CISSP ch3 4 5

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

DES performs how many rounds of transposition/ permutation and substitution?

16

How many bits make up the effective length of the DES key?

56

Pete is a new security manager at a financial institution that develops its own internal software for specific proprietary functionality. The financial institution has several locations distributed throughout the world and has bought several individual companies over the last ten years, each with its own heterogeneous environment. Since each purchased company had its own unique environment, it has been difficult to develop and deploy internally developed software in an effective manner that meets all the necessary business unit requirements. Which of the following best describes a standard that Pete should ensure the software development team starts to implement so that various business needs can be met? A. ISO/IEC 42010:2007 B. Common Criteria C. ISO/IEC 43010:2007 D. ISO/IEC 15408

A. ISO/IEC 42010:2007

In secure computing systems, why is there a logical form of separation used between processes? A. Processes are contained within their own security domains so each does not make unauthorized accesses to other processes or their resources. B. Processes are contained within their own security perimeter so they can only access protection levels above them. C. Processes are contained within their own security perimeter so they can only access protection levels equal to them. D. The separation is hardware and not logical in nature.

A. Processes are contained within their own security domains so each does not make unauthorized accesses to other processes or their resources.

John has been told that one of the applications installed on a web server within the DMZ accepts any length of information that a customer using a web browser inputs into the form the web server provides to collect new customer data. Which of the following describes an issue that John should be aware of pertaining to this type of vulnerability?

Application is written in the C programming language

What roles does bio-metrics play in access control?

Authentication

How is a challenge/response protocol utilized with token device implementations? A. This protocol is not used; cryptography is used. B. An authentication service generates a challenge, and the smart token generates a response based on the challenge. C. The token challenges the user for a username and password. D. The token challenges the user's password against a database of stored credentials.

B. An authentication service generates a challenge, and the smart token generates a response based on the challenge.

Which of the following is not part of user provisioning?

Business process implementation

How does TKIP provide more protection for WLAN environments? A. It uses the AES algorithm. B. It decreases the IV size and uses the AES algorithm. C. It adds more keying material. D. It uses MAC and IP filtering.

C. it adds more keying material

Tanya is working with the company's internal software development team. Before user of an application can access files located on the company's centralized server, the user must present a valid one time password, which is generated through a challenge/response mechanism. The company needs to tighten access control for these files and reduce the number of users who can access each and every file. The company is looking to Tanya and her team for solutions to better protect the data that has been classified and deemed critical to the companies missions. Tanya has also been asked to implement a single sign-on technology for all internal users, but she does not have the budget to implement a public key infrastructure. Which of the following best describes what is currently in place?

Capability-based access system

Which of the following describes the difference between the Data Encryption Standard and the Rivest-Shamir-Adleman algorithm?

DES is symmetric, and RSA is asymmetric

An effective method to shield networks from unauthenticated DHCP clients is through the use of ______ in networks switches

DHCP snooping

John is the manager of the security team within his company. He has learned that attackers have installed sniffers throughout the network without the company's knowledge. Along with this issue, his team has also found out that two DNS servers had no record replication restrictions put into place and the servers have been crashing suspicious name resolution data. Which of the following is the best countermeasure that John's team should implement to protect from improper caching issues?

DNSSEC

Lance has been brought in as a new security officer for a large medical equipment company. He has been told that many of the firewalls and IDS products have not been configured to filter IPv6 traffic; thus, many attacks have been taking place without the knowledge of the security team. While the network team has attempted to implement an automated tunneling feature to take care of this issue, they have continually run into problems with the networks NAT device. Lance has also found out that cashing attacks have been successful against the company's public facing DNS server. He has also identified that extra authentication is necessary for a current LDAP request, but the current technology only provides password-based authentication options. Which of the following is the best countermeasure for the attack type addressed in the scenario?

DNSSEC

What does DEA stand for?

Data Encryption Algorithm

What does DES stand for?

Data Encryption Standard

Which of the following shows the layer sequence as layers 2,5,7,4, and 3?

Data link, session, application, transport, and network

Which of the following answers contains a category of controls that does not belong in a physical security program?

Delaying and lightning

Which of the following is not a characteristic of the Protected Extensible Authentication Protocol?

