Info Sec Ch 5
"Akhilesh would like to add a removable security device to his system to manage, generate and securely store cryptographic keys. What device would you recommend Akhilesh?"
HSM
"Jared found an external (or removeable) device that can generate, store, and manage RSA keys used in asymmetric encryption. Which of the following most likely identifies this device? (5)"
HSM
"Mark is using an external device that can generate, store, and manage RSA keys used in asymmetric encryption. What kind of device is Mark using? (5)"
HSM
What is the process of making an operating system more secure than its default installation? (5)
Hardening
"Erica has just started using a removable device that is able to generate, store, and manage RSA keys to be used in asymmetric encryption. What is the name of this tool she is using? (5)"
Hardware security module (HSM)
"What service leaves the most responsibility on the customer, or user, for security? (5)"
IaaS
Which type of cloud computing provides customers with access to hardware and is often referred to as a self-managed solution? (5)
IaaS
What is it called when an operating system reacts to input within a specific time?(5)
RTOS
Managers within your organization want to implement a secure boot process for some key computers. During the boot process, each computer should send data to a remote system to check the computer's configuration. Which of the following will meet this goal?
Remote attestation
Sam lost his company issued cell phone and reported this to his IT department. He later finds it in his couch but the phone will not work. What did the IT department do? (ch. 5)
Remote wipe
The IT administrator at your organization knows that one way to keep your Windows systems secure is to be sure all software is up to date. They want an easy way to be sure all the latest patches are deployed. What management tool are they likely to use? (5)
SCCM
All students at TU have an assigned email address that is tied to a Gmail account. Gmail can best be described as: (5)
SaaS
A software vendor recently developed a patch for one of its applications. Before releasing the patch to customers, the vendor needs to test it in different environments. Which of the following solutions provides the BEST method to test the patch in different environments?
Sandbox
"A new mobile device security policy has authorized the use of employee-owned devices, but mandates additional security controls to protect them if they are lost or stolen. Which of the following meets this goal?(5)"
Screen locks and device encryption
Applications provided over the Internet are what kind of technology? (5)
Software as a Service
"Your company has run into an issue of malware being installed in several devices in different departments. After an investigation, you discover that several employees wanted to download music for their workday, and had downloaded Limewire. These machines were the ones infected. What will you be adding Limewire to in order to avoid this issue in the future? (5)"
application blacklist
Which linux command (rarely ever useful) gives full permissions to all users? (5)
chmod 777
Jailbreaking refers to removing all software restrictions from an Apple device. What can a user do to the device after jailbreaking it?(5)
install software from any third party source.
"Lisa has been having issues with her computer disconnecting from the internet while she's working at her desk. After a short inventory of her office, she realizes what it is and has to move the microwave next to her desk. Why would she do that? (5)"
it was causing EMI
Carlos wants to be able to download all the apps that he wants on his iPhone and not be restricted by what's on the App Store. Which method should he use to bypass Apple's restrictions?
jailbreaking
James loves the look of Windows XP and has refused to update his computer to the latest windows version. Windows has decided to stop supporting and implementing patches for Windows XP. What security vulnerability does this leave James susceptible to? Choose two. (5)
lack of vendor support end-of-life systems
Which of the following is a core principle for a secure system design?
