ITN 260 FINAL!!!

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

Security identifier (SID) for the user or group account or logon session Access mask that specifies access rights controlled by ACE Flag that indicates type of ACE Set of flags that determine whether objects can inherit permissions What structure is this (windows)?

ACE Structure

Provides visual representation of potential attacks Drawn as an inverted tree structure What is this called?

Attack tree

Uses more flexible polices than Rule-Based AC Can combine attributes Policies can take advantage of attributes such as: Object attributes Subject attributes Environment attributes what access control method is this?

Attribute-Based Access Control (ABAC)

Checking the credentials Example: examining the delivery driver's badge This is an example of what?

Authentication

Where you are Example: a military base What you have Example: key fob to lock your car What you are Example: facial characteristics recognized What you know Example: combination to health club locker What you do Example: do something to prove authenticity These are types of?

Authentication credentials

Granting permission to take action Example: allowing delivery driver to pick up package This is an example of what?

Authorization

ensures that only preapproved apps can run on the device This is called?

Application whitelisting

Similar to lattice model Subjects may not create a new object or perform specific functions on lower level objects Security levels What implementation of MAC is this?

Bell-LaPadula (BLP) model

Process of inventorying items with economic value Common assets: People Physical assets Data Hardware Software Factor's to consider in determining value How critical the asset is to the goals of organization How much revenue asset generates How difficult to replace asset Impact of asset unavailability to the organization This is what aspect of vulnerability assessment?

Asset identification

a.Inventory the assets b.Determine the assets' relative value This is what step in risk mitigation

Asset identification, step 1

What is used by nearly all wireless AP vendors and permits or blocks device based on the MAC address?

MAC address filtering

An attacker can intercept the NFC communications between devices and forge a fictitious response. The defense to this is Devices can be configured in pairing so one device can only send while the other can only receive What kind of bluetooth attack is this?

Man-in-the-middle attack

What common EAP protocol simplifies deployment of 802.1x by using Windows logins and passwords. Creates encrypted channel between client and authentication server.

PEAP

Contains information that other devices can read but does not read or receive any information (example, NFC tag - sign on a wall) What kind of NFC device is this?

Passive

Manager who oversees data privacy compliance and manages data risk Ensures the enterprise complies with data privacy laws and its own privacy policies EXAMPLE: Decides that users can have permission to access SALARY.XLSX What role is this?

Privacy Officer

Used to identify and mitigate privacy risks this is called?

Privacy impact assessment (PIA)

Can determine if a system contains personally identifiable information (PII) This is called?

Privacy threshold assessment

A system of cable conduits used to protect classified information that is being transmitted between two secure areas Created by the U.S. Department of Defense (DOD) What is this called?

Protected Distribution Systems (PDS)

Hardware or software that captures packets t decode and analyze contents Also known as sniffers Common uses: Used by network administrators for troubleshooting Characterizing network traffic Security analysis This is called what?

Protocol analyzer

A matrix or two-dimensional barcode which can be read by an imaging device Applications for these codes include: Product tracking, item identification, time tracking, document management, and general marketing What is this called?

QR Code

uses an "educated guess" based on observation Typically assigns a numeric value (1-10) or label (High, Medium, or Low) that represents the risk This is calleD?

Qualitative risk calculation

What kind of Wireless Denial of Service attack is this? attackers use intentional RF interference to flood the RF spectrum with enough interference to prevent a device from communicating with the AP

RF Jamming

Commonly used to transmit information between employee identification badges, inventory tags, book labels, and other paper- based tags that can be detected by a proximity reader What is this?

Radio Frequency Identification (RFID)

Nested-level RAID Mirrored array whose segments are RAID 0 arrays Can achieve high data transfer rates Minimum 5 drives What Raid level is this?

Raid 0+1

Disk mirroring used to connect multiple drives to the same disk controller card Action on primary drive is duplicated on other drive Primary drive can fail and data will not be lost Minimum drives is 2. What raid level is this?

Raid 1 (mirroring)

Distributes parity (error checking) across all drives Data stored on one drive and its parity information stored on another drive Minimum 3 drives

Raid 5 (independent disks with distributed parity)

Creates a large pregenerated data set of candidate digests Can be used repeatedly Faster than dictionary attacks Less memory on the attacking machine is required this is what kind of password attack

Rainbow table

the slack between the end of the logical file and the rest of that sector is called?

