CIS 377 Midterm/Final Quiz Questions
What is the subject of the Computer Security Act? Banking Industry Telecommunications Common Carriers Federal Agency Information Security Cryptography Software Vendors
Federal Agency Information Security
What is the subject of the Sarbanes-Oxley Act? Banking Privacy Financial Reporting Trade Secrets
Financial Reporting
Which of the following acts is also widely known as the Gramm-Leach-Bliley Act? Health Insurance Portability and Accountability Act Financial Services Modernization Act Computer Security Act Communications Act
Financial Services Modernization Act
A ____________ is a barrier between your network and the outside world. Firewall Web server File server None of the above
Firewall
You may use Linux to make a ______________ of the hard drive. Bootable copy, Screen shot, New version, Forensically valid copy
Forensically valid copy
Which of the following can be used to break encryption algorithms? Frequency Analysis XOR Hashing Vigenere
Frequency Analysis
The Health Insurance Portability and Accountability Act Of 1996, also known as the ____________ Act, protects the confidentiality and security of health care data by establishing and enforcing standards and by standardizing electronic data interchange. Privacy Kennedy-Kessebaum HITECH Gramm-Leach-Bliley
Kennedy-Kessebaum
A(n) ________ refers to the bits that are combined with the plain text to encrypt it. Key Plain Cipher text Algorithm
Key
With asymmetric cryptography a different ______ is used to encrypt the message and to decrypt the message. Code Key Lock Script
Key
List security design principles that should be used in secure software design.
Least privilege Economy of mechanism Complete mediation Open design Separation of privilege Least common mechanism Psychological acceptability Fail-safe defaults
____________ is the legal obligation of an entity that extends beyond criminal or contract law.
Liability
A firewall _________ is a tool that can provide information after an incident has occurred. Log Scan Port None of the above
Log
When an employee leaves, all __________ should be terminated. Web histories Logins Desktops Passwords
Logins
Passwords are an area of user policies. True, False
True
Privacy is the right of individuals or groups to protect themselves and their information from unauthorized access, providing confidentiality. True, False
True
Public key encryption is fast becoming the most widely used type of encryption because there are no issues to deal with concerning distribution of keys. True, False
True
Security policies toward programmers and web developers are developmental policies. True, False
True
The Economic Espionage Act of 1996 protects American ingenuity, intellectual property, and competitive advantage. True, False
True
The category of intrusion detection systems that looks for patterns that don't match those of normal use is called anomaly detection. True, False
True
The most common method to deliver spyware to a target system is by using a Trojan horse. True, False
True
The most widely used symmetric key algorithm is Advanced Encryption Standard. True, False
True
The objective in the eradication phase of incident response is to eliminate the cause of the incident. True, False
True
The threats-vulnerabilities-assets (TVA) worksheet is a document that shows a comparative ranking of prioritized assets against prioritized threats, with an indication of any vulnerabilities in the asset/threat pairings. True, False
True
When an administrator proactively seeks out intelligence on potential threats or groups, this is called infiltration. True, False
True
Most attacks occur because a hacker takes advantage of _______________. the compiler a vulnerability in the software complexity the binary code
a vulnerability in the software
____________________ components account for the management of information in all its states: transmission, processing, and storage.
data, information,
The _________ control strategy that attempts to eliminate or reduce any remaining uncontrolled risk through the application of additional controls and safeguards. defense transfer termination mitigate
defense
Network attack types
denial of service distributed denial of service man in the middle attacks syn flood attacks network sniffing spoofing
What is chain of custody?
detailed documentation showing the status of evidence at everyone point in time from the moment of seizure to the moment the evidence is presented in court.
A list of virus definitions is generally in a file with a ________ extension. .dat .txt .vir .def
.dat
What can be digital evidence?
