IS413 UAB Final
Bob is preparing to dispose of magnetic media and wishes to destroy the data stored on it. Which method is NOT a good approach for destroying data?
Formatting
Which item is an auditor least likely to review during a system controls audit?
Resumes of system administrators
What is NOT a symmetric encryption algorithm?
Rivest-Shamir-Adelman (RSA)
Which classification level is the highest level used by the U.S. federal government?
Top Secret
Protected health information (PHI) is any individually identifiable information about a person's health.
True
Rootkits are malicious software programs designed to be hidden from normal methods of detection.
True
While running business operations at an alternate site, you must continue to make backups of data and systems.
True
Written security policies document management's goals and objectives.
True
Florian recently purchased a set of domain names that are similar to those of legitimate websites and used the newly purchased sites to host malware. Which type of attack is Florian using?
Typosquatting
Adam is evaluating the security of a web server before it goes live. He believes that an issue in the code allows an SQL injection attack against the server. What term describes the issue that Adam discovered?
Vulnerability
Mark is considering outsourcing security functions to a third-party service provider. What benefit is he most likely to achieve?
Access to a high level of expertise
A bricks-and-mortar strategy includes marketing and selling goods and services on the Internet.
False
A packet-filtering firewall remembers information about the status of a network communication.
False
A rootkit uses a directed broadcast to create a flood of network traffic for the victim computer.
False
Breanne's system was infected by malicious code after she installed an innocent-looking solitaire game that she downloaded from the Internet. What type of malware did she likely encounter?
Trojan horse
Henry's last firewall rule must allow inbound access to a Windows Terminal Server. What port must he allow?
3389
In Mobile IP, what term describes a device that would like to communicate with a mobile node (MN)?
Correspondent node (CN)<br><u> </u>
Which one of the following is an example of a direct cost that might result from a business disruption?
Facility repair
An SOC 1 report primarily focuses on security.
False
Often an extension of a memorandum of understanding (MOU), the blanket purchase agreement (BPA) serves as an agreement that documents the technical requirements of interconnected assets.
False
Product cipher is an encryption algorithm that has no corresponding decryption algorithm.
False
Regarding data center alternatives for disaster recovery, a mobile site is the least expensive option but at the cost of the longest switchover time.
False
Regarding security controls, the four most common permission levels are poor, permissive, prudent, and paranoid.
False
Removable storage is a software application that allows an organization to monitor and control business data on a personally owned device.
False
The first step in the risk management process is to monitor and control deployed countermeasures
False
The four central components of access control are users, resources, actions, and features.
False
The term "data owner" refers to the person or group that manages an IT infrastructure.
False
The term risk methodology refers to a list of identified risks that results from the risk-identification process.
False
Which control is not designed to combat malware?
Firewalls
Which element of the security policy framework offers suggestions rather than mandatory actions?
Guideline
With the use of Mobile IP, which device is responsible for keeping track of mobile nodes (MNs) and forwarding packets to the MN's current network?
Home agent (HA)
Violet deploys an intrusion prevention system (IPS) on her network as a security control. What type of control has Violet deployed?
Preventive
Chris is writing a document that provides step-by-step instructions for end users seeking to update the security software on their computers. Performing these updates is mandatory. Which type of document is Chris writing?
Procedure
Under the Health Insurance Portability and Accountability Act (HIPAA) Security Rule, what type of safeguards must be implemented by all covered entities, regardless of the circumstances?
Required
Which one of the following principles is NOT a component of the Biba integrity model?
Subjects cannot change objects that have a lower integrity level.
What type of network device normally connects directly to endpoints and uses MAC-based filtering to limit traffic flows?
Switch
A disaster recovery plan (DRP) directs the actions necessary to recover resources after a disaster.
True
A functional policy declares an organization's management direction for security in such specific functional areas as email, remote access, and Internet surfing.
True
ActiveX is used by developers to create active content.
True
An auditing benchmark is the standard by which a system is compared to determine whether it is securely configured.
True
An example of a threat to access control is in a peer-to-peer (P2P) arrangement in which users share their My Documents folder with each other by accident.
True
Bring Your Own Device (BYOD) opens the door to considerable security issues.
True
In a Bring Your Own Device (BYOD) policy, the user acceptance component may include separation of private data from business data.
True
In a chosen-ciphertext attack, cryptanalysts submit data coded with the same cipher and key they are trying to break to the decryption device to see either the plaintext output or the effect the decrypted message has on some system.
True
In security testing data collection, observation is the input used to differentiate between paper procedures and the way the job is really done.
True
Log files are records that detail who logged on to a system, when they logged on, and what information or resources they used.
True
Message authentication confirms the identity of the person who started a correspondence.
