CyberSec

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

The MPDU exchange for distributing pairwise keys is known as the _______.

4-way handshake

_______ bandwidth attacks attempt to take advantage of the disproportionally large resource consumption at a server.

Application-based

_________ audit trails may be used to detect security violations within an application or to detect flaws in the application's interaction with the system.

Application-level

________ can include computer viruses Trojan horse programs- worms- exploit scripts- and toolkits.

Artifacts

________ is a process that ensures a system is developed and operated as intended by the system's security policy.

Assurance

_________ identifies the level of auditing enumerates the types of auditable events and identifies the minimum set of audit-related information provided.

Audit analysis

Management should conduct a ________ to identify those controls that are most appropriate and provide the greatest benefit to the organization given the available resources.

B. cost-benefit analysis

The smallest building block of a wireless LAN is a ______.

BSS

_______ is the process in which a CA issues a certificate for a user's public key and returns that certificate to the user's client system and/or posts that certificate in a repository.

Certification

The _________ Model was developed for commercial applications in which conflicts of interest can arise.

Chinese Wall

_______ is a list that contains the combinations of cryptographic algorithms supported by the client.

CipherSuite

________ is when a new document consolidates information from a range of sources and levels so that some of that information is now classified at a higher level than it was originally.

Classification creep

CERT stands for ___________.

Computer Emergency Response Team

__________ attacks are vulnerabilities involving the inclusion of script code in the HTML content of a Web page displayed by a user's browser.

Cross-site scripting

Kerberos uses the _______ encryption algorithm.

DES

In a _______ attack the attacker creates a series of DNS requests containing the spoofed source address for the target system.

DNS amplification

________ controls focus on the response to a security breach by warning of violations or attempted violations of security policies.

Detection and recovery

The wireless environment lends itself to a ______ attack because it is so easy for the attacker to direct multiple wireless messages at the target.

DoS

_________ are a collection of string values inherited by each process from its parent that can affect the way a running process behaves.

Environment variables

________ need training on the development of risk management goals- means of measurement- and the need to lead by example in the area of security awareness.

Executives

________ is a process where authentication and permission will be passed on from one system to another usually across multiple enterprises reducing the number of authentications needed by the user.

Federation

_________ is a formal process to ensure that critical assets are sufficiently protected in a cost-effective manner.

IT security management

_________ is a program flaw that occurs when program input data can accidentally or deliberately influence the flow of execution of the program.

Injection attack

91. One of the earliest and most widely used services is _________.

Kerberos

________ requires that a user prove his or her identity for each service invoked and optionally requires servers to prove their identity to clients.

Kerberos

The function of the ________ layer is to control access to the transmission medium and to provide an orderly and efficient use of that capacity.

MAC

The ______ is responsible for transferring the message from the MHS to the MS.

MDA

_____ defines a number of content formats which standardize representations for the support of multimedia e-mail.

MIME

The unit of data exchanged between two peer MAC entities using the services of the physical layer is a(n) ____________.

MPDU

At its most fundamental level the Internet mail architecture consists of a user world in the form of _________.

MUA

_______ controls focus on security policies- planning- guidelines and standards that influence the selection of operational and technical controls to reduce the risk of loss and to protect the organization's mission.

Management

______ relates to the capacity of the network links connecting a server to the wider Internet.

Network bandwidth

Blocking assignment of form field values to global variables is one of the defenses available to prevent a __________ attack.

PHP remote code injection

"Improper Access Control (Authorization)" is in the _________ software error category.

Porous Defenses

The final form of the 802.11i standard is referred to as ________.

RSN

_______ is the process whereby a user first makes itself known to a CA prior to that CA issuing a certificate or certificates for that user.

Registration

"Incorrect Calculation of Buffer Size" is in the __________ software error category.

Risky Resource Management

______ software is a centralized logging software package similar to but much more complex than syslog.

SIEM

_______ is a text-based protocol with a syntax similar to that of HTTP.

SIP

_______ is a minimal set of conventions for invoking code using XML over HTTP that enables applications to request services from one another with XML-based requests and receive responses as data formatted with XML.