1 Browser - direct and circumstantial evidence Pornography - direct Cyber stalking - direct Creation of a virus - circumstantial 2 History - information 3 Window Logs Security logs - successful and unsuccessful login event Application log - events logged by applications and programs System log - event logged by Windows system components Forwarded Events log - events collected from remote computers Applications and Service logs - store events from a single application or component. 4 Linux logs 5 Deleted Files 6 Mobile phones
Steps for digital forensics
1 Identify relevant items of evidentiary value (EM) 2 Acquire (seize) the evidence without alteration or damage 3. Analyze the data without risking modification or unauthorized access 4 Report the findings to the proper authority
Why slack space can be used for recovery?
1 Unallocated blocks Mark blocks as allocated to fool the file system 2 Unused space at end of files if it doesn't end on block boundaries 3 Unused space in file system data structures
___________ is a block cipher that uses a variable-length key ranging from 32 to 448 bits. 3DES AES Blowfish RC4
Blowfish
Application/web based attacks
Buffer Overflow Cross-site Scripting (XSS) SQL Injection XML injection Active X Java Applet and Javascript
List common software vulnerabilities.
Buffer overflows SQL injection Race conditions Poor or missing exception handling Incorrect or incomplete input validation Access control problems
Of the three types of mitigation plans, the ____________________ plan is the most strategic and long term, as it focuses on the steps to ensure the continuation of the organization.
Business Continuity
Order of digital/electronic evidence
Do not limit to PCs and laptops Include Logs Portable devices (USB drives, external drives) Emails Devices that store data - iPod, iPad, tablets Cell phones
Java and ActiveX codes should be scanned before they are _____________. Downloaded to your computer Known about Infected None of the above
Downloaded to your computer
In which firewall configuration is the firewall running on a server with at least two network interfaces? Network host-based Dual-homed host Router-based Screened host
Dual-homed host
______________ is the process to scramble a message or other information so that it cannot be easily read. Encryption Cryptoanalysis Keying Decryption
Encryption
At which step of SDLC should security be considered?
Every step
A documentation trail is beneficial but not required. True, False
False
A good password should have at least eight characters and use all lowercase letters. True, False
False
A screening firewall works in the application layer of the OSI model. True, False
False
A(n) intranet is a segment of the DMZ where additional authentication and authorization controls are put into place to provide services that are not available to the general public. True, False
False
Cultural differences can make it difficulty to determine what is ethical and is not ethical between cultures, except when it comes to the use of computers, where ethics are considered universal True, False
False
Employees are not deterred by the potential loss of certification or professional accreditation resulting from a breach of a code of conduct as this loss has no effect on employees' marketability and earning power. True, False
False
Encryption done using smaller keys is inherently more secure. True, False
False
Ethics are the moral attitudes or customs of a particular group. _________________________. True, False
False
Know yourself means identifying, examining, and understanding the threats facing the organization. True, False
False
Likelihood is the probability that a specific vulnerability within an organization will be the target of an attack. True, False
False
Linux and Windows typically are not shipped with firewalls. True, False
False
Loss event frequency is the combination of an asset's value and the percentage of it that might be lost in an attack. True, False
False
PGP involves only private key encryption. True, False
False
Principal of least privilege means that no one person can perform critical tasks. True, False
False
Risk control is the enumeration and documentation of risks to an organization's information assets. True, False
False
Risk mitigation is the process of assigning a risk rating or score to each information asset. True, False
False
Snort is an open-source firewall. True, False
False
Standards are specific instructions on how to handle a specific issue. True, False
False
The Federal Privacy Act of 1974 regulates government agencies and holds them accountable if they release information about national security without permission. _________________________. True, False
False
The United States has implemented a version of the DMCA law called the Database Right, in order to comply with Directive 95/46/EC. True, False
False
The difference between a policy and a law is that ignorance of a law is an acceptable defense. True, False
False
The key difference between laws and ethics is that ethics carry the authority of a governing body and laws do not. True, False
False
The method to attract an intruder to a subsystem setup for the purpose of observing him is called intrusion deterrence. True, False
False
Unethical and illegal behavior is generally caused by ignorance (of policy and/or the law), by accident, and by inadequate protection mechanisms. True, False
False
Mistaking a legitimate program for a virus is a ____________. Heuristic error False negative False positive None of the above
False positive
A(n) ____________________ is a combination of hardware and software that filters or prevents specific information from moving between the outside world and the inside world.