True
Networks, routers, and equipment require continuous monitoring and management to keep wide area network (WAN) service available.
True
The goal of a command injection is to execute commands on a host operating system.
True
The hash message authentication code (HMAC) is a hash function that uses a key to create a hash, or message digest.
True
Unified messaging allows you to download both voice and email messages to a smartphone or tablet.
True
Using Mobile IP, users can move between segments on a local area network (LAN) and stay connected without interruption.
True
What type of network connects systems over the largest geographic area?
Wide area network (WAN)
During what phase of a remote access connection does the end user prove his or her claim of identity?
Authentication
Alice would like to send a message to Bob securely and wishes to encrypt the contents of the message. What key does she use to encrypt this message?
Bob's public key
Which type of password attack attempts all possible combinations of a password in an attempt to guess the correct value?
Brute-force attack
What is the maximum value for any octet in an IPv4 IP address?
255
The Children's Online Privacy Protection Act (COPPA) restricts the collection of information online from children. What is the cutoff age for COPPA regulation?
13
Kim is the risk manager for a large organization. She is evaluating whether the organization should purchase a fire suppression system. She consulted a variety of subject matter experts and determined that there is a 1 percent chance that a fire will occur in a given year. If a fire occurred, it would likely cause $2 million in damage to the facility, which has a $10 million value. Given this scenario, what is the exposure factor?
20 percent
Henry is creating a firewall rule that will allow inbound mail to the organization. What TCP port must he allow through the firewall?
25
Which security control is most helpful in protecting against eavesdropping on wireless LAN (WLAN) data transmissions that would jeopardize confidentiality?
Applying strong encryption
Taylor is a security professional working for a retail organization. She is hiring a firm to conduct the Payment Card Industry Data Security Standard (PCI DSS) required quarterly vulnerability scans. What credential should she seek in a vendor?
Approved scanning vendor (ASV)
Ann is creating a template for the configuration of Windows servers in her organization. It includes the basic security settings that should apply to all systems. What type of document should she create?
Baseline
What program, released in 2013, is an example of ransomware?
Crypt0L0cker
Betty receives a cipher text message from her colleague Tim. What type of function does Betty need to use to read the plaintext message?
Decryption
Which organization creates information security standards that specifically apply within the European Union?
European Telecommunication Standards Institute (ETSI) Cyber Security Technical Committee (TC CYBER)
Which organization pursues standards for Internet of Things (IoT) devices and is widely recognized as the authority for creating standards on the Internet?
Internet Engineering Task Force
Which regulatory standard would NOT require audits of companies in the United States?
Personal Information Protection and Electronic Documents Act (PIPEDA)
Adam discovers a virus on his system that is using encryption to modify itself. The virus escapes detection by signature-based antivirus software. What type of virus has he discovered?
Polymorphic virus
Which data source comes first in the order of volatility when conducting a forensic investigation?
RAM
What type of malicious software allows an attacker to remotely control a compromised computer?
Remote Access Tool (RAT)
Which activity is an auditor least likely to conduct during the information-gathering phase of an audit?
Report writing
In which type of attack does the attacker attempt to take over an existing connection between two systems?
Session hijacking
Which intrusion detection system strategy relies upon pattern matching?
Signature detection
Kaira's company recently switched to a new calendaring system provided by a vendor. Kaira and other users connect to the system, hosted at the vendor's site, using a web browser. Which service delivery model is Kaira's company using?
Software as a Service (SaaS)
Users throughout Alison's organization have been receiving unwanted commercial messages over the organization's instant messaging program. What type of attack is taking place?
Spim
Purchasing an insurance policy is an example of the ____________ risk management strategy.
transfer
Kim is the risk manager for a large organization. She is evaluating whether the organization should purchase a fire suppression system. She consulted a variety of subject matter experts and determined that there is a 1 percent chance that a fire will occur in a given year. If a fire occurred, it would likely cause $2 million in damage to the facility, which has a $10 million value. Given this scenario, what is the single loss expectancy (SLE)?
$2,000,000
Kim is the risk manager for a large organization. She is evaluating whether the organization should purchase a fire suppression system. She consulted a variety of subject matter experts and determined that there is a 1 percent chance that a fire will occur in a given year. If a fire occurred, it would likely cause $2 million in damage to the facility, which has a $10 million value. Given this scenario, what is the annualized loss expectancy (ALE)?
$20,000
Henry would like to create a different firewall rule that allows encrypted web traffic to reach a web server. What port is used for that communication?
443
Bob is using a port scanner to identify open ports on a server in his environment. He is scanning a web server that uses Hypertext Transfer Protocol (HTTP). Which port should Bob expect to be open to support this service?
