 2. Conduct the business impact analysis 3. Calculate risk 4. Identify preventive controls 5. Develop recovery strategies 6. Develop the contingency plan 7. Test the plan 8. Maintain the plan
NIST developed a "best practices" for Business Continuity. Place these steps in the proper order as presented in our reading (and from NIST):
true
No technical solution, controls or countermeasures make information systems any more secure than the behaviors and processes of the people who use these systems.
standard
Non-________________ environments require more expertise to manage and they increase the cost of maintenance contracts and inventory.
Asynchronous Replication
Not synchronized in real time but close to it Requires less bandwidth Sites can be further apart because latency is less of an issue
true
On a hashed based authentication system, a user password hash match grants user access to a system
true
On a hashed based authentication system, passwords are never stored to a local hard drive.
True
One benefit of RFID asset tags is that they can track any asset that physically leaves a secure area.
inactivity
One method of managing device threats includes enabling screen lockout during times of ______________________.
patching
One method of managing device threats includes updating and/or ____________________ all operating systems and software applications.
lockout
One method of managing user threats includes Implementing access control __________________ procedures based on AUP monitoring and compliance.
domain
One method of managing user threats includes content filtering to permit or deny specific _________________ names in accordance with Acceptable Use Policies
media
One method of managing user threats includes enabling automatic antivirus scans for inserted _______________ drives, files, and email attachments.
true
One of the most vulnerable aspects of database integrity management is controlling the data input process.
uptime
Organizations measure availability by percentage of ____________________.
false
Outsourcing services, purchasing insurance, or purchasing maintenance contracts are all examples of risk avoidance.
SOX
Overhauled financial and corporate accounting standards and specifically targeted thestandards of publicly traded firms in the United States.
intercept
Packet analyzers ____________________ and log network traffic
true
Passwords need to be long enough to make the time it takes to execute a brute-force attack too long to be worthwhile
code
Patches are ________________ updates that manufacturers provide to prevent a newly discovered virus or worm from making a successful attack.
(a)network (b)permission
Pen testing involves a cybersecurity specialist that hacks a website, _____[a]_____, or server with the organization's _____[b]_____ to try to gain access to resources with the knowledge of usernames, passwords, or other normal means.
False
Pen testing is the same as vulnerability testing.
malicious
Penetration testing is a method of testing the areas of weaknesses in systems by using various ____________________ techniques
ethical
Penetration testing is also known as ____________________ hacking.
switches
Port security on these devices limits the number of valid MAC addresses allowed on a port.
brownout
Power degradation includes ______________, which are prolonged low voltage issues
inrush
Power degradation includes ___________________ current, which is an initial surge of power
Physical Facilities
Power interruptions represent what kind of common threat?
(a)multifactor (b)passwords (c)smartcards
Prevent data breeches by using _____[a]_____ authentication, encryption, one-time _____[b]_____, phone-based authentication, and _____[c]_____ .
intellectual
Prevent loss or theft of _______________________ property with due diligence, use of encryption, and data backups.
elevated
Privileged accounts have the credentials to gain access to systems and they provide _____________________, unrestricted access.
data
Proper incident detection includes how the incident occurred, what _______________ it involved, and what systems it involved
1.Determine the proper asset identification category 2.Identifying the owner for all information assets and application software 3.Determine the criteria for classification 4.Implement a classification schema
Properly order the following steps to identify and classify the assets of an organization:
HSRP
Provides high network availability by providing first-hop routing redundancy
false
Qualitative risk analysis assigns numbers to the risk analysis process.
false
Quantitative risk analysis uses opinions and scenarios.
True
RAID takes data that is normally stored on a single disk and spreads it out among several drives.
asset
RFID can help automate _______________ tracking or wirelessly configure electronic devices.
True
RFID tags do not need to be visible to scan.
False
RFID tags need a battery to store information.
routing
RIP vulnerabilities include advertising bogus ________________ information and claiming a route to a particular unused host
false
Referential integrity maintains the integrity of primary keys.
consquences
Regulations establish rules designed to address _______________________________ in a rapidly changing society enforcing penalties for violating those rules.
3389
Remote Desktop used which port number (by default)?
