Securities
Which control is NOT an example of a fault tolerance technique designed to avoid interruptions that would cause downtime?
Warm site
Kim is the risk manager for a large organization. She is evaluating whether the organization should purchase a fire suppression system. She consulted a variety of subject matter experts and determined that there is a 1 percent chance that a fire will occur in a given year. If a fire occurred, it would likely cause $2 million in damage to the facility, which has a $10 million value. Given this scenario, what is the single loss expectancy (SLE)?
$2,000,000
What a key principle of risk management programs?
. Don't spend more to protect an asset than it is worth
Henry's last firewall rule must allow inbound access to a Windows Terminal Server. What port must he allow?
3389
Alice would like to send a message to Bob using a digital signature. What cryptographic key does Alice use to create the digital signature?
Alice's private key
Norm recently joined a new organization. He noticed that the firewall technology used by his new firm opens separate connections between the devices on both sides of the firewall. What type of technology is being used?
Application proxying
Karen would like to use a wireless authentication technology similar to that found in hotels where users are redirected to a webpage when they connect to the network. What technology should she deploy?
Captive portal
A(n) _________ is an event that prevents a critical business function (CBF) from operating for a period greater than the maximum tolerable downtime.
Disaster
What type of firewall security feature limits the volume of traffic from individual hosts?
Flood guard
Brian needs to design a control that prevents piggybacking, only allowing one person to enter a facility at a time. What type of control would best meet this need?
Mantraps
Which of the following allows a certificate authority (CA) to revoke a compromised digital certificate in real time?
Online Certificate Status Protocol (OCSP)
Hilda is troubleshooting a problem with the encryption of data. At which layer of the OSI Reference Model is she working?
Presentation
Bob has a high-volume virtual private network (VPN). He would like to use a device that would best handle the required processing power. What type of device should he use?
VPN concentrator
Adam is evaluating the security of a web server before it goes live. He believes that an issue in the code allows an SQL injection attack against the server. What term describes the issue that Adam discovered?
Vulnerability
Gary is configuring a smartphone and is selecting a wireless connectivity method. Which approach will provide him with the highest speed wireless connectivity?
Wi-Fi
Nancy performs a full backup of her server every Sunday at 1 A.M. and differential backups on Mondays through Fridays at 1 A.M. Her server fails at 9 A.M. Wednesday. How many backups does Nancy need to restore?
2
Which information security objective allows trusted entities to endorse information?
Certification
Which cryptographic attack offers cryptanalysts the most information about how an encryption algorithm works?
Chosen plaintext
Betty receives a ciphertext message from her colleague Tim. What type of function does Betty need to use to read the plaintext message?
Decryption
What protocol is responsible for assigning IP addresses to hosts on most networks?
Dynamic Host Configuration Protocol (DHCP)
What mathematical problem forms the basis of most modern cryptographic algorithms?
Factoring large primes
David would like to connect a fibre channel storage device to systems over a standard data network. What protocol can he use?
Fibre Channel over Ethernet (FCoE)
What type of function generates the unique value that corresponds to the contents of a message and is used to create a digital signature?
Hash
Which recovery site option provides readiness in minutes to hours?
Hot site
Adam's company recently suffered an attack where hackers exploited an SQL injection issue on their web server and stole sensitive information from a database. What term describes this activity?
Incident
When Patricia receives a message from Gary, she wants to be able to demonstrate to Sue that the message actually came from Gary. What goal of cryptography is Patricia attempting to achieve?
Nonrepudiation
Which data source comes first in the order of volatility when conducting a forensic investigation?
RAM
Alan is the security manager for a mid-sized business. The company has suffered several serious data losses when mobile devices were stolen. Alan decides to implement full disk encryption on all mobile devices. What risk response did Alan take?
Reduce
What term describes the risk that exists after an organization has performed all planned countermeasures and controls?
Residual Risk
What firewall approach is shown in the figure?
Screened subnet
What term describes the longest period of time that a business can survive without a particular critical system?
Maximum tolerable downtime (MTD)
Which approach to cryptography provides the strongest theoretical protection?
Quantum cryptography
What is the only unbreakable cipher when it is used properly?
Vernam
Val would like to isolate several systems belonging to the product development group from other systems on the network, without adding new hardware. What technology can she use?
Virtual Lan (VLAN)
Terry is troubleshooting a network that is experiencing high traffic congestion issues. Which device, if present on the network, should be replaced to alleviate these issues?
Hub
What is NOT a symmetric encryption algorithm?
Rivest-Shamir-Adelman (RSA)
What standard is NOT secure and should never be used on modern wireless networks?
Wired Equivalent Privacy (WEP)
What wireless security technology contains significant flaws and should never be used?
Wired Equivalent Privacy (WEP)
What is NOT a service commonly offered by unified threat management (UTM) devices?
Wireless network access
What type of network connects systems over the largest geographic area?
Wide area network (WAN)
Kim is the risk manager for a large organization. She is evaluating whether the organization should purchase a fire suppression system. She consulted a variety of subject matter experts and determined that there is a 1 percent chance that a fire will occur in a given year. If a fire occurred, it would likely cause $2 million in damage to the facility, which has a $10 million value. Given this scenario, what is the annualized loss expectancy (ALE)?
$20,000
Forensics and incident response are examples of __________ controls.
Corrective
Gary is sending a message to Patricia. He wants to ensure that nobody tampers with the message while it is in transit. What goal of cryptography is Gary attempting to achieve?
Integrity
Alice and Bob would like to communicate with each other using a session key but they do not already have a shared secret key. Which algorithm can they use to exchange a secret key?
Diffie-Hellman
Violet deploys an intrusion prevention system (IPS) on her network as a security control. What type of control has Violet deployed?
Preventive
Beth is conducting a risk assessment. She is trying to determine the impact a security incident will have on the reputation of her company. What type of risk assessment is best suited to this type of analysis?
Qualitative
Kim is the risk manager for a large organization. She is evaluating whether the organization should purchase a fire suppression system. She consulted a variety of subject matter experts and determined that there is a 1 percent chance that a fire will occur in a given year. If a fire occurred, it would likely cause $2 million in damage to the facility, which has a $10 million value. Given this scenario, what is the exposure factor?
20% (2/10)
Henry is creating a firewall rule that will allow inbound mail to the organization. What TCP port must he allow through the firewall?
25
What is the maximum value for any octet in an IPv4 IP address?
255
Barbara is investigating an attack against her network. She notices that the Internet Control Message Protocol (ICMP) echo replies coming into her network far exceed the ICMP echo requests leaving her network. What type of attack is likely taking place?
Smurf
Joe is responsible for the security of the industrial control systems for a power plant. What type of environment does Joe administer?
Supervisory Control and Data Acquisition (SCADA)
What type of network device normally connects directly to endpoints and uses MAC-based filtering to limit traffic flows?
Switch
Which set of characteristics describes the Caesar cipher accurately?
Symmetric, stream, substitution
Purchasing an insurance policy is an example of the ____________ risk management strategy.
Transfer
Henry would like to create a different firewall rule that allows encrypted web traffic to reach a web server. What port is used for that communication?
443
What is NOT a valid encryption key length for use with the Blowfish algorithm?
512 bits
Bob received a message from Alice that contains a digital signature. What cryptographic key does Bob use to verify the digital signature?
Alice's public key
Alice would like to send a message to Bob securely and wishes to encrypt the contents of the message. What key does she use to encrypt this message?
Bob's public key
Which type of cipher works by rearranging the characters in a message?
Transposition
What is NOT an effective key distribution method for plaintext encryption keys?
Unencrypted email