IFT 481 Final Study Guide

What type of security communication effort focuses on a common body of knowledge?

Education

Alan is evaluating different biometric systems and is concerned that users might not want to subject themselves to retinal scans due to privacy concerns. Which characteristic of a biometric system is he considering?

Acceptability

Which one of the following is the best example of an authorization control?

Access Control Lists

Ed wants to make sure that his system is designed in a manner that allows tracing actions to an individual. Which phase of access control is Ed concerned about?

Accountability

Brian notices an attack taking place on his network. When he digs deeper, he realizes that the attacker has a physical presence on the local network and is forging Media Access Control (MAC) addresses. Which type of attack is most likely taking place?

Address Resolution Protocol (ARP)

Alice would like to send a message to Bob using a digital signature. What cryptographic key does Alice use to create the digital signature?

Alice's Private Key

Bob received a message from Alice that contains a digital signature. What cryptographic key does Bob use to verify the digital signature?

Alice's Public Key

Norm recently joined a new organization. He noticed that the firewall technology used by his new firm opens separate connections between the devices on both sides of the firewall. What type of technology is being used?

Application Proxing

Mary is designing a software component that will function at the Presentation Layer of the Open Systems Interconnection (OSI) model. What other two layers of the model will her component need to interact with?

Application and Session

Which action is the best step to protect Internet of Things (IoT) devices from becoming the entry point for security vulnerabilities into a network while still meeting business requirements?

Applying Security Updates Promptly

What is NOT a good practice for developing strong professional ethics?

Assume that information should be free

Tom is the IT manager for an organization that experienced a server failure that affected a single business function. What type of plan should guide the organization's recovery effort?

Business Continuity Plan (BCP)

Which information security objective allows trusted entities to endorse information?

Certification

What certification focuses on information systems audit, control, and security professionals?

Certified Information Systems Auditor (CISA)

Which audit data collection method helps ensure that the information-gathering process covers all relevant areas?

Checklist

Which cryptographic attack offers cryptanalysts the most information about how an encryption algorithm works?

Chosen Plaintext

Jody would like to find a solution that allows real-time document sharing and editing between teams. Which technology would best suit her needs?

Collaboration

Alison discovers that a system under her control has been infected with malware, which is using a key logger to report user keystrokes to a third party. What information security property is this malware attacking?

Confidentiality

Which activity manages the baseline settings for a system or device?

Configuration Control

Forensics and incident response are examples of __________ controls.

Corrective

Maya is creating a computing infrastructure compliant with the Payment Card Industry Data Security Standard (PCI DSS). What type of information is she most likely trying to protect?

Credit Card Information

Which of the following is NOT a role described in DoD Directive 8140, which covers cyber security training?

Attack

During what phase of a remote access connection does the end user prove his or her claim of identity?!

Authentication

During which phase of the access control process does the system answer the question,"What can the requestor access?"

Authorization

__________ is a continuous process designed to keep all personnel vigilant.

Awareness

Ann is creating a template for the configuration of Windows servers in her organization. It includes the basic security settings that should apply to all systems. What type of document should she create?

Baseline

The ISACA Certified in Risk and Information Systems Control (CRISC) certification targets security professionals who ensure that their organization satisfies IT governance requirements.

False

The National Institute of Standards and Technology (NIST) is the main United Nations agency responsible for managing and promoting information and technology issues.

False

The skills necessary to manage a technical environment are the same as the skills necessary to perform technical work.

False

User-based permission levels limit a person to executing certain functions and often enforces mutual exclusivity.

False

Betsy recently assumed an information security role for a hospital located in the United States. What compliance regulation applies specifically to healthcare providers?

HIPPA

Bob recently accepted a position as the information security and compliance manager for a medical practice. Which regulation is likely to most directly apply to Bob's employer?

HIPPA

Security training programs typically differ from security education programs in their focus on ______________.

Hand-on Skills

What type of function generates the unique value that corresponds to the contents of a message and is used to create a digital signature?

Hash

With the use of Mobile IP, which device is responsible for keeping track of mobile nodes (MNs) and forwarding packets to the MN's current network?

Home Agent (HA)

Which recovery site option provides readiness in minutes to hours?

Hot Site

Terry is troubleshooting a network that is experiencing high traffic congestion issues. Which device, if present on the network, should be replaced to alleviate these issues?

