CIS 377 Midterm/Final Quiz Questions

What is the subject of the Computer Security Act? Banking Industry Telecommunications Common Carriers Federal Agency Information Security Cryptography Software Vendors

Federal Agency Information Security

What is the subject of the Sarbanes-Oxley Act? Banking Privacy Financial Reporting Trade Secrets

Financial Reporting

Which of the following acts is also widely known as the Gramm-Leach-Bliley Act? Health Insurance Portability and Accountability Act Financial Services Modernization Act Computer Security Act Communications Act

Financial Services Modernization Act

A ____________ is a barrier between your network and the outside world. Firewall Web server File server None of the above

Firewall

You may use Linux to make a ______________ of the hard drive. Bootable copy, Screen shot, New version, Forensically valid copy

Forensically valid copy

Which of the following can be used to break encryption algorithms? Frequency Analysis XOR Hashing Vigenere

Frequency Analysis

The Health Insurance Portability and Accountability Act Of 1996, also known as the ____________ Act, protects the confidentiality and security of health care data by establishing and enforcing standards and by standardizing electronic data interchange. Privacy Kennedy-Kessebaum HITECH Gramm-Leach-Bliley

Kennedy-Kessebaum

A(n) ________ refers to the bits that are combined with the plain text to encrypt it. Key Plain Cipher text Algorithm

Key

With asymmetric cryptography a different ______ is used to encrypt the message and to decrypt the message. Code Key Lock Script

Key

List security design principles that should be used in secure software design.

Least privilege Economy of mechanism Complete mediation Open design Separation of privilege Least common mechanism Psychological acceptability Fail-safe defaults

____________ is the legal obligation of an entity that extends beyond criminal or contract law.

Liability

A firewall _________ is a tool that can provide information after an incident has occurred. Log Scan Port None of the above

Log

When an employee leaves, all __________ should be terminated. Web histories Logins Desktops Passwords

Logins

Passwords are an area of user policies. True, False

True

Privacy is the right of individuals or groups to protect themselves and their information from unauthorized access, providing confidentiality. True, False

True

Public key encryption is fast becoming the most widely used type of encryption because there are no issues to deal with concerning distribution of keys. True, False

True

Security policies toward programmers and web developers are developmental policies. True, False

True

The Economic Espionage Act of 1996 protects American ingenuity, intellectual property, and competitive advantage. True, False

True

The category of intrusion detection systems that looks for patterns that don't match those of normal use is called anomaly detection. True, False

True

The most common method to deliver spyware to a target system is by using a Trojan horse. True, False

True

The most widely used symmetric key algorithm is Advanced Encryption Standard. True, False

True

The objective in the eradication phase of incident response is to eliminate the cause of the incident. True, False

True

The threats-vulnerabilities-assets (TVA) worksheet is a document that shows a comparative ranking of prioritized assets against prioritized threats, with an indication of any vulnerabilities in the asset/threat pairings. True, False

True

When an administrator proactively seeks out intelligence on potential threats or groups, this is called infiltration. True, False

True

Most attacks occur because a hacker takes advantage of _______________. the compiler a vulnerability in the software complexity the binary code

a vulnerability in the software

____________________ components account for the management of information in all its states: transmission, processing, and storage.

data, information,

The _________ control strategy that attempts to eliminate or reduce any remaining uncontrolled risk through the application of additional controls and safeguards. defense transfer termination mitigate

defense

Network attack types

denial of service distributed denial of service man in the middle attacks syn flood attacks network sniffing spoofing

What is chain of custody?

detailed documentation showing the status of evidence at everyone point in time from the moment of seizure to the moment the evidence is presented in court.

A list of virus definitions is generally in a file with a ________ extension. .dat .txt .vir .def

.dat

What can be digital evidence?

