Info. Assurance Mid Term
The Children's Online Privacy Protection Act (COPPA) restricts the collection of information online from children. What is the cutoff age for COPPA regulation?
13
Matthew captures traffic on his network and notices connections using ports 20, 22, 23, and 80. Which port normally hosts a protocol that uses secure, encrypted connections?
22
In the lab, you changed the password policy to require:
8 characters
Bob is using a port scanner to identify open ports on a server in his environment. He is scanning a web server that uses Hypertext Transfer Protocol (HTTP). Which port should Bob expect to be open to support this service?
80
Juan's web server was down for an entire day last September. It experienced no other downtime during that month. Which one of the following represents the web server uptime for that month?
96.67%
Alan is evaluating different biometric systems and is concerned that users might not want to subject themselves to retinal scans due to privacy concerns. Which characteristic of a biometric system is he considering?
Acceptability
By creating users, assigning those users to groups, and then applying groups to resources in the domain, the administrator sets up both authentication using the Active Directory Domain authentication policies, and builds a series of nested __________ to control the access to domain resources.
Access Control Lists
Which one of the following is the best example of an authorization control?
Access control lists
Mark is considering outsourcing security functions to a third-party service provider. What benefit is he most likely to achieve?
Access to a high level of expertise
Ed wants to make sure that his system is designed in a manner that allows tracing actions to an individual. Which phase of access control is Ed concerned about?
Accountability
Which of the following is the database that provides a centrally controlled and managed access and security management system for an organization's Windows computer systems?
Active Directory
Brian notices an attack taking place on his network. When he digs deeper, he realizes that the attacker has a physical presence on the local network and is forging Media Access Control (MAC) addresses. Which type of attack is most likely taking place?
Address Resolution Protocol (ARP) poisoning
What is NOT a principle for privacy created by the Organization for Economic Cooperation and Development (OECD)?
An organization should share its information.
Which action is the best step to protect Internet of Things (IoT) devices from becoming the entry point for security vulnerabilities into a network while still meeting business requirements?
Applying security updates promptly
Which security control is most helpful in protecting against eavesdropping on wireless LAN (WLAN) data transmissions that would jeopardize confidentiality?
Applying strong encryption
What is NOT a good practice for developing strong professional ethics?
Assume that information should be free
During what phase of a remote access connection does the end user prove his or her claim of identity?
Authentication
During which phase of the access control process does the system answer the question,"What can the requestor access?"
Authorization
Janet is identifying the set of privileges that should be assigned to a new employee in her organization. Which phase of the access control process is she performing?
Authorization
In an accreditation process, who has the authority to approve a system for implementation?
Authorizing official (AO)
Which part of the C-I-A triad refers to making sure information is obtainable when needed?
Availability
Ann is creating a template for the configuration of Windows servers in her organization. It includes the basic security settings that should apply to all systems. What type of document should she create?
Baseline
Which of the following tools helps discover unwanted operating system changes and non-compliant systems within the network?
Baseline analyzers
Which security model does NOT protect the integrity of information?
Bell-LaPadula
Which password attack is typically used specifically against password files that contain cryptographic hashes?
Birthday attacks
Ron is the IT director at a medium-sized company and is constantly bombarded by requests from users who want to select customized mobile devices. He decides to allow users to purchase their own devices. Which type of policy should Ron implement to include the requirements and security controls for this arrangement?
Bring Your Own Device (BYOD)
Which type of password attack attempts all possible combinations of a password in an attempt to guess the correct value?
Brute-force attack
Members of the __________ group called Remote Desktop Users are allowed to use the remote desktop services to connect to remote machines.
Builtin (built-in)
Tom is the IT manager for an organization that experienced a server failure that affected a single business function. What type of plan should guide the organization's recovery effort?
Business Continuity Plan (BCP)
Which of the following statements is true regarding the rules for password selection?
Change your passwords frequently.
Jody would like to find a solution that allows real-time document sharing and editing between teams. Which technology would best suit her needs?
Collaboration
Which part of the C-I-A triad refers to preventing the disclosure of secure information to unauthorized individuals or systems?
