Info Sec Chapter 3 & 4 Quiz
The first step in creating a comprehensive disaster recovery plan (DRP) is to document likely impact scenarios. True False
False
Using a secure logon and authentication process is one of the six steps used to prevent malware. True False
True
Bob is using a port scanner to identify open ports on a server in his environment. He is scanning a web server that uses Hypertext Transfer Protocol (HTTP). Which port should Bob expect to be open to support this service? 21 23 80 443
80
The Children's Online Privacy Protection Act (COPPA) restricts the collection of information online from children. What is the cutoff age for COPPA regulation? 11 13 15 18
13
Which one of the following is the best example of an authorization control? Biometric device Digital certificate Access control lists One-time password
Access control lists
Brian notices an attack taking place on his network. When he digs deeper, he realizes that the attacker has a physical presence on the local network and is forging Media Access Control (MAC) addresses. Which type of attack is most likely taking place? Address Resolution Protocol (ARP) poisoning Internet Protocol (IP) spoofing URL hijacking Christmas attack
Address Resolution Protocol (ARP) poisoning
Which password attack is typically used specifically against password files that contain cryptographic hashes? Brute-force attacks Dictionary attacks Birthday attacks Social engineering attacks
Birthday attacks
Which one of the following is an example of a disclosure threat? Espionage Alteration Denial Destruction
Espionage
Denial of service (DoS) attacks are larger in scope than distributed denial of service (DDoS) attacks. True False
False
Most enterprises are well prepared for a disaster should one occur. True False
False
Which type of denial of service attack exploits the existence of software flaws to disrupt a service? SYN flood attack Smurf attack Logic attack Flooding attack
Logic attack
A disaster recovery plan (DRP) directs the actions necessary to recover resources after a disaster. True False
True
A man-in-the-middle attack takes advantage of the multihop process used by many types of networks. True False
True
A phishing email is a fake or bogus email intended to trick the recipient into clicking on an embedded URL link or opening an email attachment. True False
True
An alteration threat violates information integrity. True False
True
Failing to prevent an attack all but invites an attack. True False
True
Remote wiping is a device security control that allows an organization to remotely erase data or email in the event of loss or theft of the device. True False
True
Rootkits are malicious software programs designed to be hidden from normal methods of detection. True False
True
The term risk management describes the process of identifying, assessing, prioritizing, and addressing risks. True False
True
The tools for conducting a risk analysis can include the documents that define, categorize, and rank risks. True False
True
What is the first step in a disaster recovery effort? Respond to the disaster. Follow the disaster recovery plan (DRP). Communicate with all affected parties. Ensure that everyone is safe.
Ensure that everyone is safe.
Barry discovers that an attacker is running an access point in a building adjacent to his company. The access point is broadcasting the security set identifier (SSID) of an open network owned by the coffee shop in his lobby. Which type of attack is likely taking place? Evil twin Wardriving Bluesnarfing Replay attack
Evil twin
Which type of attack involves the creation of some deception in order to trick unsuspecting users? Interception Interruption Fabrication Modification
Fabrication
Which one of the following is an example of a direct cost that might result from a business disruption? Damaged reputation Lost market share Lost customers Facility repair
Facility repair
A rootkit uses a directed broadcast to create a flood of network traffic for the victim computer. True False
False
A security policy is a comparison of the security controls you have in place and the controls you need in order to address all identified threats. True False
False
An attacker uses exploit software when wardialing. True False
False
The main difference between a virus and a worm is that a virus does not need a host program to infect. True False
False
The term risk methodology refers to a list of identified risks that results from the risk-identification process. True False
False
Betsy recently assumed an information security role for a hospital located in the United States. What compliance regulation applies specifically to health care providers? FFIEC FISMA HIPAA PCI DSS
HIPAA
Which one of the following is an example of a reactive disaster recovery control? Moving to a warm site Disk mirroring Surge suppression Antivirus software
Moving to a warm site
What is NOT a commonly used endpoint security technique? Full device encryption Network firewall Remote wiping Application control
Network firewall
Maria's company recently experienced a major system outage due to the failure of a critical component. During that time period, the company did not register any sales through its online site. Which type of loss did the company experience as a result of lost sales? Replacement cost Opportunity cost Manpower cost Cost of good sold
Opportunity cost
Tony is working with a law enforcement agency to place a wiretap pursuant to a legitimate court order. The wiretap will monitor communications without making any modifications. What type of wiretap is Tony placing? Active wiretap Between-the-lines wiretap Piggyback-entry wiretap Passive wiretap
Passive wiretap
Which tool can capture the packets transmitted between systems over a network? Wardialer OS fingerprinter Port scanner Protocol analyzer
Protocol analyzer
Alan is developing a business impact assessment for his organization. He is working with business units to determine the maximum allowable time to recover a particular function. What value is Alan determining? Recovery time objective (RTO) Recovery point objective (RPO) Business recovery requirements Technical recovery requirements
Recovery time objective (RTO)
George is the risk manager for a U.S. federal government agency. He is conducting a risk assessment for that agency's IT risk. What methodology is best suited for George's use? Risk Management Guide for Information Technology Systems (NIST SP800-30) CCTA Risk Analysis and Management Method (CRAMM) Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) ISO/IEC 27005, "Information Security Risk Management"
Risk Management Guide for Information Technology Systems (NIST SP800-30)
What is NOT one of the three tenets of information security? Confidentiality Integrity Safety Availability
Safety
Which term describes an action that can damage or compromise an asset? Risk Vulnerability Countermeasure Threat
Threat
What type of malicious software masquerades as legitimate software to entice the user to run it? Virus Worm Trojan horse Rootkit
Trojan horse
In a Bring Your Own Device (BYOD) policy, the user acceptance component may include separation of private data from business data. True False
True
The Government Information Security Reform Act (Security Reform Act) of 2000 focuses on management and evaluation of the security of unclassified and national security systems. True False
True
The Gramm-Leach-Bliley Act (GLBA) addresses information security concerns in the financial industry. True False
True
The business impact analysis (BIA) identifies the resources for which a business continuity plan (BCP) is necessary. True False
True
Dawn is selecting an alternative processing facility for her organization's primary data center. She would like to have a facility that balances cost and switchover time. What would be the best option in this situation? Hot site Warm site Cold site Primary site
Warm site
Which type of attack against a web application uses a newly discovered vulnerability that is not patchable? SQL injection Cross-site scripting Cross-site request forgery Zero-day attack
Zero-day attack
Vishing is a type of wireless network attack. True False
False
What compliance regulation applies specifically to the educational records maintained by schools about students? Family Education Rights and Privacy Act (FERPA) Health Insurance Portability and Accountability Act (HIPAA) Federal Information Security Management Act (FISMA) Gramm-Leach-Bliley Act (GLBA)
Family Education Rights and Privacy Act (FERPA)