least functionality
Which of the following access control models does a trusted operating system usually employ? (5)
mandatory
Organizations often want users to avoid using unauthorized software. Which of the following is NOT a way users can do this? (5)
releveling
What would a user employ if they wanted to do a secure boot but NOT use the TPM system? (5)
remote attesation
Jimmy is currently working with the patch management team. Which of the following is NOT a process included in change management? (5)
renewing patches
"Which of the following is true of the Linux permission, read? (5)"
represented by the number 4
"Despite knowing the risks and vulnerabilities that it opens his phone up to, Dwight decides to modify his android to get full administrator access to his devices. What is this called? (5)"
rooting
The Springfield Nuclear Power Plant has created an online application teaching nuclear physics. Only students and teachers in the Springfield Elementary school can access this application via the cloud. What type of cloud service model is this?(5)
saas
"You recently released an application. However, you soon realize it has a vulnerability and quickly create a patch to fix it. However, before you release the patch, you want to test it out to make sure it works. Which of the following would be the best method to use? (5)"
sandbox
What is the method of using an isolated area on a system to do testing that would not affect anything outside of the area? (5)
sandboxing
A software development team is creating an app that will be used to sell products on the Internet. They are currently in a staging environment that provides a complete but independent copy of the production environment. What is this secure staging environment called? (5)
staging
Many mobile computing devices use an integrated circuit that includes all of the functionality of a computing system within the hardware. This integrated circuit is known as a(n): (5)
system on a chip
"Carlos wants to access a NSFW site with his laptop, but the proxy server blocks his access. What is an option he might consider so that he can bypass it? (5)"
tethering
"Lisa does not have access to the project.doc file, but she needs access to this file for her job. Homer is the system administrator and he has identified the following permissions for the file: rwx rw- --. What should Homer use to grant Lisa read access to the file?(5)"
the chmod command
What type of operating system typically uses a mandatory access control? (ch. 5)
trusted operating systems
What are ways that IT can protect company cell phones? Select all that apply (5)
ALL OF THEM
Which of the following statements is NOT true regarding sandboxing? (5)
Although isolated from the rest of the system, malware can escape sandboxes to infiltrate the rest of a system.
Your organization wants to ensure that employees do not install any unauthorized software on their computers. Which of the following is the BEST choice to prevent this?
Application whitelisting
"Upon turning on your computer, you receive a message that states the operating system on your hard drive cannot be found. Which of the following might be corrupted? (5)"
BIOS, UEFI
"What is the name of the system that provides a computer with basic instructions on how to start, runs basic checks, and locates the operating system? (5)"
BIOS/UEFI
Company A wants its employees to have company-monitored phones. Which two deployment models would best meet this need? (5)
BYOD, CYOD
"Jim wants to ensure that a particular program does NOT run on any OS images, what should he implement? (5)"
Blacklist
"At Marie's company, employees are issued devices but are free to use them as their own. What deployment model is this company using? (5)"
COPE
Mike Corporation provides its employees with mobile devices but allows them to use it as their own device. What deployment model does Mike Corporation use?
COPE
Which deployment model is used when employees are given corporate devices but are allowed to use them for personal use as well? (5)
COPE
Laura works as a receptionist in BoopTroop Inc. and has been notified that the organization will create a list of acceptable devices that can be connected to the network from which she can purchase and bring to work. What type of deployment model is BoopTroop Inc. using? (5)
CYOD
Management within your organization wants to prevent users from copying documents to USB flash drives. Which of the following can be used to meet this goal?(5)
DLP
Attackers recently attacked a web server hosted by your organization. Management has tasked administrators with configuring the servers following the principle of least functionality. Which of the following will meet this goal?