Confidentiality
Which activity manages the baseline settings for a system or device?
Configuration Control
What is NOT a common endpoint for a virtual private network (VPN) connection used for remote network access?
Content Filter
In Mobile IP, what term describes a device that would like to communicate with a mobile node (MN)?
Correspondent node (CN)
Which characteristic of a biometric system measures the system's accuracy using a balance of different error types?
Crossover error rate (CER)
Which item in a Bring Your Own Device (BYOD) policy helps resolve intellectual property issues that may arise as the result of business use of personal devices?
Data ownership
Which technology can be used to protect the privacy rights of individuals and simultaneously allow organizations to analyze data in aggregate?
Deidentification
From the LabFiles Properties dialog box, which of the following options is necessary to enable you to specify permissions for each sub-folder?
Disable Inheritance
Based on your interpretation of the Zenmap Intense Scan, the purpose/results of the ARP Ping Scan was to:
Discover how many hosts are alive.
Which risk is most effectively mitigated by an upstream Internet service provider (ISP)?
Distributed denial of service (DDoS)
Which one of the following is NOT an area of critical infrastructure where the Internet of Things (IoT) is likely to spur economic development in less developed countries?
E-commerce
Which practice is NOT considered unethical under RFC 1087 issued by the Internet Architecture Board (IAB)?
Enforcing the integrity of computer-based information
What is the first step in a disaster recovery effort?
Ensure that everyone is safe
Barry discovers that an attacker is running an access point in a building adjacent to his company. The access point is broadcasting the security set identifier (SSID) of an open network owned by the coffee shop in his lobby. Which type of attack is likely taking place?
Evil twin
Which type of attack involves the creation of some deception in order to trick unsuspecting users?
Fabrication
Which one of the following is an example of a direct cost that might result from a business disruption?
Facility repair
What compliance regulation applies specifically to the educational records maintained by schools about students?
Family Education Rights and Privacy Act (FERPA)
Which compliance obligation includes security requirements that apply specifically to federal government agencies in the United States?
Federal Information Security Management Act (FISMA)
Which of the following is used to transfer files using the File Transfer Protocol (FTP) to and from the vWorkstation?
FileZilla
Which control is not designed to combat malware?
Firewalls
Bob is preparing to dispose of magnetic media and wishes to destroy the data stored on it. Which method is NOT a good approach for destroying data?
Formatting
Most Linux interactions take place:
From the command line.
Which one of the following is NOT a market driver for the Internet of Things (IoT)?
Global adoption of non-IP networking
In the lab, you used the __________ to create a new group policy object to strengthen the password policies on the remote Windows server.
Group Policy Management Console
In the lab, you used the __________ to link the new password group policy object to the Active Directory domain for the virtual lab environment.
Group Policy Management Console
In the lab, a variety of options for strengthening password policy were displayed in the:
Group Policy Management Editor.
In the lab, you created and saved a __________ showing the properties for the password object you created earlier in the lab.
Group Policy Object report
Which of the following tools enables a system administrator or security practitioner to set and enforce key security policies at the Active Directory Forest, Domain, and Organizational Unit level?
Group Policy Objects
Which of the following tools is built into the Windows operating systems?
Group Policy Objects
Which element of the security policy framework offers suggestions rather than mandatory actions?
Guideline
Betsy recently assumed an information security role for a hospital located in the United States. What compliance regulation applies specifically to healthcare providers?
HIPAA
Which one of the following governs the use of Internet of Things (IoT) by healthcare providers, such as physicians and hospitals?
Health Insurance Portability and Accountability Act (HIPAA)
Bob recently accepted a position as the information security and compliance manager for a medical practice. Which regulation is likely to most directly apply to Bob's employer?
Health Insurance Portability and Accountability Act (HIPAA)
Which one of the following is an example of a business-to-consumer (B2C) application of the Internet of Things (IoT)?
Health monitoring
With the use of Mobile IP, which device is responsible for keeping track of mobile nodes (MNs) and forwarding packets to the MN's current network?
