FINAL Mgnt. of InfoSec
True
A method to prove the authenticity of a digital evidence is to compare its hash digest with the hash digest that was calculated when the evidence was first collected. TRUE OR FALSE?
md5sum
A program that calculates and verifies the hash digest of a file is called _______________.
RootkitRevealer
A program that is used to check for worms and malwares on a computer is called ___________.
Autoruns
A program that lists all the applications that will start up automatically when a computer boots up is called __________________.
Technician
A security ____________________ may have technical responsibilities but his or her role is the typical information security entry-level position.
False
A slack space is the area between the start of a file and the end of the last cluster used by that file. TRUE OR FALSE?
Password
A(n) ____________________ is a secret word or combination of characters known only by the user.
Firewall
A(n) ____________________ is any device that prevents a specific type of information from moving between an untrusted network and a trusted network.
Asynchronous
A(n) ____________________ token uses a challenge-response system in which the server challenges the user with a number, that when entered into the token provides a response that provides access.
Background Check
Before hiring security personnel, which of the following should be conducted before the organization extends an offer to any candidate, regardless of job level?
False
Volatile information or data need to be collected as early as possible to prevent them from spreading like a virus. TRUE OR FALSE?
Keystroke Pattern Recognition
What biometric authentication systems is the most accepted by users?
GIAC
What certification program has certifications that require the applicant to complete a written practical assignment that tests the applicant's ability to apply skills and knowledge.
Political Activism
What is NOT a common type of background check that may be performed on a potential employee?
Server Hardware Construction and Theory
What is NOT among the areas covered as part of the Certified Computer Examiner (CCE) certification process?
Social Engineering
What is a nontechnical type of attack that is usually subtle?
CD/DVD
What is considered non volatile?
Digital Signature
What is most commonly used for the goal of nonrepudiation in cryptography?
Packet Sniffer
What tool would you use if you want to collect information as it is being transmitted on the network and analyze the contents for the purpose of solving network problems?
False
Computer vendors use the Host Protected Area (HPA) to keep a copy of the disk metadata. TRUE OR FALSE?
False
Data on a USB drive are more volatile than those on main memory (RAM). TRUE OR FALSE?
False
Deleted files in a computer can never be recovered. TRUE OR FALSE?
True
Digital forensics include the collection of evidence found in cell phones. TRUE OR FALSE?
Builders
Employees who create and install security solutions fall under which classification of InfoSec positions?
DMZ
You might put a proxy server in the __________________, which is exposed to the outside world, neither in the trusted nor untrusted network.
False
Ethics carry the sanction of a governing authority. TRUE OR FALSE?
Cultural mores
Ethics,are based on ___________________, which are the relatively fixed moral attitudes or customs of a societal group.
Security Manager
Ideally, a candidate for the CISO position should have experience in what other InfoSec position?
True
In digital forensics, a slack space must be examined because it can be used to hide some information. TRUE OR FALSE?
Identify relevant items of evidentiary value
In digital forensics, all investigations follow the same basic methodology. What should be performed first in a digital forensics investigation?
True
In digital forensics, string search is made on a data image to uncover valuable information such as file system type and file names. TRUE OR FALSE?
Define
In the classification of information security positions, senior people with a lot of broad knowledge, but often not a lot of depth, fall under the category of those that ____________________.
True
Steganography is the process of hiding information or files within a carrier medium such as an audio file, an image file, or a video file. TRUE OR FALSE?
False
Technical controls alone, when properly configured, can secure an IT environment. TRUE OR FALSE?
False
The "something you have" authentication mechanism takes advantage of something inherent in the user that is evaluated using biometrics. TRUE OR FALSE?
Security+
The CompTIA ____________________ certification tests an individual's security knowledge mastery and requires two years on-the-job networking experience, with emphasis on security.
True
The SSCP certification is more applicable to the security manager than the security technician.
True
The Secret Service is charged with the detection and arrest of any person committing a U.S. federal offense relating to computer fraud, as well as false identification crimes. TRUE OR FALSE?
Wired Equivalent Privacy (WEP)
The ___________ wireless security protocol was replaced by stronger protocols due to several vulnerabilities found in the early 2000s.
True
The ability to restrict specific services is a common practice in most modern routers, and is invisible to the user. TRUE OR FALSE?
False
The current law regarding nationwide search warrants for e-mail requires the government to use a search warrant to compel a provider to disclose unopened e-mail that is more than six months old. TRUE OR FALSE?
Evaluation
The digital forensic stage that involves the correlating of data with logs and the process of determining the relevance of the collected information is called __________________.
Acquisition
The digital forensic stage that involves the preservation of disks, the collection of volatile data, and the process of securing the crime scene is called __________________.
Indexing
The first component of the analysis phase is ___________, which allows the investigator to quickly and easily search for a specific type of file.
Demilitarized Zone
The intermediate area between trusted and untrusted networks is referred to as _______________________________.
True
The most common qualification for a CISO includes the CISSP and CISM certifications. TRUE OR FALSE?
For Political Advantage
The penalties for offenses related to the National Information Infrastructure Protection Act of 1996 depend on whether the offense is judged to have been committed for one of the following reasons except which of the following?
False
The presentation stage in digital forensic investigation is that stage where activity logs and timeline are correlated. TRUE OR FALSE?
True
The tracking of web browsing activities is one of the results of digital forensics. TRUE OR FALSE?
Protocol Bending
The use of network packets to hide and transmit information is called_________________________________.
