CISS 3360 FINAL

Alison discovers that a system under her control has been infected with malware, which is using a key logger to report user keystrokes to a third party. What information security property is this malware attacking?

Confidentiality

Which activity manages the baseline settings for a system or device?

Configuration control

A remediation liaison makes sure all personnel are aware of and comply with an organization's policies.

False

Which of the following is NOT a benefit of cloud computing to organizations?

Lower dependence on outside vendors

From a security perspective, what should organizations expect will occur as they become more dependent upon the Internet of Things (IoT)?

Security risks will increase.

A computer virus is an executable program that attaches to, or infects, other executable programs.

True

The term "web defacement" refers to someone gaining unauthorized access to a web server and altering the index page of a site on the server.

True

What type of network connects systems over the largest geographic area?

Wide area network (WAN)

What wireless security technology contains significant flaws and should never be used?

Wired Equivalent Privacy (WEP)

What file type is least likely to be impacted by a file infector virus?

.docx

The Children's Online Privacy Protection Act (COPPA) restricts the collection of information online from children. What is the cutoff age for COPPA regulation?

13

Matthew captures traffic on his network and notices connections using ports 20, 22, 23, and 80. Which port normally hosts a protocol that uses secure, encrypted connections?

22

What ISO security standard can help guide the creation of an organization's security policy?

27002

Which one of the following is the best example of an authorization control?

Access control lists

Bob received a message from Alice that contains a digital signature. What cryptographic key does Bob use to verify the digital signature?

Alice's public key

Norm recently joined a new organization. He noticed that the firewall technology used by his new firm opens separate connections between the devices on both sides of the firewall. What type of technology is being used?

Application proxying

Which action is the best step to protect Internet of Things (IoT) devices from becoming the entry point for security vulnerabilities into a network while still meeting business requirements?

Applying security updates promptly

Janet is identifying the set of privileges that should be assigned to a new employee in her organization. Which phase of the access control process is she performing?

Authorization

In an accreditation process, who has the authority to approve a system for implementation?

Authorizing official (AO)

Which security model does NOT protect the integrity of information?

Bell-LaPadula

Which password attack is typically used specifically against password files that contain cryptographic hashes?

Birthday attacks

Jody would like to find a solution that allows real-time document sharing and editing between teams. Which technology would best suit her needs?

Collaboration

Which formula is typically used to describe the components of information security risks?

Correct Risk = Threat X Vulnerability

In Mobile IP, what term describes a device that would like to communicate with a mobile node (MN)?

Correspondent node (CN)

Which technology can be used to protect the privacy rights of individuals and simultaneously allow organizations to analyze data in aggregate?

Deidentification

Which risk is most effectively mitigated by an upstream Internet service provider (ISP)?

Distributed denial of service (DDoS)

What protocol is responsible for assigning IP addresses to hosts on most networks?

Dynamic Host Configuration Protocol (DHCP)

What is the first step in a disaster recovery effort?

Ensure that everyone is safe.

A packet-filtering firewall remembers information about the status of a network communication.

False

A phishing attack "poisons" a domain name on a domain name server.

False

A physical courier delivering an asymmetric key is an example of in-band key exchange.

False

Another name for a border firewall is a DMZ firewall.

False

Bricks-and-mortar stores are completely obsolete now.

False

Mandatory vacations minimize risk by rotating employees among various systems or duties.

False

Passphrases are less secure than passwords.

False

Regarding the Internet of Things (IoT), a business involved in utilities, critical infrastructure, or environmental services can benefit from traffic-monitoring applications.

False

Removable storage is a software application that allows an organization to monitor and control business data on a personally owned device.

False

Retro viruses counter the ability of antivirus programs to detect changes in infected files.

False

The four primary types of malicious code attacks are unplanned attacks, planned attacks, direct attacks, and indirect attacks.

False

Voice pattern biometrics are accurate for authentication because voices can't easily be replicated by computer software.

False

You must always use the same algorithm to encrypt information and decrypt the same information.

False

You should use easy-to-remember personal information to create secure passwords.

False

What is NOT a common motivation for attackers?

Fear

David would like to connect a fibre channel storage device to systems over a standard data network. What protocol can he use?

Fibre Channel over Ethernet (FCoE)

What type of function generates the unique value that corresponds to the contents of a message and is used to create a digital signature?

Hash

Which one of the following is an example of a business-to-consumer (B2C) application of the Internet of Things (IoT)?