SOAP

It is possible to specifically defend against the ______ by using a modified version of the TCP connection handling code.

SYN spoofing attack

The ______ attacks the ability of a network server to respond to TCP connection requests by overflowing the tables used to manage such connections.

SYN spoofing attack

In both direct flooding attacks and ______ the use of spoofed source addresses results in response packets being scattered across the Internet and thus detectable.

SYN spoofing attacks

__________ data are data that may be derived from corporate data but that cannot be used to discover the corporation's identity.

Sanitized

________ is explicitly required for all employees.

Security awareness

______ attempts to monopolize all of the available request handling threads on the Web server by sending HTTP requests that never complete.

Slowloris

_______ controls are pervasive- generic- underlying technical IT security capabilities that are interrelated with- and used by- many other controls.

Supportive

___________ scan critical system files- directories- and services to ensure they have not been changed without proper authorization.

System integrity verification tools

_________ audit trails are generally used to monitor and optimize system performance.

System-level

The _______ is a hardware module that is at the heart of a hardware/software approach to trusted computing.

TPM

______ is the identification of data that exceed a particular baseline value.

Thresholding

________ is the process of receiving- initial sorting- and prioritizing of information to facilitate its appropriate handling.

Triage

_________ is assurance that a system deserves to be trusted such that the trust can be guaranteed in some convincing way such as through formal analysis or code review.

Trustworthiness

In order to accelerate the introduction of strong security into WLANs the Wi-Fi Alliance promulgated ________ a set of security mechanisms that eliminates most 802.11 security issues as a Wi-Fi standard.

WPA

_______ is movement of data in a business process.

Workflow automation

_______ certificates are used in most network security applications- including IP security- secure sockets layer- secure electronic transactions- and S/MIME.

X.509

_______ is important as part of the directory service that it supports and is also a basic building block used in other standards.

X.509

_____ is a markup language that uses sets of embedded tags or labels to characterize text elements within a document so as to indicate their appearance- function- meaning- or context.

XML

The most common variant of injecting malicious script content into pages returned to users by the targeted sites is the _________ vulnerability.

XSS reflection

A(n) __________ is any entity that has station functionality and provides access to the distribution system via the wireless medium for associated stations.

access point

Security awareness- training- and education programs can serve as a deterrent to fraud and actions by disgruntled employees by increasing employees' knowledge of their ________ and of potential penalties.

accountability

System conditions requiring immediate attention is a(n) _______ severity.

alert

A wireless access point is a _______.

all of the above

The ________ access mode allows the subject only write access to the object.

append

The ________ is a module that transmits the audit trail records from its local system to the centralized audit trail collector.

audit dispatcher

The ________ is a module on a centralized system that collects audit trail records from other systems and creates a combined audit trail.

audit trail collector

A characteristic of reflection attacks is the lack of _______ traffic.

backscatter

The objective of the ________ control category is to counteract interruptions to business activities and to protect critical business processes from the effects of major failures of information systems or disasters and to ensure their timely resumption.

business continuity management

The ________ is the government agency that monitors the evaluation process.

certifier

The specification of a protocol along with the chosen key length is known as a ___.

cipher suite

A _______ is a collection of requirements that share a common focus or intent.

class

In the case of ________ only the digital signature is encoded using base64.

clear-signed data

A _______ attack is where the input includes code that is then executed by the attacked system.

code injection

A _________ attack occurs when the input is used in the construction of a command that is subsequently executed by the system with the privileges of the Web server.

command injection

A _______ policy states that the company may access monitor intercept block access inspect copy disclose use destroy or recover using computer forensics any data covered by this policy.

company rights

The objective of the ________ control category is to avoid breaches of any law statutory- regulatory- or contractual obligations and of any security requirements.

compliance

The result of S/MIME encrypting the digest using DSS and the sender's private DSS key is the ________.

digital signature

A _______ policy states that violation of this policy may result in immediate termination of employment or other discipline deemed appropriate by the company.

disciplinary action

A system used to interconnect a set of basic service sets and LANs to create an extended service set is a _________.