1 Browser - direct and circumstantial evidence Pornography - direct Cyber stalking - direct Creation of a virus - circumstantial 2 History - information 3 Window Logs Security logs - successful and unsuccessful login event Application log - events logged by applications and programs System log - event logged by Windows system components Forwarded Events log - events collected from remote computers Applications and Service logs - store events from a single application or component. 4 Linux logs 5 Deleted Files 6 Mobile phones

Steps for digital forensics

1 Identify relevant items of evidentiary value (EM) 2 Acquire (seize) the evidence without alteration or damage 3. Analyze the data without risking modification or unauthorized access 4 Report the findings to the proper authority

Why slack space can be used for recovery?

1 Unallocated blocks Mark blocks as allocated to fool the file system 2 Unused space at end of files if it doesn't end on block boundaries 3 Unused space in file system data structures

___________ is a block cipher that uses a variable-length key ranging from 32 to 448 bits. 3DES AES Blowfish RC4

Blowfish

Application/web based attacks

Buffer Overflow Cross-site Scripting (XSS) SQL Injection XML injection Active X Java Applet and Javascript

List common software vulnerabilities.

Buffer overflows SQL injection Race conditions Poor or missing exception handling Incorrect or incomplete input validation Access control problems

Of the three types of mitigation plans, the ____________________ plan is the most strategic and long term, as it focuses on the steps to ensure the continuation of the organization.

Business Continuity

Order of digital/electronic evidence

Do not limit to PCs and laptops Include Logs Portable devices (USB drives, external drives) Emails Devices that store data - iPod, iPad, tablets Cell phones

Java and ActiveX codes should be scanned before they are _____________. Downloaded to your computer Known about Infected None of the above

Downloaded to your computer

In which firewall configuration is the firewall running on a server with at least two network interfaces? Network host-based Dual-homed host Router-based Screened host

Dual-homed host

______________ is the process to scramble a message or other information so that it cannot be easily read. Encryption Cryptoanalysis Keying Decryption

Encryption

At which step of SDLC should security be considered?

Every step

A documentation trail is beneficial but not required. True, False

False

A good password should have at least eight characters and use all lowercase letters. True, False

False

A screening firewall works in the application layer of the OSI model. True, False

False

A(n) intranet is a segment of the DMZ where additional authentication and authorization controls are put into place to provide services that are not available to the general public. True, False

False

Cultural differences can make it difficulty to determine what is ethical and is not ethical between cultures, except when it comes to the use of computers, where ethics are considered universal True, False

False

Employees are not deterred by the potential loss of certification or professional accreditation resulting from a breach of a code of conduct as this loss has no effect on employees' marketability and earning power. True, False

False

Encryption done using smaller keys is inherently more secure. True, False

False

Ethics are the moral attitudes or customs of a particular group. _________________________. True, False

False

Know yourself means identifying, examining, and understanding the threats facing the organization. True, False

False

Likelihood is the probability that a specific vulnerability within an organization will be the target of an attack. True, False

False

Linux and Windows typically are not shipped with firewalls. True, False

False

Loss event frequency is the combination of an asset's value and the percentage of it that might be lost in an attack. True, False

False

PGP involves only private key encryption. True, False

False

Principal of least privilege means that no one person can perform critical tasks. True, False

False

Risk control is the enumeration and documentation of risks to an organization's information assets. True, False

False

Risk mitigation is the process of assigning a risk rating or score to each information asset. True, False

False

Snort is an open-source firewall. True, False

False

Standards are specific instructions on how to handle a specific issue. True, False

False

The Federal Privacy Act of 1974 regulates government agencies and holds them accountable if they release information about national security without permission. _________________________. True, False

False

The United States has implemented a version of the DMCA law called the Database Right, in order to comply with Directive 95/46/EC. True, False

False

The difference between a policy and a law is that ignorance of a law is an acceptable defense. True, False

False

The key difference between laws and ethics is that ethics carry the authority of a governing body and laws do not. True, False

False

The method to attract an intruder to a subsystem setup for the purpose of observing him is called intrusion deterrence. True, False