Home agent (HA)
In the Windows Scan Results section of the Microsoft Security Baseline Analyzer report, the __________ link opens a new Internet Explorer window with information about the issue and possible solutions.
How to correct this
Which one of the following is NOT a good technique for performing authentication of an end user?
ID#
Based on your interpretation of the Zenmap Intense Scan, the purpose/results of the TCP Port Scan was to:
Identify open TCP ports.
Once connected, PuTTY displays a terminal shell:
In which Linux commands can be executed.
Rachel is investigating an information security incident that took place at the high school where she works. She suspects that students may have broken into the student records system and altered their grades. If correct, which one of the tenets of information security did this attack violate?
Integrity
Which part of the C-I-A triad refers to maintaining and assuring the accuracy of data over its life-cycle?
Integrity
Which organization pursues standards for Internet of Things (IoT) devices and is widely recognized as the authority for creating standards on the Internet?
Internet Engineering Task Force
Which Internet of Things (IoT) challenge involves the difficulty of developing and implementing protocols that allow devices to communicate in a standard fashion?
Interoperability
Which network device is capable of blocking network connections that are identified as potentially malicious?
Intrusion prevention system (IPS)
The CVE listing is a database of:
Known software vulnerabilities and exposures as well as how to mitigate them with software patches and updates.
Which of the following would NOT be considered in the scope of organizational compliance efforts?
Laws
On a Windows network share, if the user can browse a file but cannot copy or modify it, what type of access controls and permissions are probably configured?
List folder contents
Which type of denial of service attack exploits the existence of software flaws to disrupt a service?
Logic attack
Which of the following is NOT a benefit of cloud computing to organizations?
Lower dependence on outside vendors
Which of the following is an example of a hardware security control?
MAC filtering
Which of the following statements is true regarding managing change management?
Many tools and suites are available to aid the security practitioner in implementing and managing change management.
Which one of the following measures the average amount of time that it takes to repair a system, application, or component?
Mean time to repair (MTTR)
Which agreement type is typically less formal than other agreements and expresses areas of common interest?
Memorandum of understanding (MOU)
Which of the following tools can be used to ensure a newly installed system meets or exceeds the organization's baseline security standard prior to deployment and can also help enforce patch management and change control policies?
Microsoft Security Baseline Analyzer
Which of the following tools enables the security practitioner to discover vulnerabilities and patch-level deficiencies at the Windows host machine level?
Microsoft Security Baseline Analyzer
Which of the following tools scans for available updates to the operating system, Microsoft Data Access Components (MDAC), Microsoft XML Parser (MSXML), .NET Framework, and SQL Server?
Microsoft Security Baseline Analyzer
Which of the following tools uses Microsoft Update and Windows Server Update Services (WSUS) technologies to scan for insecure configuration settings and Windows service packs and patches?
Microsoft Security Baseline Analyzer
On a Windows network share, if the user can add, edit, and delete files and folders within the LabFiles folder, what type of access controls and permissions are probably configured?
Modify
Which one of the following is an example of a reactive disaster recovery control?
Moving to a warm site
During the vulnerability assessment, any known vulnerabilities or bugs will be flagged and identified by:
Nessus
The __________ report summary includes both a bar chart and a pie chart showing the distribution of vulnerability findings for each host.
Nessus
Which of the following interfaces enables you to scan several IP addresses at once or type in an IP address to create a simple scan of any machine?
Nessus
Which of the following performs remote scans and audits of Unix, Windows, and network infrastructures and can perform a network discovery of devices, operating systems, applications, databases, and services running on those devices?
Nessus
Which of the following allows analysts to view and analyze network packet traces?
NetWitness Investigator
What is NOT a commonly used endpoint security technique?
Network firewall
Which of the following work together to complete the scanning and vulnerability assessment phase of the ethical hacking process?
Nmap (Zenmap) and Nessus
What level of technology infrastructure should you expect to find in a cold site alternative data center facility?
No technology infrastructure
Beth must purchase firewalls for several network circuits used by her organization. Which one circuit will have the highest possible network throughput?