Ram Slack

Maximum length of time organization can tolerate between backups

Recovery point objective (RPO)

Length of time it will take to recover backed up data

Recovery time objective (RTO)

Developed in 1992 Became an industry standard Originally designed for remote dial-in access to a corporate network Dial up. What is this?

Remote Authentication Dial In User Service (RADIUS)

The potential for loss, damage or destruction of an asset is?

Risk

Determine damage that would result from an attack Assess the likelihood that the vulnerability is a risk to organization This is what aspect of the vulnerability assessment?

Risk assessment

a.Estimate impact of vulnerability on organization b.Calculate risk likelihood and impact of the risk This is what step in risk mitigation?

Risk assessment, step 4

Determine what to do about risks Determine how much risk can be tolerated. This is what aspect of the vulnerability assessment?

Risk mitigation

a.Decide what to do with the risk This is what step in risk mitigation?

Risk mitigation, step 5

Once a suspicious signal is detect by a wireless probe. The information is sent to a centralized database where WLAN management system software compares it to a list of approved APs Any device not on the list is considered a __________

Rogue AP

What kind of AP attack is this? An unauthorized access point that allows an attacker to bypass network security configurations. Usually set up by an insider (employee). May be set up behind a firewall, opening the network to attacks.

Rogue access point

Also called Non-Discretionary Access Control Access permissions are based on user's job function This role assigns permissions to particular roles in an organization Users are assigned to those roles what access control method is this?

Role Based Access Control (RBAC)

Wireless Device Probe Desktop Probe Access Point Probe Dedicated Probe What tools are these?

Rouge AP (Access Point) Tools

Dynamically assigns roles to subjects based on a set of rules defined by a custodian What access control method is this?

Rule-Based Role-Based Access Control (RB-RBAC)

Penetration testing authorization should be obtained Reasons authorization should be obtained: Legal authorization Indemnification Limit retaliation these are called

Rules of engagment?

used to monitor and control a plant or equipment in industries such as telecommunications, water and waste control, energy, oil and gas refining and transportation. Mulitple ICS are managed by Larger supervisory control and data acquisition What is this called?

SCADA

Disabling ______ broadcast so that only people you've given your ____to can access the network.

SSID, SSID

What kind of Wireless denial of service attack is this? attackers craft a fictitious frame that pretends to come from a trusted client when it actually comes from the attacker

Spoofing

Uses a person's unique physical characteristics for authentication Face, hand, or eye characteristics are used to authenticate What kind of biometrics is this?

Standard

those actions and conduct that are considered normal

Standard operating procedures (SOP)

Tools that examine software without executing the program Just the source code is reviewed and analyzed What is this called?

Static program analyzers

a fenced secure waiting station area Such as an area that can contain visitors to a facility until they can be approved for entry what is this called?

Cage

Intentionally configured with vulnerabilities Contains bogus data files Goal: to trick attackers into revealing their techniques Can then be determined if actual production systems could thwart such an attack This is called?

Honeypot

Genrally run by a commercial disaster recovery service Duplicate of the production site Has all needed equipment Data backups can be moved quickly to the hot site this is what kind of recovery site?

Hot

Used to reduce heat by managing air flow Servers lined up in alternating rows with cold air intakes facing one direction and hot air exhausts facing other direction this is called?

Hot aisle/cold aisle layout

This standard specifies security mechanisms for wireless networks, replacing the short Authentication and privacy clause of the original standard with a detailed Security clause. A unified approach to WLAN security. What is this?

IEEE 802.11i

Presenting credentials Example: delivery driver presenting employee badge This is a example of what?

Identification

What type of Access Point is this? A WLAN using a AP is operating in______

Infrastructure Mode

Authentication system developed at MIT Uses encryption and authentication for security Works like using a driver's license to cash a check Ticket system. What is this?

Kerberos authentication

A specialized password hash algorithm that is intentionally designed to be slower Two algorithms: brypt and PBKDF2 What is this password protecting method?

Key Stretching

When a program is used to intentionally gather this information Can be used as an assessment tool to perform an inventory on the services and systems operating on a server this is called

banner grabbing

large concrete ones should be used, what is this called

barricade

The process of authenticating the information supplied to a potential employer by a job applicant in the applicant's resume, application, and interviews

background check

List potential threats that come from threat agents A threat agent is any person or thing with the power to carry out a threat against an asset This is what aspect of the vulnerability assessment?