False

Unethical and illegal behavior is generally caused by ignorance (of policy and/or the law), by accident, and by inadequate protection mechanisms. True, False

False

Mistaking a legitimate program for a virus is a ____________. Heuristic error False negative False positive None of the above

False positive

A(n) ____________________ is a combination of hardware and software that filters or prevents specific information from moving between the outside world and the inside world.

firewall

In a power grid: A(n) _________________ breach would compromise critical systems, risking failure or shutdown confidentiality, integrity, availability

integrity

Viruses and malware compromise the _________________ of the systems they infect. confidentiality, integrity, availability

integrity

Given your automobile: A(n) _____________________ breach means they could take over your brakes. confidentiality, integrity, availability

integrity and availability

In the military: If they made a(n) ______________________ breach, they could gain control over these weapons systems. confidentiality, integrity, availability

integrity and availability

What types of cyber-attacks affect individuals?

investment scam, auction fraud, identity theft, cyber stalking

"Long arm ___________" refers to the long arm of the law reaching across the country or around the world to draw an accused individual into its court systems whenever it can establish jurisdiction.

jurisdiction

The ____________________ control strategy attempts to reduce the impact caused by the exploitation of vulnerability through planning and preparation.

mitigation

The __________ control strategy attempts to shift risk to other assets, other processes, or other organizations. transfer accept mitigate defend

transfer

Malware Attack Types

virus worms spyware logic bomb trojan horse rasomware botnets rootkit backdoor keylogger drive-by downloads

What does cyber security protect?

1. Identity: Someone's personal information 2. Devices and Infrastructure: Computing and network resources 3. Data: Most valuable organizational asset

A person who hacks into phone systems is referred to as what? A hacker, A gray hat hacker, A phreaker, A cracker

A phreaker

Exploit

A technique to compromise a system.

Which is not one of the three A's for digital methodology? Acquire Authenticate Accessibility Analyze

Accessibility

Incident response is defined as _________ Data loss, Phishing, Actions taken to deal with an incident, All of the above

Actions taken to deal with an incident

Which is not a component of Digital Forensics? Preparation, Containment, Eradication, All are components

All are components

An incident Response consideration is _______________________________. Actual and potential financial loss, Need for efficiency, Potential for adverse exposure, All of the above

All of the above

In the recovery phase of incident response, one step is ________________________________ Restore data from clean backups, Rebuild systems from scratch, Restore confidence, All of the above

All of the above

Which is not true about digital forensics? Used to investigate what happened during attack on assets, Used to determine how the attack occurred, Involved the preservation of computer media for evidential analysis, All of the above are true

All of the above are true

What is a cyber-attack?

An attack, via cyberspace, targeting an enterprise's use of cyberspace for the purpose of disrupting, disabling, destroying, or maliciously controlling a computing environment/infrastructure; or destroying the integrity of the data or stealing controlled information

Vulnerability

An identified weakness of a controlled system whose controls are not present or are no longer effective

What initial steps should be taken when a potential incident is identified? Analyze and validate, documenting steps, Establish communication policy, Determine the impact of an incident, Delete malicious code

Analyze and validate, documenting steps

CIA Triad: Confidentiality

Assures that confidential information is not disclosed to unauthorized individuals

Which of these is the process to determine if the credentials given by a user or another system are authorized to access the network resource in question? Confidentiality, Integrity, Availability, Authentication

Authentication

_________ attacks are becoming less common in modern operating systems. Denial of service, SYN flood, Buffer overflow, None of the above

Buffer overflow

What is the most common way for a virus to spread? By copying to shared folders, By email attachment By FTP, By downloading from a website

By email attachment

Which of the following is the first official recognition of computer forensics as a separate field? Digital Forensic Research Workshop (DFRWS) Computer Analysis and Response Team (CART) An international treaty of Convention on Cybercrime Scientific Working Group on Digital Evidence (SWGDE)