Disabling unnecessary services
Dan is reassigning permissions to employees in his company. Which is NOT one of the basic Linux permissions he can set? (5)
Display
"Tom has added a new flouresent lamp on his desk. After a few days, he realizes his computer runs really slow when the lamp is on? What is causing Tom's issues? (ch. 5)"
EMI
"What kind of interference comes from sources such as motors, power lines, and fluorescent lights? (5)"
EMI
"Because leadership is stupid, America and Russia are duking it out in WW3. One of the nuclear warheads Russia launched diverted off course and exploded miles in the air above Canada. None of the people were hurt however all their electronic equipment became damaged and no longer worked. What is this called? (5)"
EMP
"Koe installs a new computer system within the company's warehouse for workers to access customer orders. The computer tower is placed next to a large packaging machine. A few days later, he receives a report of poor connectivity with that computer. What is the most probable issue he didn't consider? (5)"
Electromagnetic interference
Which is true of the COPE deployment method? Select all that apply. (5)
Employees may bring any device to work (wrong) Devices owned by the company
Sandra is updating file permissions in her company. Which is NOT one of the basic Windows permissions she can set? (5)
Execute
"Management within your company wants to restrict access to the Bizz app from mobile devices. If users are within the company s property, they should be granted access. If they are not within the company s property, their access should be blocked. Which of the following answers provides the BEST solution to meet this goal?(5)"
Geofencing
"John has decided to outsource all of his company's equipment requirements His service provider owns the equipment, houses the data in its data center and performs all the required hardware maintenance. What is this an example of? (5)"
IaaS
"K-Mart's system administrators have a very specific process for deploying their computer systems securely. They facilitate the creation of a write-once, read-many (WORM) master copy that is then clean-installed onto test systems. Which of the following terms describes K-Mart's process? (5)"
Imaging
Security experts want to reduce risks associated with updating critical operating systems. Which of the following will BEST meet this goal?
Implement a change management policy.
Network administrators have identified what appears to be malicious traffic coming from an internal computer, but only when no one is logged on to the computer. You suspect the system is infected with malware. It periodically runs an application that attempts to connect to web sites over port 80 with Telnet. After comparing the computer with a list of applications from the master image, you verify this application is very likely the problem. What allowed you to make this determination?
Integrity measurements
What are some sources of EMP? Select three. (5)
Lightening, military weapons, electrostatic discharge
"There are three primary types of OSs. They can either be closed source, meaning the public can't freely access the underlying code, or open source, where the code is available to anyone freely. Which of the following types is an open source system? (5)"
Linux
"Mean old Koe, your boss, wants all computers to have trusted operating systems installed. What must a trusted operating system do? (5) "
Meet predetermined requirements emphasizing authentication and authorization
An organization has a critical SCADA network it is using to manage a water treatment plant for a large city. Availability of this system is important. Which of the following security controls would be MOST relevant to protect this system?(5)
NIPS
"Your company, DonutTrust.us, wants to provide their customers with a pre-configured computing platform that includes an easy-to-configure operating system and the appropriate applications. Which "" as a service"" is being provided by this business model? (5)"
PaaS
Which of the following statements is true regarding patch management? (5)
Patch management protects systems from known vulnerabilities.
"Google App Engine provides a programming framework, database/web server, and execution environment to help clients build their own fully functional web applications. Which of the following describes the service being provided? (5)"
Platform as a Service
Bizzfad is planning to implement a CYOD deployment model. You re asked to provide input for the new policy. Which of the following concepts are appropriate for this policy?(5)
Storage segmentation
Julie found a hardware chip included on many laptops and mobile devices that provides full disk encryption and supports a secure boot process and remote attestation. Which of the following is likely the chip found? (5)
TPM
"After I rooted my Nexus 15 android phone, I was no longer able to use it on our company network. Why is that? (5)"
The MDM blocked the rooted phone because it is a security risk
What is the name of the hardware chip on the computers motherboard that stores cryptographic keys used for encryption? (5)
Trusted Platform Module (TPM)
Which of the following are legitimate Linux entities in regards to setting permissions? (5)
Users(Ownernot), Group, Other ???
Michael is choosing the main operating system his company will use. He absolutely detests any and everything related to Apple and plans on actively avoiding the use of an Apple operating system. He also must make sure he chooses an up to date operating system for security reasons. Which operating systems should Michael be looking into? Choose all that apply. (5)
Windows, Linux, Unix
"Jill is watching a cool TV show called ""Blacklist"" and decided to implement one at IT World. Instead of being a list of criminals to take down like in the TV show, what will the Blacklist at IT World consist of? (5)"
a list of applications the system blocks
"The overall goal of ______ is to ensure that only authorized personnel can access data based on their permissions. Also, _____ has predetermined requirements to follow and uses MAC. (5)"
a trussted operating system
Jane is worried about unauthorized software at her organization. Which of the following is NOT a key problem related to unauthorized software? (5)
always have..
