Security Midterm
Which act requires banks and financial institutions to alert their customers of their policies in disclosing customer information? - Sarbanes-Oxley Act (Sarbox) -Health Insurance Portability and Accountability Act (HIPAA) - Gramm-Leach-Bliley Act (GLBA) - Financial and Personal Services Disclosure Act
- Gramm-Leach-Bliley Act (GLBA)
Abram was asked to explain to one of his coworkers the XOR cipher. He showed his coworker an example of adding two bits, 1 and 1. What is the result of this sum? 1 0 2 16
0
How can an attacker use a hoax? A hoax could convince a user that a bad Trojan is circulating and that he should change his security settings. Hoaxes are not used by attackers today. By sending out a hoax, an attacker can convince a user to read his email more often. A user who receives multiple hoaxes could contact his supervisor for help.
A hoax could convince a user that a bad Trojan is circulating and that he should change his security settings.
Which of the following is NOT correct about a rootkit? A rootkit is always the payload of a Trojan. A rootkit is able to hide its presence or the presence of other malware. The risk of a rootkit is less today than previously. A rootkit accesses "lower layers" of the operating system.
A rootkit is always the payload of a Trojan.
Which of these is the strongest symmetric cryptographic algorithm? Advanced Encryption Standard Triple Data Encryption Standard Data Encryption Standard RC 1
Advanced Encryption Standard
Which tool is most commonly associated with nation state threat actors? Advanced Persistent Threat (APT) Network Spider and Worm Threat (NSAWT) Unlimited Harvest and Secure Attack (UHSA) Closed-Source Resistant and Recurrent Malware (CSRRM)
Advanced Persistent Threat (APT)
If Bob wants to send a secure message to Alice using an asymmetric cryptographic algorithm, which key does he use to encrypt the message? Bob's public key Bob's private key Alice's private key Alice's public key
Alice's public key
Which trust model has multiple CAs, one of which acts as a facilitator? Bridge Hierarchical Distributed Web
Bridge
What is the category of threat actors that sell their knowledge of vulnerabilities to other attackers or governments? Cyberterrorists Brokers Competitors Resource managers
Brokers
An entity that issues digital certificates is a _____. Certificate Authority (CA) Digital Signer (DS) Signature Authority (SA) Certificate Signatory (CS)
Certificate Authority (CA)
A centralized directory of digital certificates is called a(n) _____. Digital Signature Approval List (DSAP) Digital Signature Permitted Authorization (DSPA) Certificate Repository (CR) Authorized Digital Signature (ADS)
Certificate Repository (CR)
Which of the following block ciphers XORs each block of plaintext with the previous block of ciphertext before being encrypted? Electronic Code Book (ECB) Cipher Block Chaining (CBC) Galois/Counter (GCM) Counter (CTR)
Cipher Block Chaining (CBC)
Which of these is NOT a characteristic of a secure hash algorithm? Collisions should be rare. The results of a hash function should not be reversed. The hash should always be the same fixed size. A message cannot be produced from a predefined hash.
Collisions should be rare.