Assistance
Remote ___________________ allows the customer to view the repair or upgrade in real time on the screen.
Assistance
Remote ____________________ allows technicians to assist customers with problems from a remote location
Desktop
Remote _____________________ allows technicians to view and control a computer from a remote location.
True
Remote access refers to any combination of hardware and software that enables users to access a local internal network remotely.
true
Remote users accessing an organization's infrastructure may download sensitive data via a Private Cloud Domain.
client
Remote-access users must have a VPN ___________________ installed on their computers to form a secure connection with the corporate private network.
GLBA
Restricts information sharing with third-party firms.
false
Reverse Lookup tables sacrifice hash-cracking speed to make the lookup tables smaller.
true
Risk mitigation can have a negative impact on the organization.
True
SCAP is a method for using specific standards to automate vulnerability management, measurement, and policy compliance evaluation
security content automation protocol
SCAP is the acronym for what?
False
SCAP uses proprietary standards to enumerate security software flaws and configuration issues.
defense
SEI is a Federally Funded Research and Development Center sponsored by the U.S. Department of _____________________.
secure hash algorithm
SHA is short for what?
false
SHA-1 algorithms are the secure hash algorithms that the U.S. Government requires by law for use in sensitive unclassified information.
22
SSH uses what TCP port?
true
STP intentionally blocks redundant paths
true
Salt added to a hash does not have to be secret since it is a random number.
(a)cellular (b)workplace
Sections of The Electronic Communications Privacy Act (ECPA) address email, _____[a]_____ communications, _____[b]_____ privacy, and a host of other issues related to communicating electronically.
wiring
Secure ________________ closets, data centers, and computer rooms.
instantaneous
Security guards are the best solution for access control when the situation requires an _______________________ and appropriate response.
true
Shared key authentication provides mechanisms to authenticate and encrypt data between a wireless clients and AP or wireless routers.
hash
Signing a ______________ instead of the whole document provides efficiency, compatibility, and integrity.
(a)web browser (b)applications (c)virtualized
Software as a service (SaaS) is a subscription-based model that provides access to software that is centrally hosted and accessed by users via a _____[a]_____. Platform as a service (PaaS) provides a platform that allows an organization to develop, run, and manage its _____[b]_____ on the service's hardware using tools that the service provides. Infrastructure as a service (IaaS) provides _____[c]_____ computing resources such as hardware, software, servers, storage and other infrastructure components over the Internet.
true
Software security vulnerabilities provide weaknesses that cyber criminals can exploit
Synchronous Replication
Synchronizes both locations in real time Requires high bandwidth Locations must be close together to reduce latency
redundant
System resiliency generally requires __________________ systems, in terms of both power and processing.
True
System resiliency is more than hardening devices; it requires that both data and services be available even when under attack.
True
System resiliency is the ability to maintain availability during disruptive events.
referential Integrity
Table relationships must remain consistent
Limiting
Technology-based solutions such as file permissions are one of ________________ access
(a)plaintext (b)encrypted
Telnet is an older protocol that uses unsecure _____[a]_____ transmission of both the login authentication. Secure Shell (SSH) is a protocol that provides a secure _____[b]_____ management connection to a remote device.
23
Telnet uses what TCP port?
one
The 8-bit checksum 2's complement converts a binary to its opposite value, and then it adds ___________
(a)non-profit (b)education
The Advanced Cyber Security Center (ACSC) is a _____[a]_____ organization that brings together industry, academia, and government to address advanced cyber threats. The organization shares information on cyber threats, engages in cybersecurity research and development, and creates _____[b]_____ programs to promote the cybersecurity profession.
commerce
The Bureau of Industry and Security in the U.S. Department of ____________________________ now controls non-military cryptography exports
(a)software (b)networked
The CERT Division of SEI studies and solves problems in the cybersecurity arena including security vulnerabilities in _____[a]_____ products, changes in _____[b]_____ systems, and training to help improve cybersecurity.
show secure bootset
The Cisco IOS command _______________________________ activates IOS image resilience.
true
The Common-Good Approach proposes that the common good is whatever benefits the community.