firewall
In a power grid: A(n) _________________ breach would compromise critical systems, risking failure or shutdown confidentiality, integrity, availability
integrity
Viruses and malware compromise the _________________ of the systems they infect. confidentiality, integrity, availability
integrity
Given your automobile: A(n) _____________________ breach means they could take over your brakes. confidentiality, integrity, availability
integrity and availability
In the military: If they made a(n) ______________________ breach, they could gain control over these weapons systems. confidentiality, integrity, availability
integrity and availability
What types of cyber-attacks affect individuals?
investment scam, auction fraud, identity theft, cyber stalking
"Long arm ___________" refers to the long arm of the law reaching across the country or around the world to draw an accused individual into its court systems whenever it can establish jurisdiction.
jurisdiction
The ____________________ control strategy attempts to reduce the impact caused by the exploitation of vulnerability through planning and preparation.
mitigation
The __________ control strategy attempts to shift risk to other assets, other processes, or other organizations. transfer accept mitigate defend
transfer
Malware Attack Types
virus worms spyware logic bomb trojan horse rasomware botnets rootkit backdoor keylogger drive-by downloads
What does cyber security protect?
1. Identity: Someone's personal information 2. Devices and Infrastructure: Computing and network resources 3. Data: Most valuable organizational asset
A person who hacks into phone systems is referred to as what? A hacker, A gray hat hacker, A phreaker, A cracker
A phreaker
Exploit
A technique to compromise a system.
Which is not one of the three A's for digital methodology? Acquire Authenticate Accessibility Analyze
Accessibility
Incident response is defined as _________ Data loss, Phishing, Actions taken to deal with an incident, All of the above
Actions taken to deal with an incident
Which is not a component of Digital Forensics? Preparation, Containment, Eradication, All are components
All are components
An incident Response consideration is _______________________________. Actual and potential financial loss, Need for efficiency, Potential for adverse exposure, All of the above
All of the above
In the recovery phase of incident response, one step is ________________________________ Restore data from clean backups, Rebuild systems from scratch, Restore confidence, All of the above
All of the above
Which is not true about digital forensics? Used to investigate what happened during attack on assets, Used to determine how the attack occurred, Involved the preservation of computer media for evidential analysis, All of the above are true
All of the above are true
What is a cyber-attack?
An attack, via cyberspace, targeting an enterprise's use of cyberspace for the purpose of disrupting, disabling, destroying, or maliciously controlling a computing environment/infrastructure; or destroying the integrity of the data or stealing controlled information
Vulnerability
An identified weakness of a controlled system whose controls are not present or are no longer effective
What initial steps should be taken when a potential incident is identified? Analyze and validate, documenting steps, Establish communication policy, Determine the impact of an incident, Delete malicious code
Analyze and validate, documenting steps
CIA Triad: Confidentiality
Assures that confidential information is not disclosed to unauthorized individuals
Which of these is the process to determine if the credentials given by a user or another system are authorized to access the network resource in question? Confidentiality, Integrity, Availability, Authentication
Authentication
_________ attacks are becoming less common in modern operating systems. Denial of service, SYN flood, Buffer overflow, None of the above
Buffer overflow
What is the most common way for a virus to spread? By copying to shared folders, By email attachment By FTP, By downloading from a website
By email attachment
Which of the following is the first official recognition of computer forensics as a separate field? Digital Forensic Research Workshop (DFRWS) Computer Analysis and Response Team (CART) An international treaty of Convention on Cybercrime Scientific Working Group on Digital Evidence (SWGDE)
Computer Analysis and Response Team (CART)
Which of these was the first computer incident-response team? Computer Emergency Response Team, F-Secure, SANS Institute, Microsoft Security Advisor
Computer Emergency Response Team
____________________ can include logs, portable storage, emails, tablets, and cell phones. Computer evidence, Ancillary hardware, Network devices, None of the above
Computer evidence
Attacks are classified as incidents if they ____________ Are directed against personnel, Could threaten confidentiality, integrity or availability of information resources, Have a low probability of success, All of the above