What is the name of the threat actor's computer that gives instructions to an infected computer? Resource server Regulating Net Server (RNS) Command and control (C&C) server Monitoring and Infecting (M&I) server
Command and control (C&C) server
Which of the following ensures that only authorized parties can view protected information? Availability Authorization Confidentiality Integrity
Confidentiality
What entity calls in crypto modules to perform cryptographic tasks? Intermediate CA Certificate Authority (CA) OCSP Chain Crypto service provider
Crypto service provider
Astrid's computer screen suddenly says that all files are now locked until money is transferred to a specific account, at which time she will receive a means to unlock the files. What type of malware has infected her computer? Blocking virus Networked worm Crypto-malware Bitcoin malware
Crypto-malware
Which of the following key exchanges uses the same keys each time? Diffie-Hellman (DH) Elliptic Curve Diffie-Hellman (ECDH) Diffie-Hellman Ephemeral (DHE) Diffie-Hellman-RSA (DHRSA)
Diffie-Hellman (DH)
An organization that practices purchasing products from different vendors is demonstrating which security principle? Obscurity Layering Diversity Limiting
Diversity
What is the difference between a DoS and a DDoS attack? DoS attacks use fewer computers than DDoS attacks DoS attacks are faster than DDoS attacks DoS attacks use more memory than a DDoS attack DoS attacks do not use DNS servers as DDoS attacks do
DoS attacks use fewer computers than DDoS attacks
Which digital certificate displays the name of the entity behind the website? Extended Validation (EV) Certificate X.509 Certificate Online Certificate Status Certificate Session Certificate
Extended Validation (EV) Certificate
Gunnar is creating a document that explains risk response techniques. Which of the following would he NOT list and explain in his document? Transfer risk Mitigate risk Extinguish risk Avoid risk
Extinguish risk
Which the following is NOT a reason why it is difficult to defend against today's attackers? Greater sophistication of defense tools Increased speed of attacks Delays in security updating Simplicity of attack tools
Greater sophistication of defense tools
Olivia was asked to protect the system from a DNS poisoning attack. What are the locations she would need to protect? Reply referrer and domain buffer Web browser and browser add-on Web server buffer and host DNS server Host table and external DNS server
Host table and external DNS server
Which of the following is an enterprise critical asset? Servers, routers, and power supplies Outsourced computing services System software Information
Information
Lykke receives a call while working at the helpdesk from someone who needs his account reset immediately. When Lykke questions the caller, he says, "If you don't reset my account immediately, I will call your supervisor!" What psychological approach is the caller attempting to use on Lykke? Familiarity Consensus Intimidation Scarcity
Intimidation
Which statement is NOT true regarding hierarchical trust models? It assigns a single hierarchy with one master CA. It is designed for use on a large scale. The master CA is called the root. The root signs all digital certificate authorities with a single key.
It is designed for use on a large scale.
What is a characteristic of the Trusted Platform Module (TPM)? It provides cryptographic services in hardware instead of software It is available only on Windows computers running BitLocker It includes a pseudorandom number generator (PRNG) It allows the user to boot a corrupted disk and repair it
It provides cryptographic services in hardware instead of software
At a staff meeting one of the technicians suggested that the enterprise protect its new web server by hiding it and not telling anyone where it is located. Iosif raised his hand and said that security through obscurity was a poor idea. Why did he say that? It is an unproven approach and has never been tested. It would be too costly to have one isolated server by itself. It would be essentially impossible to keep its location a secret from everyone. It depends too heavily upon non-repudiation in order for it to succeed.
It would be too costly to have one isolated server by itself. It would be essentially impossible to keep its location a secret from everyone.
_____ refers to a situation in which keys are managed by a third party, such as a trusted CA. Key escrow Key authorization Trusted key authority Remote key administration
Key escrow
What type of attack intercepts legitimate communication and forges a fictitious response to the sender? MITM interceptor SIDS SQL intrusion
MITM
What type of attack involves manipulating third-party ad networks? Malvertising Directory traversal Clickjacking Session advertising
Malvertising
Alyona has been asked by her supervisor to give a presentation regarding reasons why security attacks continue to be successful. She has decided to focus on the issue of widespread vulnerabilities. Which of the following would Alyona NOT include in her presentation? End-of-life systems Lack of vendor support Large number of vulnerabilities Misconfigurations
Misconfigurations
Signe wants to improve the security of the small business where she serves as a security manager. She determines that the business needs to do a better job of not revealing the type of computer, operating system, software, and network connections they use. What security principle does Signe want to use? Limiting Obscurity Diversity Layering
Obscurity