Designed to support password-protected connections

Robbie is the security administrator of a company that needs to extend its remote access functionality. Employees travel around the world, but still need to be able to gain access to corporate assets such as databases, servers, and network-based devices. Also, while the company has had a VoIP telephony solution in place for two years, it has not been integrated into centralized access control solution. Currently the network administrators have to maintain access control separately for internal resources, external entities, and VoIP and systems. Robbie has also been asked to look into some suspicious emails that the CIO secretary has been receiving, and her boss asked her to remove some Old modems that are no longer being used for remote dial-in purposes. Which of the following is the best remote access technology for this situation?

Diameter

Grace is a security administrator for a medical institution and is responsible for many different teams. One team has reported that when their main FDDI connection failed, three critical systems went offline even though the connection was supposed to provide redundancy. Grace has to also advise her team on the type of fiber that should be implemented for campus building-to-building connectivity. Since this is a medical training facility, many surgeries are video recorded and that data must continuously travel from one building to the next. One other thing that been reported to Grace is that periodic DOS attacks take place against specific servers within the internal network. The attacker sends excessive ICMP Echo Request packets to all the hosts on a specific subnet, which is aimed at one specific server. Which of the following is the best and most cost-effective countermeasure for Grace's team to put in place?

Disallowing unnecessary ICMP traffic coming from untrusted networks

Which access control method is considered user directed?

Discretionary

What type of rating is used within the Common Criteria framework?

EAL

Tom's company has been experiencing many issues with an authorized sniffer is being installed on the network. one reason is because employees can plug the laptop smart phones and other mobile devices into the network any of which may be infected and have a running sniffer that the owner is not aware of. Implementing VPNs will not work because all of the network devices would need to be configured for specific VPNs and some devices, as in those switches, do not have this type of functionality available. Another issue Tom's team is dealing with is how to secure internal wireless traffic. Well the wireless access points can be configured with digital certificates for authentication, pushing out and maintaining certificates on each wireless user device is cost prohibitive and will place too much of a burden on the network team. Tom's boss has also told him that the company needs to move from a landline metropolitan area network solution to a wireless solution. Which of the following solutions is best to meet the companies need to protect wireless traffic?

EAP-TTLS

Steve has found out that the software product for his team submitted for evaluation did not achieve the actual rating they were hoping for. He was confused about this issue since the software passed the necessary certification and accreditation processes before being deployed. Steve was told that the system allows for unauthorized device drivers to be loaded and that there was a key sequence that could be used to bypass the software access control protection mechanisms. Some feedback Steve received from the product testers is that it should implement address space layout randomization and data execution protection. Which of the following best describes Steve's confusion?

Evaluation,certification, and accreditation are carried out by different groups with different purposes.

Harry is overseeing a team that has to integrate various business services provided by different company departments in to one web portal for both internal employees and external partners. His company has a diverse and heterogeneous environment with different types of systems providing customer relationship management, inventory control, email, and helpdesk ticketing capabilities. His team needs to allow different users access to these different services in a secure manner. Which of the following best describes the types of languages and /or protocols that Harry needs to ensure are implemented?

Extensible Access Control Markup Language, Security Assertion Markup Language, Simple Object Access Protocol

Lenny is a new security manager for a retail company that is expanding its functionality to its partners and customers. The company's CEO wants to allow its partners customers to be able to purchase items through the companies web stores as easily as possible the CEO also wants the companies partners to be able to manage inventory across companies more easily. The CEO wants to be able to understand the network traffic and activities in an holistic manner, and he wants to know from Lenny what type of technology should be put in to place to allow for a more proactive approach to stopping malicious traffic if it enters the network. The company is a high profile entity constantly dealing with zero day attacks. Which of the following is the best identity management technology that Lenny should consider implementing to accomplish some of the company's needs?

Federated identity

Which of the following uses symmetric key and a hashing algorithm?

HMAC

Which option best describes the difference between HMAC and CBC-MAC?

HMAC provides integrity and data origin authentication; CBC-MAC uses a block cipher for the process of creating a MAC

Tom's company has been experiencing many issues with an authorized sniffer is being installed on the network. one reason is because employees can plug the laptop smart phones and other mobile devices into the network any of which may be infected and have a running sniffer that the owner is not aware of. Implementing VPNs will not work because all of the network devices would need to be configured for specific VPNs and some devices, as in those switches, do not have this type of functionality available. Another issue Tom's team is dealing with is how to secure internal wireless traffic. Well the wireless access points can be configured with digital certificates for authentication, pushing out and maintaining certificates on each wireless user device is cost prohibitive and will place too much of a burden on the network team. Tom's boss has also told him that the company needs to move from a landline metropolitan area network solution to a wireless solution. What should Tom's team implement to provide source authentication and data encryption to the data link level?