Computer Analysis and Response Team (CART)

Which of these was the first computer incident-response team? Computer Emergency Response Team, F-Secure, SANS Institute, Microsoft Security Advisor

Computer Emergency Response Team

____________________ can include logs, portable storage, emails, tablets, and cell phones. Computer evidence, Ancillary hardware, Network devices, None of the above

Computer evidence

Attacks are classified as incidents if they ____________ Are directed against personnel, Could threaten confidentiality, integrity or availability of information resources, Have a low probability of success, All of the above

Could threaten confidentiality, integrity or availability of information resources

A black hat hacker is also called a ___________ Thief, Cracker, Sneaker None of the above

Cracker

SQL injection is based on what? Having database admin privileges, Creating an SQL statement that is always true, Creating an SQL statement that will force access, Understanding web programming

Creating an SQL statement that is always true

CIA Triad: Integrity

Data integrity: assures that information and programs are changed only in a specified and authorized manner System integrity: Assures that a system performs its operations in unimpaired manner

Which type of attack attempts to overload the system with requests, denying legitimate users access? Denial of service, ip spoofing, Phishing, None of the above

Denial of service

In preparing to collect incident data, _____________________________. Collect only subjective data, Collect all data available, Pass all information onto management, Document all information on the data that was acquired, such as location

Document all information on the data that was acquired, such as location

A Business Continuity Planning is to establish critical business operations after a disaster impacts operations. True, False

False

A Disaster Recover plan is very useful but not necessary. True, False

False

An incident response team should be formed once an incident is confirmed. True, False

False

Auditing is the process to determine if a user's credentials are authorized to access a network resource. True, False

False

Black hat hackers are also know as script kiddies. True, False

False

Digital evidence is not volatile. True, False

False

Incident response is proactive. True, False

False

Most Windows logs are turned on automatically. True, False

False

Once evidence is contaminated, it can be recovered and used as evidence for a legal case. True, False

False

Once files are deleted, they can't be recovered permanently. True, False

False

Reacting to incidents is lost costly and more effective than preventing incidents. True, False

False

With a computer, always work on the original since when a person commits a crime something is always left behind. True, False

False

How can you prevent cross-site scripting? Filer user input, Use an IDS, Use a firewall, It cannot be prevented

Filter user input

A(n) ______ is a basic security device that filters traffic and is a barrier between a network and the outside world or between a system and other systems. Firewall, Proxy server, Intrusion detection system, Network Monitor

Firewall

Passing structured query language commands to a web application and getting the website to execute it is call SQL script ______________________. Injection, Processing, Attacking, Execution

Injection

Which is NOT an action that is taken as part of preparing for an incident? Create a policy, Create and train a response team, Involve Law enforcement, Establish notification mechanisms

Involve Law enforcement

Types of Threats and Attacks

Malware: MALicious softWARE Security Breaches DoS: Denial of Service attacks Web Attacks Session Hijacking DNS Poisoning Insider Threats

Which of the following is true regarding emailed security alerts? You must follow them, Most companies do not send alerts via email, You can trust attachments on security alerts, Most companies send alerts via email

Most companies do not send alerts via email

Which of the following is a way that any person can use to protect against virus attacks? Set up a firewall, Use encrypted transmissions, Use security email software, Never open unknown email attachments

Never open unknown email attachments

The most popular port scanner in the hacking and security community is ________ Nmap, Portscan, Servport, NetBIOS

Nmap

Which of the following is a popular port scanner? Nessus Ophrack MBSA Nmap

Nmap

Testing an organization's security is known as _____________testing. Penetration, Location, Virus, None of the above

Penetration

Blocking incoming ICMP packets will prevent what type of scan? SYN, Ping, FIN, Stealth

Ping

There are 4 phases in the Incident Response Life Cycle, what is the first phase? Containment, Eradication & Recovery, Detection and Analysis, Post-Incident Activity, Preparation

