ITSY 1300 Chapter 5-8 Test
Fran is conducting a security test of a new application. She does not have any access to the source code or other details of the application she is testing. What type of test is Fran conducting?
Black-box test
Which of the following statements is true regarding the rules for password selection?
Change your passwords frequently
A SOC 1 report primarily focuses on security.
False
Marguerite is creating a budget for a software development project. What phase of the system lifecycle is she undertaking?
Project initiation and planning
When the 172.30.0.10 IP host responded to the ICMP echo-requests, how many ICMP echo-reply packets were sent back tot he vWorkstation?
4 echo replies
What is NOT a principle for privacy created by the Organization for Economic Cooperation and Development (OECD)?
An organization should share its information.
Which part of the CIA triad refers to making sure information is obtainable when needed?
Availability
Members of the ____________ group called Remote Desktop Users are allowed to use the remote desktop services to connect to remote machines.
Builtin (built-in)
What information should an auditor share with the client during an exit interview?
Details on major issues
From the LabFiles Properties dialog box, which of the following options is necessary to enable you to specify permissions for each subfolder?
Disable inheritance
In Wireshark, which of the following enable you to find only the traffic you wish to analyze?
Display filters
Certification is the formal agreement by an authorizing official to accept the risk of implementing a system.
False
During the secure phase of a security review, you review and measure all controls to capture actions and changes on the system.
False
Often an extension of a memorandum of understanding (MOU) , the blanket purchase agreement (BPA) serves as an agreement that documents the technical requirements of interconnected assets.
False
The four main types of logs that you need to keep to support security auditing include event, access, user and security.
False
Which of the following refers to the middle pane of the Wireshark window that is used to display the packet structure and contents of fields within the packet?
Frame detail
Which of the following refers to the top pane of the Wireshark window that contains all of the packets that Wireshark has captured, in time order and provides a summary of the contents of the packet in a format close to English?
Frame summary
What is a set of concepts and policies for managing IT infrastructure, development and operations?
IT Infrastructure Library (ITIL)
Which of the following provides security practitioners with a deep packet inspection tool used for examining everything from the data link layer up to the application layer?
NetWitness Investigator
Which security testing activity uses tools that scan for services running on systems?
Network mapping
Before analyzing packets in NetWitness Investigator, you must first create a collection and then import a(n):
Packet capture file
Christopher is designing a security policy for his organization. He would like to use an approach that allows a reasonable list of activities but does not allow other activities. Which permission level is he planning to use?
Prudent
On a Windows network share, if the user can view the folder's contents as well as execute scripts, what type of access controls and permissions are probably configured?
Read and execute
What is the correct order of steps in the change control process?
Request, impact assessment, approval, build/test, implement, monitor
In what type of attack does the attacker send unauthorized commands directly to a database?
SQL injection
Which of the following statements is true when using SSH to remotely access a Cisco router?
SSH encrypts the data transmission between the SSH client and the SSH host to maintain confidentiality.
Which intrusion detection system strategy relies upon pattern matching?
Signature detection
If it is impractical to place guest users in a secure network, isolated from the production network by firewall barriers, then:
Specific areas of access should be determined and they should be as restrictive as possible.
What type of security monitoring tool would be most likely to identify an unauthorized change to a computer system?
System integrity monitoring
Microsoft Windows Active Directory provides capabilities in all three of the CIA areas, and the domain administrator will be called upon to implement:
The roles of Confidentiality and Integrity most frequently
Which of the following statements is true regarding guest users who require a higher degree of access?
These guest users can be issued local, self-signed certificates that expire on a specific date and limit the guest's access.
Aditya is attempting to classify information regarding a new project that his organization will undertake in secret. Which characteristic is NOT normally used to make these type of classification decisions?
Threat
A functional policy declares an organization's management direction for security in such specific functional areas as email, remote access, and Internet surfing.
True
A successful change control program should include the following elements to ensure the quality of the change control process: peer review, documentation and back-out plans.
True
Classification scope determines what data you should classify; classification process determines how you handle classified data.