IEEE 802.1X

Wireless LAN technologies have gone through different versions over the years to address some of the inherent security issues within the original IEEE 802.11 standard. Which of the following provides the correct characteristics of Wi-Fi Protected Access 2 (WPA2)?

IEEE 802.1X, EAP, CCMP

George is responsible for setting and tuning the thresholds for his company's behavior-based IDS. Which of the following outlines the possibilities of not doing this activity properly?

If the threshold is set too high, nonintrusive activities are considered attacks (false positives). If the threshold is set too low, malicious activities are not identified (false negatives).

Tanya is working with the company's internal software development team. Before user of an application can access files located on the company's centralized server, the user must present a valid one time password, which is generated through a challenge/response mechanism. The company needs to tighten access control for these files and reduce the number of users who can access each and every file. The company is looking to Tanya and her team for solutions to better protect the data that has been classified and deemed critical to the companies missions. Tanya has also been asked to implement a single sign-on technology for all internal users, but she does not have the budget to implement a public key infrastructure. Which of the following is one of the easiest and best solutions Tanya can consider for proper data protection?

Implementation of mandatory access control

Steve has found out that the software product for his team submitted for evaluation did not achieve the actual rating they were hoping for. He was confused about this issue since the software passed the necessary certification and accreditation processes before being deployed. Steve was told that the system allows for unauthorized device drivers to be loaded and that there was a key sequence that could be used to bypass the software access control protection mechanisms. Some feedback Steve received from the product testers is that it should implement address space layout randomization and data execution protection. Which of the following best describes an item the software development team needs to address to ensure that drivers cannot be loaded in an unauthorized manner?

Improved security kernel processes

Which of the following provides an incorrect definition of the specific component or protocol that makes up IPSec?

Internet Key Exchange provides authenticated keying material for use with encryption algorithms

Tanya is working with the company's internal software development team. Before user of an application can access files located on the company's centralized server, the user must present a valid one time password, which is generated through a challenge/response mechanism. The company needs to tighten access control for these files and reduce the number of users who can access each and every file. The company is looking to Tanya and her team for solutions to better protect the data that has been classified and deemed critical to the companies missions. Tanya has also been asked to implement a single sign-on technology for all internal users, but she does not have the budget to implement a public key infrastructure. Which of the following is the best single sign-on technology for this situation?

Kerberos

What feature enables code to be executed without the usual security checks?

Maintenance hook

Who was involved in developing the first public key algorithm?

Martin Hellman

Which item is not part of a Kerberos authentication implementation?

Message authentication code

Which of the following is the best description of directories that are used in identity management technology?

Most are hierarchical and follow the X.500 standard.

Tom is a new security manager for a retail comp company, which currently has an identity management system (IdM) in place. The data with in the various identity stores updates more quickly than the current IdM software can keep up with, so some access decisions are made based upon obsolete information. While the IDM currently provides centralized access control of internal network assets, it is not tied into the web based access control components that are embedded within companies partner portal's. Tom also notices that helpdesk technicians are spending too much time resetting passwords for internal employees Which of the following changes would be best for Tom's team to implement?

Move from meta-directories to virtual directories

Grace is a security administrator for a medical institution and is responsible for many different teams. One team has reported that when their main FDDI connection failed, three critical systems went offline even though the connection was supposed to provide redundancy. Grace has to also advise her team on the type of fiber that should be implemented for campus building-to-building connectivity. Since this is a medical training facility, many surgeries are video recorded and that data must continuously travel from one building to the next. One other thing that been reported to Grace is that periodic DOS attacks take place against specific servers within the internal network. The attacker sends excessive ICMP Echo Request packets to all the hosts on a specific subnet, which is aimed at one specific server. Which of the following is the best type of fiber that should be implemented in this scenario?

Multimode

Charlie uses PGP on his Linux-based email client. His friend Dave uses S/MIME on his Windows based email. Charlie is unable to send an encrypted email to Dave. What is the likely reason?

