FINAL CH: 5,7,9,10
Henry is created a firewall rule that will allow inbound mail to the organization. What TCP port must he allow through the firewall
25
Ed wants to make sure that his system is designed in a manner that allows tracing actions to an individual. Which phase of access control is Ed concerned about
Accountability
Bob received a message from Alice that contains a digital signature. What cryptographic key does Bob use to verify the digital signature?
Alice's public key
Ricky is reviewing security logs to independently assess security controls. Which security review process is Ricky engaging in
Audit
Which cryptographic attack offers cryptanalysts the most information about how an encryption algorithm works?
Chosen plaintext
Which characteristic of a biometric system measures the system's accuracy using a balance of different error types?
Crossover Error rate
Betty receives a cipher text message from her colleague Tim. What type of function does Betty need to use to read the plaintext message?
Decryption
What information should an auditor share with the client during an exit interview
Details on major issues
Temporal isolation is commonly used in combination with rule-based access control
False
An SOC 1 report primarily focuses on security.
False Internal controls over financial reporting
Anthony is responsible for tuning his organization's intrusion detection system. He notices that the system reports an intrusion alert each time that an administrator connects to a server using Secure Shell (SSH). What type of error is occurring?
False positive error
The four main types of logs that you need to keep to support security auditing include event, access, user, and security.
False. Event, Access, Security and Audit logs
Terry is troubleshooting a network that is experiencing high traffic congestion issues. Which device, if present on the network should be replaced to alleviate these issues.
Hub
Which of the following is not a benefit of cloud computing to organizations?
Lower dependence on outside vendors
Which one of the following is not an advantage of biometric systems
Physical characteristics may change
Which approach to cryptography provides the strongest theoretical protection
Quantum Cryptography
What firewall approach is shown in the figure?
Screened subnet
What type of network device normally connects directly to endpoints and uses MAC-based filtering to limit traffic flows
Switch
What type of security monitoring tool would be most likely to identify an unauthorized change to a computer system?
System integrity monitoring
A digitized signature is a combination of a strong hash of a message and a secrete key
True
A firewall is a basic network security defense tool
True
A salt value is a set of random characters you can combine with an actual input key to create the encryption key
True
A trusted operating system provides features that satisfy specific government requirements for security
True
Anomaly-based intrusion detection systems compare current activity with stored profiles of normal (expected) activity.
True
Digital signatures require asymmetric key cryptography
True
Many jurisdictions require audits by law.
True
Message authentication confirms the identity of the person who started a correspondence
True
Single Sin on can provide for stronger passwords because with only one password to remember users are generally willing to use stronger passwords
True
The hash message authentication code is a hash function that uses a key to create a hash or message digest
True
Which one of the following is NOT a commonly accepted best practice for password security
Use at least six alphanumeric characters
What standard is NOT secure and should never be used on modern wireless networks
Wired Equivalent Privacy (WEP)
Gina is preparing to monitor network activity using packet sniffing. Which technology is most likely to interfere with this effort if used on the network?
Secure Sockets Layer (SSL)
A wirelss access point (WAP) is the connection between a wired and wireless network
True
The DHE algorithm is the basis for several common key exchange protocols including Diffie Hellman in Ephemeral mode and Elliptic Curve DHE
True
What is NOT a symmetric encryption algorithm
(RSA)
Henry's last firewall rule must allow inbound access to a Windows Terminal Server. What port must he allow?
3389
Henry would like to create a different firewall rule that allows encrypted web traffic to reach a web server. What port is used for that communication
443
An SOC 1 report is commonly implemented for organizations that must comply with Sarbanes-Oxley (SOX) or the Gramm-Leach-Bliley Act (GLBA).
True.
SOC 2 reports are created for internal and other authorized stakeholders and are commonly implemented for service providers, hosted data centers, and managed cloud computing providers.
True. Security (confidentiality, integrity, availability) and privacy controls Management, regulators, stakeholders. This is commonly implemented for service providers, hosted data centers, and managed cloud computing providers.
Passphrases are less secure than passwords.
false
Barbara is investigating an attack against her network. She notices that the Internet Control Message Protocol (ICMP) echo replies coming into her network far exceed the ICMP echo requests leaving her network. What type of attack is likely taking place?
smurf
Which information security objective allows trusted entities to endorse information
Certification
Alice and Bob would like to communicate with each other using a session key but they do not already have a shared secret key. Which algorithm can they use to exchange a secret key?
Diffie Hellman
Gary would like to choose an access control model in which the owner of a resource decides who may modify permissions on that resource. Which model fits that scenario?
Discretionary access control(DAC)
The four central components of access control are users, resources, action and features
False
Committee of Sponsoring Organizations (COSO) is a set of best practices for IT management.
False. Committee of Sponsoring Organizations (COSO) - This organization gives guidance to executive management and governance entities on critical aspects of organizational governance, business ethics, internal control, enterprise risk management, fraud, and financial reporting.
An auditing benchmark is the standard by which a system is compared to determine whether it is securely configured.
True
A packet filtering firewall remembers information about the status of a network communication
false
A report indicates that a system's disk is 80 percent full is a good indication that something is wrong with that system.
false
DIAMETER is a research and development project funded by the European Commission.
false
Implicit deny is when firewalls look at message addresses to determine whether a message is being sent around an unending loop
false
IP addresses are eight-byte addresses that uniquely identify every device on the network
false 32 bits
What type of firewall security feature limits the volume of traffic from individual hosts?
flood guard
Which type of authentication includes smart cards
ownership
Hilda is troubleshooting a problem with the encryption of data. At which layer of the OSI Reference Model is she working?
presentation
After audit activities are completed, auditors perform data analysis.
true
Content dependent access control requires the access control mechanism to look at the data to decide who should get to see it
true
In a known-plaintext attack (KPA) the cryptanalyst has access only to a segment of encrypted data, and has no choice as to what the data might be
False
TCP/IP is a suite of protocols that operates at both the Network and Transport layers of the OSI Reference Model.
True
A smart card is a token like a cred card that contains one or more microprocessor chips that accept store and send information through a reader
true