OC-12
Maria's company recently experienced a major system outage due to the failure of a critical component. During that time period, the company did not register any sales through its online site. Which type of loss did the company experience as a result of lost sales?
Opportunity cost
Which type of authentication includes smart cards?
Ownership
Holly would like to run an annual major disaster recovery test that is as thorough and realistic as possible. She also wants to ensure that there is no disruption of activity at the primary site. What option is best in this scenario?
Parallel test
Which one of the following is an example of a logical access control?
Password
Which mitigation plan is most appropriate to limit the risk of unauthorized access to workstations?
Password protection
A hospital is planning to introduce a new point-of-sale system in the cafeteria that will handle credit card transactions. Which one of the following governs the privacy of information handled by those point-of-sale terminals?
Payment Card Industry Data Security Standard (PCI DSS)
Gwen's company is planning to accept credit cards over the Internet. Which one of the following governs this type of activity and includes provisions that Gwen should implement before accepting credit card transactions?
Payment Card Industry Data Security Standard (PCI DSS)
Roger's organization received a mass email message that attempted to trick users into revealing their passwords by pretending to be a help desk representative. What category of social engineering is this an example of?
Phishing
Which one of the following is NOT an advantage of biometric systems?
Physical characteristics may change.
The __________ confirms that the machine is available, but can't identify ports, operating systems, or services.
Ping scan
Which element of the security policy framework requires approval from upper management and applies to the entire organization?
Policy
Chris is writing a document that provides step-by-step instructions for end users seeking to update the security software on their computers. Performing these updates is mandatory. Which type of document is Chris writing?
Procedure
Marguerite is creating a budget for a software development project. What phase of the system lifecycle is she undertaking?
Project Initiation and planning
Which of the following allows Wireshark to capture packets destined to any host on the same subnet or virtual LAN (VLAN)?
Promiscuous mode
Which tool can capture the packets transmitted between systems over a network?
Protocol analyzer
What is NOT a goal of information security awareness programs?
Punish users who violate policy
On a Windows network share, if the user can view the folder's contents as well as execute scripts, what type of access controls and permissions are probably configured?
Read and execute
Which group is the most likely target of a social engineering attack?
Receptionists and administrative assistants
During which phase of a hacker's five-step approach does the hacker scan a network to identify IP hosts, open ports, and services enabled on servers and workstations?
Reconnaissance
Alan is developing a business impact assessment for his organization. He is working with business units to determine the maximum allowable time to recover a particular function. What value is Alan determining?
Recovery time objective (RTO)
Which of the following does NOT offer authentication, authorization, and accounting (AAA) services?
Redundant Array of Independent Disks (RAID)
What is the correct order of steps in the change control process?
Request, impact assessment, approval, build/test, implement, monitor
Which formula is typically used to describe the components of information security risks?
Risk = Threat x Vulnerability
George is the risk manager for a U.S. federal government agency. He is conducting a risk assessment for that agency's IT risk. What methodology is best suited for George's use?
Risk Management Guide for Information Technology Systems (NIST SP800-30)
Earl is preparing a risk register for his organization's risk management program. Which data element is LEAST likely to be included in a risk register?
Risk survey results
Gary would like to choose an access control model in which the owner of a resource decides who may modify permissions on that resource. Which model fits that scenario?
Role-based access control (RBAC)
In what type of attack does the attacker send unauthorized commands directly to a database?
SQL Injection
The __________ can identify the services using the TCP protocol, but not the versions of these applications.
SYN scan
The __________ is a form of TCP scanning that is less intrusive on the target host.
SYN scan
What is NOT one of the three tenets of information security?
Safety
Which of the following is NOT one of the four fundamental principles outlined by the Internet Society that will drive the success of Internet of Things (IoT) innovation?
Secure
What is a single sign-on (SSO) approach that relies upon the use of key distribution centers (KDCs) and ticket-granting servers (TGSs)?
Secure European System for Applications in a Multi-Vendor Environment (SESAME)
What is an XML-based open standard for exchanging authentication and authorization information and is commonly used for web applications?