_____ performs a real-time lookup of a digital certificate's status. Certificate Revocation List (CRL) Online Certificate Status Protocol (OCSP) Real-Time CA Verification (RTCAV) CA Registry Database (CARD)
Online Certificate Status Protocol (OCSP)
Which of the following adds new functionality to the web browser so that users can play music, view videos, or display special graphical images within the browser? Add-ons Extensions Scripts Plug-ins
Plug-ins
Newton is concerned that attackers could be exploiting a vulnerability in software to gain access to resources that the user normally would be restricted from accessing. What type of attack is he worried about? Amplification Session replay Scaling exploit Privilege escalation
Privilege escalation
Which of the following is NOT a successive layer in which information security is achieved? Products Purposes Procedures People
Purposes
Ebba received a message from one of her tech support employees. In violation of company policy, a user had downloaded a free program to receive weather reports, but the program had also installed malware on the computer that gave the threat actor unrestricted access to the computer. What type of malware had been downloaded? virus ransomware Trojan RAT
RAT
Alexei was given a key to a substitution cipher. The key showed that the entire alphabet was rotated 13 steps. What type of cipher is this? ROT13 Alphabetic AES XAND13
ROT13
Illya was asked to recommend the most secure asymmetric cryptographic algorithm to his supervisor. Which of the following did he choose? SHA-2 RSA BTC-2 ME-312
RSA
What are industry-standard frameworks and reference architectures that are required by external agencies known as? Mandatory Compulsory Regulatory Required
Regulatory
What is the latest version of the Secure Hash Algorithm? SHA-2 SHA-4 SHA-5 SHA-3
SHA-3
_____ is a protocol for securely accessing a remote computer. Secure Shell (SSH) Transport Layer Security (TLS) Secure Sockets Layer (SSL) Secure Hypertext Transport Protocol (SHTTP)
Secure Shell (SSH)
Ian recently earned his security certification and has been offered a promotion to a position that requires him to analyze and design security solutions as well as identifying users' needs. Which of these generally recognized security positions has Ian been offered? Security manager Security administrator Security officer Security technician
Security administrator
Adone is attempting to explain to his friend the relationship between security and convenience. Which of the following statements would he use? Security and convenience are not related. Convenience always outweighs security. Security and convenience are inversely proportional. Whenever security and convenience intersect, security always wins.
Security and convenience are inversely proportional.
Which of the following is NOT true regarding security? Security is a process. Security includes the necessary steps to protect from harm. Security is a war that must be won at all costs. Security is a goal.
Security is a war that must be won at all costs.
Which of these could NOT be defined as a logic bomb? Erase all data if Matilda's name is removed from the list of employees. Send spam email to Moa's inbox on Tuesday. If the company's stock price drops below $100, then credit Juni's account with 10 additional years of retirement credit. Reformat the hard drive three months after Sigrid left the company.
Send spam email to Moa's inbox on Tuesday.
_____ are symmetric keys to encrypt and decrypt information exchanged during the session and to verify its integrity. Digital digests Session keys Digital certificates Encrypted signatures
Session keys
Which statement regarding a keylogger is NOT true? Software keyloggers are generally easy to detect. Software keyloggers can be designed to send captured information automatically back to the attacker through the Internet. Keyloggers can be used to capture passwords, credit card numbers, or personal information. Hardware keyloggers are installed between the keyboard connector and computer keyboard USB port.
Software keyloggers are generally easy to detect.
Which of these is considered the strongest cryptographic transport protocol? SSL v2.0 TLS v1.0 TLS v1.2 SSL v2.0
TLS v1.2
Which of the following is defined as following an authorized person through a secure door? Tagging Tailgating Backpacking Caboosing
Tailgating
Why do cyberterrorists target power plants, air traffic control centers, and water systems? The targets are privately owned and cannot afford high levels of security. These targets are government-regulated and any successful attack would be considered a major victory. They can cause significant disruption by destroying only a few targets. These targets have notoriously weak security and are easy to penetrate.
They can cause significant disruption by destroying only a few targets.
Why are extensions, plug-ins, and add-ons considered to be security risks? They cannot be uninstalled. They are written in Java, which is a weak language. They use bitcode. They have introduced vulnerabilities in browsers.
They have introduced vulnerabilities in browsers.
What is an objective of state-sponsored attackers? To amass fortune over of fame To spy on citizens To sell vulnerabilities to the highest bidder To right a perceived wrong
To spy on citizens
Which statement is correct regarding why traditional network security devices cannot be used to block web application attacks? The complex nature of TCP/IP allows for too many ping sweeps to be blocked. Traditional network security devices ignore the content of HTTP traffic, which is the vehicle of web application attacks. Web application attacks use web browsers that cannot be controlled on a local computer. Network security devices cannot prevent attacks from web resources.