Hub

Gary is troubleshooting a security issue on an Ethernet network and would like to look at the Ethernet standard. What publication should he seek out?

IEEE 802.3

What is a set of concepts and policies for managing IT infrastructure, development, and operations?

IT Infrastructure Library (ITIL)

Gary is sending a message to Patricia. He wants to ensure that nobody tampers with the message while it is in transit. What goal of cryptography is Gary attempting to achieve?

Integrity

Rachel is investigating an information security incident that took place at the high school where she works. She suspects that students may have broken into the student records system and altered their grades. If correct, which one of the tenets of information security did this attack violate?

Integrity

Yolanda would like to prevent attackers from using her network as a relay point for a smurf attack. What protocol should she block?

Internet Control Message Protocol (ICMP)

Larry recently viewed an auction listing on a website. As a result, his computer executed code that popped up a window that asked for his password. What type of attack has Larry likely encountered?

Cross-Site Scripting (XSS)

Which characteristic of a biometric system measures the system's accuracy using a balance of different error types?

Crossover Error Rate (CER)

Which risk is most effectively mitigated by an upstream Internet service provider (ISP)?

Distributed Denial of Service (DDOS)

What is a key principle of risk management programs?

Don't spend more to protect an asset than it is worth

What protocol is responsible for assigning IP addresses to hosts on most networks?

Dynamic Host Configuration Protocol (DHCP)

Which Internet of Things (IoT) challenge involves the difficulty of developing and implementing protocols that allow devices to communicate in a standard fashion?

Interoperability

Which network device is capable of blocking network connections that are identified as potentially malicious?

Intrusion Prevention System (IPS)

Jacob is conducting an audit of the security controls at an organization as an independent reviewer. Which question would NOT be part of his audit?

Is the security control likely to become obsolete in the near future?

Which type of denial of service attack exploits the existence of software flaws to disrupt a service?

Logic Attack

What term describes the longest period of time that a business can survive without a particular critical system?

Maximum Tolerable Downtime (MTD)

Which agreement type is typically less formal than other agreements and expresses areas of common interest?

Memorandum of Understanding (MOU)

Which one of the following is an example of a reactive disaster recovery control?

Moving to a Warm Site

What federal agency is charged with the mission of promoting "U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life?"

National Institute of Standards and Technology (NIST)

Which term accurately describes Layer 3 of the Open Systems Interconnection (OSI) model?

Network

Which security testing activity uses tools that scan for services running on systems?

Network Mapping

Brian would like to conduct a port scan against his systems to determine how they look from an attacker's viewpoint. What tool can he use for this purpose?

Nmap

Which approach to cryptography provides the strongest theoretical protection?

Quantum Cryptography

Using Mobile IP, users can move between segments on a local area network (LAN) and stay connected without interruption

True

Val would like to isolate several systems belonging to the product development group from other systems on the network, without adding new hardware. What technology can she use?

Virtual LAN (VLAN)

Which control is NOT an example of a fault tolerance technique designed to avoid interruptions that would cause downtime?

Warm Site

What tool might be used by an attacker during the reconnaissance phase of an attack to glean information about domain registrations?

Whois

Aditya is attempting to classify information regarding a new project that his organization will undertake in secret. Which characteristic is NOT normally used to make these type of classification decisions?

Threat

Which term describes any action that could damage an asset?

Threat

A birthday attack is a type of cryptographic attack that is used to make brute-force attack of one-way hashes easier.

True

A common method for identifying what skills a security professional possesses is his or her level of certification.

True

A dictionary attack works by hashing all the words in a dictionary and then comparing the hashed value with the system password file to discover a match.

True

A functional policy declares an organization's management direction for security in such specific functional areas as email, remote access, and Internet surfing.

True

A keyword mixed alphabet cipher uses a cipher alphabet that consists of a keyword, minus duplicates, followed by the remaining letters of the alphabet.!

True

A phishing email is a fake or bogus email intended to trick the recipient into clicking on an embedded URL link or opening an email attachment.

True

Defense Information Systems Agency (DISA) is the agency arm of the U.S. Department of Defense that provides information technology and communications support to the White House, Secretary of Defense, and all military sectors that contribute to the defense of the United States of America.

True

DoD and NSA have adopted several training standards to serve as a pathway to satisfy Directive 8140. Although they are called standards, they are really training requirements for specific job responsibilities.