Health monitoring

Gary is sending a message to Patricia. He wants to ensure that nobody tampers with the message while it is in transit. What goal of cryptography is Gary attempting to achieve?

Integrity

Yolanda would like to prevent attackers from using her network as a relay point for a smurf attack. What protocol should she block?

Internet Control Message Protocol (ICMP)

Which of the following would NOT be considered in the scope of organizational compliance efforts?

Laws

Which of the following is an example of a hardware security control?

MAC filtering

Which one of the following measures the average amount of time that it takes to repair a system, application, or component?

Mean time to repair (MTTR)

Which agreement type is typically less formal than other agreements and expresses areas of common interest?

Memorandum of understanding (MOU)

Which one of the following is an example of a reactive disaster recovery control?

Moving to a warm site

What is NOT a commonly used endpoint security technique?

Network firewall

Brian would like to conduct a port scan against his systems to determine how they look from an attacker's viewpoint. What tool can he use for this purpose?

Nmap

When Patricia receives a message from Gary, she wants to be able to demonstrate to Sue that the message actually came from Gary. What goal of cryptography is Patricia attempting to achieve?

Nonrepudiation

Which of the following allows a certificate authority (CA) to revoke a compromised digital certificate in real time?

Online Certificate Status Protocol (OCSP)

Holly would like to run an annual major disaster recovery test that is as thorough and realistic as possible. She also wants to ensure that there is no disruption of activity at the primary site. What option is best in this scenario?

Parallel test

Which one of the following is an example of a logical access control?

Password

Which one of the following is NOT an advantage of biometric systems?

Physical characteristics may change.

Adam discovers a virus on his system that is using encryption to modify itself. The virus escapes detection by signature-based antivirus software. What type of virus has he discovered?

Polymorphic virus

Marguerite is creating a budget for a software development project. What phase of the system lifecycle is she undertaking?

Project initiation and planning

Which of the following does NOT offer authentication, authorization, and accounting (AAA) services?

Redundant Array of Independent Disks (RAID)

What is NOT a symmetric encryption algorithm?

Rivest-Shamir-Adelman (RSA)

Bob is developing a web application that depends upon a database backend. What type of attack could a malicious individual use to send commands through his web application to the database?

SQL injection

In what type of attack does the attacker send unauthorized commands directly to a database?

SQL injection

What is NOT one of the three tenets of information security?

Safety

Which of the following is NOT one of the four fundamental principles outlined by the Internet Society that will drive the success of Internet of Things (IoT) innovation?

Secure

What is an XML-based open standard for exchanging authentication and authorization information and is commonly used for web applications?

Security Assertion Markup Language (SAML)

Biyu is making arrangements to use a third-party service provider for security services. She wants to document a requirement for timely notification of security breaches. What type of agreement is most likely to contain formal requirements of this type?

Service level agreement (SLA)

In which type of attack does the attacker attempt to take over an existing connection between two systems?

Session hijacking

Kaira's company recently switched to a new calendaring system provided by a vendor. Kaira and other users connect to the system, hosted at the vendor's site, using a web browser. Which service delivery model is Kaira's company using?

Software as a Service (SaaS)

Which type of virus targets computer hardware and software startup functions?

System infector

Which term describes any action that could damage an asset?

Threat

Which type of cipher works by rearranging the characters in a message?

Transposition

A Chinese wall security policy defines a barrier and develops a set of rules that makes sure no subject gets to objects on the other side.

True

A degausser creates a magnetic field that erases data from magnetic storage media.

True

A disaster recovery plan (DRP) directs the actions necessary to recover resources after a disaster.

True

A firewall is a basic network security defense tool.

True

A man-in-the-middle attack takes advantage of the multihop process used by many types of networks.

True

A successful change control program should include the following elements to ensure the quality of the change control process: peer review, documentation, and back-out plans.

True

Application service providers (ASPs) are software companies that build applications hosted in the cloud and on the Internet.

True

Company-related classifications are not standard, therefore, there may be some differences between the terms "private" and "confidential" in different companies.

True

In e-business, secure web applications are one of the critical security controls that each organization must implement to reduce risk.

True

Network access control (NAC) works on wired and wireless networks.

True

Spyware gathers information about a user through an Internet connection, without his or her knowledge.

True

The System/Application Domain holds all the mission-critical systems, applications, and data.

True

The recovery point objective (RPO) is the maximum amount of data loss that is acceptable.

True

Unified messaging allows you to download both voice and email messages to a smartphone or tablet.