Could threaten confidentiality, integrity or availability of information resources
A black hat hacker is also called a ___________ Thief, Cracker, Sneaker None of the above
Cracker
SQL injection is based on what? Having database admin privileges, Creating an SQL statement that is always true, Creating an SQL statement that will force access, Understanding web programming
Creating an SQL statement that is always true
CIA Triad: Integrity
Data integrity: assures that information and programs are changed only in a specified and authorized manner System integrity: Assures that a system performs its operations in unimpaired manner
Which type of attack attempts to overload the system with requests, denying legitimate users access? Denial of service, ip spoofing, Phishing, None of the above
Denial of service
In preparing to collect incident data, _____________________________. Collect only subjective data, Collect all data available, Pass all information onto management, Document all information on the data that was acquired, such as location
Document all information on the data that was acquired, such as location
A Business Continuity Planning is to establish critical business operations after a disaster impacts operations. True, False
False
A Disaster Recover plan is very useful but not necessary. True, False
False
An incident response team should be formed once an incident is confirmed. True, False
False
Auditing is the process to determine if a user's credentials are authorized to access a network resource. True, False
False
Black hat hackers are also know as script kiddies. True, False
False
Digital evidence is not volatile. True, False
False
Incident response is proactive. True, False
False
Most Windows logs are turned on automatically. True, False
False
Once evidence is contaminated, it can be recovered and used as evidence for a legal case. True, False
False
Once files are deleted, they can't be recovered permanently. True, False
False
Reacting to incidents is lost costly and more effective than preventing incidents. True, False
False
With a computer, always work on the original since when a person commits a crime something is always left behind. True, False
False
How can you prevent cross-site scripting? Filer user input, Use an IDS, Use a firewall, It cannot be prevented
Filter user input
A(n) ______ is a basic security device that filters traffic and is a barrier between a network and the outside world or between a system and other systems. Firewall, Proxy server, Intrusion detection system, Network Monitor
Firewall
Passing structured query language commands to a web application and getting the website to execute it is call SQL script ______________________. Injection, Processing, Attacking, Execution
Injection
Which is NOT an action that is taken as part of preparing for an incident? Create a policy, Create and train a response team, Involve Law enforcement, Establish notification mechanisms
Involve Law enforcement
Types of Threats and Attacks
Malware: MALicious softWARE Security Breaches DoS: Denial of Service attacks Web Attacks Session Hijacking DNS Poisoning Insider Threats
Which of the following is true regarding emailed security alerts? You must follow them, Most companies do not send alerts via email, You can trust attachments on security alerts, Most companies send alerts via email
Most companies do not send alerts via email
Which of the following is a way that any person can use to protect against virus attacks? Set up a firewall, Use encrypted transmissions, Use security email software, Never open unknown email attachments
Never open unknown email attachments
The most popular port scanner in the hacking and security community is ________ Nmap, Portscan, Servport, NetBIOS
Nmap
Which of the following is a popular port scanner? Nessus Ophrack MBSA Nmap
Nmap
Testing an organization's security is known as _____________testing. Penetration, Location, Virus, None of the above
Penetration
Blocking incoming ICMP packets will prevent what type of scan? SYN, Ping, FIN, Stealth
Ping
There are 4 phases in the Incident Response Life Cycle, what is the first phase? Containment, Eradication & Recovery, Detection and Analysis, Post-Incident Activity, Preparation
Preparation
What is a buffer-overflow attack? Overflowing a port with too many packets, Putting more email in an email system than it can hold, Overflowing the system, Putting more data in a buffer than it can hold
Putting more data in a buffer than it can hold
Which of these is a repository of security-related documentation and also sponsors a number of security research projects? Computer Emergency Response Team, F-Secure, SANS Institute, Microsoft Security Advisor
SANS Institute
A key logger is what type of malware? Virus, Buffer overflow, Trojan horse, Spyware
Spyware
Adversarial Thinking
The ability to embody the technological capabilities, the unconventional perspectives, and the strategic reasoning of hackers.