Dedicated Acquisition System
To ensure that the collected digital evidence will be free of contamination, an investigator must provide a __________.
insist all mid-level and upper-level management take introductory InfoSec courses
To move the InfoSec discipline forward, organizations should take all but what?
CISO
Ultimately, the _______________________ is the spokesperson for the security team and is responsible for the overall InfoSec program.
Voice
________ recognition authentication captures the analog waveforms of human speech.
Tort Law
___________________ is a subset of civil law that allows individuals to seek redress in the event of personal, physical, or financial injury.
NAT
____________________ converts external IP addresses to internal IP addresses on a one-to-one basis.
Authorization
____________________ is the determination of actions that an entity can perform in a physical or logical area.
DD
A Unix tool that performs a bit-image copy of a disk is called _______________.
True
A file extension is used for identifying the type of the file and the application that created the file. TRUE OR FALSE?
Spreadsheet
An example of an information that belongs to the produced class is ____________________________.
True
An item does not become evidence until it is formally admitted to evidence by a judge or other ruling official. TRUE OR FALSE?
Liability
An organization increases its _____________ if it refuses to take measures—due care—to make sure that every employee knows what is acceptable and what is not, and the consequences of illegal or unethical actions.
Jurisdiction
Any court can impose its authority over an individual or organization if it can establish which of the following?
Technical Excellence
CISO's should follow six key principles to shape their careers. Which of the following is NOT among those six principles?
Stored
Files that are stored on CD are classified to be in the information class called ____________.
security manager
It is the responsibility of a _______________________ to develop appropriate InfoSec policies, standards, guidelines, and procedures.
False
Most hiring organizations are aware of the precise value of information security certifications because these programs have been in existence for a long time. TRUE OR FALSE?
Digital Camera
One of the most essential tools used in cataloging digital evidence is _______________.
True
Preservation of digital evidence includes the gathering of hash digests of the collected data. TRUE OR FALSE?
False
Protocol bending is another name for steganography. TRUE OR FALSE?
Exculpatory Evidence
Showing that someone may not have committed the digital crime is called _______________.
True
Social engineering uses persuasive techniques to gain an individual's confidence in an effort to obtain information. TRUE OR FALSE?
Fourth
Which Amendment to the U.S. Constitution starts with: The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated?
The Electronic Communications Privacy Act of 1986
Which act is a collection of statutes that regulates the interception of wire, electronic, and oral communications?
HIPPA
Which act requires organizations that retain health care information to use InfoSec mechanisms to protect this information, as well as policies and procedures to maintain them?
Monitoring
Which activity is not a part of the digital forensic process?
Descriptive Ethics
Which ethical frameworks is the study of the choices that have been made by individuals in the past; attempting to answer the question, what do others think is right?
HITECH
Which law addresses privacy and security concerns associated with the electronic transmission of PHI?
U.S. Copyright Law
Which law extends protection to intellectual property, which includes words published in electronic formats?
The Computer Security Act
Which law requires mandatory periodic training in computer security awareness and accepted computer security practice for all employees who are involved with the management, use, or operation of each federal computer system?
Security Manager
Which of the following InfoSec positions is responsible for the day-to-day operation of the InfoSec program?
Authentication
Which of the following access control processes confirms the identity of the entity seeking access to a logical or physical area?
Face Representation
Which of the following characteristics currently used today for authentication purposes is NOT considered truly unique?
False Reject Rate
Which of the following is a criteria used to compare and evaluate biometric technologies?
Cryptography
Which of the following is a domain of the CISSP certification?
Restitution
Which of the following is compensation for a wrong committed by an employee acting with or without authorization?
Deterrence
Which of the following is the best method for preventing an illegal or unethical activity? Examples include laws, policies and technical controls.
Deontological Ethics
Which of the following is the study of the rightness or wrongness of intentions and motives as opposed to the rightness or wrongness of the consequences and is also known as duty- or obligation-based ethics?
Firewalls deal strictly with defined patterns of measured observation
Which of the following is true about firewalls and their ability to adapt in a network?
Uses a secret key to encrypt and decrypt
Which of the following is true about symmetric encryption?
Business managers first and technologists second
Which of the following is typically true about the CISO position?
Key
Which of the following is used in conjunction with an algorithm to make computer data secure from anybody except the intended recipient of the data?
ISC 2
Which of the following organizations put forth a code of ethics designed primarily for InfoSec professionals who have earned their certifications? The code includes the canon: Provide diligent and competent service to principals.
Separation of Duties
Which of the following policies makes it difficult for an individual to violate InfoSec and is quite useful in monitoring financial affairs?
Job rotation
Which of the following policies requires that every employee be able to perform the work of at least one other staff member?
Two-person control
Which of the following policies requires that two individuals review and approve each other's work before the task is considered complete?
Tap and monitor telephone lines
Which one, among the following, can not be done by digital forensics?
80
Which port number is commonly used for the Hypertext Transfer Protocol service.
CISSP
Which security certification is considered the most prestigious for security managers and CISOs?
Port Scanner
Which tool can identify active computers on a network?
Protect and forget; Apprehend and prosecute
Which two approaches are available to an organization when employing digital forensics?
Anomaly-Based
Which type of IDPS is also known as a behavior-based intrusion detection system?
Dynamic Packet FIltering Firewalls
Which type of device allows only specific packets with a particular source, destination, and port address to pass through it.
Search Warrant
Which type of document grants formal permission for an investigation to occur?
Private
Which type of law regulates the relationships among individuals and among individuals and organizations?
