Information Security Fundamentals Final Exam Study Guide
Gary is troubleshooting a security issue on an Ethernet network and would like to look at the Ethernet standard. What publication should he seek out?
IEEE 802.3
Nancy performs a full backup of her server every Sunday at 1 A.M. and differential backups on Mondays through Fridays at 1 A.M. Her server fails at 9 A.M. Wednesday. How many backups does Nancy need to restore?
2
What series of Special Publications does the National Institute of Standards and Technology (NIST) produce that covers information systems security activities?
800
Which Institute of Electrical and Electronics Engineers (IEEE) standard covers wireless LANs?
802.11
Which of the following is true of business continuity plans (BCPs) and disaster recovery plans (DRPs)?
A DRP is a part of a BCP
Pick which one of the following is the best example of an authorization control?
Access control lists
Mark is considering outsourcing security functions to a third-party service provider. What benefit is he most likely to achieve?
Access to a high level of expertise
What is a set of concepts and policies for managing IT infrastructure, development, and operations?
IT Infrastructure Library (ITIL)
Brian notices an attack taking place on his network. When he digs deeper, he realizes that the attacker has a physical presence on the local network and is forging Media Access Control (MAC) addresses. Which type of attack is most likely taking place?
Address Resolution Protocol (ARP) poisoning
Which organization created a standard version of the widely used C programming language in 1989?
American National Standards Institute (ANSI)
How often should an organization perform a risk management plan?
Annually
Mary is designing a software component that will function at the Presentation Layer of the Open Systems Interconnection (OSI) model. What other two layers of the model will her component need to interact with?
Application and session
Taylor is a security professional working for a retail organization. She is hiring a firm to conduct the Payment Card Industry Data Security Standard (PCI DSS) required quarterly vulnerability scans. What credential should she seek in a vendor?
Approved scanning vendor
What is a high-speed broadband networking technology that uses a 53-byte cell to support real-time voice, video, or data communications?
Asynchronous transfer mode (ATM)
Ricky is reviewing security logs to independently assess security controls. Which security review process is Ricky engaging in?
Audit
In an accreditation process, who has the authority to approve a system for implementation?
Authorizing official (AO)
Which password attack is typically used specifically against password files that contain cryptographic hashes?
Birthday Attacks
Fran is conducting a security test of a new application. She does not have any access to the source code or other details of the application she is testing. What type of test is Fran conducting?
Black-box test
Joe is the CEO of a company that handles medical billing for several regional hospital systems. How would Joe's company be classified under the Health Insurance Portability and Accountability Act (HIPAA)?
Business associate of a covered entity
Tom is the IT manager for an organization that experienced a server failure that affected a single business function. What type of plan should guide the organization's recovery effort?
Business continuity plan (BCP)
Betty visits a local library with her young children. She notices that someone using a computer terminal in the library is visiting pornographic websites. What law requires that the library filter offensive web content for minors?
Children's Internet Protection Act (CIPA)
Alice withdraws cash from an ATM belonging to Bank X that is coming from his account with Bank Y. What is Alan's relationship with Bank X?
Consumer
____________ is the practice of hiding data and keeping it invisible to unauthorized users.
Cryptography
___________ is the act of securing and protecting individuals, businesses, organizations, and governments that are connected to the Internet and the Web.
Cybersecurity
Tonya is working with a team of subject matter experts to diagnose a problem with her system. The experts determine that the problem likely resides at the Presentation Layer of the Open Systems Interconnection (OSI) model. Which technology is the most likely suspect?
Encryption
___________ is the process of transforming data from cleartext into ciphertext.
Encryption
Software vendors must protect themselves from the liabilities of their own vulnerabilities with a(n) ____________.
End-User License Agreement (EULA)
Barry discovers that an attacker is running an access point in a building adjacent to his company. The access point is broadcasting the security set identifier (SSID) of an open network owned by the coffee shop in his lobby. Which type of attack is likely taking place?
Evil Twin
Which one of the following is an example of a direct cost that might result from a business disruption?
Facility Repair
What compliance regulation applies specifically to the educational records maintained by schools about students?
Family Education Rights and Privacy Act (FERPA)
What entity is responsible for overseeing compliance with Family Educational Rights and Privacy Act (FERPA)?