Attacks
The deliberate act that exploits vulnerability. It is accomplished by a threat agent to damage or steal an organization's information or physical asset.
Which activity is not usually included in computer forensics? The secure collection of computer data, The examination of physical systems, the identification of suspect data, The application of laws to computer practice
The examination of physical systems
Threats
The likelihood that something harmful could occur.
Which of the following are important to the investigator regarding logging? The logging methods, Log retention, Location of stored logs, All of the above
The logging methods
Frequently, the first responder to a computer crime is ________. The network administrator, A law enforcement officer, The news media, None of the above
The network administrator
Why should a cybercrime law be specific? To prevent defendants from finding loopholes, So it will be internationally recognized, So that multiple laws will not be necessary, None of the above
To prevent defendants from finding loopholes
A denial-of-service attack is one of the most common attacks on a system. True, False
True
A firewall can be configured to disallow certain types of incoming traffic that may be attacking. True, False
True
After a virus is on your system, it can do anything a legitimate program can do. True, False
True
Confidentiality, integrity, and availability are three pillars of the CIA triangle. True, False
True
Crisis management team is responsible for managing event from and enterprise perspective. True, False
True
Hacking into phone systems is also known as phreaking True, False
True
Incidents create pandemonium if not prepared. True, False
True
Information security personnel should be trained to understand the forensics process. True, False
True
Law enforcement should be involved when an incident constitutes a violation of law. True, False
True
Malware is a generic term for software that has a malicious purpose. True, False
True
Malware that executes when a specific criteria is met is a logic bomb. True, False
True
Single loss expectation is used to determine the total cost of an incident. True, False
True
The Window Registry contains a list of USB devices that have been connected to the machine. True, False
True
The chain of custody accounts for the handling of evidence and documents that handling. True, False
True
Defense in Depth
abstraction layering modularity resource encapsulation process isolation domain separation
CIA Triad: Availability
assure that systems works promptly and service is not denied to authorized users
denial of service attacks affect which part of the CIA triad? confidentiality, integrity, availability
availability
Data theft affects which part of the CIA Triad? confidentiality integrity availability
confidentiality
Espionage affects _______________________ confidentiality, integrity, availability
confidentiality
In a power grid: A(n) ____________________ breach exposes system operating information confidentiality, integrity, availability
confidentiality
In the military: A(n) __________________ breach would mean hackers could obtain data about sensitive systems. confidentiality, integrity, availability
confidentiality
_____________________ means protecting and keeping your secrets confidentiality, integrity, availability
confidentiality
Windows stores information on web address, search queries, and recently opened files in a file called___________. internet.txt index.dat default.dat explore.exe
index.dat
Data modification attacks affect ______ confidentiality, integrity, availability
integrity
Cybersecurity
measures taken to protect a computer or computer system against unauthorized access or attack
One classic denial-of-service attack distributed by email was _____________. myDoom, Linux, pingflood, None of the above
myDoom
The Windows command to list any shared files that are currently open is ___________. openfiles fc netstat None of the above
openfiles
A program that can propagate without human interference is a _________________. virus, worm, trojan horse, none of the above
worm
What types of cyber-attacks affect Organizations/Companies?