true
The Computer Ethics Institute (CEI) created Ten Commandments of Computer Ethics
computer
The Computer Fraud and Abuse Act (CFAA) criminalizes the use of a ____________________ in a crime that is interstate in nature.
commerce
The Computer Fraud and Abuse Act (CFAA) makes it a crime to knowingly access a computer considered either a government computer or a computer used in interstate _________________, without permission.
budapest convention on cybercrime
The Convention on Cybercrime is also known as the _______________________________________________________
True
The Convention on Cybercrime was the first international treaty on Internet crimes
true
The ISC identifies sites used for attacks and provides data on the types of attacks launched against various industries and regions of the world.
log entries
The Internet Storm Center (ISC) gathers millions of _____________________ from intrusion detection systems every day using sensors covering 500,000 IP addresses in over 50 countries.
True
The Interwork Operating System (IOS) for Cisco routers and switches includes a resilient configuration feature.
domain
The LAN ______________________ requires strong security and access controls since users can access the organization's systems, applications, and data from the LAN domain.
scoring
The NVD uses the Common Vulnerability ________________ System to assess the impact of vulnerabilities.
privacy
The Rights Approach to ethics looks at how an action affects the rights of others to judge whether an action is right or wrong. These rights include the right to truth, _________________, safety, and that society applies laws fairly to all members of society.
False
The SOC is ground zero for network troubleshooting, performance monitoring, software distribution and updates, communications management, and device management.
carnegie mellon
The Software Engineering Institute (SEI) at _______________________________________ University helps government and industry organizations to develop, operate, and maintain software systems that are innovative, affordable, and trustworthy.
Specified Answer for: 1 harm Specified Answer for: 2 interfere Specified Answer for: 3 snoop Specified Answer for: 4 steal Specified Answer for: 5 false Specified Answer for: 6 proprietary Specified Answer for: 7 compensation Specified Answer for: 8 intellectual Specified Answer for: 9 program Specified Answer for: 10 respect
The Ten Commandments of Computer Ethics (as created by CEI): 1. Thou Shalt Not Use A Computer To _____[1]_____ Other People. 2. Thou Shalt Not _____[2]_____ With Other People's Computer Work. 3. Thou Shalt Not _____[3]_____ Around In Other People's Computer Files. 4. Thou Shalt Not Use A Computer To _____[4]_____ . 5. Thou Shalt Not Use A Computer To Bear _____[5]_____ Witness. 6. Thou Shalt Not Copy Or Use _____[6]_____ Software For Which You have Not paid. 7. Thou Shalt Not Use Other People's Computer Without Authorization Or Proper _____[7]_____ . 8. Thou Shalt Not Appropriate Other People's _____[8]_____ Output. 9. Thou Shalt Think About The Social Consequences of The _____[9]_____ You Are Writing or The System You Are Designing. 10. Thou Shalt Use A Computer In Ways That Insure Consideration and _____[10]_____ For Your Fellow Humans.
common vulnerabilities and exposure
The United States Computer Emergency Readiness Team (US-CERT) and the U.S. Department of Homeland Security sponsor a dictionary of _______________________________________ (also known as CVE).
false
The WEP standard became a Wi-Fi security standard in 2006
False
The Windows installation process enables remote desktop by default.
public
The _______________ Cloud Domain includes services hosted by a cloud provider, service provider, or Internet provider
mitre
The ___________________ Corporation maintains the CVE List and its public website
security
The ______________________ Operation Center (SOC) is a dedicated site that monitors, assesses, and defends the organization's information systems such as websites, applications, databases, data centers, networks, servers, and user systems.
default gateway
The _______________________________ is typically the router that provides devices access to the rest of the network or to the Internet. If there is only one router serving in this role, it is a single point of failure.
global positioning
The ______________________________________ System uses satellites and computers to determine the location of a device.
chief information security officer
The _________________________________________ is the top information security officer reporting to the CIO. The CISO is a business manager first, technologist second.
annualized rate of occurrence
The ____________________________________________ is the probability that a loss will occur during the year (also expressed as a percentage).
national vulnerability database
The ________________________________________________________ is a U.S. government repository of standards-based vulnerability management data that uses SCAP.
first-hop
The ability of a network to dynamically recover from the failure of a device acting as a default gateway is known as ________________ redundancy.