PGP and S/MIME are incompatible

What is the technology that allows a user to remember just one password?

Password synchronization

Which of the following is based on the fact that it is hard to factor large numbers into two original prime numbers?

RSA

If a company has a high turnover rate, which access control structure is best?

Role-based

Alice wants to send a message to bob, who is several network hops away from her. What is the best approach to protecting the confidentiality of the message?

S/MIME

John is the manager of the security team within his company. He has learned that attackers have installed sniffers throughout the network without the company's knowledge. Along with this issue his team has also found out that two DNS servers had no record replication restrictions put into place and the servers have been crashing suspicious name resolution data. Which of the following is the best countermeasure to put into place to help reduce the threat of network sniffers viewing network management traffic?

SNMPv3

Don is a security managers of a large medical institution. One of his groups proprietary software that provides distributed computing through client/server model. He has found out that some of the systems that maintain the proprietary software have been experiencing half-open denial-of-service attacks. Some of the software is antiquated and still uses basic remote procedure calls, which has allowed for masquerading attacks to take place. What should Don's team put into place to stop the masquerading attacks that have been taking place?

SRPC

Don is a security managers of a large medical institution. One of his groups proprietary software that provides distributed computing through client/server model. He has found out that some of the systems that maintain the proprietary software have been experiencing half-open denial-of-service attacks. Some of the software is antiquated and still uses basic remote procedure calls, which has allowed for masquerading attacks to take place. Which of the following is a cost-effective countermeasure that Don's team should implement?

SYN proxy

Which of the following is U.S federal algorithm developed creating secure message digests?

Secure Hash Algorithm

Harry is overseeing a team that has to integrate various business services provided by different company departments in to one web portal for both internal employees and external partners. His company has a diverse and heterogeneous environment with different types of systems providing customer relationship management, inventory control, email, and helpdesk ticketing capabilities. His team needs to allow different users access to these different services in a secure manner. The company's partners need to integrate compatible authentication functionality into their web portals to allow for interoperability across the different company boundaries. Which of the following will deal with this issue?

Security Assertion Markup Language

The companies partners need to integrate compatible authentication functionality into their web portals to allow for interoperability across the different company boundaries. Which of the following will deal with this issue?

Security assertion markup language

Pertaining to the CEO's security concerns, what should Lenny suggest the company put into place?

Security event management software, an intrusion prevention system, and behavior-based intrusion detection

Tom has been told he has to reduce staff from the help-desk team. Which of the following technologies can help with the company's help-desk budgetary issues?

Self-service password support

Lenny has a meeting with the internal software developers who are responsible for implementing the necessary functionality within the web based system. Which of the following best describes the two items that Lenny needs to be prepared to discuss with this team?

Service Provisioning Markup language and the Extensible Access Control Markup language

Harry is overseeing a team that has to integrate various business services provided by different company departments in to one web portal for both internal employees and external partners. His company has a diverse and heterogeneous environment with different types of systems providing customer relationship management, inventory control, email, and helpdesk ticketing capabilities. His team needs to allow different users access to these different services in a secure manner. Which of the following best describes the type of environment Harry's team needs to set up?

Service-oriented architecture

Lance has been brought in as a new security officer for a large medical equipment company. He has been told that many of the firewalls and IDS products have not been configured to filter IPv6 traffic; thus, many attacks have been taking place without the knowledge of the security team. While the network team has attempted to implement an automated tunneling feature to take care of this issue, they have continually run into problems with the networks NAT device. Lance has also found out that cashing attacks have been successful against the company's public facing DNS server. He has also identified that extra authentication is necessary for a current LDAP request, but the current technology only provides password-based authentication options. Which of the following technologies should Lance's team investigate for increased authentication efforts?

Simple Authentication and Security Layer

Robbie is the security administrator of a company that needs to extend its remote access functionality. Employees travel around the world, but still need to be able to gain access to corporate assets such as databases, servers, and network-based devices. Also, while the company has had a VoIP telephony solution in place for two years, it has not been integrated into centralized access control solution. Currently the network administrators have to maintain access control separately for internal resources, external entities, and VoIP and systems. Robbie has also been asked to look into some suspicious emails that the CIO secretary has been receiving, and her boss asked her to remove some Old modems that are no longer being used for remote dial-in purposes. What are the two main security concerns Robbie is most likely being asked to identify and mitigate?

