IS3513 Final Ch. 10-12

identify the most critical functions for an organization

A business impact assessment (BIA) is conducted to _______.

safeguard

A control may also be called countermeasure or a(n)_____

True

A major focus of the disaster recovery plan (DRP) is the protection of human life.

USB Drive

A newer portable media that provides new obstacles is a(n)

Cryptographically random

A number that is suitable for an encryption function is called

Mantrap

A small space, with two locking doors, that is large enough for only one person at a time is a _______.

Memorandum of Understanding

A(n) _______ is a legal document used to describe a bilateral agreement between parties.

zero day

A(n)__________is a vulnerability that has been discovered by hackers, but not by the developers of the software.

hazard

A(n)_______is a circumstance that increases the likelihood or probable severity of a loss.

canonicalization error

A(n)______causes an application to malfunction due to a misrepresented name for a resource.

Common Weakness Enumeration (CWE)

CWE-20: Improper Input Validation refers to a(n)

catch errors early in the programming process

Code review by a second party is helpful to do what?

poor encryption protocols

Common cryptographic failures include which of the following?

True

CompTIA Security+ is vendor-neutral and also an ideal entry-level certification.

Personally Identifiable Information (PII)

Data that can be used to identify a specific individual is referred to as _______.

Implementing plans

During which step of the policy lifecycle does training of users take place?

A = MTTF B = MTTF C = MTTR

Fill in the blanks. Availability is calculated using the formula below: Availability = A / (B + C)

Developer, CYBER Defense, PEN-Testing, Digital Forensics and Incident Response, and Management and Leadership.

GIAC certification domains include:

administrative, technical, and physical controls

HIPAA requires the following controls for medical records:

Policies

High-level statements made by management that lay out the organization's position on some issue.

mitigate

If you reduce the likelihood of a threat occurring, you_____a risk.

identify the critical employees who must be onsite to implement the BCP

Succession planning is performed to _______.

AV * EF = SLE SLE * ARO = ALE = $20,000

The asset value of a small distribution warehouse is $5 million, and this warehouse serves as a backup facility. Its complete destruction by a disaster would take away about 1/5 of the capability of the business. Also assume that this sort of disaster is expected to occur about once every 50 years. Which of the following is the calculated annualized loss expectancy (ALE)?

AV($5,000,000) * EF (.2) = SLE = $1,000,000

The asset value of a small distribution warehouse is $5 million, and this warehouse serves as a backup facility. Its complete destruction by a disaster would take away about 1/5 of the capability of the business. Also assume that this sort of disaster is expected to occur about once every 50 years. Which of the following is the calculated single loss expectancy (SLE)?

deprecated functions

The banning of_______helps improve code quality by using safer library calls.

False

The focus of business continuity is on the recovery and rebuilding of the organization after a disaster has occurred.

improper input validation

The largest class of errors in software engineering can be attributed to _______.

Privacy Act, Freedom of Information Act

The major U.S. privacy statutes are the______ of 1974 and the______of 1996.

True

The purpose of change management is to ensure proper procedures are followed when modifications to the IT infrastructure are made.

IEEE 802.11

The set of standards for wireless networks that is well suited for the LAN environment and whose normal mode is to have computers with network cards communicating with a wireless access point is _______.

False - the requirements phase

The specific security needs of a program being developed should be defined in the design phase of the secure development lifecycle.

False

The spiral model is characterized by iterative development, where requirements and solutions evolve through an ongoing collaboration between self-organizing, cross-functional teams.

fuzzing

Using a series of malformed input to test for conditions such as buffer overflows is called

Least Privilege

Using an administrator-level account for all functions is a violation of the principle of

something you know, something you have, and something about you

What are the three common techniques for verifying a person's identity and access privileges?

Necessary for normal processing

What category would a business function fall under if an organization could last without that function for up to 30 days before the business was severely impacted?

Communications

What common utility or infrastructure is important to consider when developing your recovery plans?

The lock

What is the most common physical access control device that has been around in some form for centuries?

Put the equipment beyond the point that the emanations can be picked up / Provide shielding for the equipment itself / Place equipment in a shielded enclosure

What technique can be used to protect against electromagnetic eavesdropping (known as the van Eck phenomenon)?

bit-by-bit

What term describes the type of replication created by the drive imaging process?

False positive

When a biometric is scanned and allows access to someone who is not authorized that is called a

impact

When a threat exploits a vulnerability, you experience a(n)

It is impossible to conduct a purely quantitative risk assessment, but it is possible to conduct a purely qualitative risk assessment.

When discussing qualitative risk assessment versus quantitative risk assessment, which of the following is true?

When necessary to avoid issues such as piggybacking, which can occur with electronic access controls

When should a human security guard be used for physical access control?

code injection

When the function of code is changed in an unintended way due to unvalidated input,________has taken place.

False negative

When the system denies access to someone who is authorized it is called a

on an annualized basis, the frequency with which an event is expected to occur

Which of the following correctly defines annualized rate of occurrence?

the process of subjectively determining the impact of an event that affects a project, program, or business

Which of the following correctly defines qualitative risk management?

the risk still remaining after an iteration of risk management

Which of the following correctly defines residual risk?