foreign
The basis of referential integrity is ______________ keys. A _____________ key in one table references a primary key in a second table.
annual loss expectancy
The calculation of ALE gives management some guidance on what it should spend to protect assets. What is ALE?
agree
The cybersecurity specialist needs to understand how the law and the organization's interests help to guide ethical decisions.
forensics
The field of digital _________________ uses hashing to verify all digital media that contain files.
true
The goal of any security conscience organization is to minimize the downtime of mission critical processes
false
The length of a salt string should be smaller than the length of the hash function's output.
crossover
The most widely used method to measure the accuracy of biometric authentication is the ______________________ Error Rate.
True
The primary reason that an organization uses pen testing is to find and fix any vulnerability before a cyber criminal finds and exploits said vulnerability.
network admission control
The purpose of ___________________________________ allows authorized users with compliant systems access to a network. A compliant system meets all of the policy requirements of the organization.
false
The two types of vulnerability scanners available software-based and hardware-based.
deep freezing
With ________________, any applications installed or files saved are lost when the system restarts.
media
The use of unauthorized _______________________ like CDs, USB drives and network storage devices can result in malware infections and attacks.
vulnerabilities
Threat identification begins with the process of creating a CVE Identifier for publicly known cybersecurity ______________________________ .
switches
Threats to these devices include attacks against network protocols like ARP/STP.
Routers
Threats to these devices include attacks against network protocols like RIP/OSPF.
False
Tier 2 staff are considered subject matter experts.
diversity
To accomplish a goal of _____________________, organizations can use security products manufactured by different companies for multifactor authentication.
virtual private network
To communicate and share resources over a network that is not secure, users employ a ______________________________________.
password
To crack a hash, an attacker must guess the _____________________.
false
To maintain availability, a security solution should be complex from the inside and from the outside.
mutual
To prevent rouge access points, the computer industry developed ____________________ authentication, also called two-way authentication
False
To use BitLocker, at least three volumes must be present on a hard disk.
offsite
Transport backups to an approved _______________________ storage location on a daily, weekly, or monthly rotation, as required by security policy.
true
Unapproved or non-compliant software may not be malicious.
True
Unauthorized VPNs can hide the theft of unauthorized information.
scripts
User threats may include unauthorized websites. A website may prompt a visitor to download __________________ or plugins that contain malicious code or adware.
Agree
Users are often the weakest link in the information security systems and pose a significant threat to the confidentiality, integrity, and availability of the organization's data.
sensitive
Users must be aware of _______________________ data, security policies and procedures, technologies and countermeasures provided to protect information and information systems.
False
Using GPS to locate a cell phone without the user's permission is legal.
stretching
Using a technique called key __________________ will also help to protect against attack. This technique makes the hash function very slowly.
8f
Using the 8-bit Checksum (Simple Hash Algorithm) provided in reading section 5.1.1.3, what is the hash value for the message CISCO
electrical power
Utility interruptions include a(n) _____________________ failure.
gateways
VPN _______________________ establish, manage, and control VPN connections.
detection
Video and electronic surveillance can incorporate motion __________________ and notification.
True
Video and electronic surveillance can supplement (and in some cases - replace) security guards.
log
Video and electronic surveillance have the ability to record and _______________ surveillance videos and data for long periods
telecommunication
Videoconferencing allows two or more locations to communicate simultaneously using __________________________ technologies.
(a)registration (b)proxy (c)hijacking
VoiP _____[a]_____ spoofing routes all incoming calls for the victim to cyber criminals. VoiP _____[b]_____ impersonating tricks the victim into communicating with a rogue proxy set up by the cyber criminals. VoiP call _____[c]_____ intercepts and reroutes to a different path before reaching the destination. Note: no partial credit given for this question
PCI DSS
Voluntary standard (in theory) and merchants/vendors can choose whether they wish toabide by the standard
True
Vulnerability scanners help automate security auditing.
message integrity
WPA provided ___________________________________ checks which could detect if an attacker had captured and altered data passed between the wireless access point and a wireless client.
verify /md5
What Cisco command verifies the integrity of IOS images used on Cisco routers?
law enforcement
What We Do: "NW3C provides a nationwide support system for ___________________________ and regulatory agencies involved in the prevention, investigation and prosecution of economic and high-tech crime."
a.common c.statutory e.administrative
What are the primary sources of laws and regulations in the United States?