Spear-phishing and war dialing

Mark is a security administrator who is responsible for purchasing new computer systems for a co-location facility his company is starting up. The company has several time-sensitive applications that require extensive processing capabilities. The co-location facility is not as large as the main facility, so it can only fit a smaller number of computers, which still must carry the same processing load as the systems in the main building. Which of the following best describes the most important aspects of the products Mark needs to purchase for these purposes?

Systems must provide symmetric multiprocessing capabilities and virtualized environments

Which of the following protocols is considered connection-oriented?

TCP

Which of the following protocols work in the following layers: application, data link, network, and transport?

TFTP, ARP, IP, and UDP

Which of the following is not considered an anomaly-based intrusion protection system?

Temporal anomaly-based

Lance has been brought in as a new security officer for a large medical equipment company. He has been told that many of the firewalls and IDS products have not been configured to filter IPv6 traffic; thus, many attacks have been taking place without the knowledge of the security team. While the network team has attempted to implement an automated tunneling feature to take care of this issue, they have continually run into problems with the networks NAT device. Lance has also found out that cashing attacks have been successful against the company's public facing DNS server. He has also identified that extra authentication is necessary for a current LDAP request, but the current technology only provides password-based authentication options. Based upon the information in the scenario, what should the network team implement as it pertains to IPv6 tunneling?

Teredo should be configured on IPv6-aware hosts that reside behind the NAT device

Which of the following is a true statement pertaining to memory addressing?

The CPU uses absolute addresses. Applications use logical addresses. Relative addresses are based on a known address and an offset value.

Metro Ethernet is a MAN protocol that can work in network infrastructures made up of access, aggregation, metro, and core layers. Which of the following best describes these network infrastructure layers?

The access layer connects the customer's equipment to a service provider's aggregation network. Aggregation occurs on a distribution network. The metro layer is the metropolitan area network. The core connects different metro networks.

Systems that are built on the OSI framework are considered open systems. What does this mean?

They are built with internationally accepted protocols and standards so they can easily communicate with other systems.

Which of the following statements correctly describe biometric methods?

They are the most expensive and provide the most protection.

Grace is a security administrator for a medical institution and is responsible for many different teams. One team has reported that when their main FDDI connection failed, three critical systems went offline even though the connection was supposed to provide redundancy. Grace has to also advise her team on the type of fiber that should be implemented for campus building-to-building connectivity. Since this is a medical training facility, many surgeries are video recorded and that data must continuously travel from one building to the next. One other thing that been reported to Grace is that periodic DOS attacks take place against specific servers within the internal network. The attacker sends excessive ICMP Echo Request packets to all the hosts on a specific subnet, which is aimed at one specific server. Which of the following is most likely the issue that Grace's team experienced?

Three critical systems were connected to a single-attached station

Which of the following best describes what role-based access control offers companies in reducing administrative burdens?

User membership in roles can be easily revoked and new ones established as job assignments dictate

Which of the following can take place if an attacker can insert tagging values into network and switch-based protocols with the goal of manipulating traffic at the data link layer?

VLAN hopping attack

Tom is a new security manager for a retail comp company, which currently has an identity management system (IdM) in place. The data with in the various identity stores updates more quickly than the current IdM software can keep up with, so some access decisions are made based upon obsolete information. While the IDM currently provides centralized access control of internal network assets, it is not tied into the web based access control components that are embedded within companies partner portal's. Tom also notices that helpdesk technicians are spending too much time resetting passwords for internal employees Which of the following components should Tom make sure his team puts into place?

Web access management

Tom's company has been experiencing many issues with an authorized sniffer is being installed on the network. one reason is because employees can plug the laptop smart phones and other mobile devices into the network any of which may be infected and have a running sniffer that the owner is not aware of. Implementing VPNs will not work because all of the network devices would need to be configured for specific VPNs and some devices, as in those switches, do not have this type of functionality available. Another issue Tom's team is dealing with is how to secure internal wireless traffic. Well the wireless access points can be configured with digital certificates for authentication, pushing out and maintaining certificates on each wireless user device is cost prohibitive and will place too much of a burden on the network team. Tom's boss has also told him that the company needs to move from a landline metropolitan area network solution to a wireless solution. Which of the following is the best solution to meet the company's need for broadband wireless connectivity?