Security Assertion Markup Language (SAML)
From a security perspective, what should organizations expect will occur as they become more dependent upon the Internet of Things (IoT)?
Security risks will increase
Which scenario presents a unique challenge for developers of mobile applications?
Selecting multiple items from a list
Karen is designing a process for issuing checks and decides that one group of users will have the authority to create new payees in the system while a separate group of users will have the authority to issue checks to those payees. The intent of this control is to prevent fraud. Which principle is Karen enforcing?
Separation of duties
Tomahawk Industries develops weapons control systems for the military. The company designed a system that requires two different officers to enter their access codes before allowing the system to engage. Which principle of security is this following?
Separation of duties
Biyu is making arrangements to use a third-party service provider for security services. She wants to document a requirement for timely notification of security breaches. What type of agreement is most likely to contain formal requirements of this type?
Service level agreement (SLA)
As a follow-up to her annual testing, Holly would like to conduct quarterly disaster recovery tests that introduce as much realism as possible but do not require the use of technology resources. What type of test should Holly conduct?
Simulation test
Which one of the following is an example of two-factor authentication?
Smart card and personal identification number (PIN)
Kaira's company recently switched to a new calendaring system provided by a vendor. Kaira and other users connect to the system, hosted at the vendor's site, using a web browser. Which service delivery model is Kaira's company using?
Software as a Service (SaaS)
Users throughout Alison's organization have been receiving unwanted commercial messages over the organization's instant messaging program. What type of attack is taking place?
Spim
Which element of the IT security policy framework provides detailed written definitions for hardware and software and how they are to be used?
Standard
Which one of the following principles is NOT a component of the Biba integrity model?
Subjects cannot change objects that have a lower integrity level.
Which one of the following is an advantage that the Internet of Things (IoT) brings to economic development for countries?
Technical and industry development
Which one of the following is NOT an example of store-and-forward messaging?
Telephone call
Within Zenmap, which command is used to begin the OS fingerprinting scan and determine which operating systems are running on the network hosts?
The -O command
Within Zenmap, which command is used to discover the versions of the software on open TCP ports?
The -sV command
Once a vulnerability has been identified by Nessus, where would you check for more information regarding the identified vulnerability, exploits, and any risk mitigation solution?
The CVE references found at the bottom of the vulnerability table
Which of the following tools is used to modify permissions on the TargetWindowsDC01 server to allow new users to use the remote desktop services?
The Group Policy Object Editor
Who is responsible for hosting the CVE database listing web site, under contract with the Department of Homeland Security and the U.S. National Cyber Security Division?
The Mitre Corporation
Which of the following does PuTTY use to securely access a remote computer?
The Secure Shell (SSH) protocol.
Which of the following statements is true regarding guest users who require a higher degree of access?
These guest users can be issued local, self-signed certificates that expire on a specific date and limit the guest's access.
Aditya is attempting to classify information regarding a new project that his organization will undertake in secret. Which characteristic is NOT normally used to make these type of classification decisions?
Threat
Which term describes an action that can damage or compromise an asset?
Threat
Which term describes any action that could damage an asset?
Threat
Which classification level is the highest level used by the U.S. federal government?
Top Secret
Which of the following combines something you know (e.g. password) with something you are (e.g. fingerprint) or something you possess (e.g. USB stick) and can also employ a certificate system that adds a distinct third layer to the authentication process?
Two-factor authentication
Florian recently purchased a set of domain names that are similar to those of legitimate websites and used the newly purchased sites to host malware. Which type of attack is Florian using?
Typosquatting
An attacker attempting to break into a facility pulls the fire alarm to distract the security guard manning an entry point. Which type of social engineering attack is the attacker using?
Urgency
Which one of the following is NOT a commonly accepted best practice for password security?
Use at least six alphanumeric characters.
Which one of the following is typically used during the identification phase of a remote access connection?
Username
Dawn is selecting an alternative processing facility for her organization's primary data center. She would like to have a facility that balances cost and switchover time. What would be the best option in this situation?
Warm site
Which of the following is the mechanism on a Windows server where you can administer granular policies and permissions on a Windows network using role-based access?