True

During an audit, an auditor compares the current setting of a computer or device with a benchmark to help identify differences.

True

In security testing data collection, observation is the input used to differentiate between paper procedures and the way the job is really done.

True

RSA is a global provider of security, risk, and compliance solutions for enterprise environments.

True

Security awareness training should remind employees to ensure confidentiality by not leaving any sensitive information or documents on their desks.

True

Standards provide guidelines to ensure that products in today's computing environments work together.

True

The Data Link Layer of the OSI Reference Model is responsible for transmitting information on computers connected to the same local area network (LAN).

True

The Diffie-Hellman (DHE) algorithm is the basis for several common key exchange protocols, including Diffie-Hellman in Ephemeral mode (DHE) and Elliptic Curve DHE (ECDHE).Correct!

True

The Office of Personnel Management (OPM) requires that federal agencies provide the training suggested by the National Institute of Standards and Technology (NIST) guidelines.

True

The goal of a command injection is to execute commands on a host operating system.

True

The main purpose of security training courses is to rapidly train students in one or more skills, or to cover essential knowledge in one or more specific areas.

True

The most critical aspect of a WAN services contract is how the service provider supplies troubleshooting, network management, and security management services.

True

The purpose of continuing education is to provide formal training courses that lead to a certificate or professional certification and NOT a degree.

True

The recovery point objective (RPO) can come from the business impact analysis or sometimes from a government mandate, such as banking laws.

True

The recovery point objective (RPO) is the maximum amount of data loss that is acceptable.

True

Kim is the risk manager for a large organization. She is evaluating whether the organization should purchase a fire suppression system. She consulted a variety of subject matter experts and determined that there is a 1 percent chance that a fire will occur in a given year. If a fire occurred, it would likely cause $2 million in damage to the facility, which has a $10 million value. Given this scenario, what is the single loss expectancy (SLE)?

2,000,000

Kim is the risk manager for a large organization. She is evaluating whether the organization should purchase a fire suppression system. She consulted a variety of subject matter experts and determined that there is a 1 percent chance that a fire will occur in a given year. If a fire occurred, it would likely cause $2 million in damage to the facility, which has a $10 million value. Given this scenario, what is the exposure factor?

20 Percent

What series of Special Publications does the National Institute of Standards and Technology (NIST) produce that covers information systems security activities?rrect!

800

Which Institute of Electrical and Electronics Engineers (IEEE) standard covers wireless LANs?

802.11

What DoD directive requires that information security professionals in the government earn professional certifications?

8140

Tonya is working with a team of subject matter experts to diagnose a problem with her system. The experts determine that the problem likely resides at the Presentation Layer of the Open Systems Interconnection (OSI) model. Which technology is the most likely suspect?

Encryption

Which type of attack involves the creation of some deception in order to trick unsuspecting users?

Fabrication

A business impact analysis (BIA) details the steps to recover from a disruption and restore the infrastructure necessary for normal business operations.

False

A packet-filtering firewall remembers information about the status of a network communication.

False

A smurf attack tricks users into providing logon information on what appears to be a legitimate website but is in fact a website set up by an attacker to obtain this information.

False

Configuration changes can be made at any time during a system life cycle and no process is required.

False

Connectivity is one of the five critical challenges that the Internet of Things (IoT) has to overcome.

False

Continuity of critical business functions and operations is the first priority in a well-balanced business continuity plan (BCP).

False

In the Remote Access Domain, if private data or confidential data is compromised remotely, you should set automatic blocking for attempted logon retries.

False

Maria's company recently experienced a major system outage due to the failure of a critical component. During that time period, the company did not register any sales through its online site. Which type of loss did the company experience as a result of lost sales?

Opportunity Cost

Which type of authentication includes smart cards?

Ownership

Tony is working with a law enforcement agency to place a wiretap pursuant to a legitimate court order. The wiretap will monitor communications without making any modifications. What type of wiretap is Tony placing?

Passive Wiretap

Brian is the information security training officer for a health care provider. He wants to develop a training program that complies with the provisions of Health Insurance Portability and Accountability Act (HIPAA). Which of the following topics must be included?

Password Management

Which mitigation plan is most appropriate to limit the risk of unauthorized access to workstations?