WiMAX

Which best describes the IP protocol?

a connectionless protocol that deals with the addressing and routing of packets

Which of the following best describes a digital signature?

a method to let the receiver of the message prove the source and integrity of a message

The process of mutual authentication involves_________.

a user authenticating to a system and the system authenticating to the user

What is the final step in authorizing a system for use in an environment?

accreditation

The trusted computing base (TCB) contains which of the following?

all trusted software and hardware components

Which of the following best describes a certificate authority?

an organization that issues certificates

The generation of keys that are made up of random values is referred to as Key Derivation Functions (KDFs). What values are not commonly used in this key generation process?

asymmetric values

Which could be considered a single point of failure within a single sign-on implementation?

authentication server

If a component fails, a system should be designed to do which of the following?

change to a more secure state

Which of the following proxies cannot make access decisions based upon protocol demands?

circuit

Tom is a new security manager who is responsible for reviewing the current software that the company has developed internally. He finds that some of the software is outdated, which causes performances and functionality issues. During his testing procedures he sees that when one program stops functioning, it negatively affects others programs on the same system. He also finds out that as systems run over a period of a month, they start to perform more slowly, but by rebooting the systems this issue goes away. Which of the following best describes a characteristic of the software that may be causing issues?

cooperative multitasking

What takes place at the session layer?

dialog control

Don is a security managers of a large medical institution. One of his groups proprietary software that provides distributed computing through client/server model. He has found out that some of the systems that maintain the proprietary software have been experiencing half-open denial-of-service attacks. Some of the software is antiquated and still uses basic remote procedure calls, which has allowed for masquerading attacks to take place. What type of client ports should Don make sure the institution's software is using when client-to-server communication needs to take place?

dynamic

What takes place at the data link layer?

framing

Which problems may be caused by humidity in an area with electrical devices?

high humidity causes corrosion, and low humidity causes static electricity

Which of the following has the correct term-to-definition mapping. i. Brute-force-attacks: Performed with tools that cycle through many possible character, number, and symbol combinations to uncover a password. ii. Dictionary attacks: Files of thousands of words are compared to the user's password until a match is found. iii. Social engineering: An attacker falsely convinces an individual that she has the necessary authorization to access specific resources.

i,ii,iii,iv

Why would a certificate authority revoke a certificate?

if the user's private key has become compromise

Which of the following is an incorrect description pertaining to the common components that make up computer systems? i. General registers are commonly used to hold temporary processing data, while special registers are used to hold process-characteristic data an in condition bits. ii. A processor sends a memory address and a " read" request down an address bus and a memory address and a "write" request down an I/O bus. iii. Process-to-process communication commonly takes place through memory stacks, which are made up of individually addressed buffer locations iv. a CPU uses a stack return pointer to keep track of the next instruction sets it needs to process

ii, iv

What is the advantage of RSA over DSA?

it can provide digital signature and encryption functionality.

Which of the following is not a property or characteristic of a one-way hash function?

it converts a message of fixed length to an arbitrary length value

Why are switched infrastructures safer environments than routed networks?

it is more difficult to sniff traffic since the computers have virtual private connections

What is the primary purpose of using one-way hashing on user passwords?

it prevents anyone from reading passwords in plaintext

Which of the following is not characteristic of the IEEE 802.11 s standard?

it provides 52 Mbps in bandwidth

Which of the following is a true statement pertaining to data encryption when it is used to protect data?

it requires careful key management

If different keys generate the same ciphertext for the same message, what is it called?

key clustering

What process usually takes place after creating a DES session key?

key exchange

What is the best description of a security kernel from a security point of view?

memory mapper

Which of the following is not one of the stages of the DHCP lease process? i. discover ii. offer iii.request iv.acknowledgment

none of them

In discretionary access control security, who has delegation authority to grant access to data?

owner

Why has the frequency of successful brute-force attacks increased?

processor speed and power have increased

Sean is the new security administrator for a large financial institution. There are several issues that Sean is made aware of the first week he is in his position. First, spurious packets seem to arrive at critical servers even though each network has tightly configured firewalls at each gateway position to control traffic to and from these servers. One of Sean's team members complains that the current firewall logs are excessively large and full of useless data. He also tells Sean that the team needs to be using fewer permissive rules instead of the current "any-any" rule type in place. Sean has found out that some team members want to implement tarpits on some of the most commonly attacked systems. Which of the following best describes why Sean's team wants to put in the mentions countermeasure for the most commonly attacked systems?