Preparation

What is a buffer-overflow attack? Overflowing a port with too many packets, Putting more email in an email system than it can hold, Overflowing the system, Putting more data in a buffer than it can hold

Putting more data in a buffer than it can hold

Which of these is a repository of security-related documentation and also sponsors a number of security research projects? Computer Emergency Response Team, F-Secure, SANS Institute, Microsoft Security Advisor

SANS Institute

A key logger is what type of malware? Virus, Buffer overflow, Trojan horse, Spyware

Spyware

Adversarial Thinking

The ability to embody the technological capabilities, the unconventional perspectives, and the strategic reasoning of hackers.

Attacks

The deliberate act that exploits vulnerability. It is accomplished by a threat agent to damage or steal an organization's information or physical asset.

Which activity is not usually included in computer forensics? The secure collection of computer data, The examination of physical systems, the identification of suspect data, The application of laws to computer practice

The examination of physical systems

Threats

The likelihood that something harmful could occur.

Which of the following are important to the investigator regarding logging? The logging methods, Log retention, Location of stored logs, All of the above

The logging methods

Frequently, the first responder to a computer crime is ________. The network administrator, A law enforcement officer, The news media, None of the above

The network administrator

Why should a cybercrime law be specific? To prevent defendants from finding loopholes, So it will be internationally recognized, So that multiple laws will not be necessary, None of the above

To prevent defendants from finding loopholes

A denial-of-service attack is one of the most common attacks on a system. True, False

True

A firewall can be configured to disallow certain types of incoming traffic that may be attacking. True, False

True

After a virus is on your system, it can do anything a legitimate program can do. True, False

True

Confidentiality, integrity, and availability are three pillars of the CIA triangle. True, False

True

Crisis management team is responsible for managing event from and enterprise perspective. True, False

True

Hacking into phone systems is also known as phreaking True, False

True

Incidents create pandemonium if not prepared. True, False

True

Information security personnel should be trained to understand the forensics process. True, False

True

Law enforcement should be involved when an incident constitutes a violation of law. True, False

True

Malware is a generic term for software that has a malicious purpose. True, False

True

Malware that executes when a specific criteria is met is a logic bomb. True, False

True

Single loss expectation is used to determine the total cost of an incident. True, False

True

The Window Registry contains a list of USB devices that have been connected to the machine. True, False

True

The chain of custody accounts for the handling of evidence and documents that handling. True, False

True

Defense in Depth

abstraction layering modularity resource encapsulation process isolation domain separation

CIA Triad: Availability

assure that systems works promptly and service is not denied to authorized users

denial of service attacks affect which part of the CIA triad? confidentiality, integrity, availability

availability

Data theft affects which part of the CIA Triad? confidentiality integrity availability

confidentiality

Espionage affects _______________________ confidentiality, integrity, availability

confidentiality

In a power grid: A(n) ____________________ breach exposes system operating information confidentiality, integrity, availability

confidentiality

In the military: A(n) __________________ breach would mean hackers could obtain data about sensitive systems. confidentiality, integrity, availability

confidentiality

_____________________ means protecting and keeping your secrets confidentiality, integrity, availability

confidentiality

Windows stores information on web address, search queries, and recently opened files in a file called___________. internet.txt index.dat default.dat explore.exe

index.dat

Data modification attacks affect ______ confidentiality, integrity, availability

integrity

Cybersecurity

measures taken to protect a computer or computer system against unauthorized access or attack

One classic denial-of-service attack distributed by email was _____________. myDoom, Linux, pingflood, None of the above

myDoom

The Windows command to list any shared files that are currently open is ___________. openfiles fc netstat None of the above

openfiles

A program that can propagate without human interference is a _________________. virus, worm, trojan horse, none of the above

worm

What types of cyber-attacks affect Organizations/Companies?