Family Policy Compliance Office (FPCO)
Which control is not designed to combat malware?
Firewall
In the evolution of the U.S. telecommunications industry, which of the following occurred first?
Formation of multiple Regional Bell Operating Companies (RBOCs)
Bob is preparing to dispose of magnetic media and wishes to destroy the data stored on it. Which method is NOT a good approach for destroying data?
Formatting
__________ tests interrupt the primary data center and transfer processing capability to an alternate site.
Full-Interruption Test
Vincent recently went to work for a hospital system. He is reading about various regulations that apply to his new industry. What law applies specifically to health records?
Health Insurance Portability and Accountability Act (HIPAA)
Which recovery site option provides readiness in minutes to hours?
Hot site
Adam's company recently suffered an attack where hackers exploited an SQL injection issue on their web server and stole sensitive information from a database. What term describes this activity?
Incident
The ____________ is where the IT infrastructure links to a wide area network and the Internet.
LAN-to-WAN Domain
A ________ examines the network layer address and routes packets on the basis of routing protocol path determination decisions.
Layer 3 switch
Which agreement type is typically less formal than other agreements and expresses areas of common interest?
Memorandum of understanding (MOU)
What federal agency is charged with the mission of promoting "U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life?"
National Institute of Standards and Technology (NIST)
What federal government agency is charged with the responsibility of creating information security standards and guidelines for use within the federal government and more broadly across industries?
National Institute of Standards and Technology (NIST)
Which term accurately describes Layer 3 of the Open Systems Interconnection (OSI) model?
Network
Which security testing activity uses tools that scan for services running on systems?
Network mapping
What level of technology infrastructure should you expect to find in a cold site alternative data center facility?
No technology infrastructure
______ is a unified communications application that allows users to determine the ability and willingness of a contact to communicate.
Presence /availability
Violet deploys an intrusion prevention system (IPS) on her network as a security control. What type of control has Violet deployed?
Preventive
Marguerite is creating a budget for a software development project. What phase of the system life cycle is she undertaking?
Project initiation and planning
Which document is the initial stage of a standard under the Internet Engineering Task Force (IETF) process?
Proposed standard
Christopher is designing a security policy for his organization. He would like to use an approach that allows a reasonable list of activities but does not allow other activities. Which permission level is he planning to use?
Prudent
What type of organizations are required to comply with the Sarbanes-Oxley (SOX) Act?
Publicly traded companies
Which data source comes first in the order of volatility when conducting a forensic investigation?
RAM
Voice and unified communications are ________ applications that use 64-byte IP packets.
Real-time
Which group is the most likely target of a social engineering attack?
Receptionists and administrative assistants
Alan is developing a business impact assessment for his organization. He is working with business units to determine the maximum allowable time to recover a particular function. What value is Alan determining?
Recovery time objective (RTO)
____________ is the amount of time it takes to recover and make a system, application, and data available for use after an outage.
Recovery time objective (RTO)
What type of publication is the primary working product of the Internet Engineering Task Force (IETF)?
Request for comment (RFC)
What is the correct order of steps in the change control process?
Request, impact assessment, approval, build/test, implement, monitor
What term describes the risk that exists after an organization has performed all planned countermeasures and controls?
Residual risk
Which formula is typically used to describe the components of information security risks?
Risk = Threat X Vulnerability
Earl is preparing a risk register for his organization's risk management program. Which data element is LEAST likely to be included in a risk register?
Risk survey results
In what type of attack does the attacker send unauthorized commands directly to a database?
SQL Injection
E-commerce systems and applications demand strict confidentiality, integrity, and availability (C-I-A) ________.
Security controls
Karen is designing a process for issuing checks and decides that one group of users will have the authority to create new payees in the system while a separate group of users will have the authority to issue checks to those payees. The intent of this control is to prevent fraud. Which principle is Karen enforcing?
Separation of duties
Biyu is making arrangements to use a third-party service provider for security services. She wants to document a requirement for timely notification of security breaches. What type of agreement is most likely to contain formal requirements of this type?
Service level agreement
In which type of attack does the attacker attempt to take over an existing connection between two systems?