Traditional network security devices ignore the content of HTTP traffic, which is the vehicle of web application attacks.
Attackers who register domain names that are similar to legitimate domain names are performing _____. HTTP manipulation HTML squatting Address resolution URL hijacking
URL hijacking
Which of the following is NOT a method for strengthening a key? Randomness Variability Cryptoperiod Length
Variability
Tatyana is discussing with her supervisor potential reasons why a recent attack was successful against one of their systems. Which of the following configuration issues would NOT be covered? Vulnerable business processes Misconfigurations Default configurations Weak configurations
Vulnerable business processes
Which variation of a phishing attack sends phishing messages only to wealthy individuals? Spear phishing Whaling Target phishing Microing
Whaling
What is a race condition? When a vulnerability is discovered and there is a race to see if it can be patched before it is exploited by attackers. When two concurrent threads of execution access a shared resource simultaneously, resulting in unintended consequences. When a software update is distributed prior to a vulnerability being discovered. When an attack finishes its operation before antivirus can complete its work.
When two concurrent threads of execution access a shared resource simultaneously, resulting in unintended consequences.
Which attack uses the user's web browser settings to impersonate that user? XDD XSRF Session hijacking Domain hijacking
XSRF
John was explaining about an attack that accepts user input without validating it and uses that input in a response. What type of attack was he describing? XSRF DDoS DNS XSS SQL
XSS
What is a session token? a random string assigned by a web server a unique identifier that includes the user's email address another name for a third-party cookie XML code used in an XML injection attack
a random string assigned by a web server
watering hole attack is directed against which of the following? a smaller group of specific users all users of a large corporation wealthy individuals attackers who send spam
a smaller group of specific users
Which of these is NOT part of the certificate life cycle? revocation authorization expiration creation
authorization
Linnea's father called her to say that a message suddenly appeared on his screen that says his software license has expired and he must immediately pay $500 to have it renewed before control of the computer will be returned to him. What type of malware is this? Trojanware blocking ransomware lockoutware persistent virusware
blocking ransomware
Which of these items retrieved through dumpster diving would NOT provide useful information? calendars organizational charts memos books
books
What is the term used for a threat actor who controls multiple bots in a botnet? zombie shepherd bot herder cyber-robot rogue IRC
bot herder
A(n) _____ is a published set of rules that govern the operation of a PKI. signature resource guide (SRG) certificate practice statement (CPS) enforcement certificate (EF) certificate policy (CP)
certificate policy (CP)
Alyosha was explaining to a friend the importance of protecting a cryptographic key from cryptoanalysis. He said that the key should not relate in a simple way to the cipher text. Which protection is Alyosha describing? confusion chaos diffusion integrity
confusion
Which of the following is NOT a primary trait of malware? circulation concealment infection diffusion
diffusion
A(n) _____ is not decrypted but is only used for comparison purposes. algorithm digest key stream
digest
The strongest technology that would assure Alice that Bob is the sender of a message is a(n) _____. digital signature encrypted signature digital certificate digest
digital certificate
The Hashed Message Authentication Code (HMAC) _____. hashes the DHE key only hashes only the key hashes the key and the message hashes only the message
hashes the key and the message
Hedda pretends to be the help desk manager and calls Steve to trick him into giving her his password. What social engineering attack has Hedda performed? luring aliasing impersonation duplicity
impersonation
Which areas of a file cannot be used by steganography to hide data? in data that is used to describe the content or structure of the actual data in the file header fields that describe the file in the directory structure of the file system in areas that contain the content data itself
in the directory structure of the file system
An attacker who manipulates the maximum size of an integer type would be performing what kind of attack? integer overflow buffer overflow number overflow heap overflow
integer overflow
Public key infrastructure (PKI) _____. generates public/private keys automatically is the management of digital certificates requires the use of an RA instead of a CA creates private key cryptography
is the management of digital certificates
Each of these is a reason why adware is scorned EXCEPT _____. it can interfere with a user's productivity it displays objectionable content it displays the attacker's programming skills it can cause a computer to crash or slow down