Password Protection

Gwen's company is planning to accept credit cards over the Internet. Which one of the following governs this type of activity and includes provisions that Gwen should implement before accepting credit card transactions?

Payment Card Industry Data Security Standard (PCI DSS)

Which one of the following is NOT an advantage of biometric systems?

Physical Characteristics may change

Which element of the security policy framework requires approval from upper management and applies to the entire organization?

Policy

Adam discovers a virus on his system that is using encryption to modify itself. The virus escapes detection by signature-based antivirus software. What type of virus has he discovered?

Polymorphic Virus

Hilda is troubleshooting a problem with the encryption of data. At which layer of the OSI Reference Model is she working?

Presentation

Which tool can capture the packets transmitted between systems over a network?

Protocol Analyzer

Christopher is designing a security policy for his organization. He would like to use an approach that allows a reasonable list of activities but does not allow other activities. Which permission level is he planning to use?

Prudent

Beth is conducting a risk assessment. She is trying to determine the impact a security incident will have on the reputation of her company. What type of risk assessment is best suited to this type of analysis?

Qualilative

Alan is developing a business impact assessment for his organization. He is working with business units to determine the maximum allowable time to recover a particular function. What value is Alan determining?

Recovery Time Objective (RTO)

What type of malicious software allows an attacker to remotely control a compromised computer?

Remote Access Tool (RAT)

What is the correct order of steps in the change control process?

Request, Impact Assessment, Approval, Build/Test, Implement, Monitor

Which item is an auditor least likely to review during a system controls audit?

Resumes of a System Administrator

Which formula is typically used to describe the components of information security risks?

Risk = Threat x Vulnerability

Earl is preparing a risk register for his organization's risk management program. Which data element is LEAST likely to be included in a risk register?

Risk Survey Results

In what type of attack does the attacker send unauthorized commands directly to a database?

SQL Injection

What is NOT one of the three tenets of information security?

Safety

What firewall approach is shown in the figure?

Screened Subnet

Which of the following is NOT one of the four fundamental principles outlined by the Internet Society that will drive the success of Internet of Things (IoT) innovation?

Secure

Gina is preparing to monitor network activity using packet sniffing. Which technology is most likely to interfere with this effort if used on the network?

Secure Sockets Layer (SSL)

Helen has no experience in security. She would like to earn a certification that demonstrates that she has the basic knowledge necessary to work in the information security field. What certification would be an appropriate first step for her?

Security+

Which scenario presents a unique challenge for developers of mobile applications?

Selecting multiple items from a list

Karen is designing a process for issuing checks and decides that one group of users will have the authority to create new payees in the system while a separate group of users will have the authority to issue checks to those payees. The intent of this control is to prevent fraud. Which principle is Karen enforcing?

Separation of Duties

Tomahawk Industries develops weapons control systems for the military. The company designed a system that requires two different officers to enter their access codes before allowing the system to engage. Which principle of security is this following?

Separation of Duties

In which type of attack does the attacker attempt to take over an existing connection between two systems?

Session Hijacking

Barbara is investigating an attack against her network. She notices that the Internet Control Message Protocol (ICMP) echo replies coming into her network far exceed the ICMP echo requests leaving her network. What type of attack is likely taking place?

Smurf

Kaira's company recently switched to a new calendaring system provided by a vendor. Kaira and other users connect to the system, hosted at the vendor's site, using a web browser. Which service delivery model is Kaira's company using?

Software as a Service (SaaS)

Which one of the following principles is NOT a component of the Biba integrity model?

Subjects cannot change objects that have a lower integrity level

What type of network device normally connects directly to endpoints and uses MAC-based filtering to limit traffic flows?

Switch

Which set of characteristics describes the Caesar cipher accurately?

Symmetric, Stream,Substitution

Which type of virus targets computer hardware and software startup functions?

System Infector

What type of security monitoring tool would be most likely to identify an unauthorized change to a computer system?

System Integrity Monitoring

Ben is working toward a position as a senior security administrator and would like to earn his first International Information Systems Security Certification Consortium, Inc. (ISC)2 certification. Which certification is most appropriate for his needs?

Systems Security Certified Practitioner (SSCP)

What type of malware does NOT have an anti-malware solution and should be covered in security awareness training?

Zero-Day

Which type of attack against a web application uses a newly discovered vulnerability that is not patchable?

Zero-Day Attack