True

When servers need operating system upgrades or patches, administrators take them offline intentionally, so they can perform the necessary work without risking malicious attacks.

True

What is NOT an effective key distribution method for plaintext encryption keys?

Unencrypted email

What is NOT a typical sign of virus activity on a system?

Unexpected power failures

Yuri is a skilled computer security expert who attempts to break into the systems belonging to his clients. He has permission from the clients to perform this testing as part of a paid contract. What type of person is Yuri?

White-hat hacker

Which type of attack against a web application uses a newly discovered vulnerability that is not patchable?

Zero-day attack

Brian notices an attack taking place on his network. When he digs deeper, he realizes that the attacker has a physical presence on the local network and is forging Media Access Control (MAC) addresses. Which type of attack is most likely taking place?

Address Resolution Protocol (ARP) poisoning

Which one of the following is an example of a direct cost that might result from a business disruption?

Facility repair

What mathematical problem forms the basis of most modern cryptographic algorithms?

Factoring large primes

A smurf attack tricks users into providing logon information on what appears to be a legitimate website but is in fact a website set up by an attacker to obtain this information.

False

Certification is the formal agreement by an authorizing official to accept the risk of implementing a system.

False

Hypertext Transfer Protocol (HTTP) encrypts data transfers between secure browsers and secure web pages.

False

Procedures do NOT reduce mistakes in a crisis.

False

The Transport Layer of the OSI Reference Model creates, maintains, and disconnects communications that take place between processes over the network.

False

The anti-malware utility is one of the most popular backdoor tools in use today.

False

The auto industry has not yet implemented the Internet of Things (IoT).

False

The four central components of access control are users, resources, actions, and features.

False

The term risk methodology refers to a list of identified risks that results from the risk-identification process.

False

The weakest link in the security of an IT infrastructure is the server.

False

Which type of denial of service attack exploits the existence of software flaws to disrupt a service?

Logic attack

Which mitigation plan is most appropriate to limit the risk of unauthorized access to workstations?

Password protection

Which tool can capture the packets transmitted between systems over a network?

Protocol analyzer

Which approach to cryptography provides the strongest theoretical protection?

Quantum cryptography

As a follow-up to her annual testing, Holly would like to conduct quarterly disaster recovery tests that introduce as much realism as possible but do not require the use of technology resources. What type of test should Holly conduct?

Simulation test

Users throughout Alison's organization have been receiving unwanted commercial messages over the organization's instant messaging program. What type of attack is taking place?

Spim

Which element of the IT security policy framework provides detailed written definitions for hardware and software and how they are to be used?

Standard

Which one of the following principles is NOT a component of the Biba integrity model?

Subjects cannot change objects that have a lower integrity level.

Which classification level is the highest level used by the U.S. federal government?

Top Secret

A DoS attack is a coordinated attempt to deny service by occupying a computer to perform large amounts of unnecessary tasks.

True

A salt value is a set of random characters you can combine with an actual input key to create the encryption key.

True

A smart card is a token shaped like a credit card that contains one or more microprocessor chips that accept, store, and send information through a reader.

True

An alteration threat violates information integrity.

True

Backdoor programs are typically more dangerous than computer viruses.

True

Bring Your Own Device (BYOD) opens the door to considerable security issues.

True

Classification scope determines what data you should classify; classification process determines how you handle classified data.

True

Content-dependent access control requires the access control mechanism to look at the data to decide who should get to see it.

True

Cryptography is the process of transforming data from cleartext into ciphertext.

True

Devices that combine the capabilities of mobile phones and personal digital assistants (PDAs) are commonly called smartphones.

True

For businesses and organizations under recent compliance laws, data classification standards typically include private, confidential, internal use only, and public domain categories.

True

Hypertext Transfer Protocol (HTTP) is the communications protocol between web browsers and websites with data in cleartext.

True

One advantage of using a security management firm for security monitoring is that it has a high level of expertise.

True

Screen locks are a form of endpoint device security control.

True

TCP/IP is a suite of protocols that operates at both the Network and Transport layers of the OSI Reference Model.

True

The Diffie-Hellman (DHE) algorithm is the basis for several common key exchange protocols, including Diffie-Hellman in Ephemeral mode (DHE) and Elliptic Curve DHE (ECDHE).

True

The Government Information Security Reform Act (Security Reform Act) of 2000 focuses on management and evaluation of the security of unclassified and national security systems.

True

The financial industry created the ANSI X9.17 standard to define key management procedures.