it displays the attacker's programming skills
A replay attack _____. is considered to be a type of DoS attack makes a copy of the transmission for use at a later time replays the attack over and over to flood the server can be prevented by patching the web browser
makes a copy of the transmission for use at a later time
Which attack intercepts communications between a web browser and the underlying computer? replay man-in-the-browser (MITB) ARP poisoning man-in-the-middle (MITM)
man-in-the-browser (MITB)
Which type of mutation completely changes a virus from its original form by rewriting its own code whenever it is executed? metamorphic polymorphic oligomorphic betamorphic
metamorphic
Proving that a user sent an email message is known as _____. availability integrity non-repudiation repudiation
non-repudiation
Public key systems that generate random public keys that are different for each session are called _____. Elliptic Curve Diffie-Hellman (ECDH) Public Key Exchange (PKE) perfect forward secrecy Diffie-Hellman (DH)
perfect forward secrecy
What is data called that is to be encrypted by inputting it into a cryptographic algorithm? cleartext ciphertext plaintext opentext
plaintext
What kind of attack is performed by an attacker who takes advantage of the inadvertent and unauthorized access built through three succeeding systems that all trust one another? cross-site attack transverse attack horizontal access attack privilege escalation
privilege escalation
Which of these is NOT a DoS attack? SYN flood smurf attack DNS amplification push flood
push flood
Which action cannot be performed through a successful SQL injection attack? display a list of customer telephone numbers reformat the web application server's hard drive erase a database table discover the names of different fields in a table
reformat the web application server's hard drive
Which of these is NOT a basic security protection for information that cryptography can provide? confidentiality authenticity risk loss integrity
risk loss
What is a value that can be used to ensure that hashed plaintext will not consistently result in the same digest? algorithm initialization vector (IV) salt nonce
salt
Which of these has an onboard key generator and key storage facility, as well as accelerated symmetric and asymmetric encryption, and can back up sensitive material in encrypted form? self-encrypting hard disk drives (SED) encrypted hardware-based USB devices Hardware Security Module (HSM) Trusted Platform Module (TPM)
self-encrypting hard disk drives (SED)
Which of these is a general term used for describing software that gathers information without the user's consent? gatherware spyware adware scrapeware
spyware
DNS poisoning _____. floods a DNS server with requests until it can no longer respond is rarely found today due to the use of host tables is the same as ARP poisoning substitutes DNS addresses so that the computer is automatically redirected to another device
substitutes DNS addresses so that the computer is automatically redirected to another device
A digital certificate associates _____. a private key with a digital signature the user's identity with his public key a user's private key with the public key a user's public key with his private key
the user's identity with his public key
Complete this definition of information security: That which protects the integrity, confidentiality, and availability of information _____. -on electronic digital devices and limited analog devices that can connect via the Internet or through a local area network -through a long-term process that results in ultimate security - through products, people, and procedures on the devices that store, manipulate, and transmit the information - using both open-sourced as well as supplier-sourced hardware and software that interacts appropriately with limited resources
through products, people, and procedures on the devices that store, manipulate, and transmit the information
What is the basis of an SQL injection attack? to expose SQL code so that it can be examined to link SQL servers into a botnet to have the SQL server attack client web browsers to insert SQL statements through unfiltered user input
to insert SQL statements through unfiltered user input
Digital certificates can be used for each of these EXCEPT _____. to verify the identity of clients and servers on the Web to encrypt messages for secure email communications to verify the authenticity of the Registration Authorizer to encrypt channels to provide secure communication between clients and servers
to verify the authenticity of the Registration Authorizer
Egor wanted to use a digital signature. Which of the following benefits will the digital signature not provide? verify the receiver enforce nonrepudiation verify the sender prove the integrity of the message
verify the receiver
Which type of malware requires a user to transport it from one computer to another? adware rootkit worm virus
virus