True
Company-related classifications are not standard, therefore, there may be some differences between the terms "private" and "confidential" in different companies.
True
Regarding an intrusion detection system (IDS), stateful matching looks for specific sequences appearing across several packets in a traffic stream rather than just in individual packets.
True
Which of the following combines something you know (e.g. password) with something you are (e.g. fingerprint) or something you possess (e.g. USB stick) and can also employ a certificate system that adds a distinct third layer to the authentication process?
Two-factor authentication
Which of the following is the mechanism on a Windows server where you can administer granular policies and permissions on a Windows network using role-based access?
Windows Group Policy
Which of the following is a freeware tool providing basic packet capture and protocol decoding capabilities?
Wireshark
Windows Group Policy can be used _____________ to control access to many local computer and network resources such as drives, Internet access, kiosk mode, etc.
on either a local or domain level
Gina is preparing to monitor network activity using packet sniffing. Which technology is most likely to interfere with this effort if used on the network?
Secure Sockets Layer (SSL)
Which of the following uses the TFTP (Trivial File Transfer Protocol) to send (put) or receive (get) files between computers?
The Tftpd64 application
By creating users, assigning those users to groups, and then applying groups to resources in the domain, the administrator sets up both authentication using the Active Directory Domain authentication policies, and builds a series of nested ___________ to control the access to domain resources.
Access Control Lists
Janet is identifying the set of privileges that should be assigned to a new employee in her organization. Which phase of the access control process is she performing?
Authorization
In an accreditation process, who has the authority to approve a system for implementation?
Authorizing official (AO)
Which of the following refers to the bottom pane of the Wireshark window where all of the information in the packet is displayed in hexadecimal on the left and in decimal, in characters when possible, on the left?
Hex pane
Which agreement type is typically less formal than other agreements and expresses areas of common interest?
Memorandum of understanding (MOU)
Which of the following tools is used to modify permissions on the TargetWindowsDC01 server to allow new users to use the remote desktop services?
The Group Policy Object Editor
In what software development model does activity progress in a lock-step sequential process where no phase begins until the previous phase is complete?
Waterfall
Makes the process of accessing machines that are not on the domain much easier.
Active Directory
Which of the following is the database that provides a centrally controlled and managed access and security management system for an organization's Windows computer systems?
Active Directory
Ann is creating a template for the configuration of Windows servers in her organization. It includes the basic security settings that should apply to all systems. What type of document should she create?
Baseline
Which part of the CIA triad refers to preventing the disclosure of secure information to unauthorized individuals or systems?
Confidentiality
Which activity manages the baseline settings for a system or device?
Configuration control
Curtis is conducting an audit of an identity management system. Which question is NOT likely to be in the scope of his audit?
Does the firewall properly block unsolicited network connection attempts?
By default, Windows will:
Inherit the permissions of the parent folder so that all subfolders will have the same permissions as the parent.
Which part of the CIA triad refers to maintaining and assuring the accuracy of data over its life-cycle?
Integrity
Which of the following would NOT be considered in the scope of organizational compliance efforts?
Laws
On a Windows network share, if the user can browse a file but cannot copy or modify it, what type of access controls and permissions are probably configured?
List folder contents
On a Windows network share, if the user can add, edit and delete files and folders within the LabFiles folder, what type of access controls and permissions are probably configured?
Modify
Emily is the information security director for a large company that handles sensitive personal information. She is hiring an auditor to conduct an assessment demonstrating that her firm is satisfying requirements regarding customer private data. What type of assessment should she request?
SOC 3
Isaac is responsible for performing log reviews for his organization in an attempt to identify security issues. He has a massive amount of data to review. What type of tool would best assist him with this work?
Security information and event management (SIEM)
Karen is designing a process for issuing checks and decides that one group of users will have the authority to create new payees in the system while a separate group of users will have the authority to issue checks to those payees. The intent of this control is to prevent fraud. Which principle is Karen enforcing?
Separation of duties
Biyu is making arrangements to use a third-party service provider for security services. She wants to document a requirement for timely notification of security breaches. What type of agreement is most likely to contain formal requirements of this type.
Service level agreement (SLA)