True
With Windows Active Directory, account policies are automatically set when a user logs in to Windows.
4
What is the minimum number of disks in a RAID 0+1 ?
2
What is the minimum number of disks in a RAID 1 ?
3
What is the minimum number of disks in a RAID 5 ?
flame malware
What malware compromised the security of MD5 in 2012?
local
When a computer is not part of an Active Directory domain, the user configures policies through Windows _______________ Security Policy.
18
When a student turns _____________ years old or enters a postsecondary institution at any age, students rights under FERPA transfer from the student's parents to the studen
database
When a user creates an account, the system hashes the chosen password and stores the hash in a __________________.
True
When administrators eliminate applications or hardware that do not meet the objectives and guidelines, they are effectively increasing security.
True
When an organization chooses to reduce risk, it may design a new business process with adequate built-in risk control.
commercial off-the-shelf
When discussing asset and systems standardization, COTS is short for what?
Agree
When physically protecting computer equipment, keep telecommunication rooms locked
fault tolerant hardware
Which type of system design (listed below) is the most complex and most costly ??? Fault tolerant hardware Cluster architecture Backups
U.S National institute of standards and technology
Who developed SHA?
True
With EFS, only the user that encrypted the data will be able to access the encrypted files or folders.
(a)parity (b)striping (c)mirroring
With RAID: _____[a]_____ detects data errors. _____[b]_____ writes data across multiple drives. _____[c]_____ stores duplicate data on a second drive.
pre-shared key
With WPA-PSK, the PSK is short for what?
local server
With an automated patch update service, a computer system can get get an update from a(n) ____________________________.
date
With an automated patch update service, administrators can force the update of systems for a specific ___________________
(a)public (b)trust
With digital certificates, an individual gets a certificate for a _____[a]_____ key from a commercial CA. The certificate belongs to a chain of certificates called the chain of _____[b]_____.
chain
With digital certificates, path validation selects a certificate of the issuing CA for each certificate in the _____________.
cluster
With high availability systems, if a server within a(n) _________________ fails, other servers continue to process the same service as the failed device.
substations
With redundant power sources, two or more feeds originate from two or more electrical __________________.
true
With referential integrity a user cannot delete a record which is related to another one.
(a):points (b):failures
With the Five Nines, ensuring high availability includes eliminating ________[a]_________ of failure, designing for reliability, and detecting _____[b]_____ as they occur.
true
With the Five Nines, sustaining high availability can potentially increase the likelihood of failed components.
unattended
Workstations left powered on and ________________________ pose a risk of unauthorized access to network resources.
509
X.______________ is a standard for a PKI to manage digital certificates.
a:asset b:security
_____[a]_____ management includes a complete inventory of hardware and software. This means that the organization needs to know all of components that can be subject to _____[b]_____ risks.
salting
_________________ also makes it impossible to use lookup tables and rainbow tables to crack a hash.
null
_________________ in a database signifies missing or unknown values.
routers
__________________ communicate with one another to identify the best possible path to deliver traffic to different networks.
netflow
__________________ is a Cisco IOS technology that provides statistics on packets flowing through a Cisco router or multilayer switch.
Layering
__________________ is creating a barrier of multiple defenses that coordinate together to prevent attacks.
salting
___________________ creates a different hash result for two users who have the same password.
VLANS
____________________ use logical connections instead of physical connections.
firewalls
______________________ are hardware or software solutions that enforce network security policies.
asymmetric
______________________ cryptography is the basis for digital signatures.
resiliency
______________________ is the methods and configurations used to make a system or network tolerant of failure.
spanning tree
_________________________ Protocol prevents loops on a network when switches interconnect via multiple paths.
non-repudiation
_________________________ is a way to ensure that the sender of an electronic message or electronic document cannot deny having sent the message or document and that the recipient cannot deny having received the message or document.
access points
______________________________ are the devices that communicate with a wireless devices and connect them back to a wired network.
network time protocol
________________________________________ is a protocol that synchronizes the clocks of computer systems over data networks.
encrypting file system
__________________________________________________ is a Windows feature that can encrypt data.
microsoft baseline security analyzer
___________________________________________________ assesses missing security updates and security misconfigurations in Microsoft Windows.
public key infrastructure
_______________________________________________________________ (PKI) is the policies, roles, and procedures required to create, manage, distribute, use, store, and revoke digital certificates.
neutral
a CA acts as ______________ third party for individuals exchanging identification. The CA does an in-depth investigation prior to the issuance of credentials.