Threat evaluation

a.Classify the threats by category b.Design attack tree This is what step in risk mitigation?

Threat identification, step 2

Goal: understand attackers and their methods Often done by constructing threat scenarios This is called what?

Threat modeling

Stores sensitive applications and data on a remote server that is accessed through a smartphone Users can customize the display of data as if the data were residing on their own device Enterprise can centrally protect and manage apps and data on server instead of distributing to smartphones This is called?

Virtual desktop infrastructure (VDI)

Determine current weaknesses Takes a snapshot of current organization security Every asset should be viewed in light of each threat Catalog each vulnerability This is what aspect of the vulnerability assessment?

Vulnerability appraisal

a.Determine current weaknesses in protecting assets b. Use vulnerability assessment tools This is what step in risk mitigation?

Vulnerability appraisal, step 3

What is this? an IEEE 802.11 security protocol designed to ensure that only authorized parties can view transmissions and Encrypts plaintext into ciphertext.

WEP

Introduced in 2003 by the Wi-Fi Alliance A subset of IEEE 802.11i Two modes: Personal Enterprise Addresses both encryption and authentication What is this?

WPA

When a user is using more than one type of authentication credential Example: what a user knows and what a user has could be used together for authentication This is called?

multifactor authentication

"Rules" that have been established for creating account names Options typically include: First initial of first name followed by last name, First name with a punctuation mark followed by last name Last name followed by department code This is called?

naming conventions

Actions to be taken when an employee leaves an enterprise Steps include: Back up all employee files from local computer and server Archive email Forward email to a manager or coworker Hide the name from the email address book Orphaned accounts Dormant Accounts what is this called?

offboarding

Always running off its battery while main power runs battery charger Not affected by dips or sags in voltage Can serve as a surge protector what kind of UPS is this?

on-line

Refers to the tasks associated with hiring a new employee Steps: Scheduling Job duties Socializing Work space Training What is this called?

onboarding

Most organizations store their off-site backups using an ______

online cloud repository

Register, cache, peripheral memory - First Random access Memory - Second Network State - third Running processes - Fourth these are examples of

orders of volatility

Person responsible for the information Determines the level of security needed for the data and delegates security duties as required EXAMPLE: Determines that the file SALARY.XLSX can be read only by department managers what role is this?

owner

can identify the current software OS and applications being used on the network and indicate which devices might have a vulnerability what kind of vulnerability scanner is this?

passive

Password generators Online Vaults Password management applications These are types of?

password managers

Designed to exploit system weaknesses Relies on tester's skill, knowledge, cunning Usually conducted by independent contractor Tests are usually conducted outside the security perimeter May even disrupt network operations what kind of testing is this?

penetration testing

The state or condition of being free from public attention to the degree that you determine The right to be left alone to the level that you choose This is called?

privacy

Which is the use of duplicated equipment to improve the availability of a system The solution to fault tolerance. This is called?

redundancy

Users can circumvent built-in limitations on smartphones to download from an unofficial third-party app store This is called what on Android devices?

rooting

a testing environment that isolates the untested code from the live production environment Looks for errors after the program has compiled correctly and is running What is this called?

runtime code testing in a sandbox

What is a software security update to repair discovered vulnerabilities

security patch

A written document that states how an organization plans to protect the company's information technology assets Outlines the protections that should be enacted to ensure the organization's assets face minimal risk Having this empowers an organization to take appropriate action to safeguard its data What is this?

security policy

Fraud can result from a single user being trusted with complete control of a process Requires two or more people responsible for functions related to handling money The system is not vulnerable to actions of a single person this is called?

separation of duties

Anything that can exploit a vulnerability, intentionally or accidentally, and obtain, damage, or destroy an asset.

threat

can be used to limit when a user can log into their account This is called?

time-of-day restrictions

Used to create a one-time password (OTP) Authentication code that can be used only once or for a limited period of time Hardware security token Typically a small device with a window display Software security token Stored on a general-purpose device like a laptop computer or smartphone These are all types of?

tokens

Do not use a webcam in any room where private activities take place Place a piece of electrical tape over the lens of a webcam when not in use Only allow permission to access the camera or microphone for apps that require that use Periodically review app permissions on the device and turn off those permissions that are not necessary This is basic precautions for?

unauthorized recording.