Windows Group Policy
Which of the following is a protocol analyzer tool (sometimes called a "packet sniffer") that is used to capture IP traffic from a variety of sources?
Wireshark
Which of the following is a graphical interface for Nmap that is typically used during the scanning phase of the ethical hacking process?
Zenmap
Which of the following is a port scanning tool that can quickly identify hosts and detect what operating system and services are running on them?
Zenmap
Which of the following is used to perform a scan of the network and create a network topology chart?
Zenmap
Which type of attack against a web application uses a newly discovered vulnerability that is not patchable?
Zero-day attack
The Microsoft Security Baseline Analyzer is:
available free of charge.
Zenmap's Topology tab displays a __________ that shows the relative size and connection type of all discovered IP hosts.
bubble chart
Keeping up with technology advances, newly discovered vulnerabilities, and system updates is best done through:
change control management.
Within the virtual environment, a Remote Desktop Connection and PuTTY are the two ways to:
connect to the Linux terminal.
Based on your interpretation of the Zenmap Intense Scan, the purpose/results of the Traceroute was to:
discover the IP path to the remote system.
Much of the policy revealed in the "Password must meet complexity requirements" window:
enforces current best practices—with the exception of password length.
Which one of the following is an example of a disclosure threat?
espionage
By default, Windows will:
inherit the permissions of the parent folder so that all subfolders will have the same permissions as the parent.
Conducting a vulnerability scan on entire subnets:
is time consuming and noisy (making them easily detected).
Based on your interpretation of the Zenmap Intense Scan, the purpose/results of the Service Scan was to:
look for fingerprints of known services by testing responses to certain types of packets.
Active Directory:
makes the process of accessing machines that are not on the domain much easier.
Windows Group Policy can be used __________ to control access to many local computer and network resources such as drives, Internet access, kiosk mode, etc.
on either a local or domain level
The raw data from the Nmap Output tab is grouped into a more readable form:
on the Ports/Hosts and Host Details tab for each host in the scan.
To be effective, hackers and cybercriminals:
only need to know one vulnerability, or how to use one automated tool that attacks that vulnerability
Tony is working with a law enforcement agency to place a wiretap pursuant to a legitimate court order. The wiretap will monitor communications without making any modifications. What type of wiretap is Tony placing?
passive wiretap
Using Group Policy Objects, __________ can be set within Active Directory and automatically enforced.
password policies
The Microsoft Security Baseline Analyzer __________ scores the severity of each vulnerability and offers suggestions for addressing each of the vulnerabilities found.
report
A successful __________ assessment of a network is all about using the right tools to map the network and identify any vulnerabilities that can be the opening for a future attack.
scanning and vulnerability
The ___________ is the central part of a computing environment's hardware, software, and firmware that enforces access control.
security kernel
In which type of attack does the attacker attempt to take over an existing connection between two systems?
session hijacking
If it is impractical to place guest users in a secure network, isolated from the production network by firewall barriers, then:
specific areas of access should be determined and they should be as restrictive as possible.
The availability of commands in the Cisco IOS (Internetwork Operating System) is based on:
the privilege level of the user.
Microsoft Windows Active Directory provides capabilities in all three of the C-I-A areas, and the domain administrator will be called upon to implement:
the roles of Confidentiality and Integrity most frequently
Which of the following is a key function in the Cisco IOS (Internetwork Operating System)?
the show command
Change control management should be focused on:
the three core goals of confidentiality, integrity, and availability (C-I-A) of information
What type of malicious software masquerades as legitimate software to entice the user to run it?
trojan horse
You can limit the breadth and scope of a vulnerability scan by:
using a text file, which lists only the hosts you want to scan
In what software development model does activity progress in a lock-step sequential process where no phase begins until the previous phase is complete?
waterfall
Yuri is a skilled computer security expert who attempts to break into the systems belonging to his clients. He has permission from the clients to perform this testing as part of a paid contract. What type of person is Yuri?
white-hat hacker
Ethical hackers must obtain __________ prior to performing a scanning and vulnerability assessment on a live production network.
written authorization from the client