ISEC Final - Vaughn
True or False: Defense in depth is the practice of layering defenses to increase overall security and provide more reaction time to respond to incidents,
True
True or False: Examples of major disruptions include extreme weather, application failure, and criminal activity.
True
True or False: The function of the homepage hijacking is to change a browser's homepage to point to the attacker's site.
True
True or False: SOC 2 reports are created for internal and other authorized stakeholders and are commonly implemented for service providers, hosted data centers, and managed cloud computing providers.
True
True or False: The financial industry created the ANSI X9.17 standard to define key management procedures
True
What is NOT an effective key distribution method for plaintext encryption data?
unencrypted email
Nancy performs a full backup of her server every Sunday at 1 A.M. and differential backups on Mondays through Fridays at 1 A.M. Her server fails at 9 A.M. Wednesday. How many backups does Nancy need to restore?
2
Kim is the risk manager for a large organization. She is evaluating whether the organization should purchase a fire suppression system. She consulted a variety of subject matter experts and determined that there is a 1% chance that a fire will occur in a given year. If a fire occurred, it would likely cause $2 million in damage to the facility, which has a $10 million value. Given this scenario, what is the single loss expectancy (SLE)?
2,000,000
Kim is the risk manager for a large organization. She is evaluating whether the organization should purchase a fire suppression system. She consulted a variety of subject matter experts and determined that there is a 1% chance that a fire will occur in a given year. If a fire occurred, it would likely cause $2 million in damage to the facility, which has a $10 million value. Given this scenario, what is the exposure factor?
20%
Kim is the risk manager for a large organization. She is evaluating whether the organization should purchase a fire suppression system. She consulted a variety of subject matter experts and determined that there is a 1% chance that a fire will occur in a given year. If a fire occurred, it would likely cause $2 million in damage to the facility, which has a $10 million value. Given this scenario, what is the annualized loss expectancy (ALE)?
20,000
Henry's last firewall rule must allow inbound access to a Windows Terminal Server.....
3389
What is NOT a valid encryption key length for use with the Blowfish algorithm?
512 bits
Alice would like to send a message to Bob using a digital signature. What cryptographic key does Alice use to create the digital signature?
Alice's private signature
Norm recently joined a new organization. He notice that the firewall technology used by his new firm opens separate connections between the devices on both sides of the firewall. What type of technology is being used?
Application Proxying
When Patricia receives a message from Gary, she wants to be able to demonstrate to Sue that the message actually came from Gary. What goal of cryptography is Patricia attempting to achieve?
Authentication
Karen would like to use a wireless authentication technology similar to that found in hotels where users are redirected to a webpage when they connect to the network. What technology should she deploy?
Captive portal
Which of the following allows a certificate authority (CA) to revoke a compromised digital certificate in real time?
Certificate Revocation List (CRL)
Alison discovers that a system under her control has been infected with malware, which is using a key logger to report user keystrokes to a third party. What information security property is this malware attacking?
Confidentiality
What is NOT one of the four main purposes of an attack?
Data Import
Curtis is conducting an audit of an identity management system. Which question is NOT likely to be in the scope of his audit?
Does the firewall properly block unsolicited network connection attempts?
What is a key principle of risk management programs?
Don't spend more to protect an asset than it's worth
True or False: Digital signatures require asymmetric key cryptography.
False
True or False: Spyware does NOT use cookies
False
True or False: System Infectors are viruses that attack document files containing embedded macro programming capabilities
False
True or False: A report indicating that a system's disk is 80 % full is a good indication that something is wrong with that system.
False. it tells you nothing unless you know how much disk space was used yesterday or even last week
True or False: In a known-Plaintext attack (KPA), the cryptanalyst has access only to a segment of encrypted data, and has no choice as to what data might be.
False: Cipher-text attack
True or False: Risk refers to the amount of harm a threat exploiting a vulnerability can cause.
False: Impact
True or False: A subnet mask is a partition of a network based on IP addresses
False: Just a subnet
True or False: The four primary types of malicious code attacks are unplanned attacks, planned attacks, and indirect attacks.
False: Unstructured, Structured, Direct, Indirect
True or False:Regarding log monitoring, false negatives are alerts that seem malicious but are not really security events
False: failure of the system to detect a serious event
What is not a common motive for hackers?
Fear
What type of firewall security feature limits the volume of traffic from individual hosts?
Flood Guard
Jacob is conducting an audit of the security controls at an organization as an independent reviewer. Which question would NOT be part of his audit?
Is the security control likely to become obsolete in the near future?
What term describes the longest period of time that a business can survive without a particular critical system?
Maximum tolerable downtime (MTD)
Brian would like to conduct a port scan against his systems to determine how they look from an attacker's viewpoint. What tool can he use for this purpose?
NMAP
Which regulatory standard would NOT require audits of companies in the United States?
Personal Information Protection and Electronic Documents Act (PIPEDA)
Adam discovers a virus on his system that is using encryption to modify itself. The virus escapes detection by signature-based antivirus software. What type of virus has he discovered?
Polymorphic virus
What data source comes first in the order of volatility when conducting a forensic investigation?
RAM
Which item is an auditor least likely to review during a system controls audit?
Resumes of system administration
Bob is developing a web application that depends upon a database backend. What type of attack could a malicious individual use to send commands through his web application to the database?
SQL injection
What type of network device normally connects directly to endpoints and uses MAC-based filtering to limit traffic flows?
Switches
Which type of virus targets hardware and software startup functions?
System Infector
True or False: A network attacker wants to know IP addresses used on a network, remote access procedures, and weaknesses in network systems.
True
True or False: A personnel safety plan should include an escape plan.
True
True or False: A substitution cipher replaces bits, characters or blocks of information with other bits, characters, or blocks.
True
True or False: In remote journaling, a system writes a log of online transactions to an offsite location
True
True or False: In security testing data collection, observation is the input used to differentiate between paper procedures and the way the job is really done
True
True or False: Internet Small Computer System Interface (iSCSI) is a storage networking standard used to link data storage devices to networks using IP for its transport layer.
True
True or False: Performing security testing includes vulnerability testing and penetration testing
True
True or False: The OSI Reference Model is a theoretical model of networking with interchangeable layers.
True
Which control is NOT an example of a fault tolerance technique designed to avoid interruptions that would cause downtime?
Warm Site
What is NOT a service commonly offered by unified threat management (UTM) devices?
Wireless network access
Which information security objective allows trusted entities to endorse information?
Certification
Larry recently viewed and auction listing on a website. As a result, his computer executed a code that popped up a window that asked for his password. What type of attack has Larry likely encountered?
Command injection
What is a set of concepts and policies for managing IT infrastructure, development?
IT Infrastructure Library
Gary is sending a message to Patricia. He wants to ensure that nobody tampers with the message while it is in transit. What goal of cryptography is Gary attempting to achieve?
Integrity
True or False: ActiveX is used by developers to create active content.
True
True or False: An SOC 1 report is commonly implemented for organizations that must comply with the Sabanes-Oxley (SOX) or the Gramm-Leach-Bliley Act (GLBA).
True
True or False: Anomaly-based intrusion detection systems compare current activity with stored profiles of normal(expected) activity.
True
True or False: Because people inside an organization generally have more detailed knowledge of the IT infrastructure than outsiders do, they can place logic bombs more easily.
True
True or False: Fencing and mantraps are examples of physical controls.
True
True or False: The Diffie-Hellman (DHE) algorithm is the basis for several common key exchange protocols, including Diffie-Hellman in the Ephemeral mode and the Elliptic Curve DHE (ECDHE)
True