Backs up any data that has changed since last full backup

differential backup

A directory service is a database stored on a network Contains information about users and network devices Keeps track of network resources and user's privileges to those resources Grants or denies access based on its information Standard for directory services is known as X.500 Purpose of the standard was to standardize how the data was stored so that any computer system could access directories this is called?

(LDAC) Lightweight Directory Accesss Protocol

Should always be three different copies of backups on at least two different types of storage media and one of the backups should be stored at a different location this is called

3-2-1 back up plan

In 1997 Institute of Electrical and Electronics Engineers (IEEE) released the standard for Wireless local area networks (WLAN) What is this?

802.11

Policy that defines actions users may perform while accessing systems Users include employees, vendors, contractors, and visitors Typically covers all computer use, including mobile devices Unacceptable use may also be outlined by the AUP Generally considered most important information security policy what kind of security policy is this?

Acceptable use policy (AUP)

Antenna and radio transmitter/receiver send and receive wireless signals. Bridging software to interface wireless devices to other devices. Wired network interface allows it to connect by cable to standard wired network. The functions: Acts as "base station" for wireless network Acts as a bridge between wireless and wired networks Can connect to wired network by a cable What is this?

Access Point

Standards that provide a predefined framework for hardware or software developers Use the appropriate model to configure the necessary level of control This is called?

Access control model

Can read information as well as transmit data (smartphone transmitting encrypted credit card info to a POS terminal). Bluetooth uses radio waves, NFC uses electromagnetic radio waves What NFC Device is this?

Active

What type of Access Point is this? Networks that are not using an AP operate in_______ Devices can only communicate between themselves and cannot connect to another network

Ad-Hoc Mode

Historical data can be used to determine the likelihood of a risk occurring within a year

Annualized Rate of Occurrence (ARO)

expected monetary loss that can be expected for an asset due to risk over a one-year period

Annualized loss expectancy (ALE)

Software that examines a computer for infections Scans new documents that might contain viruses Searches for known virus patterns What is this?

Antivirus

An attack that sends unsolicited messages to Bluetooth- enabled devices Text messages, images, or sounds considered more annoying than harmful No data is stolen What kind of attack is this called?

Bluejacking

An attack that accesses unauthorized information from a wireless device through a Bluetooth connection. Often between cell phones and laptops. Attacker copies e-mails, contacts, or other data by connecting to the Bluetooth device without owner's knowledge. What kind of bluetooth attack is this called?

Bluesnarfing

Wireless technology that uses short-range radio frequency (R F) transmissions Provides rapid device pairings Example: smartphone and a Bluetooth mouse Personal Area Network (PAN) technology What is this?

Bluetooth

short but sturdy vertical post that is used as a vehicular traffic barricade to prevent a car from "ramming" into a secured area what is this called?

Bollard

Allows users to use their own personal mobile devices for business purposes Employees have full responsibility for choosing and supporting the device This model is popular with smaller companies or those with temporary staff. This is called?

Bring your own device (BYOD)

the process of: Identifying exposure to threats Creating preventative and recovery procedures Testing them to determine if they are sufficient consists of three essential elements Business recovery planning Crisis management and communications Disaster recovery This is called?

Business Continuity Planning (BCP)

Issued by US Department of Defense Bar code, magnetic strip, and bearer's picture What is this?"

CAC card

Video surveillance cameras transmit a signal to a specific and limited set of receivers What is this called?

CCTV

Methodology for making modifications and keeping track of changes Ensures proper documentation of changes so future changes have less chance of creating a vulnerability Involves all types of changes to information systems

Change management

Employees choose from a limited selection of approved devices but the employee pays the upfront cost of the device while business own contract Employees are offered a suite of choices that the company has approved for security, reliability, and durability Company often provides a stipend to pay monthly fees to wireless carrier This is called?

Choose your own device (CYOD)

Combining two or more devices to appear as a single unit

Clustering

Employees choose from a selection of company approved devices Employees are supplied the device chosen and paid for by the company Company decides level of choice and freedom for employees This is called?

Corporate owned, personally enabled (COPE)

Device is purchased and owned by the enterprise Employee use the phone only for company- related business Enterprise is responsible for all aspects of the device This is called?