80
Which Institute of Electrical and Electronics Engineers (IEEE) standard covers wireless LANs?
802.11
Juan's web server was down for an entire day last September. It experienced no other downtime during that month. Which one of the following represents the web server uptime for that month?
96.67%
Brian notices an attack taking place on his network. When he digs deeper, he realizes that the attacker has a physical presence on the local network and is forging Media Access Control (MAC) addresses. Which type of attack is most likely taking place?
Address Resolution Protocol (ARP) poisoning
A security policy is a comparison of the security controls you have in place and the controls you need in order to address all identified threats.
False
A structured walk-through test is a review of a business continuity plan to ensure that contact numbers are current and that the plan reflects the company's priorities and structure.
False
Committee of Sponsoring Organizations (COSO) is a set of best practices for IT management.
False
Cryptography is the process of transforming data from cleartext into ciphertext.
False
In a known-plaintext attack (KPA), the cryptanalyst has access only to a segment of encrypted data, and has no choice as to what that data might be.
False
Terminal Access Controller Access Control System Plus (TACACS+) is an authentication server that uses client and user configuration files.
False
The Transport Layer of the OSI Reference Model creates, maintains, and disconnects communications that take place between processes over the network.
False
Trojans are self-contained programs designed to propagate from one host machine to another using the host's own network communications protocols.
False
User-based permission levels limit a person to executing certain functions and often enforces mutual exclusivity.
False
You must always use the same algorithm to encrypt information and decrypt the same information.
False
digitized signature is a combination of a strong hash of a message and a secret key.
False
What compliance regulation applies specifically to the educational records maintained by schools about students?
Family Education Rights and Privacy Act (FERPA)
What entity is responsible for overseeing compliance with Family Educational Rights and Privacy Act (FERPA)?
Family Policy Compliance Office (FPCO)
Yolanda would like to prevent attackers from using her network as a relay point for a smurf attack. What protocol should she block?
Internet Control Message Protocol (ICMP)
What is a single sign-on (SSO) approach that relies upon the use of key distribution centers (KDCs) and ticket-granting servers (TGSs)?
Kerberos
Brian would like to conduct a port scan against his systems to determine how they look from an attacker's viewpoint. What tool can he use for this purpose?
Nmap
What level of technology infrastructure should you expect to find in a cold site alternative data center facility?
No technology infrastructure
Which scenario presents a unique challenge for developers of mobile applications?
Selecting multiple items from a list
Karen is designing a process for issuing checks and decides that one group of users will have the authority to create new payees in the system while a separate group of users will have the authority to issue checks to those payees. The intent of this control is to prevent fraud. Which principle is Karen enforcing?
Separation of duties
Tomahawk Industries develops weapons control systems for the military. The company designed a system that requires two different officers to enter their access codes before allowing the system to engage. Which principle of security is this following?
Separation of duties
A Chinese wall security policy defines a barrier and develops a set of rules that makes sure no subject gets to objects on the other side.
True
A birthday attack is a type of cryptographic attack that is used to make brute-force attack of one-way hashes easier.
True
Application service providers (ASPs) are software companies that build applications hosted in the cloud and on the Internet.
True
Authorization is the process of granting rights to use an organization's IT assets, systems, applications, and data to a specific user.
True
One advantage of using a security management firm for security monitoring is that it has a high level of expertise.
True
Payment Card Industry Data Security Standard (PCI DSS) version 3.2 defines 12 requirements for compliance, organized into six groups, called control objectives.
True
SOC 2 reports are created for internal and other authorized stakeholders and are commonly implemented for service providers, hosted data centers, and managed cloud computing providers.
True
Simple Network Management Protocol (SNMP) is used for network device monitoring, alarm, and performance.
True
Social engineering is deceiving or using people to get around security controls.
True
The Federal Financial Institutions Examination Council (FFIEC) developed the Cybersecurity Assessment Tool, which can be used as a self-assessment tool for identifying a bank or financial institution's cyber security maturity.
True
The International Electrotechnical Commission (IEC) is the predominant organization for developing and publishing international standards for technologies related to electrical and electronic devices and processes.
True
The Internet Architecture Board (IAB) is a subcommittee of the IETF.
True
The Physical Layer of the OSI Reference Model must translate the binary ones and zeros of computer language into the language of the transport medium.
True
Val would like to isolate several systems belonging to the product development group from other systems on the network, without adding new hardware. What technology can she use?
Virtual LAN (VLAN)
What tool might be used by an attacker during the reconnaissance phase of an attack to glean information about domain registrations?
Whois
Which type of attack against a web application uses a newly discovered vulnerability that is not patchable?
Zero-day attack
Authorization is the process of granting rights to use an organization's IT assets, systems, applications, and data to a specific user.
true