distribution system

"An individual (or role) may grant to another individual (or role) access to a document based on the owner's discretion constrained by the MAC rules" describes the _________.

ds-property

With _________ the linking to shared library routines is deferred until load time so that if changes are made any program that references the library is unaffected.

dynamically linked shared libraries

The _________ level focuses on developing the ability and vision to perform complex multidisciplinary activities and the skills needed to further the IT security profession and to keep pace with threat and technology changes.

education and experience

Severe messages such as immediate system shutdown is a(n) _____ severity.

emerg

The ________ function consists of encrypted content of any type and encrypted-content encryption keys for one or more recipients.

enveloped data

The _________ is logic embedded into the software of the system that monitors system activity and detects security-related events that it has been configured to detect.

event discriminator

The intent of ________ is to determine whether the program or function correctly handles all abnormal inputs or whether it crashes or otherwise fails to respond appropriately.

fuzzing

The most complex part of TLS is the __________.

handshake protocol

When a DoS attack is detected the first step is to _______.

identify the attack

Incorrect handling of program _______ is one of the most common failings in software security.

input

A contingency plan for systems critical to a large organization would be _________ than that for a small business.

larger, more detailed

The most common technique for using an appropriate synchronization mechanism to serialize the accesses to prevent errors is to acquire a _______ on the shared file ensuring that each process has appropriate access in turn.

lock

The ________ accepts the message submitted by a message user agent and enforces the policies of the hosting domain and the requirements of Internet standards.

mail submission agent

A stead reduction in memory available on the heap to the point where it is completely exhausted is known as a ________.

memory leak

An example of a(n) __________ attack is one in which bogus reconfiguration commands are used to affect routers and switches to degrade network performance.

network injection

Windows allows the system user to enable auditing in _______ different categories.

nine

The _______ consists of two dates: the first and last on which the certificate is valid.

period of validity

A ______ triggers a bug in the system's network handling software causing it to crash and the system can no longer communicate over the network until this software is reloaded.

poison packet

Inserting a new row at a lower level without modifying the existing row at the higher level is known as ________ .

polyinstantiation

A ________ is a secret key shared by the AP and a STA and installed in some fashion outside the scope of IEEE 802.11i.

pre-shared key

90. The _______ field in the outer IP header indicates whether the association is an AH or ESP security association.

protocol identifier

To protect the data either the signature alone or the signature plus the message are mapped into printable ASCII characters using a scheme known as ________ or base64mapping.

radix-64

Modifying the system's TCP/IP network code to selectively drop an entry for an incomplete connection from the TCP connections table when it overflows allowing a new connection attempt to proceed is _______.

random drop

A ________ is a pattern composed of a sequence of characters that describe allowable input variants.

regular expression

A _______ is a generic term used to denote any method for storing certificates and CRLs so that they can be retrieved by end entities.

repository

Defensive programming is sometimes referred to as _________.

secure programming

A _______ is conducted to determine the adequacy of system controls- ensure compliance with established security policy and procedures-detect breaches in security services- and recommend any changes that are indicated for countermeasures.

security audit

The _______ category is a transitional stage between awareness and training.

security basics and literacy

The ________ control the manner by which a subject may access an object.

security classes

Security classes are referred to as __________.

security levels

The implementation process is typically monitored by the organizational ______.

security officer

An integer value unique within the issuing CA that is unambiguously associated with the certificate is the_____.

serial number

Using forged source addresses is known as _________.

source address spoofing

Bots starting from a given HTTP link and then following all links on the provided Website in a recursive way is called _______.

spidering

The basic tool that permits widespread use of S/MIME is ________.

the public-key certificate

TCP uses the _______ to establish a connection.

three-way handshake

ESP supports two modes of use: transport and _________.

tunnel

The _______ access mode allows the subject both read and write access to the object.

write


Set pelajaran terkait

Chapter 26 Asepsis and Infection Control

View Set

Pregnancy, Labor, Childbirth, Postpartum - Uncomplicated

View Set

Guillain-Barre Syndrome, Myasthenia Gravis, ALS

View Set