Company Records, Network systems
A(n) ___________is a mathematical process for doing something. Formula Algorithm Cipher None of the above
Algorithm
Management of classified data includes its storage and ___________. distribution portability destruction All of the above
All of the above
__________ refers to encrypted text. Key Plain text Algorithm Cipher text
Cipher text
A(n) ____ serves as the trusted third-party agency that is responsible for issuing the digital certificates. RA PA DA CA
CA
Using the __________ cipher you choose some number by which to shift each letter of a text. DC4 Caesar Multi-alphabet substitution ASCII
Caesar
The result of encrypting text is ___________. Hieroglyphics Plain Text Caesar's Text Cipher Text
Cipher Text
The National Information Infrastructure Protection Act of 1996 modified which Act? USA PATRIOT Improvement and Reauthorization Act USA PATRIOT Act Computer Security Act Computer Fraud and Abuse Act
Computer Fraud and Abuse Act
When an attacker injects client-side scripts into web pages viewed by other users so that those users interact with it, it is an example of _______________. Cross-site scripting, Phreaking, Phishing, None of the above
Cross-site scripting
______________ are the fixed moral attitudes or customs of a particular group.
Cultural mores
Steganography
Data hidden in other data; Unused or irrelevant locations are used to store information
List the steps of the software development lifecycle.
Define the problem (Analysis) Design the solutions (Algorithm) Code solution (Program) Test and Debug Maintain and document
What can't static analysis detect? Design flaws Syntax problems Missing variables Uncalled functions
Design flaws
The background, screensaver, font size, and resolution are elements of ___________. Desktop configuration File extensions Passwords None of the above
Desktop configuration
Windows stores passwords using a method called _____________. Hashing Authentication Kerberos None of the above
Hashing
The virus scanning technique that uses rules to determine if a program behaves like a virus is _____________ scanning. Download File Heuristic Sandbox
Heuristic
An alternate site configuration that would allow the company to move right in and continue operations is _________ Hot, Cold, Warm, None of the above
Hot
An SQL injections occurs because of ________________. Improper input validation A lack of proper encryption An integer error A buffer overflow
Improper input validation
____________________ include information and the systems that use, store, and transmit information.
Information assets
Using the __________ cipher you select multiple numbers by which to shift letters. DC4 Caesar Multi-alphabet substitution ASCII
Multi-alphabet substitution
What type of cyber-attacks affect Nations/Countries?
National secrets, Intelligence, Military information
In which firewall configuration is the software installed on an existing machine with an exiting operating system? Network host-based Dual-homed host Router-based Screened host
Network host-based
A packet-filtering firewall is a(n) _____________ firewall. Packet Filtering Application gateway Circuit-level gateway Domain gateway
Packet Filtering
In Cryptography, original message, before being transformed, is called Plain Text Simple Text Empty Text Caesar Text
Plain Text
___________ refers to unencrypted text. Key Plain text Algorithm Cipher text
Plain text
With ______________ encryption, one key is used to encrypt a message, and another is used to decrypt the message. Private key Public key Cipher None of the above
Public key
_______________________ involves public-key cryptography standards, trust models, and key management. Network key infrastructure Shared key infrastructure Private key infrastructure Public key infrastructure
Public key infrastructure
_____________ is an asset valuation approach that uses categorical or non-numeric values rather than absolute numerical measures. Qualitative assessment Quantitative assessment Metric-centric model Value-specific constant
Qualitative assessment
_______________ equals the probability of a successful attack times the expected loss from a successful attack plus an element of uncertainty. Loss Magnitude Loss Frequency Loss Risk