Which of the following is NOT an environment in the secure staging environment? (5)
application
"As the friendly neighborhood systems admin for April Corp, I try to be friendly to everyone and answer help desk tickets in the order which I received them. Sal is unhappy that I took too long to respond to and fix his problem, therefore he walked over to my cubical and started yelling at me till my ears bled. In an attempt for non-confrontational revenge, I checked his pc logs to see which unauthorized but allowed application he ran daily for social indulgence, uninstalled it, and added it to _____________________ so that he could never install it again. (5)"
application blacklist
Which is not a characteristic of a mobile device as defined by NIST? (5)
bluetooth
"Company A's network just went down. After looking into it, they realize it was because someone had changed something they weren't supposed to. This could have been prevented by applying which of the following methods? (5)"
change management
"Your company is being completely overrun by admins who make changes to the company's devices whenever they feel. Yesterday Jimothy changed the DNS Server's IP address to 240:240:240:269 and crashed the entire network. After firing Jimothy, what should you implement? (5)"
change management policy
"With administrative privileges, an IT professional can inadvertently cause a large problem in the network, usually while trying to trouble shoot or install another feature on the network. What can help prevent this? (5)"
change managment
"Pascal manages permissions for a Linux-based system. A file owner has requested that the owner have read, write, and execute access, the group have read and execute access, and anyone else to have no access. Which of the following numbers would represent these desired permissions? (5)"
chmod 750
"Management within your company wants to implement a method that will authorize employees based on several elements, including the employee s identity, location, time of day, and type of device used by the employee. Which of the following will meet this need?(5)"
context-aware authentication
"Your CEO's best friend and the CIO of your company, Larry McLiar, just stole the etc/passwd directory for the whole company and emailed it to his nefarious friends to sell online before disappearing into a cloud of smoke (should have used an email gateway), this is known as: (5)"
data exfiltration
Koe purchases ten new laptops for the company. What will the TPMs that are included enable Koe to do? Choose all that apply. (5)
encrypt, support, store
"With regard to protecting data, confidentiality is primarily protected through strong access controls and what else? (5)"
encryption
Paul's app for his work only works when he is within a certain distance of his company. What is this an example of? (5)
geofencing
"_______ is a methodology that proposes that systems should be deployed with the least amount of applications, services, and protocols. (5)"
least privileges (wrong) maybe functionality?
"Bob wants to deploy new systems and wants the same operating system throughout the company, what should he use to ensure this? (5)"
master image
Which of the following is a Windows permission but not a Linux permission?
modify
"Your organization hosts a web site with a back-end database. The database stores customer data, including credit card numbers. Which of the following is the BEST way to protect the credit card data?(5)"
not Database column encryption or full
Johnny is using a baseline to improve the overall security posture of systems in his company. Which of the following is NOT one of the procedural steps he would take in the baselining process? (5)
not Secure the network using techniques such as NAC
"Company A is looking to save money by going to the cloud. Because they don't know much about it, they want to start with cloud models that basically run themselves and don't need that much involvement from their side. Which two cloud models would best meet this requirement? (5)"
not chap and iaas
What two goals does change management provide? (5)
not iaas and chap
Your IT team just found the the company-distributed Android phone of Ann T. Raitor and it is discovered that she gained root-level access to the device to disable the software restrictions set in place by the company. The process of getting this kind of access is known as: (5)
not jailbreaking. Rooting
This is one of the most efficient ways to reduce operating system and application vulnerabilities because it protects systems from known vulnerabilities. This is called: (5)
patch management
Amazon EC2 and Microsoft Azure are examples of which type of cloud deployment model? (5)
public
What are the four categories of cloud deployment models? (5)
public, private, hybrid, community