Corporate-owned

Provides credentials (username and password) to the scanner so tests for additional internal vulnerabilities can be performed this is what kind of vulnerability scan?

Credentialed vulnerability scan

Individual to whom day- to-day actions have been assigned by the owner Periodically reviews security settings and maintains records of access by end users EXAMPLE: Sets and reviews security settings on SALARY.XLSX what role is this?

Custodian or steward

Least restrictive model Every object has an owner Owners have total control over their objects Owners can give permissions to other subjects over their objects Used on operating systems such as most types of UNIX and Microsoft Windows What kind of access control method is this?

Discretionary Access Control (DAC)

helps prevent computers from becoming infected by different types of spyware

antispyware

Attackers can "bump" a portable reader to a user's smartphone in a crowd to make an NFC connection and steal payment information stored on the phone? The defense to this is This can be prevented by turning off NFC while in a large crowd What kind of Bluetooth attack is this?

Data theft

The theft of a smartphone could allow an attacker to use that phone for purchases. What bluetooth attack is this?

Device theft

Attacker creates digests of common dictionary words Compares against stolen digest file Pre-image attack - a dictionary attack that uses a set of dictionary words and compares it with the stolen digests Birthday attack - the search for any two digests that are the same This is called what kind of password attack?

Dictionary attack

Focuses on protecting and restoring information technology functions Written document detailing process for restoring IT resources: Following a disruptive event Comprehensive in scope Intended to be a detailed document that is updated regularly This is called?

Disaster Recovery Plan (DRP)

What kind of Access point attack is this? AP set up by an attacker Attempts to mimic an authorized AP Attackers capture transmissions from users to evil twin AP

Evil twin

Unencrypted NFC communication between the device and terminal can be intercepted and viewed. The defense to this is Because an attacker must be extremely close to pick up the signal, users should remain aware of their surroundings while making a payment What kind of bluetooth attack is this?

Eavesdropping

Caused by a short-duration burst of energy by the source called an electromagnetic pulse (EMP)

Electromagnetic interference (EMI)

A framework for transporting authentication protocols is known as? Defines the format of the messages Uses four types of packets: Request, response, success, and failure

Extensible Authentication Protocol (EAP)

Refers to a system's ability to deal with malfunctions this is called?

Fault tolerance

Using a single authentication credential shared across multiple networks. when networks are owned by different organizations, this is called?

Federated Identity Management (FIM)

usually a tall, permanent structur and is equipped with other deterrents such as proper lighting and signage. This is called what?

Fencing

Formal contractual relationships as they related to security policy and procedures

interoperability agreements

Secure the crime scene Preserve the evidence Establish a chain of custody Examine the evidence Enable recovery These are 5 steps to?

Forensic Procedures

Starting point for all backups

Full backup

Settings are stored in _________ in Group Policy

Group Policy Objects

Maintain temperature and relative humidity at required levels

HVAC system

A set of written instructions for reacting to a security incident

Incident response plan (IRP)

Connecting any device to the Internet for the purpose of sending and receiving data to be acted upon Includes: Wearable technology and multifunctional devices This is called?

Internet of Things (IoT

Most vendors are concerned with making products as inexpensive as possible, leaving out security protections Devices that do have security capabilities implemented have notoriously weak security These devices have been designed with the capacity for being updated to address exposed security vulnerabilities This and embedded systems that can receive patches often see long gaps between the discovery of the vulnerability and a patch being applied What are these risks for ?

Internet of Things (IoT)

In WEP the ________ is only 24 of the 64 and 128 bit to encrypt. Short length make this easier to break

Intialization vector (IV)

Most restrictive access control model User has no freedom to set any controls or distribute access to other subjects Typically found in military settings Two elements Labels - Every entity is an object and is assigned a classification label that represents the relative importance of the object Subjects are assigned a privilege label (clearance) Levels - a hierarchy based on the labels is used Top secret has a higher level than secret, which has a higher level than confidential what access control method is this?

Mandatory access control (MAC)

What kind of wireless denial of service attack is this? attackers send a frame with the duration field set to a high value, preventing other devices from transmitting for that period of time

Manipulating duration field values.

Separates a secured from a nonsecured area. monitors and controls two interlocking doors Only one door may open at any time

Mantrap

It represents the length of time that an item is expected to last.