Company Records, Network systems

A(n) ___________is a mathematical process for doing something. Formula Algorithm Cipher None of the above

Algorithm

Management of classified data includes its storage and ___________. distribution portability destruction All of the above

All of the above

__________ refers to encrypted text. Key Plain text Algorithm Cipher text

Cipher text

A(n) ____ serves as the trusted third-party agency that is responsible for issuing the digital certificates. RA PA DA CA

CA

Using the __________ cipher you choose some number by which to shift each letter of a text. DC4 Caesar Multi-alphabet substitution ASCII

Caesar

The result of encrypting text is ___________. Hieroglyphics Plain Text Caesar's Text Cipher Text

Cipher Text

The National Information Infrastructure Protection Act of 1996 modified which Act? USA PATRIOT Improvement and Reauthorization Act USA PATRIOT Act Computer Security Act Computer Fraud and Abuse Act

Computer Fraud and Abuse Act

When an attacker injects client-side scripts into web pages viewed by other users so that those users interact with it, it is an example of _______________. Cross-site scripting, Phreaking, Phishing, None of the above

Cross-site scripting

______________ are the fixed moral attitudes or customs of a particular group.

Cultural mores

Steganography

Data hidden in other data; Unused or irrelevant locations are used to store information

List the steps of the software development lifecycle.

Define the problem (Analysis) Design the solutions (Algorithm) Code solution (Program) Test and Debug Maintain and document

What can't static analysis detect? Design flaws Syntax problems Missing variables Uncalled functions

Design flaws

The background, screensaver, font size, and resolution are elements of ___________. Desktop configuration File extensions Passwords None of the above

Desktop configuration

Windows stores passwords using a method called _____________. Hashing Authentication Kerberos None of the above

Hashing

The virus scanning technique that uses rules to determine if a program behaves like a virus is _____________ scanning. Download File Heuristic Sandbox

Heuristic

An alternate site configuration that would allow the company to move right in and continue operations is _________ Hot, Cold, Warm, None of the above

Hot

An SQL injections occurs because of ________________. Improper input validation A lack of proper encryption An integer error A buffer overflow

Improper input validation

____________________ include information and the systems that use, store, and transmit information.

Information assets

Using the __________ cipher you select multiple numbers by which to shift letters. DC4 Caesar Multi-alphabet substitution ASCII

Multi-alphabet substitution

What type of cyber-attacks affect Nations/Countries?

National secrets, Intelligence, Military information

In which firewall configuration is the software installed on an existing machine with an exiting operating system? Network host-based Dual-homed host Router-based Screened host

Network host-based

A packet-filtering firewall is a(n) _____________ firewall. Packet Filtering Application gateway Circuit-level gateway Domain gateway

Packet Filtering

In Cryptography, original message, before being transformed, is called Plain Text Simple Text Empty Text Caesar Text

Plain Text

___________ refers to unencrypted text. Key Plain text Algorithm Cipher text

Plain text

With ______________ encryption, one key is used to encrypt a message, and another is used to decrypt the message. Private key Public key Cipher None of the above

Public key

_______________________ involves public-key cryptography standards, trust models, and key management. Network key infrastructure Shared key infrastructure Private key infrastructure Public key infrastructure

Public key infrastructure

_____________ is an asset valuation approach that uses categorical or non-numeric values rather than absolute numerical measures. Qualitative assessment Quantitative assessment Metric-centric model Value-specific constant

Qualitative assessment

_______________ equals the probability of a successful attack times the expected loss from a successful attack plus an element of uncertainty. Loss Magnitude Loss Frequency Loss Risk

Risk

____________________ involves three major undertakings: risk identification, risk assessment, and risk control.

Risk management

The virus scanning technique that means you have a separate area isolated from the operating system in which a file is run, so it won't infect the system is ___________. Download File Heuristic Sandbox

Sandbox

A document that defines how an organization deals with some aspect of security is a(n) ________________. Security policy Business plan Security update None of the above