True

The goal of a command injection is to execute commands on a host operating system.

True

The idea that users should be granted only the levels of permissions they need in order to perform their duties is called the principle of least privilege.

True

The term "router" describes a device that connects two or more networks and selectively interchanges packets of data between them.

True

Using a secure logon and authentication process is one of the six steps used to prevent malware.

True

Which one of the following is NOT a commonly accepted best practice for password security?

Use at least six alphanumeric characters.

What is the only unbreakable cipher when it is used properly?

Vernam

In what software development model does activity progress in a lock-step sequential process where no phase begins until the previous phase is complete?

Waterfall

What tool might be used by an attacker during the reconnaissance phase of an attack to glean information about domain registrations?

Whois

Gary is configuring a Smartphone and is selecting a wireless connectivity method. Which approach will provide him with the highest speed wireless connectivity?

Wi-Fi

Henry would like to create a different firewall rule that allows encrypted web traffic to reach a web server. What port is used for that communication?

443

Bob is using a port scanner to identify open ports on a server in his environment. He is scanning a web server that uses Hypertext Transfer Protocol (HTTP). Which port should Bob expect to be open to support this service?

80

Mark is considering outsourcing security functions to a third-party service provider. What benefit is he most likely to achieve?

Access to a high level of expertise

Ed wants to make sure that his system is designed in a manner that allows tracing actions to an individual. Which phase of access control is Ed concerned about?

Accountability

Ron is the IT director at a medium-sized company and is constantly bombarded by requests from users who want to select customized mobile devices. He decides to allow users to purchase their own devices. Which type of policy should Ron implement to include the requirements and security controls for this arrangement?

Bring Your Own Device (BYOD)

Which type of password attack attempts all possible combinations of a password in an attempt to guess the correct value?

Brute-force attack

What is NOT one of the four main purposes of an attack?

Data import

A private key cipher is also called an asymmetric key cipher.

False

IP addresses are eight-byte addresses that uniquely identify every device on the network.

False

Regarding data center alternatives for disaster recovery, a mobile site is the least expensive option but at the cost of the longest switchover time.

False

Which control is not designed to combat malware?

Firewalls

Betsy recently assumed an information security role for a hospital located in the United States. What compliance regulation applies specifically to healthcare providers?

HIPAA

Terry is troubleshooting a network that is experiencing high traffic congestion issues. Which device, if present on the network, should be replaced to alleviate these issues?

Hub

A network protocol governs how networking equipment interacts to deliver data across the network.

True

A person demonstrates anonymity when posting information to a web discussion site without authorities knowing who he or she is.

True

A phishing email is a fake or bogus email intended to trick the recipient into clicking on an embedded URL link or opening an email attachment.

True

A subnet mask is a partition of a network based on IP addresses.

True

A substitution cipher replaces bits, characters, or blocks of information with other bits, characters, or blocks.

True

An electronic mail bomb is a form of malicious macro attack that typically involves an email attachment that contains macros designed to inflict maximum damage.

True

In a chosen-ciphertext attack, cryptanalysts submit data coded with the same cipher and key they are trying to break to the decryption device to see either the plaintext output or the effect the decrypted message has on some system.

True

In the Remote Access Domain, if private data or confidential data is compromised remotely, you should set automatic blocking for attempted logon retries.

True

Internet Small Computer System Interface (iSCSI) is a storage networking standard used to link data storage devices to networks using IP for its transport layer.

True

IoT technology has a significant impact on developing economies, given that it can transform countries into e-commerce-ready nations.

True

Metadata of Internet of Things (IoT) devices can be sold to companies seeking demographic marketing data about users and their spending habits.

True

Networks, routers, and equipment require continuous monitoring and management to keep wide area network (WAN) service available.

True

One of the first industries to adopt and widely use mobile applications was the healthcare industry.

True

Rootkits are malicious software programs designed to be hidden from normal methods of detection.

True

Social engineering is deceiving or using people to get around security controls.

True

The Physical Layer of the OSI Reference Model must translate the binary ones and zeros of computer language into the language of the transport medium.

True

The most critical aspect of a WAN services contract is how the service provider supplies troubleshooting, network management, and security management services.

True

The term risk management describes the process of identifying, assessing, prioritizing, and addressing risks.

True

The tools for conducting a risk analysis can include the documents that define, categorize, and rank risks.

True

The ___________ is the central part of a computing environment's hardware, software, and firmware that enforces access control.

security kernel