Info Assurance/Security EXAM 2

When you use controls that cost more than the risk involved, you're making poor management decisions. True or false?

True

The primary use of Biometrics is in recognition of anonymous subjects. True or false?

True

The security Kernel enforces Access Control to computer systems. True or false?

True

The two basic types of ciphers are transition and substitution. true or false?

True

In an accreditation process, who has the authority to approve a system for implementation?

Authorizing official

Mark is considering Outsourcing security functions to a third-party service provider. What benefit is he most likely to achieve?

Access to a higher level of expertise

Which answer best describes the accountability component of Access Control?

Accountability is the process of creating and maintaining the policies and procedures necessary to ensure proper information is available when an organization is audited.

An audit examines whether security controls are appropriate, installed correctly, and _______.

Addressing their purpose

Bob received a message from Alice that contains a digital signature. What cryptographic key does Bob use to verify the digital signature?

Alice's public key

Challenges to access control include which of the following?

All of the above

Post audit activities include which of the following?

All of the above

The objectives of classifying information include which of the following?

All of the above

The security program requires documentation of:

All of the above

When developing software you should ensure that the application does which of the following?

All of the above

When it comes to privacy organizations are concerned about which of the following?

All of the above

Which of the following is an example of social engineering?

All of the above

Which of the following is an example of a level of permissiveness?

All the above

How did viruses spread in the early days of malware?

As program bugs

________ corroborates the identity of an entity, whether the sender, the sender's computer, some device, or some information.

Authentication

Which answer best describes the authentication component of Access Control?

Authentication is the validation or proof that the subject requesting access is indeed the same subject who has been granted that same access.

Which answer best describes the authorization component of Access Control?

Authorization is the process of determining who is approved for Access and what resources they are approved for.

Tyler is a security engineer for his company's IT Department. He has been tasked with developing a security monitoring system for the company's infrastructure to determine when any network activity occurs outside the norm. What essential technique does he start with?

Baselines

A _______ is a standard to measure how effective a system is as it relates to Industry expectations.

Benchmark

Alice would like to send a message to Bob securely and wishes to use a symmetric encryption to encrypt the contents of the message. What key does she use to encrypt this message?

Bob's public key

A _______ is a network of compromised computers that attackers used to launch attacks and spread malware.

Botnet

A company's IT manager has advised the business's executives to use a method of decentralized access control rather than centralized to avoid creating a single point of failure. She selects a common protocol that hashes passwords with a one-time challenge number to defeat eavesdropping based replay attacks. What is this protocol?

Challenge-Handshake Authentication Protocol (CHAP)

A ______ is used to detect malicious changes to data.

Checksums

An algorithm used for cryptographic purposes is known as a _______.

Cipher

Riley is a newly-hired cybersecurity expert for a government agency. Riley used to work in the private sector. She has discovered that, whereas private-sector companies often had confusing hierarchies for data classification, the government's classifications are well-known and standardized. As part of her training, she is researching data that requires special authorization Beyond normal classification. What is this type of data called?

Compartmentalized

Physical access, security bypass, and eavesdropping are examples of how access controls can be _______.

Compromised

Bob is sending a message to Alice. He wants to ensure that nobody can read the content of the message while it is in transit. What goal of cryptography is Bob attempting to achieve?

Confidentiality

The change management process includes ________ control and ________ control.

Configuration, change

Which of the following is the point at which 2 error rates of a biometric system are equal and is the measure of the system's accuracy expressed as a percentage?

Crossover error rate

________ offers a mechanism to accomplish four security goals: confidentiality, Integrity, authentication, and non-repudiation.

Cryptography

Host isolation is the isolation of internal networks and the establishment of a ______.

DMZ

Which type of password attack is used on weak passwords and Compares a hashed value of the passwords to the system password file to find a match?

Dictionary attack

What is not a symmetric encryption algorithm?

Diffie-Hellman

A ______ signature is a representation of a physical signature stored in the digital format.

Digital signature

Security objectives add value to relationships between businesses or between businesses and their customers. Which objective finds a message or data to a specific entity?

Digital signature

The process of an owner of a resource determining the access and changing permissions as needed is known as ______.

Discretionary Access Control

Arturo is a network engineer. He wants to implement an access control system in which the owner of the resource decides who can change permissions, and permission levels can be granted to specific users, groups of people and the same or similar job roles, or buy a project. Which of the following should Arturo choose?

Discretionary Access Control (DAC)

Lynn is conducting an audit of an identity management system. Which question is not likely to be in the scope of her audit?

Does the firewall properly block unsolicited network connection attempts?