Risk
____________________ involves three major undertakings: risk identification, risk assessment, and risk control.
Risk management
The virus scanning technique that means you have a separate area isolated from the operating system in which a file is run, so it won't infect the system is ___________. Download File Heuristic Sandbox
Sandbox
A document that defines how an organization deals with some aspect of security is a(n) ________________. Security policy Business plan Security update None of the above
Security policy
Human-centered attacks
Social Engineering Email Attacks Spear Phishing Whaling Spam Tailgating Dumpster Diving Shoulder surfing
A(n)_______________ firewall examines the entire conversation between client and server, not just individual packets. Stateful Packet Inspection Packet filtering Circuit-level gateway Domain gateway
Stateful Packet Inspection
Procedures for adding users, removing users, and dealing with security issues are examples of ______________ policies. User Computer System administration Password
System administration
A file that stays in memory after it executes is a(n) ________________. Terminate and Stay Resident program Executable Text file Bug
Terminate and Stay Resident program
Digital forensics
The use of scientifically derived and proven methods toward the preservation, collection, validation, identification, analysis, interpretation, documentation and presentation of digital evidence derived from digital sources for the purpose of facilitating or furthering the reconstruction of events found to be criminal, or helping to anticipate unauthorized actions shown to be disruptive to planned operations
Purpose of digital forensics
To investigate allegations of digital malfeasance To perform root cause analysis
A VPN, used properly, allows a user to use the Internet as if it were a private network. True, False
True
A digital signature is used to guarantee who sent a message. This is referred to as non-repudiation. True, False
True
A security policy is a document that defines how an organization deals with some aspect of security. True, False
True
A server with fake data used to attract an attacker is a honeypot. True, False
True
A stateful packet inspection firewall examines each packet, and denies or permits access based not only on the current packet, but also on data derived from previous packets in the conversation. True, False
True
Binary numbers are made up of 0s and 1s. True, False
True
Cipher text is encrypted text. True, False
True
Due care and due diligence require that an organization make a valid effort to protect others and continually maintain this level of effort, ensuring these actions are effective. True, False
True
Heuristic scanning uses rules to determine whether a file or program behaves like a virus. True, False
True
Information sent across the Internet is not encrypted by default. True, False
True
Laws, policies and their associated penalties only provide deterrence if offenders fear the penalty, expect to be caught, and expect the penalty to be applied if they are caught. True, False
True
Which is NOT a possible indicator of an incident? Unusual consumption of computing resources, Execution of unknown programs or processes, Unknown people, Unfamiliar files
Unknown people
Your company is instituting a new security awareness program. You are responsible for educating end users on a variety of threats, including social engineering. Which of the following best defines social engineering? Illegal copying of software, Gathering information from discarded manuals and printouts, Using people skills to obtain proprietary information Destruction or alteration of data
Using people skills to obtain proprietary information Destruction or alteration of data
In _____________________ testing, the tester has access to the source code. White Box Black Box Grey Box Penetration
White Box
Wireless/mobile attacks
Wireless Replay Attack WPS attacks Wireless jamming Rogue Access points/ Evil Twin War Driving/ War Chalking Bluetooth attacks Bluesnarfing Bluejacking Mobile Phone Attacks Vishing Smshing
Typically, when you update virus definitions _____________. The virus program scans your computer. Your computer restarts. You are updating the virus definition file on your computer None of the above
Your computer restarts
The __________ strategy is the choice to do nothing to protect a vulnerability and to accept the outcome of its exploitation. defense transfer mitigation acceptance
acceptance
What are the components of cyber-attack?
attacker/agent- the person or thing conducting the attack intent- purpose of the attack tactics technique procedure- how the attack is conducted
A(n) ____________________ policy requires that employees secure all information in appropriate storage containers at the end of each day.
clean desk
Encryption is a means of protecting ________ confidentiality, integrity, availability
confidentiality
A(n) _________ is a formal access control methodology used to assign a level of confidentiality to an information asset and thus restrict the number of people who can access it. risk management scheme security clearance scheme data recovery scheme data classification scheme
data classification scheme
In a(n) __________, assets or threats can be prioritized by identifying criteria with differing levels of importance, assigning a score for each of the criteria and then summing and ranking those scores. threat assessment weighted factor analysis data classification scheme risk management program
weighted factor analysis