Session Hijacking
________ is the basis for unified communications and is the protocol used by real-time applications such as IM chat, conferencing, and collaboration.
Session Initiation Protocol (SIP)
What type of security monitoring tool would be most likely to identify an unauthorized change to a computer system?
System integrity monitoring
What is meant by application convergence?
The integration of applications to enhance productivity
The definition of ________ is any action that could damage an asset.
Threat
________ is defined as a technology that supports the convergence of voice, video, and data communication streams using split channels.
Time Division Multiplexing (TDM)
What type of malicious software masquerades as legitimate software to entice the user to run it?
Trojan
Florian recently purchased a set of domain names that are similar to those of legitimate websites and used the newly purchased sites to host malware. Which type of attack is Florian using?
Typosquatting
An attacker attempting to break into a facility pulls the fire alarm to distract the security guard manning an entry point. Which type of social engineering attack is the attacker using?
Urgency
In what software development model does activity progress in a lock-step sequential process where no phase begins until the previous phase is complete?
Waterfall
Which type of attack against a web application uses a newly discovered vulnerability that is not patchable?
Zero-day attack
During the late 1980s into the early 1990s, service providers converted the core switches at their central offices from ______________ to digital central office (CO) switches.
analog
A common DSL service is ________, where the bandwidth is different for downstream and upstream traffic.
asymmetric digital subscriber line (ADSL)
Ann is creating a template for the configuration of Windows servers in her organization. It includes the basic security settings that should apply to all systems. What type of document should she create?
baseline
A ___________ addresses primarily the processes, resources, equipment, and devices needed to continue conducting critical business activities when an interruption occurs that affects the business's viability.
business continuity plan (BCP)
A ___________ gives priorities to the functions an organization needs to continue operating or resume operations after a disaster.
business continuity plan (BCP)
A ___________ helps identify which functions are critical, and how quickly essential business functions must return to full operation following a major interruption.
business impact analysis (BIA)
A ___________ is a formal analysis of an organization's functions and activities that classifies them as critical or noncritical.
business impact analysis (BIA)
Which activity manages the baseline settings for a system or device?
configuration control
Forensics and incident response are examples of __________ controls.
corrective
Regarding a business impact analysis (BIA), the recovery point objective (RPO) identifies the amount of _________ that is acceptable.
data loss
A(n) _________ is an event that prevents a critical business function (CBF) from operating for a period greater than the maximum tolerable downtime.
disaster
A ___________ defines how a business gets back on its feet after a major disaster like a fire or hurricane.
disaster recover plan (DRP)
A parallel test evaluates the effectiveness of a ________ by enabling full processing capability at an alternate data center without interrupting the primary data center.
disaster recovery plan (DRP)
Tim is implementing a set of controls designed to ensure that financial reports, records, and data are accurately maintained. What information security goal is Tim attempting to achieve?
integrity
You can use quantitative risk analysis for all risks on the risk register; however, the amount of effort required may be overkill for _____________ risks.
low-probability
Brian needs to design a control that prevents piggybacking, only allowing one person to enter a facility at a time. What type of control would best meet this need?
mantraps
Alison retrieved data from a company database containing personal information on customers. When she looks at the SSN field, she sees values that look like this: "XXX-XX-9142." What has happened to these records?
masking
When you accept a __________, you take no further steps to resolve it.
negative risk
Roger's organization received a mass email message that attempted to trick users into revealing their passwords by pretending to be a help desk representative. What category of social engineering is this an example of?
phishing
Beth is conducting a risk assessment. She is trying to determine the impact a security incident will have on the reputation of her company. What type of risk assessment is best suited to this type of analysis?
qualitative
Alan is the security manager for a mid-sized business. The company has suffered several serious data losses when mobile devices were stolen. Alan decides to implement full disk encryption on all mobile devices. What risk response did Alan take?
reduce
Your _________ plan shows that you have examined risks to your organization and have developed plans to address each risk.
risk-response
Session Initiation Protocol (SIP) is a ___________ protocol used to support real-time communications.
signaling
Connecting your computers or devices to ________ immediately exposes them to attack.
the Internet
Regarding a BIA, RTO identifies the maximum allowable ________ to recover a function.
time
Purchasing an insurance policy is an example of the ____________ risk management strategy.
transfer