True
a post-incident follow-up should be conducted after a full recovery of all operations and data are completed.
monitors
administer the security tools perform a security monitoring function improve processes
Modify
allows users to change and delete existing files and folders, but they cannot create new ones
Write
allows users to create new files and folders and make changes to existing files and folders
Full control
allows users to see the contents of a file or folder, change and delete existing files and folders,create new files and folders, and run programs in a folder
Read
allows users to see the contents of a folder and open files and folders
read and Execute
allows users to see the contents of existing files and folders and can run programs in a folder
CFAA
amendment to the Comprehensive Crime Control Act of 1984 prohibits the unauthorized accessof a computer
COPPA
applies to the online collection of personal information by persons or entities under U.S.jurisdiction from children under 13 years of age
Application accounts
ave broad access to company information residing in applications and databases
check digit
provides for an extra calculation to generate a check digit for error detection
consistency
checks for the consistency of codes in related data items
range
checks that data lies within a minimum and maximum value
format
checks that the data conforms to a specified format
size
checks the number of characters in a data item
news media industry
communicate information on events as they happen
Privileged user accounts
credentials that give administrative privileges on one or more systems, they are used across allmanaged systems, and it is common practice to monitor the use of these accounts.
True
cybersecurity specialists help protect personal data and the ability to use network based services.
retail industry
efficient supply chains and the delivery of products to customers
FOIA
enables public access to U.S. government records. This law carries a presumption of disclosure,so the burden is on the government as to why it cannot release the information.
Privacy Act of 1974
establishes a Code of Fair Information Practice that governs the collection, maintenance, use,and dissemination of personally identifiable information about individuals that is maintainedin systems of records by federal agencies
true
if an administrator denies permissions to a network share for an individual or a group, this denial overrides any other permission settings.
eavesdropping
implement VoIP security by encrypting voice message packets to protect against _____________________.
finance industry
maintain high availability for continuous trading, compliance, and customer trust
VPPA
protects an individual from having the video tapes, DVD's and games rented disclosed to anotherparty
CIPA
protects children under the age of 17 from exposure to offensive Internet content and obscenematerial
Domain administrative accounts
provide control over all domain controllers to modify domain membership
definers
provide policies, guidelines, and standards include consultants who do risk assessment and develop the product technical architectures within an organization who have a broad knowledge senior level individuals within an organization who have a broad knowledge
Domain administrative accounts
provide privileged administrative access to workstations and servers within a Windows domain
public safety industry
provide security and services to a community, state, or nation
Emergency accounts
provide unprivileged user administrative access to secure systems and are used in the case ofan emergency
Local administrative accounts
provide unrestricted access to the local host and are used to perform maintenance onworkstations, servers, databases, and network devices.
healthcare facilities
require high availability to provide around-the-clock care for patients
HIPAA
standards mandate safeguards for physical storage, maintenance, transmission, and accessto individuals' health information
California SB 1386
state law regarding the notification of the unauthorized disclosure of personally identifiableinformation
builders
techies who create and install security solutions
network
the _________________ Operation Center (NOC) is one or more locations containing the tools that provide administrators with a detailed status of the organization's network.
FERPA
this federal law gave students access to their education records
Agree
tie security awareness to performance review objectives.
services
to limit cyber criminal exploits, remove any unnecessary ______________ on a system because these criminals know that most devices run more than they need.
True
to measure the overall effectiveness of an operation center, an organization will conduct realistic drills and exercises.
Service accounts
used by an application or service to interact with the operating system and can have domainadministrative privileges
Application accounts
used by applications to access databases, run scripts, or provide access to other applications