Maria is using accounting software to compile sensitive financial information. She receives a phone call and then momentarily leaves her desk. While she's gone, Bill walks past her cubicle and sees that she is not locked her desktop and left data exposed. Bill uses his smartphone to take several photos of this data with the intent of selling it to the company's competitor. What Access Control compromise is taking place?

Eavesdropping by observation

The act of scrambling plaintext into ciphertext is known as _____.

Encryption

A hardened configuration is a system that has had unnecessary Services enabled. True or false?

False

An organization does not have to comply with both regulatory standards and organizational standards. True or false?

False

The best defense from keystroke loggers is to carefully inspect the keyboard cable before using a computer because the longer must connect to the keyboards cable. True or false?

False

What does the TCP SYN flood attack do to cause a DDoS?

Fills up the pending connections table

Bob is preparing to dispose of magnetic media and wishes to destroy the data stored on it. Which method is not a good approach for destroying data?

Formatting

Cheryl is a security consultant hired by a company to develop its system auditing protocols. She and the company's chief Information officer agree that audits are an important consideration. In her report to the CIO and other c-level officers in the corporation, she recommends that the security policy include audit categories and _________ for conducting audits.

Frequency requirements

Which software testing method provides random input to see how software handles unexpected data?

Fuzzing

What type of system is intentionally exposed to attackers in attempt to lure them out?

Honeypot

Which answer best describes the identification component of Access Control?

Identification is the process of determining the people who are approved for Access and what resources they are approved for.

What is not a privacy principle created by the organization for economic cooperation and development(OECD)?

In organization should share its information

Bob is sending a message to Alice. He wants to ensure that nobody tampers with the message while it is in transit. What goal of cryptography is Bob trying to achieve?

Integrity

Yolanda would like to prevent attackers from using her network as a relay point for a Smurf attack. What protocol should she filter?

Internet control message protocol (ICMP)

Rodrigo has just received an email at work from an unknown person. The sender claims to have incriminating evidence against Rodrigo and threatens to release it to his employer and his family unless he just closes certain confidential information about his employer's company. Rodrigo does not know that several other people in the organization received the same email. What form of social engineering has occurred?

Intimidation

What is a single sign-on(SSO) approach that relies on the use of key distribution centers (KDCs) and ticket-granting change servers (TGSs)?

Kerberos

An example of _______ is being presented with some combination of username, password, token, smart car, or Biometrics when logging on to a network and then being authorized or denied access by the system.

Logical access controls

Allison is a security professional. A user reports that, after opening an email attachment, every document he saves is in a template format and other Microsoft Word documents will not open. After investigating the issue, Allison determines that the user's Microsoft Office normal.dot template has been damaged, as well as many Word files. What type of virus is most likely the cause?

Macro virus

When should an organization's managers have an opportunity to respond to the findings of an audit?

Managers have the opportunity to respond to A draft copy of the audit report. Auditors then put that response in the final report.

Which agreement type is typically less formal than other agreements and expresses areas of common interest?

Memorandum of understanding

The _______ strategy ensures that an attacker must compromise multiple controls to reach any protected resource.

Nmap

Which software tool provides extensive Port scanning capabilities?

Nmap

Jeanette is the director of her company's Network infrastructure group. She is explaining to the business owners the advantages and disadvantages of Outsourcing Network Security. 1 consideration she presents is the question of who would be responsible for the data, media, and infrastructure. What consideration is she describing?

Ownership

Which regulatory standard would not require audits of companies in the United States?

Personal information protection and electronic documents Act (PIPEDA)

Which type of attack tricks a user into providing personal information by masquerading as a legitimate website?

Phishing

An automatic teller machine(ATM) uses a form of constrained user interface to limit the user's ability to access resources in the system. Specifically for ATMs, which method is being used?

Physically constrained user interfaces

_______ is the concept that users should be granted only the levels of permissions they need in order to perform their duties.

Principle of least privilege

Margie is creating a budget for a software development program. What phase of the system life cycle is she undertaking?

Project initiation and planning

Christopher is designing a security policy for his mid-sized company. He would like to use an approach that allows a reasonable list of activities but prohibits all other activities. Which level of permission is he planning to use?

Prudent

Which approach to cryptography uses highly parallel algorithms that could solve problems in a fraction of the time needed by conventional computers?

Quantum cryptography

_______.

RFC 1087

The review of the system to learn as much as possible about the organization, its systems, and networks is known as _______.

Reconnaissance

What is the most common first phase of an attack?

Reconnaissance and probing

The ________ is the central part of a Computing environments Hardware, software, and firmware that enforces Access Control.

Security Kernel

A common platform for capturing and analyzing log entries is ______.

Security information and event management (SIEM)

Maya is her company's network security professional. She is developing access policies based on Personnel security principles. As a part of this effort, she is devising a method of taking high security tasks and splitting them among several different employers so that no one person is responsible for knowing and Performing the entire task. What practice is she developing?