Service Level Agreement (SLA)

Which of the following is a contractual agreement between entities that describes specified levels of service that the servicing entity agrees to guarantee for the customer?

Cleaning crews are allowed unsupervised access because they have a contract.

Which of the following is a physical security threat?

Shredding, deleting files, magnetically destroying data, burning...

Which of the following is an acceptable PII disposal procedure?

Customer ID number

Which of the following is not PII?

a pointer in C language

Which of the following is not involved with a code injection error?

canonicalization error

Which of the following is not related to a buffer overflow?

Warm site

Which of the following is the name for a partially configured environment that has the peripherals and software that the normal processing facility contains and that can be operational within a few days?

Request for credit from a customer with a credit freeze on credit reporting record

Which of the following should trigger a response under the Red Flag Rule?

The risk itself doesn't really change. However, actions can be taken to reduce the impact of the risk.

Which of the following statements about risk is true?

Constant monitoring of all employees by camera

Which of these, according to this chapter, is NOT a step that can be taken to help mitigate physical security risk?

Physical access negates all other security measures.

Which statement accurately summarizes the "security problem"?

The individual always has the biometric in their possession.

Which statement describes an advantage of using biometrics for physical access control?

LiveCD

Which term describes an operating system distribution specifically designed to run the entire machine from an optical disc without using the hard drive?

Bootdisk

Which term refers to any media used to boot a computer into an operating system (OS) that is not the native OS on its hard drive?

backups

With regard to an organization's critical data, the "rule of three" is described as a strategy for _______.

Standards

_______ are accepted specifications providing specific details on how a policy is to be enforced.

Procedures

_______ are step-by-step instructions that describe exactly how employees are expected to act in a given situation or to accomplish a specific task.

GSEC

a 5-hour, 180-question, open-book exam

CISSP

a 6-hour, 250-questions exam

Security+

a 90-minute, 90-question exam with a score of 750 or better out of 900 to attain certification

hot site

a fully configured backup environment that is similar to the normal operating environment and that can be operational within a few hours

Fault tolerance

a method to ensure high availability that is accomplished by the mirroring of data and systems

Warm site

a partially configured backup processing facility that usually has the peripherals and software but perhaps not the more expensive main processing computer

mutual aid agreement

an agreement in which similar organizations agree to assume the processing for the other in the event a disaster occurs

business impact analysis (BIA)

an evaluation of the impact that a loss of critical functions will have on the organization

Differential backup

backup that includes only the files that have changed since the last full backup was completed

CISSP

can be renewed with 36 Continuing Professional Experience (CPE) credits

GSEC

credential seekers may take a SANS course that includes the cost of the exam

CISSP

designed for security professionals who develop information security policies and procedures

CISSP

exam domains: Security and Risk Management Asset Security Security Engineering Communications and Network Security Identity and Access Management Security Assessment and Testing Security Operations Software Development Security

Clustering

linking multiple systems together to appear as one large system in terms of capacity

CISSP

must earn 40 continuing professional education (CPE) credits each year for a total of 120 CPEs within the three-year cycle for recertification

CISSP

successful candidates should possess at least two years of experience working in network security

Mean Time to Recovery (MTTR)

the average time that it will take to restore a system to operational status

recovery time objective (RTO)

the maximum period of time in terms of data loss that is acceptable during an outage

business continuity plan (BCP)

the plans a business develops to continue critical operations in the event of a major disruption

GSEC

valid for four years

Security+

vendor-neutral and also an ideal entry-level certification

Making sure the floppy is not the first drive in the boot sequence.

All of the following are ways to prevent a computer from booting up from a bootable floppy (Taking out the floppy drive.- Removing the a drive from the boot sequence.- Setting a bios password) EXCEPT:

input

All______validation should be performed on the server side of the client-server relationship.

are not 100 percent accurate, having some level of misidentifications

Biometric access controls are typically used in conjunction with another form of access control because biometrics _______.

Procedures

Step-by-step instructions on how to implement policies

Layered access

In terms of physical security, which term refers to protecting important assets by using multiple perimeters?

opt-out, opt-in

In the United States, the standard methodology for consumers with respect to privacy is to______, whereas in the EU it is to______.

Delta

In which backup strategy are only those portions of the files and software that have changed since the last backup backed up?

buffer overflow

Input validation is important to prevent what?

requirements phase

It's most important to define security requirements during _______ of the project.

all resource requests from applications to other entities

Least privilege applies to _______.

code injection

Modifying a SQL statement through false input to a function is an example of

False

Most experts will agree that the biggest danger to any organization comes from external attacks.

False

Security awareness and training is not required to achieve compliance objectives

validate all inputs

One of the most fundamental rules to good coding practice is to _______.

cookies, cookie cutters

Programs used to control the use of____when web browsing are referred to as_____.

Guidelines

Recommendations relating to a policy

risk assessment

Risk analysis is synonymous with...

waterfall model

The_____is a linear software engineering model with no repeating steps.

requirements phase

The_____is the first opportunity to address security functionality during a project.

exposure factor

The_____measures the magnitude of the loss of an asset.

MTTR<RTO

To ensure that critical systems is not lost during a failure, it is important that which of the following be true?

Computers and users

To which distinct areas do physical security policies and procedures relate?