Chapter 1 Quiz
An apartment has a large window that is provided in part as an emergency exit in case of a fire. The window is generally left locked, but it may be opened. When analyzing the boundary, is the window considered a wall or a doorway?
Doorway
Which of the following would be considered insider threats?
Embezzlers
A risk assessment involves which of the following?
Identifying risks
Which of the following types of threat agents is most typically associated with masquerade attacks?
Identity thieves
Which of the following is an example of security theater?
Installing a fake video camera
Which of the following are the CIA properties?
Integrity
Which of the following describes the effect of the Digital Millennium Copyright Act (DMCA) on the investigation and publication of security flaws in commercial equipment?
It restricts the publication of techniques to reverse-engineer copy protection schemes.
Alice has performed a security assessment for Acme Widget. The resulting assessment is treated as confidential and is not shared with Alice's coworkers. Only specific employees are allowed to read it. Which basic security principle does this illustrate?
Least privilege
Which of the following is an example of a rule-based security decision?
Locking a car's ignition
Given the vulnerability disclosure procedure in Section 1.6.2 and the story of Michael Lynn's presentation of a Cisco router vulnerability at Black Hat 2005, which of the following most accurately describes Lynn's action?
Lynn acted ethically because the vulnerability had already been reported and patched, and he did not describe how to exploit the vulnerability.
Which of the following would be considered insider threats?
Maintenance crew
What is a worm?
Malware
Which threat agent is most often associated with denial of service attacks?
Natural threats
Which of the following are threat agents?
Phone phreak
A risk assessment involves which of the following?
Prioritizing risks
Impact x Likelihood = ______________
Relative Significance of Risk
Car ignition locks are an example of what type of decision?
Rule-based
Desktop malware may not represent a direct threat to ________- or PLC-based equipment, but practical attacks exist on these systems.
SCADA
Which of the following are threat agents?
Script kiddy
The phrases below describe types of attacks on information. Match the type of attack with its description. Forgery
Someone composes a bogus message and sends it to a computer
Which of the following would be considered insider threats?
Suite/room/housemates and family
The phrases below describe types of attacks on information. Match the type of attack with its description. Physical theft
The computing resource itself is removed
The phrases below describe types of attacks on information. Match the type of attack with its description. Denial of service (DoS)
The use of computing data or services is lost temporarily or permanently, without damage to the physical hardware
Anonymous is an example of what kind of agent?
Threat
True or False? A supervisory control and data acquisition (SCADA) device is a computer that controls motors, valves, and other devices in industrial applications.
True
True or False? Botnets can (often) perform distributed denial of service (DDoS) attacks in which thousands of individual computers send overwhelming amounts of traffic at a victim's computer.
True
True or False? Hacktivists are threat agents who are usually a loosely organized source of widespread attacks.
True
True or False? In requirement-based security, we identify and prioritize our security needs in a risk assessment process.
True
True or False? Once we have filled in the attack likelihoods and impacts, we compute the significance by multiplying these values together.
True
True or False? People can be threat agents in some cases, but trustworthy in others.
True
True or False? To analyze a risk, we review it against the threat agents behind the risk.
True
An apartment has a large window, which is covered with metal bars to prevent people from going through the window. When analyzing the apartment's boundary, is the window considered a wall or a doorway?
Wall
Risk Management Framework is a way to assess _______________ risks when developing large-scale computer systems.
cybersecurity
When disclosing a security vulnerability in a system or software, the manufacturer should avoid:
including enough detail to allow an attacker to exploit the vulnerability.
A security decision, such as locking your vehicle when not in use, is an example of:
rule-based security.
Cyber vulnerabilities became a public issue in the __________ as new internet users struggled to understand the technology's risks.
1990s
Typical retail businesses expect a _____ rate of loss due to theft, damages, and other causes.
3 percent
The phrases below describe types of attacks on information. Match the type of attack with its description. Masquerade
A person takes on the identity of another when using a computer
The phrases below describe types of attacks on information. Match the type of attack with its description. Subversion
A program is modified to operate on the behalf of a threat agent
Which of the following produces a risk to an asset?
A threat agent and an attack the agent can perform
What does AUP stand for?
Acceptable Use Policy
Which of the following most often forbids people from performing trial-and-error attacks on computer systems?
Acceptable use policies
Which of the following would be considered insider threats?
Administrators
Which of the following are the CIA properties?
Confidentiality
Which of the following are threat agents?
Cracker
Which of the following is a person who has learned specific attacks on computer systems and can use those specific attacks?
Cracker
The phrases below describe types of attacks on information. Match the type of attack with its description. Disclosure
Data that should be kept confidential is disclosed
We draft the __________ requirements to address the risks we identified.
security
By default ,most systems only record the most ______ events.
significant
Both forms of the RMF illustrate a(n) _______ engineering process as a way to plan, design, and build a complicated system.
systems
A security analyst is performing a security assessment. The analyst should not:
take actions to mitigate a serious risk.
A __________ is someone who is motivated to attack our assets.
threat agent
True or False? A vulnerability is a weakness in the boundary that protects the assets from the threat agents.
true
True or False? Security Category RMF begins with a high-level estimate of the impact caused by cyber security failures.
true
True or False? The term "security theater" refers to security measures intended to make potential victims feel safe and secure without regard to their effectiveness.
true
Supervisory control and data acquisition (SCADA) devices are most often associated with:
utilities.
A person skilled in attacking computer systems, who uses those skills as a security expert to help protect systems, is a:
white-hat hacker.
Section 1.6.2 outlines a procedure for disclosing security vulnerabilities in a commercial device or product. Assume that we have discovered a vulnerability in a commercial product. The vendor has not acknowledged our initial vulnerability report or communicated with us in any other way. They have not announced the vulnerability to the public. We wish to warn the public of the vulnerability as soon as is ethically defensible. Given the procedure in Section 1.6.2, which of the following is the best course of action?
After 30 days, announce that the vulnerability exists, and describe how to reduce a system's risk of attack through that vulnerability.
We are estimating the impact of an individual attack. Which of the following has the greatest estimated impact?
An attack with a $100 loss that could happen once a week
Which of the following yields a more specific set of attacks tied to our particular threat agents?
Attack matrix
Which of the following are the CIA properties?
Availability
Which of the following are threat agents?
Black-hat hacker
True or False? A threat agent is a person who did attack our assets, while an attacker might attack an asset.
False
True or False? A vulnerability is a security measure intended to protect an asset.
False
True or False? A zero-day vulnerability is one that has been reported to the software's vendor and the general public.
False
True or False? Information security architecture often relies on boundaries outside the computer to protect important information or programs from error-prone or malicious programs.
False
True or False? Modus operandi applies only to criminal organizations.
False
True or False? The security process and the Information engineering process find their origin in the concept of Continuous Improvement.
False
True or False? Victims can protect themselves against zero-day attacks.
False
An attempt by a threat agent to exploit assets without permission is referred to as:
an attack.
CIA properties do not include:
authentication.