Separation of duties

A ________ is a formal contract between an organization and a third-party external organization that details the specific Services The Firm will provide.

Service level agreement

Emily is the information security director for a large company that handles sensitive personal information. She is hiring an auditor to conduct an assessment demonstrating that her firm is satisfying requirements regarding customer private data. What type of assessment should she request?

Service organization control (SOC) 3

Bob is investigating an attack. An Intruder managed to take over the identity of a user who was legitimately logged into Bob's company website by manipulating hypertext transfer protocol headers. Which type of an attack likely took place?

Session hijacking

Which intrusion detection system strategy relies on pattern-matching?

Signature detection

In _____ methods, the IDS Compares current traffic with activity patterns consistent with those of a known network intrusion via pattern-matching and stateful matching.

Signature-based

What is an example of 2 Factor Authentication (2FA)?

Smart card and personal identification number(PIN)

_______ is any unwanted message?

Spam

The CEO of a company recently fell victim to an attack. The attackers sent the CEO an email that appeared to come from the company's attorney. The email informed the CEO that his company was being sued and he needed to view a subpoena at a court website. When visiting the website, malicious code was downloaded onto the CEOs computer. What type of attack took place?

Spear phishing

________ direct the process of implementing the same hardware and software configurations across an organization to minimize security risk.

Standards

Bob is developing a web application that depends on a backbend database. What type of attack could a malicious individual use to send commands through his web application to the database?

Structured query language injection

An encryption Cipher that uses the same key to encrypt and decrypt is called a ________ key.

Symmetric (private)

DES, IDEA, RC4, and WPA are examples of blank.

Symmetric algorithms or standards

What set of characteristics describes the Caesar Cipher accurately?

Symmetric, stream, substitution

Which of the following is a type of denial of service attack?

Synchronize flood

What type of security monitoring tool would be most likely to identify an unauthorized change to a computer system?

System Integrity monitoring

More and more organizations use the term _______ to describe the entire change and maintenance process for applications.

System development life cycle (SDLC)

Which type of virus targets computer hardware and software startup functions?

System infector

Which of the following is an example of a formal model of Access Control?

The Clark Wilson Integrity model

Which of the following is not true of hash functions?

The hashes produced by a specific hash function may vary in size

Which of the following is true of procedures?

They provide for places within the process to conduct Assurance checks

A Honeypot is a sacrificial host with deliberately insecure Services deployed at the edges of a network to act as bait for potential hacking attacks. True or false?

True

A strong hash function is designed so that it is nearly impossible for a forged message to result in the same hash as a legitimate message. True or false?

True

Access controls are policies or procedures used to limit certain resources. True or false?

True

Data classification is the responsibility of the person who owns the data. True or false?

True

Encryption ciphers fall into two general categories: symmetric (private) key and asymmetric (public) key. True or false?

True

Physical access controls deter physical access to resources, such as buildings or gated parking lots. True or false?

True

Policy sets the tone and culture of an organization. True or false?

True

Security Administration is the group of individuals responsible for planning, designing, implementing, and monitoring an organization security plan. True or false?

True

Some of the tools and techniques used in security monitoring include baselines, alarms, closed-circuit TV, and honey pots. true or false?

True

Log files can help provide evidence of Normal and abnormal system activity, as well as valuable information on how well security controls are doing their jobs. Regulation, policy, or log volume might dictate how much log information to keep. IF a log file is subject to litigation, how long must the company keep it?

Until the case is over

Amy is a network security professional. She wants to strengthen the security of her agency's Network infrastructure defences. Which control can she use to protect the network?

Use proxy services in Bastion host to protect critical services

Wen is a network engineer. For several months he has been designing a system of controls to allow and restrict access to network assets based on various methods of information. he is currently configuring the authentication method. What does this method do?

Verifies that requesters are who they claim to be

what is the only unbreakable Cipher when it is used properly?

Vernam

Which type of malware attaches to or infects are there programs?

Virus

There are several types of software development methods, but most traditional methods are based on the ________ model.

Waterfall

In the context of malware, which of the following best defines the term mobile code?

Website active content

Which type of malicious software is a standalone program that propagates from one computer to another?

Worm

Which of the following is one of the four basic forms of cryptography attack?

all of the above

_______ is used when it is not as critical to detect and respond to incidents immediately. Align

non real-time monitoring

Karen is a hacker. She wants to access a server and control it remotely. The tool she plans to use as a type of Trojan. What tool will Karen for this purpose?

remote access tool

Configuration management is the management of modifications made to the hardware, software, firmware, documentation, test plans, and test documentation of an automated system throughout the system life cycle. True or false?

true