Security policy

Human-centered attacks

Social Engineering Email Attacks Spear Phishing Whaling Spam Tailgating Dumpster Diving Shoulder surfing

A(n)_______________ firewall examines the entire conversation between client and server, not just individual packets. Stateful Packet Inspection Packet filtering Circuit-level gateway Domain gateway

Stateful Packet Inspection

Procedures for adding users, removing users, and dealing with security issues are examples of ______________ policies. User Computer System administration Password

System administration

A file that stays in memory after it executes is a(n) ________________. Terminate and Stay Resident program Executable Text file Bug

Terminate and Stay Resident program

Digital forensics

The use of scientifically derived and proven methods toward the preservation, collection, validation, identification, analysis, interpretation, documentation and presentation of digital evidence derived from digital sources for the purpose of facilitating or furthering the reconstruction of events found to be criminal, or helping to anticipate unauthorized actions shown to be disruptive to planned operations

Purpose of digital forensics

To investigate allegations of digital malfeasance To perform root cause analysis

A VPN, used properly, allows a user to use the Internet as if it were a private network. True, False

True

A digital signature is used to guarantee who sent a message. This is referred to as non-repudiation. True, False

True

A security policy is a document that defines how an organization deals with some aspect of security. True, False

True

A server with fake data used to attract an attacker is a honeypot. True, False

True

A stateful packet inspection firewall examines each packet, and denies or permits access based not only on the current packet, but also on data derived from previous packets in the conversation. True, False

True

Binary numbers are made up of 0s and 1s. True, False

True

Cipher text is encrypted text. True, False

True

Due care and due diligence require that an organization make a valid effort to protect others and continually maintain this level of effort, ensuring these actions are effective. True, False

True

Heuristic scanning uses rules to determine whether a file or program behaves like a virus. True, False

True

Information sent across the Internet is not encrypted by default. True, False

True

Laws, policies and their associated penalties only provide deterrence if offenders fear the penalty, expect to be caught, and expect the penalty to be applied if they are caught. True, False

True

Which is NOT a possible indicator of an incident? Unusual consumption of computing resources, Execution of unknown programs or processes, Unknown people, Unfamiliar files

Unknown people

Your company is instituting a new security awareness program. You are responsible for educating end users on a variety of threats, including social engineering. Which of the following best defines social engineering? Illegal copying of software, Gathering information from discarded manuals and printouts, Using people skills to obtain proprietary information Destruction or alteration of data

Using people skills to obtain proprietary information Destruction or alteration of data

In _____________________ testing, the tester has access to the source code. White Box Black Box Grey Box Penetration

White Box

Wireless/mobile attacks

Wireless Replay Attack WPS attacks Wireless jamming Rogue Access points/ Evil Twin War Driving/ War Chalking Bluetooth attacks Bluesnarfing Bluejacking Mobile Phone Attacks Vishing Smshing

Typically, when you update virus definitions _____________. The virus program scans your computer. Your computer restarts. You are updating the virus definition file on your computer None of the above

Your computer restarts

The __________ strategy is the choice to do nothing to protect a vulnerability and to accept the outcome of its exploitation. defense transfer mitigation acceptance

acceptance

What are the components of cyber-attack?

attacker/agent- the person or thing conducting the attack intent- purpose of the attack tactics technique procedure- how the attack is conducted

A(n) ____________________ policy requires that employees secure all information in appropriate storage containers at the end of each day.

clean desk

Encryption is a means of protecting ________ confidentiality, integrity, availability

confidentiality

A(n) _________ is a formal access control methodology used to assign a level of confidentiality to an information asset and thus restrict the number of people who can access it. risk management scheme security clearance scheme data recovery scheme data classification scheme

data classification scheme

In a(n) __________, assets or threats can be prioritized by identifying criteria with differing levels of importance, assigning a score for each of the criteria and then summing and ranking those scores. threat assessment weighted factor analysis data classification scheme risk management program

weighted factor analysis