reduce DoS attack effects

What is the imaginary boundary that separates components that maintain security from components that are not security related?

security policy

Who or what determines if an organization is going to operate under a discretionary, mandatory, or non discretionary access control model?

security policy

The_______ is an IETF-defined signaling protocol, widely used for controlling multimedia communication sessions such as voice and video calls over IP

session initiation protocol

Sean is the new security administrator for a large financial institution. There are several issues that Sean is made aware of the first week he is in his position. First, spurious packets seem to arrive at critical servers even though each network has tightly configured firewalls at each gateway position to control traffic to and from these servers. One of Sean's team members complains that the current firewall logs are excessively large and full of useless data. He also tells Sean that the team needs to be using fewer permissive rules instead of the current "any-any" rule type in place. Sean has found out that some team members want to implement tarpits on some of the most commonly attacked systems. Which of the following best describes the firewall configuration issues Sean's team member is describing?

silent rule, negate rule

Tom is a new security manager who is responsible for reviewing the current software that the company has developed internally. He finds that some of the software is outdated, which causes performances and functionality issues. During his testing procedures he sees that when one program stops functioning, it negatively affects others programs on the same system. He also finds out that as systems run over a period of a month, they start to perform more slowly, but by rebooting the systems this issue goes away. Which of the following best describes why rebooting helps with system performance in the situation described in this scenario?

software is not releasing unused memory

Sean is the new security administrator for a large financial institution. There are several issues that Sean is made aware of the first week he is in his position. First, spurious packets seem to arrive at critical servers even though each network has tightly configured firewalls at each gateway position to control traffic to and from these servers. One of Sean's team members complains that the current firewall logs are excessively large and full of useless data. He also tells Sean that the team needs to be using fewer permissive rules instead of the current "any-any" rule type in place. Sean has found out that some team members want to implement tarpits on some of the most commonly attacked systems. Which of the following is most likely taking place to allow spurious packets to gain unauthorized access to critical servers?

source routing is not restricted

Which of the following is not a main component of CPTED?

target handling

What would indicate that a message had been modified?

the message digest has been altered

What is used to create a digital signature?

the senders private key

What is the definition of an algorithm's work factor?

the time it takes to break the encryption

Which of the following statements correctly describes passwords?

they are the least expensive and most secure.

What is the goal of crypt-analysis?

to determine the strength of an algorithm

Which of the following technologies integrates previously independent security solutions with the goal of providing simplicity, centralized control, and streamlined processes?

unified threat management

Which of the following is a bridge-mode technology that can monitor individual traffic links between virtual machines or can be integrated within a hypervisor component?

virtual firewall

Steve has found out that the software product for his team submitted for evaluation did not achieve the actual rating they were hoping for. He was confused about this issue since the software passed the necessary certification and accreditation processes before being deployed. Steve was told that the system allows for unauthorized device drivers to be loaded and that there was a key sequence that could be used to bypass the software access control protection mechanisms. Some feedback Steve received from the product testers is that it should implement address space layout randomization and data execution protection. Which of the following best describes some of the issues that the evaluation testers most likely ran into while testing the submitted product?

vulnerabilities that allowed malicious code to execute in protected memory sections

What does positive pressurization pertaining to ventilation mean?

when a door opens, the air goes out

What should a Class C fire extinguisher be used instead of a Class a fire extinguisher?

when electrical equipment is on fire

John is the manager of the security team within his company. He has learned that attackers have installed sniffers throughout the network without the company's knowledge. Along with this issue his team has also found out that two DNS servers had no record replication restrictions put into place and the servers have been crashing suspicious name resolution data. Which of the following unauthorized activities have most likely been taking place in this situation?

zone transfer


Set pelajaran terkait

MED SURG EXAM 2 JEOPARDY GAME - JUNE 6, 2022

View Set

IASD AP Physics II, ELECTRIC POTENTIAL

View Set

KIN 245: The Wrist and Hand Joints

View Set

Comm 151 Final Exam: Suggested Questions

View Set

OCI Architect 2021 Associate [1Z0-1072-21] - Practice Exam

View Set

Mega International Econ (Part 1): Chapter 26: The XR and BOP

View Set

ANS and Endocrine system ch 15&17

View Set