Mean time to Failure (MTTF)

describes an agreement between two or more parties

Memorandum of understanding

data about data

Metadata

to guarantee accuracy, rely upon hashing algorithms as part of the validation process meets evidence standards and is a way to copy the hard-drive

Mirror image or bit-stream back up

Tools that allow a device to be managed remotely by an organization Usually involve: A server component that sends out management commands to mobile devices A client component to receive and implement the management commands What is this called?

Mobile device management (MDM)

The action taken by the subject over an object Example: deleting a file

Operation

Determining an object's change in position in relation to its surroundings. What is this called?

Motion Detection

• A set of standards used to establish communication between devices in close proximity. Once devices are brought within 4 cm of each other or tapped together. Two-way communication is established. What is this?

NFC

Can be used to create visual maps of the network that also identify vulnerabilities that need correction This is calleD?

Network mapping scanner(NMAP)

a legal contract that specifies how confidential material will be shared between parties but restricted to others

Non-disclosure agreement (NDA)

Disabling unnecessary ports and services Disabling default accounts/passwords Employing least functionality Application whitelisting/blacklisting These are typical ______________

OS Security configurations

A specific resource Example: file or hardware device This is an example of what?

Object

Least expensive, simplest solution Charged by main power supply Begins supplying power quickly when primary power is interrupted Switches back to standby mode when primary power is restore What kind of UPS is this?

Off-line

Designed to exploit any weaknesses in systems that are vulnerable this is called?

Penetration testing

exploits vulnerabilities in your system architecture. This is called?

Penetration testing

The smart card standard covering all U.S. government employees is the? Used by civilian users working for the Federal government.

Personal Identity Verification (PIV)

Generally covers three important elements: Using company email to send personal email messages Accessing personal email at a place of employment Forwarding company emails to a personal account what kind of security policy is this?

Personal email policy

Established when two Bluetooth devices come within range of each other One device (master) controls all wireless traffic Other device (slave) takes commands Active slaves are sending transmissions Parked slaves are connected but not actively participating What is this called?

Piconet Attack

Searches system for port vulnerabilities Used to determine port state Open, closed, orblocked What tool is this?

Port scanner

- Consists of a random string that is used in hash algorithms Passwords can be protected by adding a random strong to the user's cleartext password before it is hashed Make dictionary attacks and brute force attacks much slower and limit the impact of rainbow tables What is this password protecting method?

Salts

Disable Unused Features Use Strong Authentication Restrict unauthorized users with a screen lock and require a strong passcode Screen Lock Lock screen prevents device from being used until the user enters the correct passcode Set screen to lock after a period of inactivity Passcode Use a personal identification number (PIN) Use a fingerprint "swipe" on a sensor to unlock the device Draw or swipe a specific pattern connecting dots to unlock the device This is called what?

Secure device configuration

An Extensible Markup Language (XML) standard that allows secure web domains to exchange user authentication and authorization data Allows a user's login credentials to be stored with a single identity provider instead of being stored on each web service provider's server Used extensively for online e-commerce business-to-business (B2B) and business-to-customer (B2C) transactions This is called?

Security Assertion Markup Language (SAML)

This is used to identify user with subsequent interactions with Windows. Windows links this to an integrity level what is this?

Security identifier (SID)

What accumulates security updates and additional features?

Service Pack

specifies what services will be provided and the responsibilities of each party

Service level agreement (SLA)

this holds promise to reduce burden of usernames and passwords to just one What is this called?

Single Sign on

OAuth, Open ID Connect, and Shibboleth are all examples of?

Single Sign on (SSO)

expected monetary loss every time a risk occurs is called?

Single loss expectancy (SLE)

Puts the application under a heavier than normal load to determine if theprogram is robust and can perform all error handling correctly This is called?

Stress testing

A user or process functioning on behalf of a user Example: computer user This is an example of what?

Subject

If malware is planted in the ROM firmware of a device, it can difficult or impossible to clean an infected device. Users may be receiving infected devices at the point of purchase, unaware of the infection. Cannot be easily prevented. These are considered _________ infection risks

Supply chain

The different steps in the supply chain has opened the door for malware to be injected into products during their manufacturing or storage. This is called?

Supply chain infection

U.S. government has developed a classified standard Intended to prevent attackers from picking up electromagnetic fields from government buildings What is this called?

TEMPEST

• Authentication service similar to RADIUS Commonly used on UNIX devices Communicates by forwarding user authentication information to a centralized server This is called?

Terminal Access Control Access Control System (TACAS)

Maintains power to equipment in the event of an interruption in primary electrical power source

Uninterruptible power supply (UPS)

Second generation Introduced in 2004 Base on final IEEE 802.11i Addresses to major security areas of WLAN's: Encryption Authentication

WPA2

Security key is shared between ___________ and _________ in WEP

Wireless client device and AP

A set of permissions attached to an object Specifies which subjects may access the object and what operations they can perform When a subject requests to perform an operation: System checks this for an approved entry what is this called?

access control list (ACL)

Record of individuals who have permission to enter secure area Records time they entered and left. What is this called?

access list

Managing user account passwords Can be done by setting password rules Too cumbersome to manage on a user-by-user basis Security risk if one user setting is overlooked Preferred approach: assign privileges by group (group policy) Microsoft Windows group password settings Password Policy Settings Account Lockout Policy These are examples of _________

account management practices

Employee accounts Creating location-based policies Establishing standard naming conventions Creating time-of-day restrictions Enforcing least privilege These are important for what kind of setup?

account setup

sends "probes" to network devices and examine the responses received back to evaluate whether a specific device needs remediation what kind of vulnerability scanner is this?

active

processes for developing and ensuring that policies and procedures are carried out this is what kind of security control type?

administrative controls

Mail gateway - monitors emails for spam and other unwanted content Some spam can slip through This filtering software traps spam

antispam

a standby server performs no function except to be ready if needed Used for databases, messaging systems, file and print services what kind of server cluster is this?

asymmetric

Authenticates by normal actions the user performs Keystroke dynamics Attempts to recognize user's typing rhythm All users type at a different pace Provides up to 98 percent accuracy Uses two unique typing variables Dwell time (time it takes to press and release a key) Flight time (time between keystrokes) Holds a great amount of potential It requires no specialized hardware What kind of biometrics is this?

behavioral

Use a strong random number generator to create a salt of at least 128 bits Input the salt and the user's plaintext password into the PBKDF2. Algorithm that is using HMAC-SHA-256 as the core hash. Perform at least 30,000 iterations on PBKDF2 Capture the first 256 bits of output from PBKDF2 as the password digest Store the iteration count, the salt, and the password digest in a secure password database These are what?

best practices for password security

Data and subjects are grouped into ordered levels of integrity what security model is this?

biba

tester has no prior knowledge of network infrastructure what kind of test is this?

black box

Nonapproved senders are also known as

black list

identifies business functions and quantifies the impact a loss of these functions may have on business operations These range from: Impact on property (tangible assets) Impact on finance (monetary funding) Impact on safety (physical protection) Impact on reputation (status) Impact on life (wellbeing) this is called?

business impact analysis (BIA)

Documents that the evidence was maintained under strict control at all times No unauthorized person was given opportunity to corrupt the evidence

chain of custody

combination locks that use buttons that must be pushed in the proper sequence Can be programmed to allow a certain individual's code to be valid on specific dates and times What kind of lock is this?

cipher lock

Designed to ensure that all confidential or sensitive materials are removed form a user's workspace and secured when the items not in use Either in paper form or electronic This is called?

clean desk policy

Relates to perception, thought process, and understanding of the user Easier for user to remember because it is based on user's life experiences Difficult for an attacker to imitate Requires user to identify specific faces User selects one of several "memorable events what kind of biometrics is this?

cognitive

Provides office space Customer must provide and install all equipment needed to continue operations No backups immediately available Less expensive than a hot site Takes longer to resume full operation this is what kind of recovery site?

cold

Performs continuous backups that can be restored immediately Maintains a historical record of all changes made to data Creates a snapshot of the data (like a reference marker) What is this?

continuous data protection (CDP)

sustained and continual surveillance (automation)

continuous monitoring

Searches for errors that could prevent the application from properly compiling from source code to application code What is this called?

compiled code testing

Who sell the data to interested third parties?

data brokers

Data Sensitive data must be properly labeled If mislabeled, could accidentally be publicly distributed This is called?

data labeling

ermanently destroys the entire magnetic-based drive By reducing or eliminating the magnetic field is called?

degaussing

A software testing technique that deliberately provides invalid, unexpected, or random data as inputs to a program. This is called?

dynamic analysis (fuzzing)

Users can circumvent built-in limitations on smartphones to download from an unofficial third-party app store This is called what on Apple IOS?

jailbreaking

Individuals periodically moved between job responsibilities Employees can rotate within their department or across departments this is called?

job rotation

A "wrap-up" meeting between management representatives and the person leaving an organization either voluntarily or through termination

exit interview

takes advantage of a software vulnerability or security flaw

exploit

Used to replicate attacks during a vulnerability assessment Provides a structure of exploits and monitoring tools This is called?

exploitation framework

Metal enclosure that prevents entry or escape of electromagnetic fields Often used for testing in electronic labs this is called?

faraday cage

What includes enhancements to the software to provide new or expanded functionality? Does not address security vulnerability

feature update

uses the device's GPS to define geographical boundaries where the app can be used

geo-fencing

• Most critical factor in a strong password is length In addition to having long passwords, other recommendations are: Do not use passwords that consist of dictionary words or phonetic words Do not repeat characters or use sequences Do not use birthdays, family member names, pet names, addresses, or any personal information Also, use non-keyboard characters Created by holding down the ALT key while typing a number on the numeric keypad These are all examples of creating a _________?

good password.

some limited information has been provided to the tester what kind of test is this?

gray box

Permits the configuration of multiple computers by setting a single policy for enforcement this is called?

group-based access control

To eliminate as many security risks as possible is the purpose of?

hardening

a network set up with one or more honeypots Set up with intentional vulnerabilities

honeynet

Backs up any data that has changed since last full backup or last incremental backup

incremental backup

Means that only the minimum amount of privileges necessary to perform a job or function should be allocated This is called?

least privilege

Limits fraud, because perpetrator must be present daily to hide fraudulent actions Audit of employee's activities usually scheduled during vacation for sensitive positions This is called?

mandatory vacations

Measures average time until a component fails and must be replaced Can be used to determine number of spare hard drives an organization should keep

mean time between failures (MTBF)

The average amount of time that it will take a device to recover from a failure that is not a terminal failure is called?

mean time to recovery

scans do not use credentials is what kind of vulnerability scan?

non-credentialed vulnerability scan

attempts to create "hard" numbers associated with the risk of an element in a system by using historical data Can be divided into the likelihood of a risk and the impact of a risk being successful this is called?

quantitative risk calculation

reducing paper to fine particles is called?

pulverizing

Users can circumvent built-in limitations on smartphones to download from an unofficial third-party app store This is called what in general?

sideloading

Social media network - grouping individuals and organizations into clusters or groups based on some sort of affiliation Risks of social media: Personal data can be used maliciously Users may be too trusting Accepting friends may have unforeseen consequences Social media security is lax or confusing outlines acceptable employee use of socialmedia be enforced what kind of security policy is this?

social media policy

If one server fails, remaining servers take on failed server's work More cost effective than asymmetric clusters Used for Web, media, and VPN servers what kind of server cluster is this?

symmetric

Simulate an emergency situation but in an informal and stress-free environment This is called

tabletop exercise

security controls carried out or managed by devices this is what kind of security control type?

technical controls

overwriting the disk space with zeros or random data is called?

wiping

Weaknesses or gaps in a security program

vulnerability

checks for known vulnerabilities and generates a report on risk exposure This is called?

vulnerability assessment

All equipment is installed No active Internet or telecommunications facilities No current data backups Less expensive than a hot site Time to turn on connections and install backups can be half a day or more this is what kind of recovery site?

warm

tester has in-depth knowledge of network and systems being tested what kind of test is this?

white box

approved senders are known as

white list

Detects security weaknesses inside the local wireless network with internal vulnerability scanning this is called?

wireless scanner


Set pelajaran terkait

Human Performance & Human Automation Interaction- Quals

View Set

Chapter 3: Visual Displays of Data

View Set

Chapter 16 Mining and Mineral Resources

View Set

Chapter 3: Prenatal Development, Birth, and the Newborn

View Set

PC Pro Chapter 9.1 - Windows System Tools

View Set

Uppers, Downers, and all Arounders (Biomedical Pharmacology EX 2)

View Set

Chapter 12 Economics Gross Domestic Product and Growth

View Set